last executing test programs: 1m5.818588545s ago: executing program 2 (id=2522): ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000300)={0x57, 0x0, 0x8, {0x0, 0x1}, {0x74, 0x2}, @rumble={0x1, 0x8}}) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0xfffffffffffffffc, 0x822b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0xff0f) 1m5.250375088s ago: executing program 2 (id=2528): socket$tipc(0x1e, 0x5, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000965000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff6000/0xa000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00008f7000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0}, 0x68) r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xcaa1, 0xc000, 0x6, 0xbe}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1m4.828754774s ago: executing program 2 (id=2532): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000500)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0) getpid() bpf$PROG_LOAD(0x5, 0x0, 0x0) io_setup(0x6, &(0x7f0000000680)) io_setup(0x10000, &(0x7f00000014c0)) 58.430126084s ago: executing program 3 (id=2575): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 58.150201529s ago: executing program 3 (id=2576): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10001, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000440)={'bridge0\x00'}) modify_ldt$write2(0x11, 0x0, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$RTC_UIE_ON(r2, 0x7003) ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000100)={0x2b, 0x22, 0x0, 0x2, 0x8, 0xa9, 0x5, 0x2, 0x1}) fsopen(&(0x7f0000000280)='ntfs3\x00', 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0xba01, 0x0, 0x44004}, 0x810) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) 55.702363456s ago: executing program 3 (id=2595): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x98, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_TUPLE_MASTER={0x4}]}, 0x98}, 0x1, 0x0, 0x0, 0x10000000}, 0x0) 55.539964673s ago: executing program 0 (id=2596): bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000040000007b1af8ff"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 55.405437732s ago: executing program 3 (id=2598): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000340), 0x4) 55.274504421s ago: executing program 0 (id=2599): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=@allocspi={0x10c, 0x16, 0x1, 0x0, 0x0, {{{@in6=@rand_addr=' \x01\x00', @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x2, 0x4e24, 0x0, 0x0, 0x80, 0xa0}, {@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}, 0x0, 0x33}, @in=@empty, {0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffff1, 0x3}, {0x0, 0x0, 0x2, 0xfffffffffffffffe}, {0x0, 0x0, 0x796}, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xe55286f1921f74be}, 0x0, 0x1a0b1}, [@coaddr={0x14, 0xe, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, 0x10c}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 55.158898613s ago: executing program 3 (id=2601): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x28, r1, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'team0\x00'}}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000014}, 0x0) 54.977504932s ago: executing program 0 (id=2603): r0 = socket(0x200000000000011, 0x2, 0x3c644) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @multicast}, 0x23) socket$nl_generic(0x11, 0x3, 0x10) syz_emit_ethernet(0x6e, 0x0, 0x0) 54.759948379s ago: executing program 3 (id=2605): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10001, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000440)={'bridge0\x00'}) modify_ldt$write2(0x11, 0x0, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$RTC_UIE_ON(r2, 0x7003) ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000100)={0x2b, 0x22, 0x0, 0x2, 0x8, 0xa9, 0x5, 0x2, 0x1}) fsopen(&(0x7f0000000280)='ntfs3\x00', 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0xba01, 0x0, 0x44004}, 0x810) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) 54.618213977s ago: executing program 0 (id=2607): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41100, 0x2}, 0x94) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_pidfd_open(r0, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xc040ff0b, &(0x7f00000000c0)) 54.216342684s ago: executing program 0 (id=2610): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="34000000130001002cbd70000000000007000000", @ANYRES32=r1, @ANYBLOB="008400000000040014001a80100004800c00058008000180"], 0x34}, 0x1, 0x0, 0x0, 0x60}, 0x24004810) 53.809131841s ago: executing program 0 (id=2612): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000016500)=[{{&(0x7f0000014f40)=@qipcrtr, 0x0, &(0x7f0000016200), 0x0, &(0x7f0000016240)=""/33}, 0xaabd}, {{&(0x7f0000016280)=@ethernet={0x0, @broadcast}, 0x0, &(0x7f00000163c0)=[{&(0x7f0000016300)=""/107}, {&(0x7f0000016380)=""/64}], 0x0, &(0x7f0000016400)=""/202, 0x34}, 0xdd1b}], 0x7ffffffffffffba, 0x2, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 53.392076304s ago: executing program 2 (id=2615): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TCFLSH(r0, 0x540b, 0x1) 53.098785618s ago: executing program 2 (id=2617): r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f9}) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 52.752127839s ago: executing program 2 (id=2621): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=[@wrmsr={0x65, 0x20, {0x40000000, 0x3}}, @wrmsr={0x65, 0x20, {0x40000001, 0x3f}}], 0x40}) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000)) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x7, 0x10000004000, 0x2, 0xfffd, 0x42, 0x400000000000004, 0x400, 0x410, 0x4, 0x8000000000000000, 0x1, 0xffffffffffff9867, 0x3, 0x1, 0x4], 0x0, 0x110900}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 52.751997245s ago: executing program 1 (id=2622): r0 = socket(0x10, 0x2, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4000000010003904000000000000000080040000", @ANYRES32=r1, @ANYBLOB="01980000000000002000128008000100736974001400028006000e000600000008000100", @ANYRES16=r1], 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r2, &(0x7f0000000600)="05d936277c6f54220002097844ffcf8bd1846f7f83477ca1b278e3e4018a34844b9d62", 0x23, 0x8c1, &(0x7f00000000c0)={0x11, 0x86dd, r1, 0x1, 0x4, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 52.15944955s ago: executing program 4 (id=2624): set_mempolicy(0x4005, &(0x7f0000000080)=0x4, 0x8) open(&(0x7f00000001c0)='./bus\x00', 0x143bc2, 0x1c0) setxattr$system_posix_acl(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000440)=ANY=[@ANYBLOB="020000"], 0xff3c, 0x1) 52.11006923s ago: executing program 1 (id=2625): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42792000) r2 = socket$inet(0x2, 0x1, 0x0) bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0) r3 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000a80)={0x0, &(0x7f0000000600)=[@nested_vmresume={0x130, 0x18, 0x1}, @nested_amd_invlpga={0x17d, 0x20, {0x26000, 0xe54c}}, @nested_load_code={0x12e, 0x5b, {0x2, "67f20f7ca302000000b9800000c00f3235008000000f30400f060f79f166b8a1008ee0f3cfc4417850f5b9800000c00f3235008000000f30450f01c566b873000f00d8"}}, @out_dx={0x6a, 0x28, {0x10c8, 0x2, 0x5f}}, @rdmsr={0x66, 0x18, {0x38f}}, @nested_load_syzos={0x136, 0xe0, {0x1, 0x8000, [@code={0xa, 