last executing test programs: 1.725780234s ago: executing program 1 (id=7527): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_END_FF_ERASE(r0, 0x400c55cb, &(0x7f0000000080)={0x10, 0x8, 0x3}) 1.568337837s ago: executing program 1 (id=7532): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000040)=ANY=[@ANYBLOB="280000002d00010026bd7000fcdbdf250400000008000c00", @ANYRES32=r0, @ANYBLOB="0c0016"], 0x28}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) 1.380339455s ago: executing program 1 (id=7537): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0) 1.236667516s ago: executing program 3 (id=7540): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000000000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) 1.208061684s ago: executing program 1 (id=7541): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000280)=""/182) 1.097908836s ago: executing program 1 (id=7545): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0xff, r0, 0x20}, 0x38) 950.025138ms ago: executing program 1 (id=7547): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 843.165986ms ago: executing program 0 (id=7550): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) 754.657945ms ago: executing program 2 (id=7551): prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) socket$tipc(0x1e, 0x5, 0x0) 738.835994ms ago: executing program 4 (id=7552): r0 = eventfd2(0xff, 0x80001) close_range(r0, 0xffffffffffffffff, 0x100000000004) 738.163605ms ago: executing program 0 (id=7553): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/icmp\x00') pread64(r0, &(0x7f0000000400)=""/255, 0xff, 0x8) 711.66846ms ago: executing program 3 (id=7554): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000000)={'macvlan1\x00', {0x2, 0x0, @private}}) 644.632027ms ago: executing program 4 (id=7555): r0 = syz_open_dev$vim2m(&(0x7f0000000a40), 0x5, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000a80)={0x4000, 0xd, 0x0, "134600cea4dd512d97d4188cbf770637bc747721f37af54dd1dc03030096c337"}) 604.447797ms ago: executing program 0 (id=7556): r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$VIDIOC_QUERY_EXT_CTRL(r0, 0xc0445624, &(0x7f0000000140)={0x80f0f000, 0x8, "9a555c14c966e134d198b9aaaa7da80f8e4fa888dece6ffdb507a3c83e58e128", 0x0, 0x0, 0x101}) 568.816259ms ago: executing program 2 (id=7557): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x270bd26, 0x25dfdbfa, {0x4}}, 0x14}}, 0x40800) 534.280415ms ago: executing program 4 (id=7558): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000c00), &(0x7f0000002000)=0x2) 529.435584ms ago: executing program 3 (id=7559): r0 = socket$igmp(0x2, 0x3, 0x2) recvmmsg(r0, &(0x7f0000002ec0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x63, 0x0) 432.967608ms ago: executing program 0 (id=7560): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x168, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@empty, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0xa, 0x0, 0x0, 0x3b, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0x1b}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x546}, {0x4, 0x7fffffffffffffff}, {}, 0x70bd28, 0x3500, 0xa, 0x4}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "217d66d38547aa140db8a200000000c538c7cb7a"}}, @encap={0x1c, 0x4, {0x2, 0x4e24, 0x4e24, @in6=@dev={0xfe, 0x80, '\x00', 0x2e}}}]}, 0x168}, 0x1, 0x0, 0x0, 0x880}, 0x0) 432.312401ms ago: executing program 2 (id=7561): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=@newneigh={0x30, 0x1c, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x9}, [@NDA_DST_MAC={0xa, 0x1, @local}, @NDA_FLAGS_EXT={0x8, 0xf, 0x1}]}, 0x30}}, 0x0) 413.967645ms ago: executing program 3 (id=7562): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x161902, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000000c0)=0x40) 376.920043ms ago: executing program 4 (id=7563): r0 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000)) lseek(r0, 0x8a, 0x3) 306.966429ms ago: executing program 2 (id=7564): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x40, 0x20, 0xfc, 0x43}, {0x6, 0x0, 0x8}]}, 0x8) 179.452292ms ago: executing program 4 (id=7565): r0 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'veth0_vlan\x00', &(0x7f0000000040)=@ethtool_ts_info={0x26}}) 160.759711ms ago: executing program 0 (id=7566): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x8, 0x1000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xc27}], 0x1c) 160.155829ms ago: executing program 2 (id=7567): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0x1fc, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x2}, [@tmpl={0x144, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4}, {{@in6=@loopback, 0x0, 0x6c}, 0xa}, {{@in=@broadcast, 0x4d5, 0x32}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@empty, 0x0, 0x32}, 0xa, @in6=@mcast1, 0x0, 0x0, 0x2, 0x0, 0xffffffff}, {{@in=@local, 0x0, 0x32}, 0xa, @in=@remote, 0x0, 0x4}]}]}, 0x1fc}}, 0x0) 145.233944ms ago: executing program 3 (id=7568): r0 = openat$vimc1(0xffffff9c, &(0x7f00000010c0), 0x2, 0x0) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0f8565c, &(0x7f0000000080)={0xffffffff, 0x8, 0x1, {0x9, @pix_mp={0x0, 0x8, 0x30385056, 0x8, 0x4, [{0x5, 0x8000}, {0x4, 0x1}, {0x7, 0x2}, {0x8, 0x6}, {0x80}, {0x0, 0x10000}, {0x5, 0x8}, {0x16, 0x10000}], 0x4, 0x4, 0x2, 0x1, 0x4}}, 0xd14}) 28.577771ms ago: executing program 0 (id=7569): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_int(r0, 0x1, 0x1, 0x0, &(0x7f0000002b40)) 27.678723ms ago: executing program 4 (id=7570): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xb173, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x47, 0x1, 0x0, "b49e1b62251dd37bb50730df4749af087c17e6e724ae01b9424f5ab23870ecd4", 0x34565559}) 12.665315ms ago: executing program 3 (id=7571): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x103301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000080)={0x2, 0x6, 0x101, 0x0, 0x4000, 0x2, 0x0}) 0s ago: executing program 2 (id=7572): r0 = syz_usb_connect$lan78xx(0x5, 0x3f, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000380)={0x40, 0x31}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): ging to 0x8F [ 484.886482][ T980] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 484.907045][ T980] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 484.927228][T16006] program syz.1.4767 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 484.927749][ T980] usb 4-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8 [ 484.946824][T16006] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 484.947256][ T980] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 484.963357][ T980] usb 4-1: Product: syz [ 484.967521][ T980] usb 4-1: Manufacturer: syz [ 484.972114][ T980] usb 4-1: SerialNumber: syz [ 484.993319][ T980] usb 4-1: config 0 descriptor?? [ 484.999760][T15975] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 485.123191][ T5949] usb 1-1: new high-speed USB device number 114 using dummy_hcd [ 485.187575][ C1] sd 0:0:1:0: [sda] tag#2538 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 485.198072][ C1] sd 0:0:1:0: [sda] tag#2538 CDB: Read(6) 08 00 00 00 00 2c [ 485.220208][T15976] vhci_hcd: connection reset by peer [ 485.225964][ T980] powermate: Expected payload of 3--6 bytes, found 1024 bytes! [ 485.233622][ T1039] vhci_hcd: stop threads [ 485.243513][ T1039] vhci_hcd: release socket [ 485.257021][ T980] input: Griffin SoundKnob as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input101 [ 485.266791][ T1039] vhci_hcd: disconnect device [ 485.292781][ T5949] usb 1-1: Using ep0 maxpacket: 32 [ 485.297306][ C1] powermate: config urb returned -71 [ 485.303589][ C1] powermate: config urb returned -71 [ 485.309014][ C1] powermate: config urb returned -71 [ 485.320589][ C1] powermate: config urb returned -71 [ 485.326631][ T5949] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 485.333858][ T980] usb 4-1: USB disconnect, device number 107 [ 485.335700][ C1] powermate 4-1:0.0: powermate_irq - usb_submit_urb failed with result: -19 [ 485.356109][ T5949] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 485.389731][ T5949] usb 1-1: Product: syz [ 485.403863][ T5949] usb 1-1: Manufacturer: syz [ 485.421513][ T5949] usb 1-1: SerialNumber: syz [ 485.460993][ T5949] usb 1-1: config 0 descriptor?? [ 485.480280][ T5949] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 485.502210][T16026] __nla_validate_parse: 5 callbacks suppressed [ 485.502229][T16026] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4777'. [ 485.712338][T16036] netlink: 'syz.1.4781': attribute type 11 has an invalid length. [ 485.892136][ T5949] gspca_stk1135: reg_w 0x0 err -71 [ 485.922981][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 485.944115][ T5949] gspca_stk1135: Sensor write failed [ 485.949439][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 485.971580][ T5949] gspca_stk1135: Sensor write failed [ 485.978642][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 485.983679][T16049] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4789'. [ 485.989922][ T5949] gspca_stk1135: Sensor read failed [ 485.999405][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 486.011224][ T5949] gspca_stk1135: Sensor read failed [ 486.019302][ T5949] gspca_stk1135: Detected sensor type unknown (0x0) [ 486.035255][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 486.056897][ T5949] gspca_stk1135: Sensor read failed [ 486.062197][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 486.073647][ T5949] gspca_stk1135: Sensor read failed [ 486.078870][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 486.090001][ T5949] gspca_stk1135: Sensor write failed [ 486.097341][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 486.108298][ T5949] gspca_stk1135: Sensor write failed [ 486.115877][ T5949] stk1135 1-1:0.0: probe with driver stk1135 failed with error -71 [ 486.137498][ T5949] usb 1-1: USB disconnect, device number 114 [ 486.853169][T16099] netlink: 'syz.0.4812': attribute type 2 has an invalid length. [ 486.867139][T16101] openvswitch: netlink: Message has -3 unknown bytes. [ 486.885850][T16101] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 487.049785][T16114] netlink: 'syz.0.4820': attribute type 3 has an invalid length. [ 487.059985][T16114] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4820'. [ 487.094134][ T24] usb 4-1: new full-speed USB device number 108 using dummy_hcd [ 487.142726][ T5950] usb 5-1: new high-speed USB device number 114 using dummy_hcd [ 487.254552][ T24] usb 4-1: config index 0 descriptor too short (expected 69, got 36) [ 487.266020][ T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 487.305150][ T24] usb 4-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89 [ 487.332678][ T5950] usb 5-1: Using ep0 maxpacket: 32 [ 487.337928][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 487.353350][ T24] usb 4-1: Product: syz [ 487.360132][ T24] usb 4-1: Manufacturer: syz [ 487.365509][ T24] usb 4-1: SerialNumber: syz [ 487.373989][ T5950] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 487.388204][ T24] usb 4-1: config 0 descriptor?? [ 487.394262][ T5950] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 487.414212][ T24] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 487.431093][ T5950] usb 5-1: Product: syz [ 487.436046][ T5950] usb 5-1: Manufacturer: syz [ 487.440677][ T5950] usb 5-1: SerialNumber: syz [ 487.457185][ T5950] usb 5-1: config 0 descriptor?? [ 487.484926][ T5950] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 487.752953][ T980] usb 3-1: new high-speed USB device number 102 using dummy_hcd [ 487.824775][ T24] gspca_pac7302: reg_w() failed i: 78 v: 00 error -71 [ 487.838244][ T24] gspca_pac7302 4-1:0.0: probe with driver gspca_pac7302 failed with error -71 [ 487.880131][ T5950] gspca_stk1135: reg_w 0x0 err -71 [ 487.890862][ T24] usb 4-1: USB disconnect, device number 108 [ 487.904950][ T5950] gspca_stk1135: serial bus timeout: status=0x00 [ 487.915476][ T980] usb 3-1: Using ep0 maxpacket: 8 [ 487.938748][ T5950] gspca_stk1135: Sensor write failed [ 487.945700][ T980] usb 3-1: config 6 has an invalid interface number: 2 but max is 0 [ 487.955533][ T5950] gspca_stk1135: serial bus timeout: status=0x00 [ 487.962988][ T5950] gspca_stk1135: Sensor write failed [ 487.968301][ T5950] gspca_stk1135: serial bus timeout: status=0x00 [ 487.976792][ T980] usb 3-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config [ 487.994933][ T980] usb 3-1: config 6 has no interface number 0 [ 488.001750][ T980] usb 3-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 488.013589][ T5950] gspca_stk1135: Sensor read failed [ 488.020825][ T5950] gspca_stk1135: serial bus timeout: status=0x00 [ 488.027706][ T5950] gspca_stk1135: Sensor read failed [ 488.033455][ T5950] gspca_stk1135: Detected sensor type unknown (0x0) [ 488.040094][ T980] usb 3-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 488.056595][ T5950] gspca_stk1135: serial bus timeout: status=0x00 [ 488.064029][ T980] usb 3-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 488.073880][ T5950] gspca_stk1135: Sensor read failed [ 488.084231][ T5950] gspca_stk1135: serial bus timeout: status=0x00 [ 488.090594][ T5950] gspca_stk1135: Sensor read failed [ 488.102899][ T980] usb 3-1: config 6 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 488.116820][ T5950] gspca_stk1135: serial bus timeout: status=0x00 [ 488.123584][ T5950] gspca_stk1135: Sensor write failed [ 488.129185][ T5950] gspca_stk1135: serial bus timeout: status=0x00 [ 488.136991][ T5950] gspca_stk1135: Sensor write failed [ 488.143333][ T980] usb 3-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 488.158918][ T5950] stk1135 5-1:0.0: probe with driver stk1135 failed with error -71 [ 488.166958][ T980] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 488.181810][ T980] usb 3-1: Product: syz [ 488.193204][ T5950] usb 5-1: USB disconnect, device number 114 [ 488.207687][ T980] usb 3-1: Manufacturer: syz [ 488.212297][ T980] usb 3-1: SerialNumber: syz [ 488.269136][ T980] hso 3-1:6.2: Failed to find BULK IN ep [ 488.487594][ T980] usb 3-1: USB disconnect, device number 102 [ 488.762530][ T30] audit: type=1326 audit(1758802796.703:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16202 comm="syz.0.4865" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 488.798154][ T30] audit: type=1326 audit(1758802796.703:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16202 comm="syz.0.4865" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 488.820570][ T30] audit: type=1326 audit(1758802796.733:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16202 comm="syz.0.4865" exe="/root/syz-executor" sig=0 arch=40000003 syscall=23 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 488.867901][ T30] audit: type=1326 audit(1758802796.733:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16202 comm="syz.0.4865" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 488.901799][ T30] audit: type=1326 audit(1758802796.733:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16202 comm="syz.0.4865" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 488.923751][ C1] vkms_vblank_simulate: vblank timer overrun [ 489.173426][ T5949] usb 4-1: new high-speed USB device number 109 using dummy_hcd [ 489.323110][ T30] audit: type=1400 audit(1758802797.263:57): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AA009F5 pid=16225 comm="syz.2.4876" [ 489.340343][T16229] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 489.342321][ C1] vkms_vblank_simulate: vblank timer overrun [ 489.363191][ T5949] usb 4-1: Using ep0 maxpacket: 32 [ 489.372135][ T5949] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 489.426329][ T5949] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 489.432257][T16234] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4880'. [ 489.443514][T16234] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4880'. [ 489.452422][T16234] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4880'. [ 489.460193][ T5949] usb 4-1: Product: syz [ 489.480415][ T5949] usb 4-1: Manufacturer: syz [ 489.492101][ T5949] usb 4-1: SerialNumber: syz [ 489.534496][ T5949] usb 4-1: config 0 descriptor?? [ 489.569532][ T5949] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 489.603225][ T30] audit: type=1326 audit(1758802797.533:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16238 comm="syz.1.4882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 489.625138][ C1] vkms_vblank_simulate: vblank timer overrun [ 489.692112][ T30] audit: type=1326 audit(1758802797.533:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16238 comm="syz.1.4882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 489.762878][ T30] audit: type=1326 audit(1758802797.533:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16238 