0x78, {"66ba4200b0bfee410f01d1c74424001d000000c744240209000000ff2c24c744240009000000c744240204000000c7442406000000000f011424f30f0966440ff60500800000420f07c7442400b8000000c74424028ad6798eff1c24400f01c466460f38816a06"}}, @nested_amd_vmload={0x182, 0x18}, @in_dx={0x69, 0x20, {0xd6e5, 0x1}}, @nested_amd_stgi={0x17e, 0x10}]}}, @rdmsr={0x66, 0x18, {0xc0000bba}}, @wr_crn={0x67, 0x20, {0x0, 0x7}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x1, @control_area=0x26, 0x3, 0x7d, 0x80000001}}, @in_dx={0x69, 0x20, {0xb5f6, 0x2}}, @nested_amd_vmload={0x182, 0x18, 0x2}, @nested_amd_vmsave={0x183, 0x18}, @nested_amd_vmsave={0x183, 0x18, 0x1}, @cpuid={0x64, 0x18, {0x5, 0x6}}, @nested_amd_vmcb_write_mask={0x17c, 0x38, {0x0, @save_area=0x514, 0x0, 0x2, 0x6}}, @nested_amd_vmload={0x182, 0x18, 0x2}, @nested_vmlaunch={0x12f, 0x18, 0x3}, @nested_amd_stgi={0x17e, 0x10}, @set_irq_handler={0xc8, 0x20, {0x38, 0x1}}, @nested_amd_clgi={0x17f, 0x10}, @enable_nested={0x12c, 0x18}, @out_dx={0x6a, 0x28, {0xa6a3, 0x1, 0x5}}, @wr_drn={0x68, 0x20, {0x6, 0xbb}}, @nested_amd_inject_event={0x180, 0x38, {0x2, 0xa6, 0x6, 0x1, 0x3}}], 0x3e3}) ioctl$KVM_GET_MSRS_cpu(r3, 0xc008ae88, &(0x7f0000000ac0)={0x3, 0x0, [{0x245, 0x0, 0xf}, {0x81c, 0x0, 0xdc}, {0xdc7, 0x0, 0x7}]}) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4) shutdown(r2, 0x0) recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 51.864455771s ago: executing program 4 (id=2626): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x439, 0x70bd2c, 0x1000, {0x0, 0x0, 0x0, 0x0, 0x21803, 0x1143}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x2}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40418c0}, 0x4000020) 51.694324525s ago: executing program 1 (id=2627): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f00000001c0)=[{0x6, 0x84, 0x7, 0x7ffc0001}]}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x26, &(0x7f0000000000)={0x1}) 51.571205683s ago: executing program 4 (id=2628): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c000000070a010400000000000000000a0000030900010073797a3100000000090002"], 0x2c}, 0x1, 0x0, 0x0, 0x4040010}, 0x4004) 51.347795092s ago: executing program 1 (id=2629): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x4000) 51.300517353s ago: executing program 4 (id=2630): sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, 0x0}, 0x20040000) r0 = socket$kcm(0x2, 0x5, 0x84) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r3, 0x10) r4 = socket$kcm(0x2, 0x1, 0x84) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) close(r6) recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) setsockopt$sock_attach_bpf(r4, 0x84, 0x64, &(0x7f0000000000)=r7, 0x10) 50.990318431s ago: executing program 1 (id=2631): socket(0x2, 0x80805, 0x0) r0 = socket$inet6(0xa, 0x3, 0x5) sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000001580)=ANY=[@ANYBLOB="120000000000000029000000", @ANYRES64=r0], 0x108}}], 0x2, 0xc040) 50.990030942s ago: executing program 4 (id=2632): r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f9}) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 50.719852567s ago: executing program 1 (id=2633): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20008000) 50.702806758s ago: executing program 4 (id=2634): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) sendmmsg$sock(r1, &(0x7f0000009240)=[{{&(0x7f0000000100)=@can={0x1d, r2}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000000a40)="cb837fb444629bb36c884716ac577e03e3220bba6fb79a5d14681de4dbbf8a80e2a93d6afc561ff1e8121c4a6c99cf3e22d8d5ffd8714f0ce9463ec14a1a506aba14696b6c0fa0bb987b7a32b093138fded4f85b4474ca28ea8ae63aa0d003b5a05928cfa127f1a72f5da00513d82a58a96c60abd677788448fff47e50f02e9eeef749040a9135d73fc3dd0e410951d67d06f3a482399535e9638892e17fbe9037be2f417011e9741f360e4d1ad3ce9fae84bbbd8cfec85ab5c7ddf06bd9ab0f913a6d00a3b1a0561454ab2b0dbcf1eda9df597ad93f10f0fb67cafe53da3674aaacfe8853d2314dd841797ef752f754be209905baa0a7af294f1169482cd30ab7e16db1a9b0e7a5a2070aca5242a84c284c6ccadce5c0828c2b35a4ea56c6d35c8121f46121c5ef76c225ed3275a89fd8311a30baca7b5676489cffaa3b5c02bce0af1864bcf47c95352703e76d4a62c2e552eb091df37910a9d7245e884147c735ca564debdc456a663334869da920c38dc0186cec91709ccf02646d0e08e3efd5b245710c6967219055b78c274413510edb94d304df4b38eb77c6ad31c64d38ae5ccf0232b9ffe23f09847998714003772335cf1a953655909626e79f53809e95ce90e6da1d59f0978c26cfc9e499f15c5bc08325783995bfbcb11ce13aa8d5e3f52852699843c620aa4466eaa50e23ca1d3c3a282553ca5e6f0f930f87462f5988359c912b229d2b35c2c7586f8d41acecb5dceb5aeca0bc26d684f80b5f2087949675f7cfb0657516241c8b193dd777d332b8b838f6c0ce01a9fbe101e1c524bed9ec608d41f809d0fc25391f8f07afdfa29bb93598868013fcc0d40815e5419a974da4d05f0158c0847bdc8b256ad3ef3a0de749f0ae884b0ff4111e8bca00f7bc6e8bdd7a82b81a6efe3c4d2abcc4d58bb6c01952ae60529fd1dd92ff27bb7a47a473c078c6b21d285ac0c0a5223109a044cc5aa389c879aa547d4e12992b46c55cc1c2c494f696aafe12f8fdecfe40a5075e5f6559e416dc17fe68d3903b616652b8fcb8fd72cdfdba6db7b8afc9877761e89e82a74eb38cc4257adccd520c8d4e239d448ad8ab89e362ae36caea16143464ece0ea7b1ba09b726800c7aead8f667c416f404be7349275e5b53f79016dd585e8cb172f7469ff52ffc3ead5002705e9061038394cf8fcf236bf025e2a787a940fb69009721829f943d67175608952835ed79f914a653f69203161520b777d0e265c8a37fcaada42b0e8a68bc8515bd3d7bfb3d3767d849cb1f6bde431b286e9e153c31fb8c4aa5a3f090b6cdd3a48ab3dae87d6633a0c1b3f55e57aa6836597edd0229ed67cb09c0888daec87568c2112c50abdfd0047fd9e11a05943b3b1ee315e94965b03b807f6e7d29f44b1b270c580f6ae9ba3045c11b9e26ccf356a310335a375397b2f81baf0670b9889a91be881c2b0d22c2435657d54f188dca8e45af2d520ff932937e34dcb997afcef51bedc7876a2eb6a800c5a5d226f30b5dfb5d62efdfd0415cd1ebb9834a154d66ec9afebc273db54a561238e08123a4f2a3dd06fa749df08843865188a94c60aa5b6ade1c5cb3a71998685835d2a3d74ad6ffe94c567cf5d4ac941b8f6e9816e4dbe8bd2a05c1836f47f88607abd800993c9988db57d715f867e761b7bbe1e12132ad95d931cdefecaea47b9eb0e79f37d43c32f9ad2230e153125967f12f42836f7ee28e22252593cc1725bca26953ed612c04d56ccf111658968129716b13e8f69b417ae0559400632b2aca82bfb72cbc273e0484d6d80975b39755cb373a82aaacae7c19d933cef26dc2170acdd5604bf724a3b5b27aa7348fea99bb7e59d6aa8eee96ccbfea52134d04c0b3e825a4eb717c08e53b9e9d3549c95be89c1e8b197b349fcfbb871cd86ce841fac023c75f170fe9e4e3800cf822f759a96605eec6fc7a81b302d42b7ba03502f9fc92bf686a028fd6667acda9a4d3330ed91bab61db04a7cf9fa45430008bab963be065718d5bb470a5c6b35b7695d60a2c26a0fa402d1daae7a64954580d546f339b222cabbe3cfac45d741a05bbc1a7461fc5155e2547a00118d2f469277a2f68f024e938226248dfd940a2468fd231b82691696c594c3d4518dc25c464c444a9c9b20e32cd3cf73b0b480103d1f8ae273a6b07a4a4943835a89bfec40b41be0190b96fbcc69be3e4d2f447801c9a9c739fe68c9c92f473ba2254884e958ec4e68d3cfc93d84456f84059c09077090bdf1f220ceaec65c325716fb8c360965f3f3f3ece63b2882772a392cbdedda1da9551e25f6b321d0cb736d654dd721fe773f45b8df45e8a7af59642604859ccb2b8e1be9d2fe17cae8d1e8b934f770a360a271708d4bae47800fc863fe983c5b0d3a2dd00704982f225f02cd584671709bf1eda7e013a91bb9b6fe9dfb5e0b6a0dfddf69cfac80af0a1edf5dc624b9e757e90e6b50eaa7bc495e5c5670ff88602365dcc1da6523823dc3f1149284e3bba3251533ae247b12", 0x6fa}, {&(0x7f0000001a40)}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4040000) 0s ago: executing program 32 (id=2612): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000016500)=[{{&(0x7f0000014f40)=@qipcrtr, 0x0, &(0x7f0000016200), 0x0, &(0x7f0000016240)=""/33}, 