comm="syz.1.4882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 489.827796][ T6015] vhci_hcd: vhci_device speed not set [ 489.831170][ T30] audit: type=1326 audit(1758802797.533:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16238 comm="syz.1.4882" exe="/root/syz-executor" sig=0 arch=40000003 syscall=249 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 489.991456][ T5949] gspca_stk1135: reg_w 0x0 err -71 [ 490.004972][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 490.022879][ T5949] gspca_stk1135: Sensor write failed [ 490.028198][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 490.049135][ T5949] gspca_stk1135: Sensor write failed [ 490.066561][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 490.089523][ T5949] gspca_stk1135: Sensor read failed [ 490.099748][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 490.116495][ T5949] gspca_stk1135: Sensor read failed [ 490.131958][ T5949] gspca_stk1135: Detected sensor type unknown (0x0) [ 490.161554][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 490.182642][ T5949] gspca_stk1135: Sensor read failed [ 490.187915][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 490.205655][ T5949] gspca_stk1135: Sensor read failed [ 490.210885][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 490.240235][ T5949] gspca_stk1135: Sensor write failed [ 490.257991][ T5949] gspca_stk1135: serial bus timeout: status=0x00 [ 490.278196][ T5949] gspca_stk1135: Sensor write failed [ 490.292871][ T5949] stk1135 4-1:0.0: probe with driver stk1135 failed with error -71 [ 490.323404][ T5949] usb 4-1: USB disconnect, device number 109 [ 490.353877][T16274] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 490.367206][T16274] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 490.376298][T16274] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 490.393332][ T5858] usb 1-1: new high-speed USB device number 115 using dummy_hcd [ 490.557111][ T5858] usb 1-1: Using ep0 maxpacket: 32 [ 490.568811][ T5858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11 [ 490.592439][ T5858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 490.620884][ T5858] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87 [ 490.653268][ T5858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 490.664519][ T5858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0 [ 490.687775][ T5858] usb 1-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68 [ 490.704670][ T5858] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 490.726310][ T5858] usb 1-1: Product: syz [ 490.743264][ T5858] usb 1-1: Manufacturer: syz [ 490.755596][ T5858] usb 1-1: SerialNumber: syz [ 490.781773][ T5858] usb 1-1: config 0 descriptor?? [ 490.808209][ T5858] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input102 [ 490.825837][T16293] netlink: 9280 bytes leftover after parsing attributes in process `syz.3.4908'. [ 490.833147][T16292] netlink: 288 bytes leftover after parsing attributes in process `syz.2.4909'. [ 491.080023][ T6015] usb 1-1: USB disconnect, device number 115 [ 491.204632][T16309] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4917'. [ 491.266853][ T5858] usb 3-1: new high-speed USB device number 103 using dummy_hcd [ 491.437098][ T5858] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 491.451193][ T5858] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 491.470152][ T5858] usb 3-1: Product: syz [ 491.475406][ T5858] usb 3-1: Manufacturer: syz [ 491.482022][ T5858] usb 3-1: SerialNumber: syz [ 491.492702][ T5949] usb 5-1: new high-speed USB device number 115 using dummy_hcd [ 491.526986][ T5858] r8152-cfgselector 3-1: Unknown version 0x0000 [ 491.533432][ T5858] r8152-cfgselector 3-1: config 0 descriptor?? [ 491.591088][T16332] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4928'. [ 491.686054][ T5949] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 491.712756][ T5949] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 491.739920][ T5949] usb 5-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 491.770834][ T5949] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 491.807557][ T5949] usb 5-1: config 0 descriptor?? [ 491.880380][ T5866] Bluetooth: hci4: ACL packet for unknown connection handle 200 [ 492.004229][ T5949] r8152-cfgselector 3-1: USB disconnect, device number 103 [ 492.098735][ T5858] usb 5-1: USB disconnect, device number 115 [ 492.189575][T16361] wireguard0: entered promiscuous mode [ 492.195399][T16361] wireguard0: entered allmulticast mode [ 492.352860][T16370] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 493.038206][T16410] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 493.394894][T16431] lo: left promiscuous mode [ 493.472520][T16438] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4978'. [ 494.070011][ T5866] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 494.083720][ T10] usb 3-1: new high-speed USB device number 104 using dummy_hcd [ 494.131335][T16476] netlink: 'syz.1.4997': attribute type 30 has an invalid length. [ 494.250125][ T10] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 494.273026][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 494.291736][ T10] usb 3-1: Product: syz [ 494.299256][ T10] usb 3-1: Manufacturer: syz [ 494.332798][ T10] usb 3-1: SerialNumber: syz [ 494.343400][ T10] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 494.382318][ T5949] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 494.676232][T16506] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5013'. [ 494.867435][ T980] usb 3-1: USB disconnect, device number 104 [ 494.908192][T16517] netlink: 'syz.0.5017': attribute type 9 has an invalid length. [ 495.072900][ T6015] usb 4-1: new high-speed USB device number 110 using dummy_hcd [ 495.152482][ T5866] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 495.172771][ T10] usb 2-1: new high-speed USB device number 105 using dummy_hcd [ 495.234881][ T6015] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 495.272783][ T6015] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.306108][ T6015] usb 4-1: config 0 descriptor?? [ 495.325013][ T6015] ums-realtek 4-1:0.0: USB Mass Storage device detected [ 495.342416][ T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 495.380057][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 495.393718][ T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 495.405496][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0 [ 495.421323][ T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x86 has invalid maxpacket 0 [ 495.433849][ T10] usb 2-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41 [ 495.443428][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 495.452773][ T10] usb 2-1: Product: syz [ 495.457232][ T10] usb 2-1: Manufacturer: syz [ 495.461826][ T10] usb 2-1: SerialNumber: syz [ 495.476623][ T10] usb 2-1: config 0 descriptor?? [ 495.502696][ T5949] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 495.510186][ T5949] ath9k_htc: Failed to initialize the device [ 495.532753][ T980] usb 3-1: ath9k_htc: USB layer deinitialized [ 495.555204][ T10] usb 2-1: ucan: probing device on interface #0 [ 495.580466][ T10] usb 2-1: ucan: invalid endpoint configuration [ 495.601301][ T10] usb 2-1: ucan: probe failed; try to update the device firmware [ 495.606860][ T6015] usb 4-1: USB disconnect, device number 110 [ 495.713800][ T886] usb 2-1: USB disconnect, device number 105 [ 495.792685][ T9] usb 1-1: new full-speed USB device number 116 using dummy_hcd [ 495.956339][ T9] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 495.969769][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.999208][ T9] usb 1-1: config 0 descriptor?? [ 496.022359][ T9] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 496.272680][ T6015] usb 3-1: new high-speed USB device number 105 using dummy_hcd [ 496.441819][ T9] gp8psk: usb in 137 operation failed. [ 496.445751][ T6015] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 496.449032][ T9] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 496.490008][ T9] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 496.491132][ T6015] usb 3-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 496.517229][ T6015] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 496.526669][ T9] usb 1-1: USB disconnect, device number 116 [ 496.537142][ T6015] usb 3-1: config 1 has no interface number 0 [ 496.544159][ T6015] usb 3-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30 [ 496.559229][ T6015] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32 [ 496.607690][ T6015] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 496.634924][ T6015] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 496.657855][ T6015] usb 3-1: Product: syz [ 496.662043][ T6015] usb 3-1: Manufacturer: syz [ 496.679059][ T6015] usb 3-1: SerialNumber: syz [ 496.707574][ T6015] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 496.714559][ T6015] cdc_ncm 3-1:1.1: bind() failure [ 496.863155][ T5950] usb 5-1: new high-speed USB device number 116 using dummy_hcd [ 496.912212][T16604] netdevsim netdevsim3 netdevsim0: left promiscuous mode [ 496.919481][ T5949] usb 2-1: new high-speed USB device number 106 using dummy_hcd [ 496.966020][ T6015] usb 3-1: USB disconnect, device number 105 [ 497.029984][ T5950] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 497.043298][ T5950] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 497.067791][ T5950] usb 5-1: config 220 has no interface number 2 [ 497.082940][ T5949] usb 2-1: Using ep0 maxpacket: 16 [ 497.089573][ T5950] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 497.103477][ T5950] usb 5-1: config 220 interface 0 has no altsetting 0 [ 497.110803][ T5950] usb 5-1: config 220 interface 76 has no altsetting 0 [ 497.114342][ T5949] usb 2-1: unable to get BOS descriptor or descriptor too short [ 497.120185][ T5950] usb 5-1: config 220 interface 1 has no altsetting 0 [ 497.134836][ T5949] usb 2-1: config 128 has an invalid interface number: 147 but max is 0 [ 497.145159][ T5949] usb 2-1: config 128 has no interface number 0 [ 497.160924][ T5949] usb 2-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=9f.d1 [ 497.172970][ T5950] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 497.173467][ T5949] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 497.190427][ T5950] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 497.190451][ T5950] usb 5-1: Product: syz [ 497.190465][ T5950] usb 5-1: Manufacturer: syz [ 497.190479][ T5950] usb 5-1: SerialNumber: syz [ 497.244066][ T5949] usb 2-1: Product: syz [ 497.248254][ T5949] usb 2-1: Manufacturer: syz [ 497.254691][ T5949] usb 2-1: SerialNumber: syz [ 497.425870][ T5950] usb 5-1: selecting invalid altsetting 0 [ 497.438992][ T5950] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 497.456049][ T5950] usb 5-1: No valid video chain found. [ 497.477148][ T5950] usb 5-1: selecting invalid altsetting 0 [ 497.503112][ T5950] usbtest 5-1:220.1: probe with driver usbtest failed with error -22 [ 497.543062][ T5950] usb 5-1: USB disconnect, device number 116 [ 497.756981][ T9] usb 2-1: USB disconnect, device number 106 [ 497.757748][ T9] f81534a_ctrl 2-1:128.147: failed to set register 0x116: -19 [ 497.757770][ T9] f81534a_ctrl 2-1:128.147: failed to enable ports: -19 [ 497.801864][T16639] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615) [ 497.801893][T16639] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 498.138913][T16654] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048) [ 498.322047][T16664] netlink: 'syz.2.5083': attribute type 21 has an invalid length. [ 498.611173][T16680] openvswitch: netlink: IPv6 tunnel dst address is zero [ 499.029793][T16710] netlink: 'syz.2.5106': attribute type 9 has an invalid length. [ 499.204966][T16722] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5112'. [ 499.244674][ T6015] usb 1-1: new high-speed USB device number 117 using dummy_hcd [ 499.407076][ T6015] usb 1-1: Using ep0 maxpacket: 32 [ 499.433619][ T6015] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 499.444533][ T6015] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 499.460873][ T6015] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 499.484830][ T6015] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 499.497741][ T6015] usb 1-1: config 1 has no interface number 0 [ 499.522812][ T6015] usb 1-1: config 1 interface 1 has no altsetting 0 [ 499.539751][ T6015] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 499.553374][ T5949] usb 3-1: new full-speed USB device number 106 using dummy_hcd [ 499.562707][ T6015] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 499.597439][ T6015] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 499.618592][ T6015] usb 1-1: selecting invalid altsetting 0 [ 499.618909][T16744] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5124'. [ 499.631282][ T6015] snd_usb_pod 1-1:1.1: set_interface failed [ 499.650343][ T6015] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 499.656012][T16744] xfrm1: entered promiscuous mode [ 499.662553][T16744] xfrm1: entered allmulticast mode [ 499.663976][ T6015] snd_usb_pod 1-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 499.730506][ T5949] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 499.740387][ T5949] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 499.758325][ T5949] usb 3-1: config 0 descriptor?? [ 499.781676][ T5949] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 499.869203][ T9] usb 1-1: USB disconnect, device number 117 [ 500.142327][T16766] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5135'. [ 500.178504][T16768] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5136'. [ 500.191201][ T5949] gp8psk: usb in 128 operation failed. [ 500.191994][T16768] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5136'. [ 500.209378][ T5949] gp8psk: usb in 137 operation failed. [ 500.211555][T16768] unsupported nlmsg_type 40 [ 500.219356][ T5949] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 500.237777][ T5949] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 500.254374][T16770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5137'. [ 500.268334][ T5949] usb 3-1: USB disconnect, device number 106 [ 500.338121][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 500.338138][ T30] audit: type=1326 audit(1758802808.283:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.3.5139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000 [ 500.366100][ C0] vkms_vblank_simulate: vblank timer overrun [ 500.409185][ T30] audit: type=1326 audit(1758802808.283:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.3.5139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000 [ 500.431119][ C0] vkms_vblank_simulate: vblank timer overrun [ 500.447432][T16777] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5140'. [ 500.459384][T16777] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5140'. [ 500.483795][ T30] audit: type=1326 audit(1758802808.283:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.3.5139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=311 compat=1 ip=0xf7fc2539 code=0x7ffc0000 [ 500.539187][ T30] audit: type=1326 audit(1758802808.283:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.3.5139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000 [ 500.591444][T16780] ip6tnl1: entered promiscuous mode [ 500.639716][ T30] audit: type=1326 audit(1758802808.283:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16771 comm="syz.3.5139" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc2539 code=0x7ffc0000 [ 500.665846][T16786] netlink: 'syz.3.5145': attribute type 10 has an invalid length. [ 500.713785][T16786] netlink: 55 bytes leftover after parsing attributes in process `syz.3.5145'. [ 500.729885][T16791] netlink: 'syz.4.5148': attribute type 2 has an invalid length. [ 500.742759][T16791] netlink: 'syz.4.5148': attribute type 5 has an invalid length. [ 501.040283][ T5866] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 501.205617][ T6015] usb 2-1: new high-speed USB device number 107 using dummy_hcd [ 501.317055][T16825] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5164'. [ 501.353416][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.359745][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.384651][ T6015] usb 2-1: config 0 has an invalid interface number: 197 but max is 0 [ 501.397581][ T6015] usb 2-1: config 0 has no interface number 0 [ 501.403841][ T6015] usb 2-1: config 0 interface 197 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 8 [ 501.413919][ T6015] usb 2-1: config 0 interface 197 altsetting 0 endpoint 0xC has invalid maxpacket 1023, setting to 64 [ 501.426577][ T6015] usb 2-1: config 0 interface 197 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 1024 [ 501.439480][ T6015] usb 2-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=bb.42 [ 501.448870][ T6015] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 501.472986][ T6015] usb 2-1: Product: syz [ 501.492665][ T6015] usb 2-1: Manufacturer: syz [ 501.507502][ T6015] usb 2-1: SerialNumber: syz [ 501.533619][ T6015] usb 2-1: config 0 descriptor?? [ 501.555690][T16802] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 501.564611][T16802] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 501.806997][T16802] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 501.823074][T16802] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 501.842936][ T6015] qmi_wwan 2-1:0.197: probe with driver qmi_wwan failed with error -22 [ 501.952736][ T886] usb 4-1: new high-speed USB device number 111 using dummy_hcd [ 502.079072][ T24] usb 2-1: USB disconnect, device number 107 [ 502.112909][ T886] usb 4-1: Using ep0 maxpacket: 8 [ 502.118878][T16863] IPv6: Can't replace route, no match found [ 502.134335][ T886] usb 4-1: config 6 has an invalid interface number: 2 but max is 0 [ 502.153581][ T886] usb 4-1: config 6 has no interface number 0 [ 502.159706][ T886] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 502.192723][ T886] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 502.218335][ T886] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 502.244506][ T886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 502.252554][ T886] usb 4-1: Product: syz [ 502.272248][ T886] usb 4-1: Manufacturer: syz [ 502.282691][ T886] usb 4-1: SerialNumber: syz [ 502.299233][ T886] hso 4-1:6.2: Failed to find INT IN ep [ 502.534156][ T886] usb 4-1: USB disconnect, device number 111 [ 502.791886][T16903] openvswitch: netlink: Actions may not be safe on all matching packets [ 502.930528][ T30] audit: type=1326 audit(1758802810.873:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16913 comm="syz.0.5208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 502.986628][ T30] audit: type=1326 audit(1758802810.873:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16913 comm="syz.0.5208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 503.036365][ T30] audit: type=1326 audit(1758802810.903:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16913 comm="syz.0.5208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 503.077305][T16920] program syz.4.5210 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 503.087156][ T30] audit: type=1326 audit(1758802810.903:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16913 comm="syz.0.5208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 503.141289][ T30] audit: type=1326 audit(1758802810.903:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16913 comm="syz.0.5208" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 503.828503][T16964] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551615) [ 503.887878][T16964] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647 [ 504.172959][T16988] netlink: 'syz.2.5245': attribute type 10 has an invalid length. [ 504.228778][T16988] team0: Device hsr_slave_0 failed to register rx_handler [ 504.312552][T16996] netlink: 'syz.1.5249': attribute type 10 has an invalid length. [ 504.339989][T16996] veth1_vlan: entered allmulticast mode [ 504.351835][T16999] __nla_validate_parse: 2 callbacks suppressed [ 504.351853][T16999] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5250'. [ 504.372035][ T886] usb 5-1: new high-speed USB device number 117 using dummy_hcd [ 504.385176][T16996] team0: Device veth1_vlan failed to register rx_handler [ 504.421969][T17002] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5251'. [ 504.551452][ T886] usb 5-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 504.569396][ T886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 504.607643][ T886] usb 5-1: config 0 descriptor?? [ 504.630088][ T886] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 505.034637][ T886] gspca_pac7311: reg_w() failed index 0x78, value 0x40, error -71 [ 505.054130][ T886] pac7311 5-1:0.0: probe with driver pac7311 failed with error -71 [ 505.115187][ T886] usb 5-1: USB disconnect, device number 117 [ 505.150423][T17037] nftables ruleset with unbound chain [ 505.171527][T17035] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5266'. [ 505.566354][T17060] netlink: 'syz.1.5279': attribute type 8 has an invalid length. [ 505.775842][T17075] netlink: 'syz.2.5285': attribute type 1 has an invalid length. [ 505.862734][ T6015] usb 4-1: new high-speed USB device number 112 using dummy_hcd [ 506.033418][ T6015] usb 4-1: Using ep0 maxpacket: 8 [ 506.044122][ T6015] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 506.066056][ T6015] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 506.086422][ T6015] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 506.112724][ T6015] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 506.130526][ T6015] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 506.157112][ T6015] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 506.166308][ T980] usb 2-1: new high-speed USB device number 108 using dummy_hcd [ 506.179481][ T6015] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 506.197898][T17098] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5297'. [ 506.342711][ T980] usb 2-1: Using ep0 maxpacket: 8 [ 506.364838][ T980] usb 2-1: config 172 has an invalid interface number: 154 but max is 0 [ 506.380973][T17104] netlink: 'syz.2.5301': attribute type 27 has an invalid length. [ 506.387400][ T980] usb 2-1: config 172 has no interface number 0 [ 506.408335][ T980] usb 2-1: config 172 interface 154 has no altsetting 0 [ 506.439225][ T980] usb 2-1: New USB device found, idVendor=046d, idProduct=0850, bcdDevice=f1.93 [ 506.465376][ T980] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 506.482666][ T980] usb 2-1: Product: syz [ 506.492861][ T980] usb 2-1: Manufacturer: syz [ 506.502293][ T980] usb 2-1: SerialNumber: syz [ 506.587343][T17114] syz.0.5305 (17114): /proc/17113/oom_adj is deprecated, please use /proc/17113/oom_score_adj instead. [ 506.643294][T17118] netlink: 'syz.0.5307': attribute type 10 has an invalid length. [ 506.651318][T17118] netlink: 55 bytes leftover after parsing attributes in process `syz.0.5307'. [ 506.667293][ T6015] usb 4-1: USB disconnect, device number 112 [ 506.749560][ T5949] usb 5-1: new high-speed USB device number 118 using dummy_hcd [ 506.754915][ T980] gspca_main: STV06xx-2.14.0 probing 046d:0850 [ 506.770488][ T980] usb 2-1: unknown interface protocol 0xfa, assuming v1 [ 506.774694][T17122] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5309'. [ 506.791160][ T980] usb 2-1: cannot find UAC_HEADER [ 506.794448][T17122] netlink: 43 bytes leftover after parsing attributes in process `syz.2.5309'. [ 506.812259][T17122] netlink: 'syz.2.5309': attribute type 5 has an invalid length. [ 506.822644][T17122] netlink: 43 bytes leftover after parsing attributes in process `syz.2.5309'. [ 506.835510][ T980] snd-usb-audio 2-1:172.154: probe with driver snd-usb-audio failed with error -22 [ 506.853219][ T980] usb 2-1: USB disconnect, device number 108 [ 506.899389][T10087] udevd[10087]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:172.154/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 506.940566][ T5949] usb 5-1: config 0 interface 0 altsetting 60 endpoint 0xE has invalid maxpacket 1023, setting to 64 [ 506.958037][ T5949] usb 5-1: config 0 interface 0 altsetting 60 endpoint 0xD has invalid wMaxPacketSize 0 [ 506.972460][ T5949] usb 5-1: config 0 interface 0 has no altsetting 0 [ 506.985744][ T5949] usb 5-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=ae.ad [ 507.014866][ T5949] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 507.033504][ T5949] usb 5-1: config 0 descriptor?? [ 507.211622][T17140] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5318'. [ 507.258682][ T5949] usb 5-1: string descriptor 0 read error: -71 [ 507.279390][ T5949] usb 5-1: ucan: probing device on interface #0 [ 507.297723][ T5949] usb 5-1: ucan: invalid endpoint configuration [ 507.309385][ T5949] usb 5-1: ucan: probe failed; try to update the device firmware [ 507.348626][ T5949] usb 5-1: USB disconnect, device number 118 [ 507.709913][T17168] ip6gre1: entered promiscuous mode [ 507.725424][T17170] sctp: [Deprecated]: syz.0.5333 (pid 17170) Use of struct sctp_assoc_value in delayed_ack socket option. [ 507.725424][T17170] Use struct sctp_sack_info instead [ 508.191457][T17199] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5347'. [ 508.201209][T17202] (unnamed net_device) (uninitialized): option broadcast_neighbor: invalid value (5) [ 508.366117][T17212] netlink: 'syz.3.5353': attribute type 1 has an invalid length. [ 508.397532][T17212] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 509.082718][ T886] usb 3-1: new high-speed USB device number 107 using dummy_hcd [ 509.179303][T17266] netlink: 'syz.3.5378': attribute type 3 has an invalid length. [ 509.233020][ T886] usb 3-1: Using ep0 maxpacket: 16 [ 509.248060][ T886] usb 3-1: config 0 has an invalid interface number: 145 but max is 0 [ 509.273600][ T886] usb 3-1: config 0 has no interface number 0 [ 509.300462][ T886] usb 3-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 509.332999][ T886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 509.341426][ T886] usb 3-1: Product: syz [ 509.406149][ T886] usb 3-1: Manufacturer: syz [ 509.422720][ T886] usb 3-1: SerialNumber: syz [ 509.453013][ T886] usb 3-1: config 0 descriptor?? [ 509.467162][ T980] IPVS: starting estimator thread 0... [ 509.473899][ T886] hub 3-1:0.145: bad descriptor, ignoring hub [ 509.500437][ T886] hub 3-1:0.145: probe with driver hub failed with error -5 [ 509.535994][ T886] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.145/input/input103 [ 509.562915][T17283] IPVS: using max 28 ests per chain, 67200 per kthread [ 509.780956][T17295] sctp: [Deprecated]: syz.3.5392 (pid 17295) Use of int in maxseg socket option. [ 509.780956][T17295] Use struct sctp_assoc_value instead [ 509.852686][ T9] usb 1-1: new high-speed USB device number 118 using dummy_hcd [ 509.963903][ T6015] usb 3-1: USB disconnect, device number 107 [ 510.033583][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 510.065899][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 510.117786][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 510.128169][T17309] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 510.132722][ T9] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 510.156186][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 510.157408][ T30] audit: type=1400 audit(1758802818.103:77): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=17310 comm="syz.1.5399" [ 510.168312][ T9] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 510.225474][ T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 510.241582][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 510.266152][ T9] usb 1-1: config 0 descriptor?? [ 510.272522][T17288] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 510.301786][T17317] netlink: 'syz.1.5403': attribute type 21 has an invalid length. [ 510.301819][T17317] __nla_validate_parse: 5 callbacks suppressed [ 510.301831][T17317] netlink: 128 bytes leftover after parsing attributes in process `syz.1.5403'. [ 510.301904][T17317] netlink: 'syz.1.5403': attribute type 5 has an invalid length. [ 510.301919][T17317] netlink: 'syz.1.5403': attribute type 6 has an invalid length. [ 510.301932][T17317] netlink: 3 bytes leftover after parsing attributes in process `syz.1.5403'. [ 510.539853][T17326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5407'. [ 510.739941][T17334] netlink: 'syz.4.5411': attribute type 1 has an invalid length. [ 510.762573][ T5866] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 510.772931][ T9] usb 1-1: USB disconnect, device number 118 [ 510.939496][ T30] audit: type=1326 audit(1758802818.883:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17343 comm="syz.4.5416" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x0 [ 511.075485][T17353] netlink: 'syz.1.5420': attribute type 11 has an invalid length. [ 511.840827][T17402] trusted_key: encrypted_key: master key parameter is missing [ 512.061024][T17414] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5449'. [ 512.154011][T17416] netlink: 'syz.2.5451': attribute type 21 has an invalid length. [ 512.210839][T17416] netlink: 'syz.2.5451': attribute type 1 has an invalid length. [ 512.224712][T17416] netlink: 144 bytes leftover after parsing attributes in process `syz.2.5451'. [ 512.341949][T17428] dlm: non-version read from control device 0 [ 512.472953][T17434] netlink: 72 bytes leftover after parsing attributes in process `syz.2.5458'. [ 512.631284][T17441] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5464'. [ 512.785800][ T980] usb 2-1: new high-speed USB device number 109 using dummy_hcd [ 512.966637][ T980] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 512.998801][ T980] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 513.025452][ T980] usb 2-1: Product: syz [ 513.042793][ T980] usb 2-1: Manufacturer: syz [ 513.047411][ T980] usb 2-1: SerialNumber: syz [ 513.083879][ T980] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 513.116905][ T24] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 513.324526][T17480] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5483'. [ 513.512064][T17490] program syz.0.5487 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 513.565194][ T6015] usb 2-1: USB disconnect, device number 109 [ 513.672861][ T10] usb 3-1: new high-speed USB device number 108 using dummy_hcd [ 513.852768][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 513.864963][ T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 513.887708][ T10] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=7d.12 [ 513.907021][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 513.922105][ T10] usb 3-1: Product: syz [ 513.927708][ T10] usb 3-1: Manufacturer: syz [ 513.932419][ T10] usb 3-1: SerialNumber: syz [ 513.960982][ T10] usb 3-1: config 0 descriptor?? [ 513.966324][T17510] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 513.986088][ T10] gspca_main: spca501-2.14.0 probing 0000:0000 [ 514.123814][T17519] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate. [ 514.149536][ T24] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 514.179504][ T24] ath9k_htc: Failed to initialize the device [ 514.194359][ T6015] usb 2-1: ath9k_htc: USB layer deinitialized [ 514.249981][T17524] netlink: 'syz.0.5504': attribute type 4 has an invalid length. [ 514.390815][T17535] netlink: 88 bytes leftover after parsing attributes in process `syz.4.5509'. [ 514.410717][ T10] gspca_spca501: reg write: error -71 [ 514.420536][ T10] spca501 3-1:0.0: Reg write failed for 0x02,0xa048,0x00 [ 514.432814][ T10] spca501 3-1:0.0: probe with driver spca501 failed with error -22 [ 514.455308][ T10] usb 3-1: USB disconnect, device number 108 [ 514.541270][T17543] bond0: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0) [ 514.662733][ T6015] usb 2-1: new high-speed USB device number 110 using dummy_hcd [ 514.773337][T17557] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5520'. [ 514.822714][ T6015] usb 2-1: Using ep0 maxpacket: 16 [ 514.832407][ T6015] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 514.852121][ T6015] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.870869][ T6015] usb 2-1: Product: syz [ 514.875224][ T6015] usb 2-1: Manufacturer: syz [ 514.879822][ T6015] usb 2-1: SerialNumber: syz [ 514.889326][T17563] openvswitch: netlink: Unknown key attributes 2 [ 514.918633][ T6015] usb 2-1: config 0 descriptor?? [ 514.935603][ T6015] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 514.956239][ T6015] usb 2-1: Detected FT232H [ 514.981285][T17567] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 515.182034][T17579] IPv6: NLM_F_CREATE should be specified when creating new route [ 515.347602][ T6015] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 515.366832][ T6015] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71 [ 515.382682][ T886] usb 1-1: new high-speed USB device number 119 using dummy_hcd [ 515.399226][ T6015] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 515.412451][ T6015] usb 2-1: USB disconnect, device number 110 [ 515.445919][ T6015] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 515.473976][ T6015] ftdi_sio 2-1:0.0: device disconnected [ 515.580703][ T886] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 515.592462][ T886] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 515.608122][ T886] usb 1-1: Product: syz [ 515.612667][ T886] usb 1-1: Manufacturer: syz [ 515.630683][ T886] usb 1-1: SerialNumber: syz [ 515.657128][ T886] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 515.692747][ T10] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 515.946494][T17617] dlm: no locking on control device [ 516.118319][T17627] program syz.4.5552 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 516.136694][ T9] usb 1-1: USB disconnect, device number 119 [ 516.730463][T17664] netlink: 'syz.3.5570': attribute type 17 has an invalid length. [ 516.761431][T17664] netlink: 148 bytes leftover after parsing attributes in process `syz.3.5570'. [ 516.778570][ T30] audit: type=1326 audit(1758802824.723:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17663 comm="syz.2.5571" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x0 [ 516.818148][ T10] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 516.835176][ T10] ath9k_htc: Failed to initialize the device [ 516.846375][ T9] usb 1-1: ath9k_htc: USB layer deinitialized [ 516.987992][T17681] netlink: 7 bytes leftover after parsing attributes in process `syz.1.5577'. [ 517.041322][T17681] netlink: 7 bytes leftover after parsing attributes in process `syz.1.5577'. [ 517.202919][T17693] deleting an unspecified loop device is not supported. [ 517.423053][T17710] netlink: 144 bytes leftover after parsing attributes in process `syz.2.5593'. [ 517.522892][T17717] ipvlan0: entered promiscuous mode [ 517.811722][T17735] bond0: Error: Cannot enslave bond to itself. [ 517.843110][ T10] usb 5-1: new high-speed USB device number 119 using dummy_hcd [ 518.039298][ T10] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 518.050654][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.081296][ T10] usb 5-1: config 0 descriptor?? [ 518.107199][ T10] cp210x 5-1:0.0: cp210x converter detected [ 518.163973][T17757] openvswitch: netlink: IP tunnel dst address not specified [ 518.423042][ T5949] usb 4-1: new high-speed USB device number 113 using dummy_hcd [ 518.497573][T17779] netlink: 'syz.2.5628': attribute type 25 has an invalid length. [ 518.516789][ T10] cp210x 5-1:0.0: failed to get vendor val 0x370c size 13: -71 [ 518.524445][ T9] usb 2-1: new high-speed USB device number 111 using dummy_hcd [ 518.544355][ T10] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 518.565790][ T10] usb 5-1: cp210x converter now attached to ttyUSB0 [ 518.586896][ T10] usb 5-1: USB disconnect, device number 119 [ 518.605021][ T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 518.620556][ T5949] usb 4-1: unable to get BOS descriptor or descriptor too short [ 518.638237][ T10] cp210x 5-1:0.0: device disconnected [ 518.646602][ T5949] usb 4-1: config 3 has an invalid interface number: 19 but max is 0 [ 518.673381][ T5949] usb 4-1: config 3 has no interface number 0 [ 518.689562][ T5949] usb 4-1: config 3 interface 19 altsetting 9 bulk endpoint 0x8E has invalid maxpacket 32 [ 518.700594][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 518.716199][ T5949] usb 4-1: config 3 interface 19 altsetting 9 bulk endpoint 0xC has invalid maxpacket 64 [ 518.727410][ T9] usb 2-1: config 0 has an invalid interface number: 145 but max is 0 [ 518.740854][ T9] usb 2-1: config 0 has no interface number 0 [ 518.747612][ T5949] usb 4-1: config 3 interface 19 has no altsetting 0 [ 518.758620][ T5949] usb 4-1: New USB device found, idVendor=067b, idProduct=2303, bcdDevice=53.f5 [ 518.768519][ T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 518.782802][ T5949] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 518.791714][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 518.802571][ T5949] usb 4-1: Product: syz [ 518.807119][ T5949] usb 4-1: Manufacturer: syz [ 518.811717][ T5949] usb 4-1: SerialNumber: syz [ 518.816916][ T9] usb 2-1: Product: syz [ 518.821086][ T9] usb 2-1: Manufacturer: syz [ 518.837524][ T9] usb 2-1: SerialNumber: syz [ 518.842556][T17759] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 518.858530][T17759] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 518.868432][ T9] usb 2-1: config 0 descriptor?? [ 518.877776][ T9] hub 2-1:0.145: bad descriptor, ignoring hub [ 518.890962][ T9] hub 2-1:0.145: probe with driver hub failed with error -5 [ 518.910921][ T9] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.145/input/input104 [ 519.145181][ T5949] pl2303 4-1:3.19: required interrupt-in endpoint missing [ 519.182056][ T5949] usb 4-1: USB disconnect, device number 113 [ 519.313160][ T9] usb 2-1: USB disconnect, device number 111 [ 519.334156][T17807] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5642'. [ 519.596357][T17827] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5652'. [ 519.677466][T17833] syz.4.5655 uses obsolete (PF_INET,SOCK_PACKET) [ 519.949724][T17851] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5664'. [ 520.615074][T17895] netlink: 830 bytes leftover after parsing attributes in process `syz.0.5686'. [ 521.270860][T17939] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5707'. [ 521.284952][T17942] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 521.311497][T17945] netdevsim netdevsim3 : renamed from netdevsim0 [ 521.734073][T17975] netlink: 'syz.1.5724': attribute type 10 has an invalid length. [ 521.873434][T17975] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 522.162797][T17994] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5735'. [ 522.171811][T17994] netlink: 'syz.0.5735': attribute type 1 has an invalid length. [ 522.285597][T18002] program syz.1.5739 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 522.451933][T18014] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5745'. [ 522.851197][T18038] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5757'. [ 523.071241][T18050] netlink: 'syz.2.5762': attribute type 10 has an invalid length. [ 523.190061][T18050] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 523.256923][ T30] audit: type=1326 audit(1758802831.203:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18060 comm="syz.4.5769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 523.336691][ T30] audit: type=1326 audit(1758802831.223:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18060 comm="syz.4.5769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 523.412729][ T30] audit: type=1326 audit(1758802831.223:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18060 comm="syz.4.5769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 523.420027][T18066] netlink: 140 bytes leftover after parsing attributes in process `syz.0.5771'. [ 523.477540][ T30] audit: type=1326 audit(1758802831.223:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18060 comm="syz.4.5769" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 523.642952][T18081] netlink: 'syz.1.5777': attribute type 1 has an invalid length. [ 523.849827][T18095] netlink: 'syz.3.5783': attribute type 10 has an invalid length. [ 523.918849][T18095] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 523.921469][T18101] program syz.1.5787 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 523.995822][T18103] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5788'. [ 524.041595][T18107] netlink: 'syz.4.5789': attribute type 2 has an invalid length. [ 524.056730][T18107] netlink: 'syz.4.5789': attribute type 2 has an invalid length. [ 524.309929][T18123] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5800'. [ 524.477987][T18138] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5805'. [ 524.679303][T18147] ip6gre1: entered allmulticast mode [ 524.753851][T18154] netlink: 'syz.1.5814': attribute type 21 has an invalid length. [ 524.768309][T18154] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5814'. [ 524.784665][T18157] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5825'. [ 524.810677][T18158] netdevsim netdevsim4 : renamed from netdevsim0 (while UP) [ 525.507750][ T5949] usb 5-1: new high-speed USB device number 120 using dummy_hcd [ 525.677648][ T5949] usb 5-1: too many configurations: 241, using maximum allowed: 8 [ 525.721059][ T5949] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 525.736068][ T5949] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 525.766618][ T5949] usb 5-1: Product: syz [ 525.777197][ T5949] usb 5-1: Manufacturer: syz [ 525.794901][ T5949] usb 5-1: SerialNumber: syz [ 525.821276][ T5949] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 525.843418][ T10] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 526.206295][T18240] netlink: 188 bytes leftover after parsing attributes in process `syz.3.5841'. [ 526.215885][ C0] usb 5-1: ath9k_htc: over RX MAX_PKT_NUM [ 526.225648][T18243] netlink: 'syz.0.5839': attribute type 10 has an invalid length. [ 526.396595][T18243] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 526.429509][ T24] usb 5-1: USB disconnect, device number 120 [ 526.459311][T18252] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 526.957812][ T10] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 526.977772][ T10] ath9k_htc: Failed to initialize the device [ 527.008440][ T24] usb 5-1: ath9k_htc: USB layer deinitialized [ 527.030455][T18286] netlink: 'syz.4.5861': attribute type 10 has an invalid length. [ 527.039263][ T5949] usb 2-1: new high-speed USB device number 112 using dummy_hcd [ 527.091843][T18286] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 527.216687][ T5949] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 527.246200][ T5949] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 527.282671][ T5949] usb 2-1: Product: syz [ 527.290377][ T5949] usb 2-1: Manufacturer: syz [ 527.303044][ T5949] usb 2-1: SerialNumber: syz [ 527.323347][ T5949] usb 2-1: config 0 descriptor?? [ 527.458678][T18304] netlink: 'syz.0.5870': attribute type 2 has an invalid length. [ 527.477382][T18304] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5870'. [ 527.543100][ T5949] hso 2-1:0.0: Can't find BULK IN endpoint [ 527.550313][ T5949] usb-storage 2-1:0.0: USB Mass Storage device detected [ 527.784870][ T5949] usb 2-1: USB disconnect, device number 112 [ 528.210803][T18356] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5897'. [ 528.228742][ T30] audit: type=1326 audit(1758802836.173:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.4.5896" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 528.258944][ T30] audit: type=1326 audit(1758802836.173:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.4.5896" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 528.320086][ T30] audit: type=1326 audit(1758802836.203:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.4.5896" exe="/root/syz-executor" sig=0 arch=40000003 syscall=165 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 528.392861][ T30] audit: type=1326 audit(1758802836.203:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.4.5896" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 528.414772][ C1] vkms_vblank_simulate: vblank timer overrun [ 528.451017][T18364] netlink: 76 bytes leftover after parsing attributes in process `syz.1.5900'. [ 528.481965][ T30] audit: type=1326 audit(1758802836.203:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18357 comm="syz.4.5896" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 528.502872][T18370] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 528.757616][T18385] netlink: 'syz.3.5912': attribute type 10 has an invalid length. [ 528.856444][T18393] PM: Enabling pm_trace changes system date and time during resume. [ 528.856444][T18393] PM: Correct system time has to be restored manually after resume. [ 528.951513][T18400] process 'syz.1.5919' launched './file0' with NULL argv: empty string added [ 529.171175][T18412] netlink: 40743 bytes leftover after parsing attributes in process `syz.2.5924'. [ 529.862696][ T10] usb 4-1: new high-speed USB device number 114 using dummy_hcd [ 530.063633][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 530.070421][ T10] usb 4-1: config 0 has an invalid interface number: 97 but max is 0 [ 530.112706][ T10] usb 4-1: config 0 has no interface number 0 [ 530.118841][ T10] usb 4-1: too many endpoints for config 0 interface 97 altsetting 97: 97, using maximum allowed: 30 [ 530.137361][ T10] usb 4-1: config 0 interface 97 altsetting 97 has 0 endpoint descriptors, different from the interface descriptor's value: 97 [ 530.155052][ T10] usb 4-1: config 0 interface 97 has no altsetting 0 [ 530.165706][ T10] usb 4-1: New USB device found, idVendor=13d3, idProduct=3211, bcdDevice=cb.d7 [ 530.181730][ T10] usb 4-1: New USB device strings: Mfr=1, Product=18, SerialNumber=3 [ 530.190249][ T10] usb 4-1: Product: syz [ 530.208089][ T10] usb 4-1: Manufacturer: syz [ 530.213937][ T10] usb 4-1: SerialNumber: syz [ 530.224142][ T10] usb 4-1: config 0 descriptor?? [ 530.265288][ T5949] usb 3-1: new high-speed USB device number 109 using dummy_hcd [ 530.426246][ T5949] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 530.451242][ T10] usb 4-1: USB disconnect, device number 114 [ 530.467986][ T5949] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 530.484875][ T5949] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 530.509868][ T5949] usb 3-1: Product: syz [ 530.522742][ T5949] usb 3-1: Manufacturer: syz [ 530.527585][ T5949] usb 3-1: SerialNumber: syz [ 530.559211][ T5949] usb 3-1: config 0 descriptor?? [ 530.598706][T18495] bridge2: entered promiscuous mode [ 530.781290][ T10] usb 3-1: USB disconnect, device number 109 [ 530.948992][T18519] netlink: 'syz.1.5974': attribute type 21 has an invalid length. [ 530.959100][T18519] netlink: 128 bytes leftover after parsing attributes in process `syz.1.5974'. [ 530.972185][T18519] netlink: 'syz.1.5974': attribute type 5 has an invalid length. [ 530.987781][T18519] netlink: 'syz.1.5974': attribute type 6 has an invalid length. [ 530.997767][T18519] netlink: 3 bytes leftover after parsing attributes in process `syz.1.5974'. [ 531.081405][T18525] netlink: 'syz.4.5980': attribute type 4 has an invalid length. [ 531.096902][T18525] netlink: 17 bytes leftover after parsing attributes in process `syz.4.5980'. [ 531.312025][T18541] netlink: 'syz.4.5987': attribute type 4 has an invalid length. [ 531.319969][T18541] netlink: 152 bytes leftover after parsing attributes in process `syz.4.5987'. [ 531.331847][T18541] wlan1: mtu less than device minimum [ 531.378265][T18547] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5988'. [ 531.532843][ T30] audit: type=1326 audit(1758802839.473:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18552 comm="syz.4.5993" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 531.610949][ T30] audit: type=1326 audit(1758802839.473:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18552 comm="syz.4.5993" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 531.632899][ C1] vkms_vblank_simulate: vblank timer overrun [ 531.686063][ T30] audit: type=1326 audit(1758802839.513:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18552 comm="syz.4.5993" exe="/root/syz-executor" sig=0 arch=40000003 syscall=162 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 531.716834][ T30] audit: type=1326 audit(1758802839.513:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18552 comm="syz.4.5993" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 531.750632][ T5949] usb 1-1: new high-speed USB device number 120 using dummy_hcd [ 531.764404][ T30] audit: type=1326 audit(1758802839.513:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18552 comm="syz.4.5993" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 531.952715][ T5949] usb 1-1: Using ep0 maxpacket: 32 [ 531.974814][ T5949] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10 [ 531.993879][ T5949] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024 [ 532.015972][ T5949] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 532.044920][ T5949] usb 1-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 532.058499][ T5949] usb 1-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 532.071308][ T5949] usb 1-1: Product: syz [ 532.080145][ T5949] usb 1-1: Manufacturer: syz [ 532.090603][ T5949] usb 1-1: SerialNumber: syz [ 532.128132][ T5949] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input105 [ 532.182778][ T5950] usb 5-1: new high-speed USB device number 121 using dummy_hcd [ 532.232697][ T24] usb 2-1: new full-speed USB device number 113 using dummy_hcd [ 532.331529][ T980] usb 1-1: USB disconnect, device number 120 [ 532.345985][ T5950] usb 5-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 532.363036][ T5950] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 532.379685][ T980] appletouch 1-1:1.0: input: appletouch disconnected [ 532.396683][ T5950] usb 5-1: config 0 descriptor?? [ 532.402082][ T24] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 532.418219][ T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 532.436644][ T5950] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 532.452743][ T24] usb 2-1: config 0 has no interface number 0 [ 532.458865][ T24] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 532.492133][ T24] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 255, setting to 64 [ 532.503731][T18604] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048) [ 532.513665][ T24] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 532.543296][ T24] usb 2-1: config 0 interface 52 has no altsetting 0 [ 532.565044][ T24] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 532.574324][ T24] usb 2-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 532.596056][ T24] usb 2-1: Product: syz [ 532.600270][ T24] usb 2-1: SerialNumber: syz [ 532.623920][ T24] usb 2-1: config 0 descriptor?? [ 532.844423][ T5950] gspca_sunplus: reg_w_riv err -71 [ 532.849716][ T5950] sunplus 5-1:0.0: probe with driver sunplus failed with error -71 [ 532.880242][ T24] input: syz (Stick) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input106 [ 532.900059][ T5950] usb 5-1: USB disconnect, device number 121 [ 533.131371][ T5949] usb 2-1: USB disconnect, device number 113 [ 533.131431][ C1] synaptics_usb 2-1:0.52: synusb_irq - usb_submit_urb failed with result: -19 [ 533.202142][ T30] audit: type=1326 audit(1758802841.143:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18633 comm="syz.2.6030" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 533.249005][ T30] audit: type=1326 audit(1758802841.143:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18633 comm="syz.2.6030" exe="/root/syz-executor" sig=0 arch=40000003 syscall=453 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 534.001954][T18678] netlink: 'syz.0.6051': attribute type 21 has an invalid length. [ 534.031811][T18678] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6051'. [ 534.074931][T18682] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6053'. [ 534.108646][T18681] netlink: 136 bytes leftover after parsing attributes in process `syz.2.6052'. [ 534.158923][T18684] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 534.292871][T18692] program syz.2.6058 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 534.350437][T18695] netlink: 'syz.0.6059': attribute type 16 has an invalid length. [ 534.510476][T18706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6064'. [ 534.708275][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 534.708294][ T30] audit: type=1326 audit(1758802842.653:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18720 comm="syz.0.6073" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 534.795734][ T30] audit: type=1326 audit(1758802842.653:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18720 comm="syz.0.6073" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 534.852514][ T30] audit: type=1326 audit(1758802842.673:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18720 comm="syz.0.6073" exe="/root/syz-executor" sig=0 arch=40000003 syscall=47 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 534.913065][T18732] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6076'. [ 534.938259][ T30] audit: type=1326 audit(1758802842.673:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18720 comm="syz.0.6073" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 535.018450][ T30] audit: type=1326 audit(1758802842.673:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18720 comm="syz.0.6073" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 535.488705][T18763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6092'. [ 535.692841][ T10] usb 1-1: new high-speed USB device number 121 using dummy_hcd [ 535.858316][T18789] openvswitch: netlink: Tunnel attr 5 has unexpected len 4 expected 0 [ 535.863428][ T10] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 535.899081][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 535.919092][ T10] usb 1-1: Product: syz [ 535.934469][ T10] usb 1-1: Manufacturer: syz [ 535.942907][ T10] usb 1-1: SerialNumber: syz [ 535.960932][ T10] usb 1-1: config 0 descriptor?? [ 536.203469][ T10] hso 1-1:0.0: Failed to find BULK IN ep [ 536.231653][ T10] usb-storage 1-1:0.0: USB Mass Storage device detected [ 536.393943][ T5950] usb 4-1: new full-speed USB device number 115 using dummy_hcd [ 536.411023][ T10] usb 1-1: USB disconnect, device number 121 [ 536.558130][ T5950] usb 4-1: config 0 has an invalid interface number: 52 but max is 0 [ 536.581749][ T5950] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 536.602764][ T5950] usb 4-1: config 0 has no interface number 0 [ 536.608921][ T5950] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 536.629215][ T5950] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 255, setting to 64 [ 536.642015][ T5950] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 536.662145][ T5950] usb 4-1: config 0 interface 52 has no altsetting 0 [ 536.679784][ T5950] usb 4-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 536.693517][ T5950] usb 4-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 536.701845][ T5950] usb 4-1: Product: syz [ 536.707056][ T5950] usb 4-1: SerialNumber: syz [ 536.717672][ T5950] usb 4-1: config 0 descriptor?? [ 536.732863][ T9] usb 3-1: new high-speed USB device number 110 using dummy_hcd [ 536.899299][ T9] usb 3-1: config 48 has an invalid descriptor of length 0, skipping remainder of the config [ 536.916255][ T9] usb 3-1: config 48 interface 0 altsetting 98 endpoint 0x4 has an invalid bInterval 0, changing to 7 [ 536.937772][ T9] usb 3-1: config 48 interface 0 altsetting 98 endpoint 0x4 has invalid wMaxPacketSize 0 [ 536.942044][ T5950] input: syz (Stick) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input107 [ 536.973420][ T9] usb 3-1: config 48 interface 0 altsetting 98 endpoint 0x8 has an invalid bInterval 0, changing to 7 [ 536.993268][ T9] usb 3-1: config 48 interface 0 altsetting 98 endpoint 0x8 has invalid wMaxPacketSize 0 [ 537.028565][ T9] usb 3-1: config 48 interface 0 altsetting 98 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 537.072789][ T9] usb 3-1: config 48 interface 0 has no altsetting 0 [ 537.096389][ T9] usb 3-1: New USB device found, idVendor=1784, idProduct=0006, bcdDevice=bb.2f [ 537.108674][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 537.139555][ T9] usb 3-1: Product: syz [ 537.153613][ T9] usb 3-1: Manufacturer: syz [ 537.158256][ T9] usb 3-1: SerialNumber: syz [ 537.242971][ T24] usb 4-1: USB disconnect, device number 115 [ 537.313086][ T5950] usb 1-1: new high-speed USB device number 122 using dummy_hcd [ 537.435656][ T9] usb 3-1: USB disconnect, device number 110 [ 537.474927][ T5950] usb 1-1: Using ep0 maxpacket: 8 [ 537.495899][ T5950] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 537.522959][ T5950] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 537.542357][ T5950] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 537.560262][ T5950] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 537.569579][ T5950] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 537.589410][ T5950] usb 1-1: Product: syz [ 537.600535][ T5950] usb 1-1: Manufacturer: syz [ 537.610338][ T5950] usb 1-1: SerialNumber: syz [ 537.844767][ T5950] usb 1-1: 0:2 : does not exist [ 537.883631][ T5950] usb 1-1: USB disconnect, device number 122 [ 537.948740][T18891] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6155'. [ 537.966040][T18470] udevd[18470]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 538.169122][T18903] netlink: 'syz.1.6161': attribute type 1 has an invalid length. [ 538.681434][T18935] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6176'. [ 538.814459][T18935] bond1: entered promiscuous mode [ 538.843996][T18935] bond1: entered allmulticast mode [ 538.860331][T18935] 8021q: adding VLAN 0 to HW filter on device bond1 [ 539.131822][T18957] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6187'. [ 539.142350][T18958] sctp: [Deprecated]: syz.2.6186 (pid 18958) Use of int in maxseg socket option. [ 539.142350][T18958] Use struct sctp_assoc_value instead [ 539.161955][T18957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6187'. [ 539.195485][T18961] netlink: 6 bytes leftover after parsing attributes in process `syz.0.6188'. [ 539.239555][T18961] netlink: 6 bytes leftover after parsing attributes in process `syz.0.6188'. [ 539.330528][T18969] (unnamed net_device) (uninitialized): option arp_interval: mode dependency failed, not supported in mode balance-alb(6) [ 539.526861][T18983] netlink: 9 bytes leftover after parsing attributes in process `syz.0.6198'. [ 539.563015][T18983] 0: renamed from hsr_slave_1 (while UP) [ 539.617462][T18983] 0: entered allmulticast mode [ 539.642554][T18983] A link change request failed with some changes committed already. Interface c0 may have been left with an inconsistent configuration, please check. [ 539.731477][T18994] libceph: resolve '4.' (ret=-3): failed [ 539.873746][T19001] veth1_macvtap: left promiscuous mode [ 539.923853][T19007] kernel profiling enabled (shift: 0) [ 540.812742][ T30] audit: type=1326 audit(1758802848.743:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19051 comm="syz.4.6232" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 540.862760][ T30] audit: type=1326 audit(1758802848.743:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19051 comm="syz.4.6232" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 540.941697][ T30] audit: type=1326 audit(1758802848.753:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19051 comm="syz.4.6232" exe="/root/syz-executor" sig=0 arch=40000003 syscall=131 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 541.008530][ T30] audit: type=1326 audit(1758802848.803:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19051 comm="syz.4.6232" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 541.082702][ T30] audit: type=1326 audit(1758802848.803:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19051 comm="syz.4.6232" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7ffc0000 [ 541.359972][T19007] syz.2.6210: vmalloc error: size 704155648, failed to allocated page array size 1375304, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 541.442797][T19007] CPU: 0 UID: 0 PID: 19007 Comm: syz.2.6210 Not tainted syzkaller #0 PREEMPT(full) [ 541.442831][T19007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 541.442846][T19007] Call Trace: [ 541.442856][T19007] [ 541.442866][T19007] dump_stack_lvl+0x189/0x250 [ 541.442897][T19007] ? __pfx_dump_stack_lvl+0x10/0x10 [ 541.442920][T19007] ? __pfx__printk+0x10/0x10 [ 541.442946][T19007] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 541.442968][T19007] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 541.442993][T19007] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 541.443018][T19007] warn_alloc+0x214/0x310 [ 541.443052][T19007] ? __pfx_warn_alloc+0x10/0x10 [ 541.443089][T19007] ? __get_vm_area_node+0x28f/0x300 [ 541.443114][T19007] ? profile_init+0xb4/0x100 [ 541.443148][T19007] __vmalloc_node_range_noprof+0x67e/0x12f0 [ 541.443201][T19007] ? policy_nodemask+0x27c/0x720 [ 541.443231][T19007] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 541.443256][T19007] ? alloc_pages_mpol+0x3cd/0x4a0 [ 541.443285][T19007] ? profile_init+0xb4/0x100 [ 541.443309][T19007] vzalloc_noprof+0xb2/0xf0 [ 541.443333][T19007] ? profile_init+0xb4/0x100 [ 541.443358][T19007] profile_init+0xb4/0x100 [ 541.443383][T19007] profiling_store+0x70/0x120 [ 541.443405][T19007] ? __pfx_sysfs_kf_write+0x10/0x10 [ 541.443422][T19007] kernfs_fop_write_iter+0x3af/0x540 [ 541.443456][T19007] vfs_write+0x5c6/0xb30 [ 541.443487][T19007] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 541.443512][T19007] ? __pfx_vfs_write+0x10/0x10 [ 541.443543][T19007] ? __fget_files+0x2a/0x420 [ 541.443575][T19007] ksys_write+0x145/0x250 [ 541.443601][T19007] ? __pfx_ksys_write+0x10/0x10 [ 541.443629][T19007] ? lockdep_hardirqs_on+0x9c/0x150 [ 541.443653][T19007] __do_fast_syscall_32+0xb6/0x2b0 [ 541.443683][T19007] do_fast_syscall_32+0x34/0x80 [ 541.443703][T19007] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 541.443729][T19007] RIP: 0023:0xf70ce539 [ 541.443751][T19007] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 541.443767][T19007] RSP: 002b:00000000f54be55c EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 541.443787][T19007] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240 [ 541.443800][T19007] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000000 [ 541.443811][T19007] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 541.443822][T19007] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 541.443834][T19007] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 541.443865][T19007] [ 541.443877][T19007] Mem-Info: [ 541.714760][T19007] active_anon:4980 inactive_anon:0 isolated_anon:0 [ 541.714760][T19007] active_file:3333 inactive_file:40069 isolated_file:0 [ 541.714760][T19007] unevictable:768 dirty:432 writeback:0 [ 541.714760][T19007] slab_reclaimable:11412 slab_unreclaimable:99749 [ 541.714760][T19007] mapped:29234 shmem:1356 pagetables:1216 [ 541.714760][T19007] sec_pagetables:0 bounce:0 [ 541.714760][T19007] kernel_misc_reclaimable:0 [ 541.714760][T19007] free:1299290 free_pcp:12193 free_cma:0 [ 541.760294][T19007] Node 0 active_anon:19908kB inactive_anon:0kB active_file:13332kB inactive_file:160072kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116924kB dirty:1736kB writeback:0kB shmem:3888kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11788kB pagetables:4652kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 541.810598][T19007] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 541.863140][T19007] Node 0 DMA free:15356kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 541.901531][T19007] lowmem_reserve[]: 0 2497 2499 2499 2499 [ 541.910688][T19007] Node 0 DMA32 free:1285400kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:19832kB inactive_anon:0kB active_file:13332kB inactive_file:158512kB unevictable:1536kB writepending:1728kB present:3129332kB managed:2557416kB mlocked:0kB bounce:0kB free_pcp:29280kB local_pcp:14892kB free_cma:0kB [ 542.017198][T19007] lowmem_reserve[]: 0 0 1 1 1 [ 542.027308][T19007] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1568kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 542.039530][T19100] geneve2: entered promiscuous mode [ 542.065742][T19007] lowmem_reserve[]: 0 0 0 0 0 [ 542.070515][T19007] Node 1 Normal free:3896352kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:20064kB local_pcp:9952kB free_cma:0kB [ 542.103112][T19007] lowmem_reserve[]: 0 0 0 0 0 [ 542.108354][T19007] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15356kB [ 542.151005][T19007] Node 0 DMA32: 1042*4kB (M) 230*8kB (ME) 44*16kB (ME) 15*32kB (UM) 24*64kB (UME) 10*128kB (M) 10*256kB (UME) 10*512kB (UME) 2*1024kB (UM) 2*2048kB (UM) 308*4096kB (M) = 1285400kB [ 542.200767][T19007] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB [ 542.242991][T19007] Node 1 Normal: 198*4kB (U) 61*8kB (UME) 54*16kB (UME) 80*32kB (UME) 35*64kB (UME) 8*128kB (UME) 5*256kB (UME) 2*512kB (M) 1*1024kB (M) 1*2048kB (E) 948*4096kB (M) = 3896352kB [ 542.279795][T19110] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 542.292903][T19110] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 542.293036][T19007] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 542.370425][T19007] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=2 hugepages_size=2048kB [ 542.390667][T19007] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 542.433381][T19007] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 542.476640][T19007] 44755 total pagecache pages [ 542.481376][T19007] 0 pages in swap cache [ 542.511564][T19007] Free swap = 124996kB [ 542.519212][T19007] Total swap = 124996kB [ 542.526527][T19007] 2097051 pages RAM [ 542.530367][T19007] 0 pages HighMem/MovableOnly [ 542.537633][T19007] 425671 pages reserved [ 542.542277][T19007] 0 pages cma reserved [ 542.599249][T19127] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 543.201010][T19156] netlink: 'syz.3.6284': attribute type 21 has an invalid length. [ 544.051796][T19209] program syz.3.6309 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 544.119809][T19213] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6311'. [ 544.282721][ T10] usb 2-1: new high-speed USB device number 114 using dummy_hcd [ 544.348138][T19225] netlink: 'syz.3.6317': attribute type 6 has an invalid length. [ 544.382757][T19225] netlink: 176 bytes leftover after parsing attributes in process `syz.3.6317'. [ 544.443604][ T10] usb 2-1: Using ep0 maxpacket: 32 [ 544.454351][ T10] usb 2-1: config 0 has an invalid interface number: 12 but max is 0 [ 544.480592][ T10] usb 2-1: config 0 has no interface number 0 [ 544.497091][ T10] usb 2-1: config 0 interface 12 has no altsetting 0 [ 544.523833][ T10] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 544.548422][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 