0xaabd}, {{&(0x7f0000016280)=@ethernet={0x0, @broadcast}, 0x0, &(0x7f00000163c0)=[{&(0x7f0000016300)=""/107}, {&(0x7f0000016380)=""/64}], 0x0, &(0x7f0000016400)=""/202, 0x34}, 0xdd1b}], 0x7ffffffffffffba, 0x2, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) kernel console output (not intermixed with test programs): vated: batadv_slave_1 [ 80.557737][ T1053] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.567533][ T1053] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.612917][ T5941] netlink: 'syz.3.7': attribute type 13 has an invalid length. [ 80.638602][ T5941] netlink: 'syz.3.7': attribute type 17 has an invalid length. [ 80.655459][ T5939] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.664429][ T5939] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.722087][ T5939] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 80.743050][ T5939] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 80.800258][ T5946] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7'. [ 80.838378][ T1053] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.847353][ T1053] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.906947][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.915101][ T5941] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.925149][ T5941] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 80.963125][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.974576][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.988585][ T1053] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.010335][ T1053] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.073132][ T1053] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.087590][ T1053] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.147373][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.172781][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.262832][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.276877][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.308279][ T1053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.321335][ T1053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.403526][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.447035][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.630256][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.677367][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.719408][ T5961] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5'. [ 82.044042][ T5948] IPVS: starting estimator thread 0... [ 82.150970][ T5971] IPVS: using max 32 ests per chain, 76800 per kthread [ 82.395020][ T5977] netlink: 'syz.0.16': attribute type 10 has an invalid length. [ 82.450963][ T5838] Bluetooth: hci1: command tx timeout [ 82.532467][ T5845] Bluetooth: hci4: command tx timeout [ 82.532585][ T5851] Bluetooth: hci0: command tx timeout [ 82.538520][ T5850] Bluetooth: hci3: command tx timeout [ 82.550387][ T5838] Bluetooth: hci2: command tx timeout [ 82.557787][ T5977] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 82.627177][ T5976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 83.045952][ T5984] Zero length message leads to an empty skb [ 83.324263][ T5991] syz.3.24 uses obsolete (PF_INET,SOCK_PACKET) [ 83.819389][ T6001] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27'. [ 84.287593][ T5928] IPVS: starting estimator thread 0... [ 84.335344][ T6022] netlink: 7 bytes leftover after parsing attributes in process `syz.1.35'. [ 84.412065][ T6023] IPVS: using max 40 ests per chain, 96000 per kthread [ 84.448133][ T6025] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 85.140081][ T6041] xt_CT: You must specify a L4 protocol and not use inversions on it [ 86.173732][ T6073] vcan0: tx drop: invalid da for name 0x00000000000000fe [ 86.193100][ T6075] syzkaller0: entered promiscuous mode [ 86.198848][ T6075] syzkaller0: entered allmulticast mode [ 86.412524][ T6079] binder: BINDER_SET_CONTEXT_MGR already set [ 86.443270][ T6079] binder: 6076:6079 ioctl 4018620d 200000004a80 returned -16 [ 86.743519][ T5928] IPVS: starting estimator thread 0... [ 86.832375][ T46] cfg80211: failed to load regulatory.db [ 86.858349][ T6096] IPVS: using max 36 ests per chain, 86400 per kthread [ 87.065926][ T6108] netlink: 220 bytes leftover after parsing attributes in process `syz.3.71'. [ 87.101757][ T6108] netlink: 8 bytes leftover after parsing attributes in process `syz.3.71'. [ 87.301119][ T6105] netlink: 24 bytes leftover after parsing attributes in process `syz.2.70'. [ 87.358193][ T6105] netlink: 11 bytes leftover after parsing attributes in process `syz.2.70'. [ 87.540203][ T6126] binder: BINDER_SET_CONTEXT_MGR already set [ 87.557384][ T6126] binder: 6125:6126 ioctl 4018620d 200000004a80 returned -16 [ 89.834471][ T6170] syzkaller0: entered promiscuous mode [ 89.852284][ T6170] syzkaller0: entered allmulticast mode [ 89.874051][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.95'. [ 90.724364][ T6199] netlink: 4 bytes leftover after parsing attributes in process `syz.3.108'. [ 91.283986][ T6219] netlink: 28 bytes leftover after parsing attributes in process `syz.1.117'. [ 91.314031][ T6218] netlink: 'syz.4.115': attribute type 12 has an invalid length. [ 91.351423][ T6218] netlink: 'syz.4.115': attribute type 29 has an invalid length. [ 91.375970][ T6218] netlink: 148 bytes leftover after parsing attributes in process `syz.4.115'. [ 91.410267][ T6218] netlink: 59 bytes leftover after parsing attributes in process `syz.4.115'. [ 92.595275][ T6254] netlink: 28 bytes leftover after parsing attributes in process `syz.4.130'. [ 92.768182][ T6258] netlink: 'syz.0.131': attribute type 12 has an invalid length. [ 92.785026][ T6258] netlink: 'syz.0.131': attribute type 29 has an invalid length. [ 92.804305][ T6258] netlink: 148 bytes leftover after parsing attributes in process `syz.0.131'. [ 92.825701][ T6258] netlink: 59 bytes leftover after parsing attributes in process `syz.0.131'. [ 93.101234][ T6264] netlink: 43 bytes leftover after parsing attributes in process `syz.1.135'. [ 93.484642][ T6274] fuse: Unknown parameter 'use00000000000000000000' [ 93.512005][ T6276] syzkaller1: entered promiscuous mode [ 93.531385][ T6276] syzkaller1: entered allmulticast mode [ 93.581146][ T6279] netlink: 28 bytes leftover after parsing attributes in process `syz.4.142'. [ 94.022767][ T6292] syzkaller0: entered promiscuous mode [ 94.041327][ T6292] syzkaller0: entered allmulticast mode [ 94.531482][ T6306] netlink: 28 bytes leftover after parsing attributes in process `syz.2.153'. [ 95.386510][ T6334] netlink: 28 bytes leftover after parsing attributes in process `syz.4.167'. [ 95.515976][ T6337] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 95.521499][ T6340] xt_hashlimit: size too large, truncated to 1048576 [ 95.543964][ T6337] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 95.565456][ T6337] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 95.599783][ T6337] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 95.793932][ T6349] netlink: 'syz.4.173': attribute type 12 has an invalid length. [ 95.810122][ T6349] netlink: 'syz.4.173': attribute type 29 has an invalid length. [ 95.831090][ T6349] netlink: 148 bytes leftover after parsing attributes in process `syz.4.173'. [ 95.877304][ T6349] netlink: 59 bytes leftover after parsing attributes in