544.582679][ T10] usb 2-1: Product: syz [ 544.592100][ T10] usb 2-1: Manufacturer: syz [ 544.601680][ T10] usb 2-1: SerialNumber: syz [ 544.625691][ T10] usb 2-1: config 0 descriptor?? [ 545.076060][ T10] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 545.103447][ T10] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71 [ 545.128166][ T10] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 545.141571][ T10] f81534 2-1:0.12: probe with driver f81534 failed with error -71 [ 545.171863][ T10] usb 2-1: USB disconnect, device number 114 [ 546.205552][T19336] delete_channel: no stack [ 546.454653][T19355] netlink: 'syz.0.6379': attribute type 10 has an invalid length. [ 546.462493][T19355] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6379'. [ 546.495763][T19355] batman_adv: batadv0: Adding interface: virt_wifi0 [ 546.502379][T19355] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 546.589501][T19355] batman_adv: batadv0: Interface activated: virt_wifi0 [ 546.620089][T19366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6384'. [ 546.672001][T19369] netlink: 'syz.1.6386': attribute type 1 has an invalid length. [ 546.993534][ T5948] usb 1-1: new high-speed USB device number 123 using dummy_hcd [ 547.146926][ T5948] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 547.169388][ T5948] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 547.208268][ T5948] usb 1-1: config 0 descriptor?? [ 547.230182][ T5948] cp210x 1-1:0.0: cp210x converter detected [ 547.334301][T19406] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6403'. [ 547.453078][ T30] audit: type=1326 audit(1758802855.403:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19409 comm="syz.2.6406" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 547.508138][ T30] audit: type=1326 audit(1758802855.423:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19409 comm="syz.2.6406" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 547.530128][ C1] vkms_vblank_simulate: vblank timer overrun [ 547.562741][ T30] audit: type=1326 audit(1758802855.433:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19409 comm="syz.2.6406" exe="/root/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 547.638719][ T30] audit: type=1326 audit(1758802855.433:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19409 comm="syz.2.6406" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 547.644600][ T5948] usb 1-1: cp210x converter now attached to ttyUSB0 [ 547.732672][ T30] audit: type=1326 audit(1758802855.433:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19409 comm="syz.2.6406" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 547.734760][ T5948] usb 1-1: USB disconnect, device number 123 [ 547.819097][ T5948] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 547.856780][ T5948] cp210x 1-1:0.0: device disconnected [ 548.652808][T19482] netlink: 'syz.0.6441': attribute type 7 has an invalid length. [ 548.671623][T19482] netlink: 'syz.0.6441': attribute type 8 has an invalid length. [ 549.260537][T19527] hfs: unable to load iocharset "I#hIars8Ύ wѷ}+[S_. ,s$nFBlbSR,.R]^kRL/J}&o9b6\wm$xCdeOjocڅ`1҆m#CX^ݾO;;󣫭Xp!+ƇK=A a2HKA rp" [ 549.281259][ C1] vkms_vblank_simulate: vblank timer overrun [ 549.532480][T19547] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6473'. [ 549.659145][T19553] usb usb8: usbfs: process 19553 (syz.2.6476) did not claim interface 0 before use [ 550.035473][T19583] netlink: 100 bytes leftover after parsing attributes in process `syz.4.6491'. [ 550.044796][T19583] netlink: 100 bytes leftover after parsing attributes in process `syz.4.6491'. [ 550.056703][ T5948] usb 3-1: new full-speed USB device number 111 using dummy_hcd [ 550.123424][ T980] usb 2-1: new high-speed USB device number 115 using dummy_hcd [ 550.216662][ T5948] usb 3-1: New USB device found, idVendor=14f7, idProduct=0500, bcdDevice=44.85 [ 550.241020][ T5948] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 550.265018][ T5948] usb 3-1: Product: syz [ 550.273025][ T5948] usb 3-1: Manufacturer: syz [ 550.277633][ T5948] usb 3-1: SerialNumber: syz [ 550.293805][ T980] usb 2-1: config 0 has an invalid interface number: 95 but max is 0 [ 550.302091][ T980] usb 2-1: config 0 has no interface number 0 [ 550.308524][T19599] netlink: 'syz.3.6498': attribute type 5 has an invalid length. [ 550.316453][ T5948] usb 3-1: config 0 descriptor?? [ 550.321532][ T980] usb 2-1: config 0 interface 95 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 8 [ 550.339491][T19599] netlink: 176 bytes leftover after parsing attributes in process `syz.3.6498'. [ 550.340526][ T5948] usb 3-1: selecting invalid altsetting 1 [ 550.366011][ T980] usb 2-1: New USB device found, idVendor=7725, idProduct=b0a8, bcdDevice= 7.46 [ 550.382911][ T980] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 550.391034][ T5948] technisat-usb2: could not set alternate setting to 0 [ 550.401274][ T980] usb 2-1: Product: syz [ 550.411292][ T980] usb 2-1: Manufacturer: syz [ 550.418532][ T980] usb 2-1: SerialNumber: syz [ 550.426888][ T980] usb 2-1: config 0 descriptor?? [ 550.433188][T19571] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 550.497706][T19605] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6502'. [ 550.552739][ T5948] technisat-usb2: firmware version: 0.0 [ 550.558375][ T5948] dvb-usb: found a 'Technisat SkyStar USB HD (DVB-S/S2)' in warm state. [ 550.658906][ T980] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 550.683923][ T980] usb 2-1: MIDIStreaming interface descriptor not found [ 550.747595][ T980] usb 2-1: USB disconnect, device number 115 [ 550.793614][ T5948] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 550.884619][ T5948] dvb-usb: Technisat SkyStar USB HD (DVB-S/S2) error while loading driver (-19) [ 550.911037][T19626] udevd[19626]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.95/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 550.950920][ T5948] usb 3-1: USB disconnect, device number 111 [ 551.206114][T19643] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6519'. [ 551.402572][T19653] netlink: 'syz.1.6524': attribute type 6 has an invalid length. [ 551.438360][T19657] netlink: 'syz.3.6526': attribute type 30 has an invalid length. [ 551.468540][T19657] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6526'. [ 551.516685][T19657] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4) [ 551.551917][T19665] netlink: 'syz.1.6529': attribute type 21 has an invalid length. [ 551.592785][T19665] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6529'. [ 551.818294][T19684] kernel read not supported for file /  (pid: 19684 comm: syz.1.6540) [ 551.836311][ T30] audit: type=1800 audit(1758802859.783:113): pid=19684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.6540" name=200120 dev="mqueue" ino=51076 res=0 errno=0 [ 552.062499][T19699] libceph: resolve '4.' (ret=-3): failed [ 552.256483][T19713] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6554'. [ 552.344083][T19719] netlink: 232 bytes leftover after parsing attributes in process `syz.4.6557'. [ 552.711751][T19743] netlink: 'syz.1.6569': attribute type 12 has an invalid length. [ 552.760843][T19745] netlink: 'syz.2.6570': attribute type 13 has an invalid length. [ 553.001627][T19761] netlink: 'syz.3.6578': attribute type 3 has an invalid length. [ 553.049296][T19769] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 553.065097][T19766] netlink: 'syz.0.6579': attribute type 6 has an invalid length. [ 553.942718][ T5949] usb 2-1: new high-speed USB device number 116 using dummy_hcd [ 554.036254][T19836] netlink: 'syz.2.6615': attribute type 9 has an invalid length. [ 554.118408][ T5949] usb 2-1: Using ep0 maxpacket: 16 [ 554.129020][ T5949] usb 2-1: config 0 has an invalid interface number: 41 but max is 0 [ 554.153683][ T5949] usb 2-1: config 0 has no interface number 0 [ 554.164895][ T5949] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 554.194618][ T5949] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 554.223000][ T5949] usb 2-1: config 0 interface 41 has no altsetting 0 [ 554.239784][T19847] netlink: 'syz.2.6621': attribute type 2 has an invalid length. [ 554.261127][ T5949] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a [ 554.294786][ T5949] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 554.322814][ T5949] usb 2-1: Product: syz [ 554.333850][ T5949] usb 2-1: Manufacturer: syz [ 554.341941][ T5949] usb 2-1: SerialNumber: syz [ 554.370675][ T5949] usb 2-1: config 0 descriptor?? [ 554.392735][T19809] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 554.400107][T19854] program syz.3.6624 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 554.421558][T19809] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 554.443411][T19859] netlink: 'syz.2.6627': attribute type 6 has an invalid length. [ 554.594660][T19868] misc userio: Invalid payload size [ 554.617199][T19869] __nla_validate_parse: 5 callbacks suppressed [ 554.617215][T19869] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6632'. [ 554.674988][ T5949] dm9601 2-1:0.41: probe with driver dm9601 failed with error -71 [ 554.699036][ T5949] sr9700 2-1:0.41: probe with driver sr9700 failed with error -71 [ 554.732901][ T5949] usb 2-1: USB disconnect, device number 116 [ 554.972764][ T5948] usb 1-1: new high-speed USB device number 124 using dummy_hcd [ 555.128960][ T5948] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 555.151258][ T5948] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 555.170245][ T5948] usb 1-1: Product: syz [ 555.188982][ T5948] usb 1-1: Manufacturer: syz [ 555.196653][ T5948] usb 1-1: SerialNumber: syz [ 555.208159][ T5948] usb 1-1: config 0 descriptor?? [ 555.224785][ T5948] ch341 1-1:0.0: ch341-uart converter detected [ 555.262786][ T5949] usb 3-1: new high-speed USB device number 112 using dummy_hcd [ 555.445279][ T5949] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 555.462070][ T5949] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 555.490861][ T5949] usb 3-1: config 0 descriptor?? [ 555.504147][ T5949] cp210x 3-1:0.0: cp210x converter detected [ 555.631172][ T5948] usb 1-1: failed to send control message: -71 [ 555.648292][ T5948] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 555.690781][ T5948] usb 1-1: USB disconnect, device number 124 [ 555.748122][ T5948] ch341 1-1:0.0: device disconnected [ 555.754939][ T5949] usb 3-1: cp210x converter now attached to ttyUSB1 [ 555.774241][T19935] delete_channel: no stack [ 555.938462][ T5949] usb 3-1: USB disconnect, device number 112 [ 555.950548][ T5949] cp210x ttyUSB1: cp210x converter now disconnected from ttyUSB1 [ 555.991727][ T5949] cp210x 3-1:0.0: device disconnected [ 556.716262][T19990] netlink: 'syz.4.6690': attribute type 30 has an invalid length. [ 556.842223][T19998] IPVS: length: 139 != 8 [ 557.345852][T20031] netlink: 'syz.1.6709': attribute type 15 has an invalid length. [ 557.398668][T20026] ip6erspan0: entered promiscuous mode [ 557.439135][T20034] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6713'. [ 557.989740][T20074] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6732'. [ 558.384038][T20101] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 559.158642][T20151] tipc: Can't bind to reserved service type 2 [ 559.405554][T20163] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 559.414994][T20166] openvswitch: netlink: Message has 192 unknown bytes. [ 559.424912][T20166] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 559.930389][ T5866] Bluetooth: hci4: unexpected event for opcode 0x0402 [ 560.323793][T20227] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6806'. [ 560.431643][T20234] program syz.1.6809 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 560.485097][T20237] netlink: 'syz.2.6810': attribute type 21 has an invalid length. [ 560.510601][T20237] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6810'. [ 560.852880][T20260] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 561.190158][T20283] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6834'. [ 561.492548][ T30] audit: type=1326 audit(1758802869.433:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20298 comm="syz.2.6840" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 561.556033][T20303] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6842'. [ 561.600638][ T30] audit: type=1326 audit(1758802869.433:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20298 comm="syz.2.6840" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 561.675809][ T30] audit: type=1326 audit(1758802869.443:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20298 comm="syz.2.6840" exe="/root/syz-executor" sig=0 arch=40000003 syscall=291 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 561.753048][ T30] audit: type=1326 audit(1758802869.443:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20298 comm="syz.2.6840" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 561.788571][ T30] audit: type=1326 audit(1758802869.443:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20298 comm="syz.2.6840" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce539 code=0x7ffc0000 [ 561.863220][T20318] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode balance-tlb(5) [ 562.111303][T20339] netlink: 'syz.2.6859': attribute type 9 has an invalid length. [ 562.371951][T20356] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 562.484425][T20362] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 562.793726][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.800135][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.997694][T20395] netlink: 92 bytes leftover after parsing attributes in process `syz.4.6887'. [ 563.027136][T20395] netlink: 56 bytes leftover after parsing attributes in process `syz.4.6887'. [ 563.526679][T20429] netlink: 168 bytes leftover after parsing attributes in process `syz.1.6905'. [ 563.579327][T20433] netlink: 'syz.4.6906': attribute type 9 has an invalid length. [ 563.889554][T20449] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6914'. [ 564.918603][T20523] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6951'. [ 564.999018][T20527] netlink: 'syz.2.6953': attribute type 1 has an invalid length. [ 565.099701][T20531] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6958'. [ 565.154975][T20538] openvswitch: netlink: Missing key (keys=40, expected=80) [ 565.460530][T20560] netlink: 'syz.2.6969': attribute type 1 has an invalid length. [ 565.942738][ T5948] usb 4-1: new high-speed USB device number 116 using dummy_hcd [ 566.092705][ T5948] usb 4-1: Using ep0 maxpacket: 16 [ 566.100546][ T5948] usb 4-1: config 252 has an invalid interface number: 15 but max is 0 [ 566.120393][ T5948] usb 4-1: config 252 has no interface number 0 [ 566.130007][ T5948] usb 4-1: config 252 interface 15 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 566.165838][T20604] sctp: [Deprecated]: syz.4.6990 (pid 20604) Use of struct sctp_assoc_value in delayed_ack socket option. [ 566.165838][T20604] Use struct sctp_sack_info instead [ 566.179375][ T5948] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=2b.29 [ 566.203409][ T5948] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 566.211887][ T5948] usb 4-1: Product: syz [ 566.239451][ T5948] usb 4-1: Manufacturer: syz [ 566.248389][ T5948] usb 4-1: SerialNumber: syz [ 566.282495][ T5948] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 566.372089][T20619] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6996'. [ 566.546017][T20629] netlink: 'syz.0.7002': attribute type 1 has an invalid length. [ 566.547595][ T24] usb 4-1: USB disconnect, device number 116 [ 566.556007][ T12] usb 4-1: Failed to submit usb control message: -71 [ 566.577461][ T12] usb 4-1: unable to send the bmi data to the device: -71 [ 566.586462][ T12] usb 4-1: unable to get target info from device [ 566.595653][T20632] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7001'. [ 566.598938][ T12] usb 4-1: could not get target info (-71) [ 566.629714][ T12] usb 4-1: could not probe fw (-71) [ 567.086784][T20658] (unnamed net_device) (uninitialized): option arp_validate: mode dependency failed, not supported in mode balance-alb(6) [ 567.163151][T20662] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7016'. [ 567.175319][T20664] netlink: 'syz.1.7018': attribute type 32 has an invalid length. [ 567.192700][T20664] netlink: 'syz.1.7018': attribute type 32 has an invalid length. [ 567.666697][T20697] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7034'. [ 568.178368][T20734] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7053'. [ 568.223281][ T980] usb 2-1: new high-speed USB device number 117 using dummy_hcd [ 568.387375][ T980] usb 2-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c [ 568.413184][ T980] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 568.432128][ T980] usb 2-1: Product: syz [ 568.441100][ T980] usb 2-1: Manufacturer: syz [ 568.451683][ T980] usb 2-1: SerialNumber: syz [ 568.472851][ T980] usb 2-1: config 0 descriptor?? [ 568.600867][T20761] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 568.915188][ T980] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 568.946325][ T980] asix 2-1:0.0: probe with driver asix failed with error -71 [ 568.965763][ T980] usb 2-1: USB disconnect, device number 117 [ 569.117954][T20793] RDS: rds_bind could not find a transport for fe88::103, load rds_tcp or rds_rdma? [ 569.518051][T20819] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7091'. [ 570.248581][T20864] nvme_fabrics: unknown parameter or missing value 'V' in ctrl creation request [ 570.454879][T20880] netlink: 'syz.0.7121': attribute type 10 has an invalid length. [ 570.492364][T20880] macvlan0: entered promiscuous mode [ 570.550391][T20880] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 570.834153][ T30] audit: type=1326 audit(1758802878.783:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20905 comm="syz.0.7134" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 570.910097][ T30] audit: type=1326 audit(1758802878.783:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20905 comm="syz.0.7134" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 570.961654][ T30] audit: type=1326 audit(1758802878.803:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20905 comm="syz.0.7134" exe="/root/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 571.052705][ T30] audit: type=1326 audit(1758802878.803:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20905 comm="syz.0.7134" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 571.095902][ T30] audit: type=1326 audit(1758802878.803:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20905 comm="syz.0.7134" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01539 code=0x7ffc0000 [ 571.577477][T20952] netlink: 132 bytes leftover after parsing attributes in process `syz.1.7157'. [ 571.631836][T20957] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 571.698421][T20961] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 572.032348][T20985] vlan1: entered promiscuous mode [ 572.050079][T20985] vlan1: entered allmulticast mode [ 572.062792][T20985] veth0_vlan: entered allmulticast mode [ 572.163712][T20990] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7177'. [ 572.712741][ T9] usb 2-1: new high-speed USB device number 118 using dummy_hcd [ 572.881912][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 572.914145][ T9] usb 2-1: config 142 has an invalid interface number: 255 but max is 1 [ 572.923556][ T9] usb 2-1: config 142 has an invalid interface number: 180 but max is 1 [ 572.938021][ T9] usb 2-1: config 142 has no interface number 0 [ 572.952131][ T9] usb 2-1: config 142 has no interface number 1 [ 572.966530][ T9] usb 2-1: config 142 interface 255 has no altsetting 0 [ 572.982697][ T9] usb 2-1: config 142 interface 180 has no altsetting 0 [ 573.023470][ T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0062, bcdDevice=5a.e2 [ 573.062714][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 573.070855][ T9] usb 2-1: Product: syz [ 573.103553][ T9] usb 2-1: Manufacturer: syz [ 573.112892][ T9] usb 2-1: SerialNumber: syz [ 573.373607][ T9] dvb-usb: found a 'Terratec Cinergy T Express' in cold state, will try to load a firmware [ 573.414434][ T9] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 573.453118][ T9] dib0700: firmware download failed at 7 with -22 [ 573.482714][ T9] dvb-usb: found a 'Terratec Cinergy T Express' in cold state, will try to load a firmware [ 573.514565][ T9] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 573.543157][ T9] dib0700: firmware download failed at 7 with -22 [ 573.566939][ T9] usb 2-1: USB disconnect, device number 118 [ 573.631302][T21067] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7212'. [ 573.941697][T21078] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7219'. [ 574.272749][ T10] usb 5-1: new high-speed USB device number 122 using dummy_hcd [ 574.452734][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 574.464687][ T10] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 574.476374][ T10] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 574.504844][ T10] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 574.514238][ T10] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 574.531318][ T10] usb 5-1: Product: syz [ 574.538359][ T10] usb 5-1: Manufacturer: syz [ 574.556814][ T10] hub 5-1:4.0: USB hub found [ 574.675430][T21126] netlink: 'syz.3.7242': attribute type 3 has an invalid length. [ 574.691964][T21129] netlink: 17 bytes leftover after parsing attributes in process `syz.1.7245'. [ 574.728636][T21129] netlink: zone id is out of range [ 574.744443][T21129] netlink: zone id is out of range [ 574.758976][ T10] hub 5-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 574.774877][T21129] netlink: zone id is out of range [ 574.786896][T21129] netlink: zone id is out of range [ 574.802224][T21129] netlink: zone id is out of range [ 574.817214][T21129] netlink: zone id is out of range [ 574.822330][T21129] netlink: zone id is out of range [ 574.834875][T21129] netlink: zone id is out of range [ 574.840044][T21129] netlink: zone id is out of range [ 575.015176][T21143] bridge0: port 1(bridge_slave_0) entered disabled state [ 575.092964][ T10] usb 5-1: USB disconnect, device number 122 [ 575.381083][T21169] vlan0: entered promiscuous mode [ 575.772388][T21196] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7278'. [ 576.262845][ T24] usb 5-1: new high-speed USB device number 123 using dummy_hcd [ 576.446634][ T24] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 576.458600][ T24] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 576.487964][ T24] usb 5-1: config 220 descriptor has 1 excess byte, ignoring [ 576.507720][ T24] usb 5-1: config 220 has no interface number 2 [ 576.532755][ T24] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 576.554479][ T24] usb 5-1: config 220 interface 0 has no altsetting 0 [ 576.568511][ T24] usb 5-1: config 220 interface 76 has no altsetting 0 [ 576.575686][ T24] usb 5-1: config 220 interface 1 has no altsetting 0 [ 576.587891][ T24] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 576.602885][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 576.642680][ T24] usb 5-1: Product: syz [ 576.647254][ T24] usb 5-1: Manufacturer: syz [ 576.652282][ T24] usb 5-1: SerialNumber: syz [ 576.885509][ T24] usb 5-1: selecting invalid altsetting 0 [ 576.900092][ T24] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 576.922020][ T24] usb 5-1: No valid video chain found. [ 576.960025][ T24] usb 5-1: selecting invalid altsetting 0 [ 576.978288][ T24] usbtest 5-1:220.1: probe with driver usbtest failed with error -22 [ 577.005660][ T24] usb 5-1: USB disconnect, device number 123 [ 577.215679][T21281] 8021q: adding VLAN 0 to HW filter on device bond2 [ 577.662757][ T24] usb 1-1: new high-speed USB device number 125 using dummy_hcd [ 577.822262][ T24] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 577.848044][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 577.871663][ T24] usb 1-1: Product: syz [ 577.892700][ T24] usb 1-1: Manufacturer: syz [ 577.900169][ T24] usb 1-1: SerialNumber: syz [ 577.931624][ T24] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 577.951757][T21327] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 577.953388][ T980] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 578.199941][T21341] QAT: Stopping all acceleration devices. [ 578.209943][ C1] usb 1-1: ath: unknown panic pattern! [ 578.222821][ T5948] usb 2-1: new high-speed USB device number 119 using dummy_hcd [ 578.372727][ T5948] usb 2-1: Using ep0 maxpacket: 8 [ 578.380712][ T24] usb 4-1: new high-speed USB device number 117 using dummy_hcd [ 578.409057][ T5948] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 578.411467][ T9] usb 1-1: USB disconnect, device number 125 [ 578.429798][ T5948] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 578.452480][ T5948] usb 2-1: Product: syz [ 578.460560][ T5948] usb 2-1: Manufacturer: syz [ 578.473220][ T5948] usb 2-1: SerialNumber: syz [ 578.493605][ T5948] usb 2-1: config 0 descriptor?? [ 578.512403][ T5948] gspca_main: sq905-2.14.0 probing 2770:9120 [ 578.558662][ T24] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 578.573059][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 578.592692][ T24] usb 4-1: Product: syz [ 578.603019][ T24] usb 4-1: Manufacturer: syz [ 578.612902][ T24] usb 4-1: SerialNumber: syz [ 578.930447][ T5948] gspca_sq905: sq905_command: usb_control_msg failed 2 (-71) [ 578.960834][ T5948] sq905 2-1:0.0: probe with driver sq905 failed with error -71 [ 578.978407][ T5948] usb 2-1: USB disconnect, device number 119 [ 579.005092][T21383] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7370'. [ 579.025133][ T980] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 579.032192][ T980] ath9k_htc: Failed to initialize the device [ 579.069870][ T9] usb 1-1: ath9k_htc: USB layer deinitialized [ 579.082035][ T24] net_ratelimit: 16 callbacks suppressed [ 579.082057][ T24] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 579.120271][ T24] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 579.151466][ T24] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 579.171196][ T24] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71 [ 579.202397][ T24] usb 4-1: USB disconnect, device number 117 [ 579.561650][T21409] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7383'. [ 580.002924][T21433] netlink: 188 bytes leftover after parsing attributes in process `syz.3.7395'. [ 580.453048][ T10] usb 5-1: new high-speed USB device number 124 using dummy_hcd [ 580.570661][T21469] netlink: 'syz.2.7413': attribute type 3 has an invalid length. [ 580.582588][T21469] netlink: 132 bytes leftover after parsing attributes in process `syz.2.7413'. [ 580.612718][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 580.629676][ T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 580.665338][ T10] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 580.675570][T21472] _Z`Ԁ@: entered promiscuous mode [ 580.684811][ T10] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 580.702530][ T10] usb 5-1: Product: syz [ 580.710957][ T10] usb 5-1: Manufacturer: syz [ 580.722695][ T10] usb 5-1: SerialNumber: syz [ 580.855775][T21484] tc_dump_action: action bad kind [ 580.935686][T21490] netlink: 'syz.2.7423': attribute type 2 has an invalid length. [ 580.948925][ T10] usb 5-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 580.962677][ T10] usb 5-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 580.971121][ T10] usb 5-1: Handspring Visor / Palm OS: Number of ports: 2 [ 581.032762][ T30] audit: type=1326 audit(1758802888.973:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21493 comm="syz.1.7425" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 581.054748][ C1] vkms_vblank_simulate: vblank timer overrun [ 581.092697][ T30] audit: type=1326 audit(1758802888.973:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21493 comm="syz.1.7425" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 581.130135][ T30] audit: type=1326 audit(1758802889.013:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21493 comm="syz.1.7425" exe="/root/syz-executor" sig=0 arch=40000003 syscall=51 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 581.159811][ T10] usb 5-1: palm_os_3_probe - error -71 getting bytes available request [ 581.162964][ T30] audit: type=1326 audit(1758802889.013:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21493 comm="syz.1.7425" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 581.173490][ T10] visor 5-1:1.0: Handspring Visor / Palm OS converter detected [ 581.190028][ C1] vkms_vblank_simulate: vblank timer overrun [ 581.199479][ T30] audit: type=1326 audit(1758802889.013:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21493 comm="syz.1.7425" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 581.289214][ T10] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 581.339487][ T10] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 581.371453][ T10] usb 5-1: USB disconnect, device number 124 [ 581.399913][ T10] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 581.449522][ T10] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 581.494329][ T10] visor 5-1:1.0: device disconnected [ 581.744616][T21529] dlm: plock device version mismatch: kernel (1.2.0), user (2.0.4294901762) [ 581.761581][T21531] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 581.934472][T21539] netlink: 'syz.1.7446': attribute type 8 has an invalid length. [ 582.543977][ T24] usb 1-1: new full-speed USB device number 126 using dummy_hcd [ 582.572939][ T980] usb 4-1: new full-speed USB device number 118 using dummy_hcd [ 582.711171][ T24] usb 1-1: unable to get BOS descriptor or descriptor too short [ 582.720232][ T24] usb 1-1: not running at top speed; connect to a high speed hub [ 582.736270][ T980] usb 4-1: config 0 has an invalid interface number: 142 but max is 0 [ 582.748298][ T980] usb 4-1: config 0 has no interface number 0 [ 582.758422][ T980] usb 4-1: too many endpoints for config 0 interface 142 altsetting 187: 79, using maximum allowed: 30 [ 582.770957][ T24] usb 1-1: config 3 has an invalid interface number: 153 but max is 0 [ 582.799064][ T980] usb 4-1: config 0 interface 142 altsetting 187 has 0 endpoint descriptors, different from the interface descriptor's value: 79 [ 582.812826][ T24] usb 1-1: config 3 has no interface number 0 [ 582.818924][ T24] usb 1-1: config 3 interface 153 altsetting 128 endpoint 0x5 has invalid maxpacket 1024, setting to 64 [ 582.839072][ T980] usb 4-1: config 0 interface 142 has no altsetting 0 [ 582.846647][ T24] usb 1-1: config 3 interface 153 has no altsetting 0 [ 582.857851][ T980] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 582.860850][T21603] sctp: [Deprecated]: syz.2.7479 (pid 21603) Use of struct sctp_assoc_value in delayed_ack socket option. [ 582.860850][T21603] Use struct sctp_sack_info instead [ 582.868344][ T980] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 582.919227][ T980] usb 4-1: config 0 descriptor?? [ 582.927173][T21606] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7481'. [ 582.943155][ T24] usb 1-1: New USB device found, idVendor=0711, idProduct=0920, bcdDevice=d5.b6 [ 582.952191][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 582.969433][ T980] ums-realtek 4-1:0.142: USB Mass Storage device detected [ 582.977483][ T24] usb 1-1: Product: syz [ 582.982970][ T24] usb 1-1: Manufacturer: syz [ 582.987595][ T24] usb 1-1: SerialNumber: syz [ 583.004032][T21569] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 583.205507][ T10] usb 4-1: USB disconnect, device number 118 [ 583.261155][ T24] sisusb 1-1:3.153: Invalid USB2VGA device [ 583.278141][T21625] delete_channel: no stack [ 583.292677][ T24] sisusb 1-1:3.153: probe with driver sisusb failed with error -22 [ 583.322230][ T24] usb 1-1: USB disconnect, device number 126 [ 583.454877][T21634] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7493'. [ 583.669307][T21649] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7501'. [ 583.689461][T21649] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7501'. [ 583.700905][T21649] netlink: 288 bytes leftover after parsing attributes in process `syz.2.7501'. [ 583.717172][T21649] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7501'. [ 584.534640][T21709] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7531'. [ 584.561367][T21712] netlink: 'syz.1.7532': attribute type 11 has an invalid length. [ 584.730235][T21721] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.7537'. [ 584.837047][T21729] netlink: 'syz.3.7540': attribute type 10 has an invalid length. [ 584.848473][T21729] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7540'. [ 584.886453][T21729] batadv0: entered promiscuous mode [ 584.911215][ T30] audit: type=1326 audit(1758802892.853:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21731 comm="syz.1.7541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 584.912641][T21729] batadv0: entered allmulticast mode [ 584.933219][ C1] vkms_vblank_simulate: vblank timer overrun [ 584.977701][T21729] bridge0: port 3(batadv0) entered blocking state [ 584.991233][ T30] audit: type=1326 audit(1758802892.893:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21731 comm="syz.1.7541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 584.994580][T21737] netlink: 'syz.0.7544': attribute type 1 has an invalid length. [ 585.035568][T21729] bridge0: port 3(batadv0) entered disabled state [ 585.038404][ T30] audit: type=1326 audit(1758802892.893:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21731 comm="syz.1.7541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=402 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 585.066724][T21729] bridge0: port 3(batadv0) entered blocking state [ 585.073308][T21729] bridge0: port 3(batadv0) entered forwarding state [ 585.080348][ T30] audit: type=1326 audit(1758802892.893:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21731 comm="syz.1.7541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 585.102425][ C1] vkms_vblank_simulate: vblank timer overrun [ 585.121186][ T30] audit: type=1326 audit(1758802892.893:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21731 comm="syz.1.7541" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 585.168109][ T13] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 585.177979][ T13] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 585.972323][T21787] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7567'. [ 586.168413][ C0] ================================================================== [ 586.176510][ C0] BUG: KASAN: slab-use-after-free in __xfrm_state_delete+0x696/0xca0 [ 586.184583][ C0] Write of size 8 at addr ffff88805290ddf0 by task syz-executor/5875 [ 586.192643][ C0] [ 586.194968][ C0] CPU: 0 UID: 0 PID: 5875 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 586.194998][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 586.195011][ C0] Call Trace: [ 586.195020][ C0] [ 586.195029][ C0] dump_stack_lvl+0x189/0x250 [ 586.195056][ C0] ? __virt_addr_valid+0x1c8/0x5c0 [ 586.195081][ C0] ? rcu_is_watching+0x15/0xb0 [ 586.195100][ C0] ? __kasan_check_byte+0x12/0x40 [ 586.195127][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 586.195148][ C0] ? rcu_is_watching+0x15/0xb0 [ 586.195166][ C0] ? lock_release+0x4b/0x3e0 [ 586.195196][ C0] ? __virt_addr_valid+0x1c8/0x5c0 [ 586.195219][ C0] ? __virt_addr_valid+0x4a5/0x5c0 [ 586.195243][ C0] print_report+0xca/0x240 [ 586.195262][ C0] ? __xfrm_state_delete+0x696/0xca0 [ 586.195283][ C0] kasan_report+0x118/0x150 [ 586.195310][ C0] ? __xfrm_state_delete+0x696/0xca0 [ 586.195335][ C0] __xfrm_state_delete+0x696/0xca0 [ 586.195361][ C0] xfrm_timer_handler+0x18f/0xa00 [ 586.195387][ C0] ? __pfx_xfrm_timer_handler+0x10/0x10 [ 586.195407][ C0] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 586.195437][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 586.195458][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 586.195487][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 586.195518][ C0] ? __pfx_xfrm_timer_handler+0x10/0x10 [ 586.195539][ C0] ? __pfx_xfrm_timer_handler+0x10/0x10 [ 586.195560][ C0] __hrtimer_run_queues+0x529/0xc60 [ 586.195587][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 586.195605][ C0] ? read_tsc+0x9/0x20 [ 586.195632][ C0] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 586.195654][ C0] hrtimer_run_softirq+0x187/0x2b0 [ 586.195676][ C0] handle_softirqs+0x283/0x870 [ 586.195697][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 586.195717][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 586.195738][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 586.195764][ C0] __irq_exit_rcu+0xca/0x1f0 [ 586.195782][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 586.195804][ C0] irq_exit_rcu+0x9/0x30 [ 586.195822][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 586.195840][ C0] [ 586.195848][ C0] [ 586.195856][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 586.195877][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 [ 586.195902][ C0] Code: 8b 3d 64 87 fe 0b 48 89 de 5b e9 13 ac 58 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 08 e0 a0 92 65 8b 15 88 32 e1 10 81 e2 00 01 ff 00 [ 586.195920][ C0] RSP: 0018:ffffc900040cf360 EFLAGS: 00000202 [ 586.195938][ C0] RAX: ffffffff820c2a16 RBX: ffffea000172e540 RCX: 0000000000000000 [ 586.195953][ C0] RDX: ffff8880337c3c00 RSI: 0000000000000001 RDI: 0000000000000001 [ 586.195966][ C0] RBP: 0000000000000001 R08: ffffea000172e577 R09: 1ffffd40002e5cae [ 586.195985][ C0] R10: dffffc0000000000 R11: fffff940002e5caf R12: 0000000000012a4e [ 586.196000][ C0] R13: dffffc0000000000 R14: ffffea000172e540 R15: 000000000005cb95 [ 586.196018][ C0] ? __folio_rmap_sanity_checks+0xc6/0x490 [ 586.196049][ C0] __folio_rmap_sanity_checks+0xc6/0x490 [ 586.196079][ C0] copy_pmd_range+0xa9e/0x71d0 [ 586.196116][ C0] ? stack_depot_save_flags+0x40/0x860 [ 586.196148][ C0] ? __pfx_copy_pmd_range+0x10/0x10 [ 586.196185][ C0] copy_page_range+0xc14/0x1270 [ 586.196204][ C0] ? __lock_acquire+0xab9/0xd20 [ 586.196241][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 586.196264][ C0] ? up_write+0x1c4/0x420 [ 586.196284][ C0] ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10 [ 586.196307][ C0] dup_mmap+0xf57/0x1ac0 [ 586.196340][ C0] ? __pfx_dup_mmap+0x10/0x10 [ 586.196370][ C0] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 586.196391][ C0] ? mm_init+0xcc3/0xef0 [ 586.196413][ C0] copy_mm+0x13c/0x4b0 [ 586.196434][ C0] copy_process+0x1706/0x3c00 [ 586.196461][ C0] ? copy_process+0x97f/0x3c00 [ 586.196484][ C0] ? __pfx_copy_process+0x10/0x10 [ 586.196509][ C0] kernel_clone+0x21e/0x840 [ 586.196531][ C0] ? css_rstat_updated+0x23a/0x4f0 [ 586.196551][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 586.196581][ C0] __ia32_compat_sys_ia32_clone+0x189/0x1e0 [ 586.196612][ C0] ? count_memcg_event_mm+0x21/0x260 [ 586.196636][ C0] ? __pfx___ia32_compat_sys_ia32_clone+0x10/0x10 [ 586.196666][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 586.196687][ C0] __do_fast_syscall_32+0xb6/0x2b0 [ 586.196709][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 586.196730][ C0] do_fast_syscall_32+0x34/0x80 [ 586.196751][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 586.196774][ C0] RIP: 0023:0xf708e539 [ 586.196790][ C0] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 586.196807][ C0] RSP: 002b:00000000f757fcbc EFLAGS: 00000206 ORIG_RAX: 0000000000000078 [ 586.196827][ C0] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000 [ 586.196841][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000056e6f4a8 [ 586.196854][ C0] RBP: 00000000f7425ff4 R08: 0000000000000000 R09: 0000000000000000 [ 586.196867][ C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 586.196879][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 586.196898][ C0] [ 586.196905][ C0] [ 586.709219][ C0] Allocated by task 19719: [ 586.713613][ C0] kasan_save_track+0x3e/0x80 [ 586.718280][ C0] __kasan_slab_alloc+0x6c/0x80 [ 586.723118][ C0] kmem_cache_alloc_noprof+0x1c1/0x3c0 [ 586.728565][ C0] xfrm_state_alloc+0x24/0x2f0 [ 586.733315][ C0] __find_acq_core+0x8a7/0x1c00 [ 586.738150][ C0] xfrm_find_acq+0x78/0xa0 [ 586.742550][ C0] xfrm_alloc_userspi+0x6b3/0xc90 [ 586.747561][ C0] xfrm_user_rcv_msg+0x7a0/0xab0 [ 586.752483][ C0] netlink_rcv_skb+0x205/0x470 [ 586.757226][ C0] xfrm_netlink_rcv+0x79/0x90 [ 586.761890][ C0] netlink_unicast+0x82c/0x9e0 [ 586.766647][ C0] netlink_sendmsg+0x805/0xb30 [ 586.771392][ C0] __sock_sendmsg+0x21c/0x270 [ 586.776055][ C0] ____sys_sendmsg+0x505/0x830 [ 586.780803][ C0] ___sys_sendmsg+0x21f/0x2a0 [ 586.785464][ C0] __sys_sendmsg+0x164/0x220 [ 586.790041][ C0] __do_fast_syscall_32+0xb6/0x2b0 [ 586.795143][ C0] do_fast_syscall_32+0x34/0x80 [ 586.799980][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 586.806291][ C0] [ 586.808598][ C0] Freed by task 10: [ 586.812382][ C0] kasan_save_track+0x3e/0x80 [ 586.817044][ C0] kasan_save_free_info+0x46/0x50 [ 586.822048][ C0] __kasan_slab_free+0x5b/0x80 [ 586.826796][ C0] kmem_cache_free+0x18f/0x400 [ 586.831547][ C0] xfrm_state_gc_task+0x52d/0x6b0 [ 586.836564][ C0] process_scheduled_works+0xae1/0x17b0 [ 586.842088][ C0] worker_thread+0x8a0/0xda0 [ 586.846657][ C0] kthread+0x70e/0x8a0 [ 586.850710][ C0] ret_from_fork+0x439/0x7d0 [ 586.855288][ C0] ret_from_fork_asm+0x1a/0x30 [ 586.860037][ C0] [ 586.862341][ C0] The buggy address belongs to the object at ffff88805290ddc0 [ 586.862341][ C0] which belongs to the cache xfrm_state of size 928 [ 586.876287][ C0] The buggy address is located 48 bytes inside of [ 586.876287][ C0] freed 928-byte region [ffff88805290ddc0, ffff88805290e160) [ 586.889976][ C0] [ 586.892283][ C0] The buggy address belongs to the physical page: [ 586.898682][ C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805290eec0 pfn:0x5290c [ 586.908731][ C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 586.917208][ C0] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 586.924731][ C0] page_type: f5(slab) [ 586.928703][ C0] raw: 00fff00000000040 ffff888142ad58c0 dead000000000122 0000000000000000 [ 586.937266][ C0] raw: ffff88805290eec0 00000000800f0007 00000000f5000000 0000000000000000 [ 586.945830][ C0] head: 00fff00000000040 ffff888142ad58c0 dead000000000122 0000000000000000 [ 586.954482][ C0] head: ffff88805290eec0 00000000800f0007 00000000f5000000 0000000000000000 [ 586.963134][ C0] head: 00fff00000000002 ffffea00014a4301 00000000ffffffff 00000000ffffffff [ 586.971783][ C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 586.980431][ C0] page dumped because: kasan: bad access detected [ 586.986821][ C0] page_owner tracks the page as allocated [ 586.992513][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 15202, tgid 15201 (syz.4.4380), ts 471038029828, free_ts 309721252660 [ 587.011944][ C0] post_alloc_hook+0x240/0x2a0 [ 587.016713][ C0] get_page_from_freelist+0x21e4/0x22c0 [ 587.022254][ C0] __alloc_frozen_pages_noprof+0x181/0x370 [ 587.028042][ C0] alloc_pages_mpol+0x232/0x4a0 [ 587.032885][ C0] allocate_slab+0x8a/0x370 [ 587.037371][ C0] ___slab_alloc+0xbeb/0x1420 [ 587.042036][ C0] kmem_cache_alloc_noprof+0x283/0x3c0 [ 587.047482][ C0] xfrm_state_alloc+0x24/0x2f0 [ 587.052231][ C0] pfkey_add+0x6e4/0x2e00 [ 587.056547][ C0] pfkey_sendmsg+0xbfb/0x1090 [ 587.061207][ C0] __sock_sendmsg+0x21c/0x270 [ 587.065871][ C0] ____sys_sendmsg+0x505/0x830 [ 587.070620][ C0] ___sys_sendmsg+0x21f/0x2a0 [ 587.075280][ C0] __sys_sendmsg+0x164/0x220 [ 587.079850][ C0] __do_fast_syscall_32+0xb6/0x2b0 [ 587.084945][ C0] do_fast_syscall_32+0x34/0x80 [ 587.089786][ C0] page last free pid 5858 tgid 5858 stack trace: [ 587.096091][ C0] __free_frozen_pages+0xbc4/0xd30 [ 587.101200][ C0] pcpu_depopulate_chunk+0x45f/0x500 [ 587.106475][ C0] pcpu_balance_workfn+0x350/0xe00 [ 587.111567][ C0] process_scheduled_works+0xae1/0x17b0 [ 587.117092][ C0] worker_thread+0x8a0/0xda0 [ 587.121662][ C0] kthread+0x70e/0x8a0 [ 587.125713][ C0] ret_from_fork+0x439/0x7d0 [ 587.130284][ C0] ret_from_fork_asm+0x1a/0x30 [ 587.135032][ C0] [ 587.137334][ C0] Memory state around the buggy address: [ 587.142944][ C0] ffff88805290dc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 587.150982][ C0] ffff88805290dd00: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 587.159019][ C0] >ffff88805290dd80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 587.167056][ C0] ^ [ 587.174747][ C0] ffff88805290de00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 587.182786][ C0] ffff88805290de80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 587.190822][ C0] ================================================================== [ 587.199060][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 587.206248][ C0] CPU: 0 UID: 0 PID: 5875 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 587.215689][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 587.225725][ C0] Call Trace: [ 587.228990][ C0] [ 587.231817][ C0] dump_stack_lvl+0x99/0x250 [ 587.236397][ C0] ? __asan_memcpy+0x40/0x70 [ 587.240975][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 587.246159][ C0] ? __pfx__printk+0x10/0x10 [ 587.250740][ C0] vpanic+0x281/0x750 [ 587.254705][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 587.259883][ C0] ? __pfx_vpanic+0x10/0x10 [ 587.264380][ C0] ? irqentry_exit+0x74/0x90 [ 587.268955][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 587.274134][ C0] panic+0xb9/0xc0 [ 587.277840][ C0] ? __pfx_panic+0x10/0x10 [ 587.282241][ C0] ? _raw_spin_unlock_irqrestore+0xa8/0x110 [ 587.288123][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 587.294439][ C0] ? __xfrm_state_delete+0x696/0xca0 [ 587.299708][ C0] check_panic_on_warn+0x89/0xb0 [ 587.304631][ C0] ? __xfrm_state_delete+0x696/0xca0 [ 587.309899][ C0] end_report+0x78/0x160 [ 587.314135][ C0] kasan_report+0x129/0x150 [ 587.318626][ C0] ? __xfrm_state_delete+0x696/0xca0 [ 587.323897][ C0] __xfrm_state_delete+0x696/0xca0 [ 587.328996][ C0] xfrm_timer_handler+0x18f/0xa00 [ 587.334005][ C0] ? __pfx_xfrm_timer_handler+0x10/0x10 [ 587.339534][ C0] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 587.345415][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 587.350614][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 587.356495][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 587.362810][ C0] ? __pfx_xfrm_timer_handler+0x10/0x10 [ 587.368337][ C0] ? __pfx_xfrm_timer_handler+0x10/0x10 [ 587.373862][ C0] __hrtimer_run_queues+0x529/0xc60 [ 587.379053][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 587.384752][ C0] ? read_tsc+0x9/0x20 [ 587.388809][ C0] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 587.394597][ C0] hrtimer_run_softirq+0x187/0x2b0 [ 587.399693][ C0] handle_softirqs+0x283/0x870 [ 587.404439][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 587.409184][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 587.414449][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 587.419641][ C0] __irq_exit_rcu+0xca/0x1f0 [ 587.424213][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 587.429400][ C0] irq_exit_rcu+0x9/0x30 [ 587.433624][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 587.439239][ C0] [ 587.442152][ C0] [ 587.445064][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 587.451027][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 [ 587.457082][ C0] Code: 8b 3d 64 87 fe 0b 48 89 de 5b e9 13 ac 58 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 08 e0 a0 92 65 8b 15 88 32 e1 10 81 e2 00 01 ff 00 [ 587.476672][ C0] RSP: 0018:ffffc900040cf360 EFLAGS: 00000202 [ 587.482721][ C0] RAX: ffffffff820c2a16 RBX: ffffea000172e540 RCX: 0000000000000000 [ 587.490677][ C0] RDX: ffff8880337c3c00 RSI: 0000000000000001 RDI: 0000000000000001 [ 587.498628][ C0] RBP: 0000000000000001 R08: ffffea000172e577 R09: 1ffffd40002e5cae [ 587.506583][ C0] R10: dffffc0000000000 R11: fffff940002e5caf R12: 0000000000012a4e [ 587.514542][ C0] R13: dffffc0000000000 R14: ffffea000172e540 R15: 000000000005cb95 [ 587.522500][ C0] ? __folio_rmap_sanity_checks+0xc6/0x490 [ 587.528304][ C0] __folio_rmap_sanity_checks+0xc6/0x490 [ 587.533926][ C0] copy_pmd_range+0xa9e/0x71d0 [ 587.538683][ C0] ? stack_depot_save_flags+0x40/0x860 [ 587.544134][ C0] ? __pfx_copy_pmd_range+0x10/0x10 [ 587.549325][ C0] copy_page_range+0xc14/0x1270 [ 587.554158][ C0] ? __lock_acquire+0xab9/0xd20 [ 587.559001][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 587.564268][ C0] ? up_write+0x1c4/0x420 [ 587.568580][ C0] ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10 [ 587.575322][ C0] dup_mmap+0xf57/0x1ac0 [ 587.579558][ C0] ? __pfx_dup_mmap+0x10/0x10 [ 587.584222][ C0] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 587.590097][ C0] ? mm_init+0xcc3/0xef0 [ 587.594324][ C0] copy_mm+0x13c/0x4b0 [ 587.598379][ C0] copy_process+0x1706/0x3c00 [ 587.603046][ C0] ? copy_process+0x97f/0x3c00 [ 587.607796][ C0] ? __pfx_copy_process+0x10/0x10 [ 587.612807][ C0] kernel_clone+0x21e/0x840 [ 587.617293][ C0] ? css_rstat_updated+0x23a/0x4f0 [ 587.622384][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 587.627398][ C0] __ia32_compat_sys_ia32_clone+0x189/0x1e0 [ 587.633275][ C0] ? count_memcg_event_mm+0x21/0x260 [ 587.638545][ C0] ? __pfx___ia32_compat_sys_ia32_clone+0x10/0x10 [ 587.644946][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 587.650126][ C0] __do_fast_syscall_32+0xb6/0x2b0 [ 587.655221][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 587.660402][ C0] do_fast_syscall_32+0x34/0x80 [ 587.665234][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 587.671545][ C0] RIP: 0023:0xf708e539 [ 587.675593][ C0] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 587.695180][ C0] RSP: 002b:00000000f757fcbc EFLAGS: 00000206 ORIG_RAX: 0000000000000078 [ 587.703579][ C0] RAX: ffffffffffffffda RBX: 0000000001200011 RCX: 0000000000000000 [ 587.711535][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000056e6f4a8 [ 587.719485][ C0] RBP: 00000000f7425ff4 R08: 0000000000000000 R09: 0000000000000000 [ 587.727435][ C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 587.735385][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 587.743340][ C0] [ 587.746622][ C0] Kernel Offset: disabled [ 587.750923][ C0] Rebooting in 86400 seconds..