process `syz.4.173'. [ 96.807576][ T6383] netlink: 4 bytes leftover after parsing attributes in process `syz.2.189'. [ 97.090084][ T6390] syzkaller0: entered promiscuous mode [ 97.099576][ T6390] syzkaller0: entered allmulticast mode [ 97.610429][ T6403] __nla_validate_parse: 2 callbacks suppressed [ 97.610449][ T6403] netlink: 28 bytes leftover after parsing attributes in process `syz.4.199'. [ 97.853648][ T6410] netlink: 76 bytes leftover after parsing attributes in process `syz.4.201'. [ 97.898222][ T6411] netlink: 4 bytes leftover after parsing attributes in process `syz.1.202'. [ 98.293331][ T6419] netlink: 7 bytes leftover after parsing attributes in process `syz.4.206'. [ 98.406237][ T6422] syzkaller0: entered promiscuous mode [ 98.435154][ T6422] syzkaller0: entered allmulticast mode [ 98.491614][ T6427] netlink: 12 bytes leftover after parsing attributes in process `syz.4.210'. [ 98.504512][ T6427] netlink: 28 bytes leftover after parsing attributes in process `syz.4.210'. [ 98.830301][ T6433] syzkaller0: entered promiscuous mode [ 98.855671][ T6433] syzkaller0: entered allmulticast mode [ 99.289853][ T6448] netlink: 7 bytes leftover after parsing attributes in process `syz.1.220'. [ 99.455592][ T6450] netlink: 12 bytes leftover after parsing attributes in process `syz.3.221'. [ 99.535695][ T6450] netlink: 28 bytes leftover after parsing attributes in process `syz.3.221'. [ 99.651921][ T6454] syzkaller0: entered promiscuous mode [ 99.670909][ T6454] syzkaller0: entered allmulticast mode [ 102.122236][ T6481] netlink: 7 bytes leftover after parsing attributes in process `syz.1.232'. [ 102.744811][ T6496] syzkaller0: entered promiscuous mode [ 102.766542][ T6496] syzkaller0: entered allmulticast mode [ 102.919851][ T6507] __nla_validate_parse: 1 callbacks suppressed [ 102.919869][ T6507] netlink: 76 bytes leftover after parsing attributes in process `syz.3.244'. [ 103.143503][ T6499] syzkaller0: entered promiscuous mode [ 103.161888][ T6499] syzkaller0: entered allmulticast mode [ 103.175355][ T6502] netlink: 8 bytes leftover after parsing attributes in process `syz.1.243'. [ 103.212624][ T6502] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.372056][ T6504] syzkaller0: entered promiscuous mode [ 103.391448][ T6504] syzkaller0: entered allmulticast mode [ 107.347789][ T6549] tipc: Started in network mode [ 107.357789][ T6549] tipc: Node identity 8e0183abb3ef, cluster identity 4711 [ 107.372468][ T6549] tipc: Enabled bearer , priority 0 [ 107.380168][ T6550] syzkaller0: entered promiscuous mode [ 107.417429][ T6550] syzkaller0: entered allmulticast mode [ 107.495255][ T6554] tipc: Resetting bearer [ 107.586210][ T6547] tipc: Resetting bearer [ 107.639426][ T6547] tipc: Disabling bearer [ 107.930408][ T3522] tipc: Subscription rejected, illegal request [ 108.900147][ T1053] tipc: Subscription rejected, illegal request [ 109.819786][ T6635] syzkaller0: entered promiscuous mode [ 109.836559][ T6635] syzkaller0: entered allmulticast mode [ 110.079602][ T6644] xt_CT: You must specify a L4 protocol and not use inversions on it [ 113.422779][ T6688] netlink: 12 bytes leftover after parsing attributes in process `syz.1.313'. [ 113.608179][ T6693] xt_CT: You must specify a L4 protocol and not use inversions on it [ 113.704724][ T6688] bond1: entered promiscuous mode [ 113.714621][ T6688] 8021q: adding VLAN 0 to HW filter on device bond1 [ 113.727351][ T1053] tipc: Subscription rejected, illegal request [ 113.856429][ T6706] 8021q: adding VLAN 0 to HW filter on device bond1 [ 113.872823][ T6706] bond1: (slave sit1): The slave device specified does not support setting the MAC address [ 113.884943][ T6706] bond1: (slave sit1): Error -95 calling set_mac_address [ 114.320956][ T6716] syzkaller0: entered promiscuous mode [ 114.332895][ T6716] syzkaller0: entered allmulticast mode [ 114.799253][ T137] tipc: Subscription rejected, illegal request [ 116.319119][ T6764] xt_CT: You must specify a L4 protocol and not use inversions on it [ 117.396887][ T6738] team0: Port device syz_tun added [ 118.094395][ T6799] netlink: 4 bytes leftover after parsing attributes in process `syz.1.358'. [ 118.296423][ T6805] netlink: 24 bytes leftover after parsing attributes in process `syz.2.362'. [ 118.501085][ T6803] syzkaller1: entered promiscuous mode [ 118.538034][ T6803] syzkaller1: entered allmulticast mode [ 118.681204][ T6821] netlink: 48 bytes leftover after parsing attributes in process `syz.2.366'. [ 118.872876][ T6812] syzkaller0: entered promiscuous mode [ 118.893718][ T6812] syzkaller0: entered allmulticast mode [ 118.984140][ T6830] netlink: 4 bytes leftover after parsing attributes in process `syz.4.370'. [ 121.561332][ T6857] netlink: 48 bytes leftover after parsing attributes in process `syz.0.379'. [ 121.746445][ T6863] netlink: 4 bytes leftover after parsing attributes in process `syz.0.382'. [ 122.104314][ T6877] netlink: 8 bytes leftover after parsing attributes in process `syz.3.387'. [ 122.165071][ T6877] ip6gre1: entered promiscuous mode [ 122.170728][ T6877] ip6gre1: entered allmulticast mode [ 122.231311][ T1053] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 122.252287][ T1765] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 122.261362][ T1053] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 122.293961][ T6878] syzkaller0: entered promiscuous mode [ 122.301002][ T6878] syzkaller0: entered allmulticast mode [ 122.424197][ T1765] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 122.437707][ T6886] netlink: 48 bytes leftover after parsing attributes in process `syz.4.392'. [ 122.481839][ T1765] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 122.687148][ T6893] netlink: 4 bytes leftover after parsing attributes in process `syz.4.394'. [ 122.977866][ T6907] netlink: 8 bytes leftover after parsing attributes in process `syz.4.400'. [ 123.084317][ T6907] ip6gre1: entered promiscuous mode [ 123.101200][ T6907] ip6gre1: entered allmulticast mode [ 123.125617][ T1053] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 123.136884][ T1053] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 123.152319][ T1765] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 123.257956][ T6918] netlink: 24 bytes leftover after parsing attributes in process `syz.4.404'. [ 123.535393][ T6922] syzkaller0: entered promiscuous mode [ 123.542676][ T6922] syzkaller0: entered allmulticast mode [ 123.556340][ T6924] syzkaller0: entered promiscuous mode [ 123.580852][ T6924] syzkaller0: entered allmulticast mode [ 124.130976][ T46] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 124.179209][ T46] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 124.209598][ T6940] netlink: 8 bytes leftover after parsing attributes in process `syz.2.414'. [ 124.234198][ T6940] ip6gre1: entered promiscuous mode [ 124.244238][ T6940] ip6gre1: entered allmulticast mode [ 124.769940][ T6960] syzkaller0: entered promiscuous mode [ 124.790650][ T6960] syzkaller0: entered allmulticast mode [ 125.258099][ T6975] netlink: 8 bytes leftover after parsing attributes in process `syz.4.426'. [ 125.419421][ T6975] ip6gre2: entered promiscuous mode [ 125.435393][ T6975] ip6gre2: entered allmulticast mode [ 126.206962][ T6999] syzkaller0: entered promiscuous mode [ 126.235631][ T6999] syzkaller0: entered allmulticast mode [ 126.336602][ T7004] netlink: 16 bytes leftover after parsing attributes in process `syz.3.438'. [ 127.013284][ T7016] netlink: 8 bytes leftover after parsing attributes in process `syz.4.443'. [ 127.175976][ T7016] ip6gre3: entered promiscuous mode [ 127.230169][ T7016] ip6gre3: entered allmulticast mode [ 127.612891][ T1053] ip6_tnl_xmit_ctl: 12 callbacks suppressed [ 127.612940][ T1053] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 127.681186][ T807] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 127.693038][ T1053] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 127.746024][ T807] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 127.790262][ T807] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 128.089512][ T7041] tipc: Started in network mode [ 128.110348][ T7041] tipc: Node identity fff, cluster identity 4711 [ 128.135418][ T7041] tipc: Node number set to 4095 [ 128.161762][ T7047] netlink: 27 bytes leftover after parsing attributes in process `syz.4.453'. [ 128.181037][ T7041] tipc: Cannot configure node identity twice [ 128.530910][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 129.091263][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 130.814252][ T7101] vcan0: tx drop: invalid da for name 0x00000000000000fe [ 130.875981][ T7105] netlink: 'syz.0.477': attribute type 1 has an invalid length. [ 131.233135][ T7105] 8021q: adding VLAN 0 to HW filter on device bond1 [ 131.306933][ T7107] bond1: (slave macvlan1): making interface the new active one [ 131.327082][ T7107] bond1: (slave macvlan1): Enslaving as an active interface with an up link [ 131.409044][ T7116] tipc: Started in network mode [ 131.423943][ T7117] vcan0: tx drop: invalid sa for name 0x0000000000000003 [ 131.438134][ T7116] tipc: Node identity fff, cluster identity 4711 [ 131.477887][ T7116] tipc: Node number set to 4095 [ 131.500241][ T7116] tipc: Cannot configure node identity twice [ 131.777698][ T7121] netlink: 4 bytes leftover after parsing attributes in process `syz.0.483'. [ 131.970806][ C0] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 132.099914][ T7132] netlink: 8 bytes leftover after parsing attributes in process `syz.4.488'. [ 132.625223][ T7141] netlink: 'syz.4.493': attribute type 1 has an invalid length. [ 132.660416][ T7137] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 132.868474][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.878698][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.886788][ T7141] 8021q: adding VLAN 0 to HW filter on device bond1 [ 132.933122][ T7150] fuse: Unknown parameter 'fd0x0000000000000003' [ 132.964905][ T7145] bond1: (slave macvlan1): making interface the new active one [ 132.993785][ T7145] bond1: (slave macvlan1): Enslaving as an active interface with an up link [ 133.106631][ T7154] xt_CT: You must specify a L4 protocol and not use inversions on it [ 133.350072][ T7158] tipc: Started in network mode [ 133.370096][ T7158] tipc: Node identity fff, cluster identity 4711 [ 133.419187][ T7158] tipc: Node number set to 4095 [ 133.451894][ T7158] tipc: Cannot configure node identity twice [ 134.227043][ T7181] sock: sock_timestamping_bind_phc: sock not bind to device [ 134.518255][ T7168] syzkaller0: entered promiscuous mode [ 134.540994][ T7168] syzkaller0: entered allmulticast mode [ 134.740856][ T7185] netlink: 3 bytes leftover after parsing attributes in process `syz.0.506'. [ 134.770810][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 134.780111][ T7185] 0ªX¹¦À: renamed from caif0 [ 134.813116][ T7185] 0ªX¹¦À: entered allmulticast mode [ 134.831073][ T7185] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 135.285185][ T7190] xt_CT: You must specify a L4 protocol and not use inversions on it [ 135.479706][ T7191] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 136.052279][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 136.696970][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 137.331295][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 139.558231][ T7233] syzkaller0: entered promiscuous mode [ 139.571953][ T7233] syzkaller0: entered allmulticast mode [ 140.530780][ C0] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 140.895301][ T7264] netlink: 4 bytes leftover after parsing attributes in process `syz.3.535'. [ 141.028210][ T7267] netlink: 20 bytes leftover after parsing attributes in process `syz.3.535'. [ 141.584997][ T7274] syzkaller0: entered promiscuous mode [ 141.609237][ T7274] syzkaller0: entered allmulticast mode [ 141.809528][ T7283] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 141.839311][ T7283] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 145.487716][ T7342] syzkaller0: entered promiscuous mode [ 145.520615][ T7342] syzkaller0: entered allmulticast mode [ 146.947763][ T7374] netlink: 12 bytes leftover after parsing attributes in process `syz.1.579'. [ 147.347280][ T7383] binder: 7382:7383 ioctl c0306201 0 returned -14 [ 148.722405][ T7409] xt_CT: No such helper "snmp_trap" [ 149.490960][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 151.410780][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 152.254820][ T7515] netlink: 4 bytes leftover after parsing attributes in process `syz.2.640'. [ 152.454390][ T7517] tipc: Enabled bearer , priority 0 [ 152.488626][ T7517] syzkaller0: entered promiscuous mode [ 152.531830][ T7517] syzkaller0: entered allmulticast mode [ 152.635814][ T7517] tipc: Resetting bearer [ 152.662358][ T7516] tipc: Resetting bearer [ 152.710085][ T7516] tipc: Disabling bearer [ 153.077848][ T7538] netlink: 'syz.1.649': attribute type 10 has an invalid length. [ 153.256189][ T7538] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 153.317627][ T7536] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 153.330713][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 153.970678][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 154.073679][ T7567] netlink: 'syz.2.660': attribute type 3 has an invalid length. [ 154.390036][ T7578] netlink: 'syz.4.668': attribute type 12 has an invalid length. [ 154.400026][ T7578] netlink: 'syz.4.668': attribute type 29 has an invalid length. [ 154.408909][ T7578] netlink: 148 bytes leftover after parsing attributes in process `syz.4.668'. [ 154.559410][ T7584] netlink: 16 bytes leftover after parsing attributes in process `syz.0.669'. [ 154.602859][ T7584] netlink: 12 bytes leftover after parsing attributes in process `syz.0.669'. [ 154.850099][ T7589] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 155.624337][ T7617] netlink: 16 bytes leftover after parsing attributes in process `syz.0.683'. [ 155.636815][ T7617] netlink: 12 bytes leftover after parsing attributes in process `syz.0.683'. [ 156.231101][ T7637] syz.0.693 (7637) used obsolete PPPIOCDETACH ioctl [ 156.255461][ T7637] netlink: zone id is out of range [ 156.261769][ T7637] netlink: zone id is out of range [ 156.267914][ T7637] netlink: zone id is out of range [ 156.273671][ T7637] netlink: zone id is out of range [ 156.291545][ T7637] netlink: zone id is out of range [ 156.299028][ T7637] netlink: zone id is out of range [ 156.316198][ T7637] netlink: 56 bytes leftover after parsing attributes in process `syz.0.693'. [ 156.689698][ T7647] syzkaller0: entered promiscuous mode [ 156.695589][ T7647] syzkaller0: entered allmulticast mode [ 157.820815][ C0] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 158.587250][ T7660] veth0: entered promiscuous mode [ 158.603486][ T7663] veth0: left promiscuous mode [ 158.856944][ T7672] netlink: 'syz.3.704': attribute type 12 has an invalid length. [ 158.876350][ T7672] netlink: 'syz.3.704': attribute type 29 has an invalid length. [ 158.887138][ T7672] netlink: 148 bytes leftover after parsing attributes in process `syz.3.704'. [ 158.907896][ T7669] tipc: Enabled bearer , priority 0 [ 158.916875][ T7669] syzkaller0: entered promiscuous mode [ 158.932173][ T7669] syzkaller0: entered allmulticast mode [ 158.959921][ T7669] tipc: Resetting bearer [ 158.976281][ T7667] tipc: Resetting bearer [ 159.037196][ T7667] tipc: Disabling bearer [ 159.166319][ T7684] netlink: 16 bytes leftover after parsing attributes in process `syz.4.712'. [ 159.784167][ T7695] syzkaller0: entered promiscuous mode [ 159.800808][ T7695] syzkaller0: entered allmulticast mode [ 159.823664][ T7702] netlink: 'syz.4.720': attribute type 12 has an invalid length. [ 159.846241][ T7702] netlink: 'syz.4.720': attribute type 29 has an invalid length. [ 159.870367][ T7702] netlink: 148 bytes leftover after parsing attributes in process `syz.4.720'. [ 159.958041][ T7708] netlink: 16 bytes leftover after parsing attributes in process `syz.3.723'. [ 160.114486][ T7715] xt_CT: You must specify a L4 protocol and not use inversions on it [ 161.803484][ T7716] tipc: Enabling of bearer rejected, failed to enable media [ 162.204443][ T7735] netlink: 12 bytes leftover after parsing attributes in process `syz.3.732'. [ 162.317825][ T7742] netlink: 'syz.3.735': attribute type 12 has an invalid length. [ 162.328991][ T7742] netlink: 'syz.3.735': attribute type 29 has an invalid length. [ 162.338837][ T7742] netlink: 148 bytes leftover after parsing attributes in process `syz.3.735'. [ 162.524981][ T7749] netlink: 16 bytes leftover after parsing attributes in process `syz.4.738'. [ 162.662956][ T7751] syzkaller0: entered promiscuous mode [ 162.668628][ T7751] syzkaller0: entered allmulticast mode [ 164.832646][ T7758] tipc: Enabling of bearer rejected, failed to enable media [ 164.870614][ T7782] ipvlan2: entered promiscuous mode [ 165.344271][ T7799] tipc: Started in network mode [ 165.371743][ T7799] tipc: Node identity fff, cluster identity 4711 [ 165.395620][ T7799] tipc: Node number set to 4095 [ 165.420230][ T7799] tipc: Cannot configure node identity twice [ 165.684608][ T7810] syzkaller1: entered promiscuous mode [ 165.690317][ T7810] syzkaller1: entered allmulticast mode [ 166.072655][ T7822] netlink: 20 bytes leftover after parsing attributes in process `syz.0.764'. [ 166.480035][ T7833] netlink: 12 bytes leftover after parsing attributes in process `syz.0.768'. [ 166.927958][ T7849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 167.619705][ T7875] netlink: 12 bytes leftover after parsing attributes in process `syz.0.787'. [ 167.951707][ T1113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 167.986115][ T7885] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 167.999249][ T1113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 168.556315][ T7908] tipc: Cannot configure node identity twice [ 168.590513][ T7908] tipc: Cannot configure node identity twice [ 168.738565][ T7915] netlink: 12 bytes leftover after parsing attributes in process `syz.4.804'. [ 169.549032][ T7941] netlink: 40 bytes leftover after parsing attributes in process `syz.3.817'. [ 169.666500][ T7942] syzkaller0: entered promiscuous mode [ 169.687034][ T7942] syzkaller0: entered allmulticast mode [ 169.733433][ T7942] tc action pedit offset must be on 32 bit boundaries [ 169.741364][ T7942] tc action pedit offset must be on 32 bit boundaries [ 169.748176][ T7942] tc action pedit offset must be on 32 bit boundaries [ 169.755018][ T7942] tc action pedit offset must be on 32 bit boundaries [ 169.761846][ T7942] tc action pedit offset must be on 32 bit boundaries [ 169.768661][ T7942] tc action pedit offset must be on 32 bit boundaries [ 169.775491][ T7942] tc action pedit offset must be on 32 bit boundaries [ 169.782312][ T7942] tc action pedit offset must be on 32 bit boundaries [ 169.789133][ T7942] tc action pedit offset must be on 32 bit boundaries [ 169.795970][ T7942] tc action pedit offset must be on 32 bit boundaries [ 169.802830][ T7942] TC_ACT_REPEAT abuse ? [ 170.151867][ T7958] netlink: 12 bytes leftover after parsing attributes in process `syz.1.824'. [ 170.534188][ T7971] netlink: 40 bytes leftover after parsing attributes in process `syz.3.830'. [ 171.104017][ T7987] netlink: 7 bytes leftover after parsing attributes in process `syz.0.837'. [ 171.404632][ T7994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.840'. [ 171.503361][ T7998] netlink: 52 bytes leftover after parsing attributes in process `syz.1.842'. [ 171.601012][ T7998] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.030093][ T8017] netlink: 27 bytes leftover after parsing attributes in process `syz.2.850'. [ 172.387607][ T8028] netlink: 12 bytes leftover after parsing attributes in process `syz.0.855'. [ 172.956706][ T8042] netlink: 27 bytes leftover after parsing attributes in process `syz.4.862'. [ 173.482010][ T8057] netlink: 12 bytes leftover after parsing attributes in process `syz.1.869'. [ 173.686255][ T8061] tipc: Cannot configure node identity twice [ 173.709092][ T8061] tipc: Cannot configure node identity twice [ 173.764986][ T8068] netlink: 27 bytes leftover after parsing attributes in process `syz.0.874'. [ 174.065567][ T8077] netlink: 'syz.1.877': attribute type 39 has an invalid length. [ 174.656754][ T8094] ip6gre1: entered promiscuous mode [ 174.680844][ T8100] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 174.680908][ T8094] ip6gre1: entered allmulticast mode [ 174.731645][ T137] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 174.766212][ T1765] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 174.774214][ T137] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 174.813797][ T8103] tipc: Enabled bearer , priority 0 [ 174.831772][ T8103] syzkaller0: entered promiscuous mode [ 174.843911][ T8103] syzkaller0: entered allmulticast mode [ 174.961170][ T8103] tipc: Resetting bearer [ 175.002704][ T8102] tipc: Resetting bearer [ 175.011216][ T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 175.065259][ T8102] tipc: Disabling bearer [ 175.732501][ T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 176.006723][ T8140] syzkaller0: entered promiscuous mode [ 176.043579][ T8140] syzkaller0: entered allmulticast mode [ 176.046331][ T8144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 176.449079][ T8159] xt_CT: You must specify a L4 protocol and not use inversions on it [ 177.104947][ T8186] netlink: 'syz.3.921': attribute type 1 has an invalid length. [ 177.538568][ T8197] netlink: 28 bytes leftover after parsing attributes in process `syz.1.926'. [ 178.339829][ T8224] xt_CT: You must specify a L4 protocol and not use inversions on it [ 178.930683][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 179.157132][ T8248] wg2: entered allmulticast mode [ 179.167276][ T8250] netlink: 12 bytes leftover after parsing attributes in process `syz.1.950'. [ 179.464392][ T8259] syzkaller0: entered promiscuous mode [ 179.486634][ T8259] syzkaller0: entered allmulticast mode [ 179.570688][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 179.578597][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 179.993696][ T8271] syzkaller0: entered promiscuous mode [ 180.004661][ T8271] syzkaller0: entered allmulticast mode [ 182.376567][ T8298] netlink: 20 bytes leftover after parsing attributes in process `syz.0.966'. [ 182.411380][ T8298] netlink: 12 bytes leftover after parsing attributes in process `syz.0.966'. [ 182.451612][ T8298] netlink: 31 bytes leftover after parsing attributes in process `syz.0.966'. [ 182.467963][ T8298] netlink: 'syz.0.966': attribute type 3 has an invalid length. [ 182.480360][ T8298] netlink: 'syz.0.966': attribute type 2 has an invalid length. [ 182.489450][ T8298] netlink: 31 bytes leftover after parsing attributes in process `syz.0.966'. [ 182.500274][ T8298] netlink: 'syz.0.966': attribute type 2 has an invalid length. [ 182.517011][ T8297] netlink: 8 bytes leftover after parsing attributes in process `syz.0.966'. [ 182.745534][ T8309] netlink: 12 bytes leftover after parsing attributes in process `syz.4.970'. [ 183.063561][ T8317] syzkaller0: entered promiscuous mode [ 183.080687][ T8317] syzkaller0: entered allmulticast mode [ 183.104392][ T8318] netlink: 76 bytes leftover after parsing attributes in process `syz.1.974'. [ 185.143033][ T8320] syzkaller0: entered promiscuous mode [ 185.149087][ T8320] syzkaller0: entered allmulticast mode [ 185.383459][ T8342] netlink: 12 bytes leftover after parsing attributes in process `syz.0.983'. [ 185.654991][ T8354] netlink: 28 bytes leftover after parsing attributes in process `syz.1.989'. [ 185.795019][ T8359] erspan0: entered promiscuous mode [ 186.377304][ T8378] tipc: Enabled bearer , priority 0 [ 186.417184][ T8378] tipc: Resetting bearer [ 186.528147][ T8377] tipc: Disabling bearer [ 186.628139][ T8382] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1001'. [ 187.250639][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 187.259159][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 187.266968][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 187.717815][ T8406] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1012'. [ 187.910690][ T8411] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1015'. [ 187.963786][ T8413] vcan0: tx drop: invalid da for name 0x00000000000000fe [ 188.128691][ T8419] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1019'. [ 188.345022][ T8425] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1021'. [ 188.815140][ T8445] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1027'. [ 189.499799][ T8475] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1029'. [ 189.626156][ T8477] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1032'. [ 189.805576][ T8481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1033'. [ 190.210261][ T8491] syzkaller0: entered promiscuous mode [ 190.232074][ T8491] syzkaller0: entered allmulticast mode [ 190.629445][ T8503] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1044'. [ 190.699967][ T8508] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1045'. [ 190.710999][ T8509] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1047'. [ 191.588086][ T8541] vcan0: tx drop: invalid da for name 0x00000000000000fe [ 192.370763][ C0] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 192.382745][ T8557] 8021q: adding VLAN 0 to HW filter on device bond1 [ 192.444459][ T8557] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.459659][ T8557] bond1: (slave bond0): making interface the new active one [ 192.471496][ T8557] bond1: (slave bond0): Enslaving as an active interface with an up link [ 192.474571][ T8562] netlink: 'syz.3.1066': attribute type 10 has an invalid length. [ 192.566248][ T8562] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 192.721762][ T8568] vcan0: tx drop: invalid da for name 0x00000000000000fe [ 193.195096][ T8582] IPv6: NLM_F_CREATE should be specified when creating new route [ 193.221873][ T8582] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 193.230408][ T8582] IPv6: NLM_F_CREATE should be set when creating new route [ 193.237812][ T8582] IPv6: NLM_F_CREATE should be set when creating new route [ 193.245100][ T8582] IPv6: NLM_F_CREATE should be set when creating new route [ 193.391487][ T8582] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 193.588343][ T8598] vcan0: tx drop: invalid da for name 0x00000000000000fe [ 193.675427][ T5928] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 193.697557][ T8601] __nla_validate_parse: 8 callbacks suppressed [ 193.697576][ T8601] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1083'. [ 193.722960][ T8601] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1083'. [ 194.057384][ T8605] syzkaller0: entered promiscuous mode [ 194.084087][ T8605] syzkaller0: entered allmulticast mode [ 194.145529][ T807] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 194.312756][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.323291][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.607001][ T8622] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1094'. [ 194.629437][ T8622] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1094'. [ 194.647198][ T8622] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1094'. [ 194.652849][ T8624] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1093'. [ 194.869362][ T8626] syzkaller1: entered promiscuous mode [ 194.905110][ T8626] syzkaller1: entered allmulticast mode [ 194.944070][ T8626] af_packet: tpacket_rcv: packet too big, clamped from 64993 to 3944. macoff=96 [ 194.966584][ T8630] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1097'. [ 195.288726][ T8639] netlink: 27 bytes leftover after parsing attributes in process `syz.3.1100'. [ 195.344110][ T8641] syzkaller0: entered promiscuous mode [ 195.363023][ T8641] syzkaller0: entered allmulticast mode [ 195.694533][ T8650] sctp: [Deprecated]: syz.3.1104 (pid 8650) Use of struct sctp_assoc_value in delayed_ack socket option. [ 195.694533][ T8650] Use struct sctp_sack_info instead [ 195.982815][ T8655] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1106'. [ 196.039906][ T8655] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1106'. [ 196.091538][ T8657] syzkaller1: entered promiscuous mode [ 196.112839][ T8657] syzkaller1: entered allmulticast mode [ 196.386043][ T5849] Bluetooth: hci2: command 0x0406 tx timeout [ 196.393053][ T5853] Bluetooth: hci1: command 0x0406 tx timeout [ 196.393080][ T5854] Bluetooth: hci0: command 0x0406 tx timeout [ 196.393111][ T5854] Bluetooth: hci4: command 0x0406 tx timeout [ 196.399603][ T5853] Bluetooth: hci3: command 0x0406 tx timeout [ 196.583176][ T8672] syzkaller0: entered promiscuous mode [ 196.612238][ T8672] syzkaller0: entered allmulticast mode [ 197.534729][ T8708] syzkaller0: entered promiscuous mode [ 197.551204][ T8708] syzkaller0: entered allmulticast mode [ 197.795569][ T8715] bond1: (slave macvlan1): Releasing active interface [ 198.167124][ T8724] syzkaller0: entered promiscuous mode [ 198.189107][ T8724] syzkaller0: entered allmulticast mode [ 199.383658][ T8758] __nla_validate_parse: 7 callbacks suppressed [ 199.383705][ T8758] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1147'. [ 201.173238][ T8786] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1159'. [ 201.189702][ T8784] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1158'. [ 201.575492][ T8794] syzkaller0: entered promiscuous mode [ 201.601616][ T8794] syzkaller0: entered allmulticast mode [ 201.655763][ T8798] syzkaller0: entered promiscuous mode [ 201.668483][ T8798] syzkaller0: entered allmulticast mode [ 202.224780][ T8809] syzkaller0: entered promiscuous mode [ 202.230657][ T8809] syzkaller0: entered allmulticast mode [ 202.602432][ T8825] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1173'. [ 203.890770][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 205.341871][ T8845] bond1: entered allmulticast mode [ 205.364632][ T8851] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1183'. [ 205.480973][ T8853] syzkaller0: entered promiscuous mode [ 205.496126][ T8853] syzkaller0: entered allmulticast mode [ 205.510332][ T8845] bond1: left allmulticast mode [ 205.723960][ T8864] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1188'. [ 208.916246][ T8913] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1206'. [ 208.962626][ T8913] syzkaller0: entered promiscuous mode [ 209.009486][ T8913] syzkaller0: entered allmulticast mode [ 209.200050][ T8920] syzkaller0: entered promiscuous mode [ 209.232782][ T8920] syzkaller0: entered allmulticast mode [ 209.977250][ T8952] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1225'. [ 210.026983][ T8952] syzkaller0: entered promiscuous mode [ 210.049088][ T8952] syzkaller0: entered allmulticast mode [ 210.329471][ T8961] tipc: Enabled bearer , priority 0 [ 210.377430][ T8961] tipc: Resetting bearer [ 210.459039][ T8960] tipc: Disabling bearer [ 211.163837][ T8978] syzkaller1: entered promiscuous mode [ 211.179948][ T8978] syzkaller1: entered allmulticast mode [ 211.521976][ T8988] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1242'. [ 211.564483][ T8988] syzkaller0: entered promiscuous mode [ 211.579816][ T8988] syzkaller0: entered allmulticast mode [ 212.816339][ T9022] lo: entered allmulticast mode [ 213.203107][ T9036] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1257'. [ 213.256497][ T9036] syzkaller0: entered promiscuous mode [ 213.283883][ T9036] syzkaller0: entered allmulticast mode [ 213.413156][ T9042] syzkaller0: entered promiscuous mode [ 213.419338][ T9042] syzkaller0: entered allmulticast mode [ 213.523832][ T9049] syzkaller1: entered promiscuous mode [ 213.529474][ T9049] syzkaller1: entered allmulticast mode [ 213.784504][ T9055] sctp: [Deprecated]: syz.1.1267 (pid 9055) Use of struct sctp_assoc_value in delayed_ack socket option. [ 213.784504][ T9055] Use struct sctp_sack_info instead [ 214.006889][ T9059] vlan3: entered allmulticast mode [ 214.028334][ T9059] bond0: entered allmulticast mode [ 214.042740][ T9059] bond_slave_0: entered allmulticast mode [ 214.056452][ T9059] bond_slave_1: entered allmulticast mode [ 214.453544][ T9075] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1277'. [ 214.491042][ T9075] syzkaller0: entered promiscuous mode [ 214.497226][ T9079] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1278'. [ 214.507033][ T9075] syzkaller0: entered allmulticast mode [ 214.649652][ T9084] sctp: [Deprecated]: syz.3.1280 (pid 9084) Use of struct sctp_assoc_value in delayed_ack socket option. [ 214.649652][ T9084] Use struct sctp_sack_info instead [ 215.251011][ T9102] syzkaller1: entered promiscuous mode [ 215.277166][ T9102] syzkaller1: entered allmulticast mode [ 215.397793][ T9110] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1292'. [ 215.471294][ T9110] syzkaller0: entered promiscuous mode [ 215.493295][ T9110] syzkaller0: entered allmulticast mode [ 216.489260][ T9147] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1308'. [ 216.524933][ T9147] syzkaller0: entered promiscuous mode [ 216.538009][ T9147] syzkaller0: entered allmulticast mode [ 216.636510][ T9152] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1311'. [ 216.987878][ T9161] syzkaller0: entered promiscuous mode [ 217.002583][ T9161] syzkaller0: entered allmulticast mode [ 217.014388][ T9162] syzkaller1: entered promiscuous mode [ 217.045350][ T9162] syzkaller1: entered allmulticast mode [ 217.190938][ T9171] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1320'. [ 217.201409][ T9171] netlink: 91 bytes leftover after parsing attributes in process `syz.2.1320'. [ 217.443480][ T9178] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1322'. [ 217.534935][ T9178] syzkaller0: entered promiscuous mode [ 217.549677][ T9178] syzkaller0: entered allmulticast mode [ 217.651438][ T9183] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1325'. [ 218.155916][ T9201] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1332'. [ 218.199134][ T9201] netlink: 91 bytes leftover after parsing attributes in process `syz.2.1332'. [ 218.468318][ T9211] netlink: 'syz.1.1338': attribute type 19 has an invalid length. [ 218.499522][ T9211] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1338'. [ 218.619884][ T9211] netlink: 'syz.1.1338': attribute type 19 has an invalid length. [ 218.628342][ T9211] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1338'. [ 218.651013][ T8462] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.668357][ T8462] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.713890][ T8462] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.754405][ T9217] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1340'. [ 218.787948][ T8462] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.898159][ T9225] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 220.186977][ T9271] netlink: 'syz.2.1367': attribute type 8 has an invalid length. [ 220.215842][ T9271] netlink: 'syz.2.1367': attribute type 7 has an invalid length. [ 220.281190][ T9275] sctp: [Deprecated]: syz.4.1369 (pid 9275) Use of struct sctp_assoc_value in delayed_ack socket option. [ 220.281190][ T9275] Use struct sctp_sack_info instead [ 221.089173][ T9305] sctp: [Deprecated]: syz.1.1383 (pid 9305) Use of struct sctp_assoc_value in delayed_ack socket option. [ 221.089173][ T9305] Use struct sctp_sack_info instead [ 221.942203][ T9332] __nla_validate_parse: 5 callbacks suppressed [ 221.942222][ T9332] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1398'. [ 221.976958][ T9336] sctp: [Deprecated]: syz.2.1399 (pid 9336) Use of struct sctp_assoc_value in delayed_ack socket option. [ 221.976958][ T9336] Use struct sctp_sack_info instead [ 222.801947][ T9371] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1409'. [ 223.345454][ T9383] syzkaller0: entered promiscuous mode [ 223.364485][ T9383] syzkaller0: entered allmulticast mode [ 223.645952][ T9392] TCP: TCP_TX_DELAY enabled [ 225.161028][ T9351] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 225.168331][ T9351] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 225.635023][ T9454] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1422'. [ 226.108233][ T9473] sctp: [Deprecated]: syz.1.1429 (pid 9473) Use of struct sctp_assoc_value in delayed_ack socket option. [ 226.108233][ T9473] Use struct sctp_sack_info instead [ 226.185824][ T9476] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1428'. [ 227.302673][ T9519] sctp: [Deprecated]: syz.1.1444 (pid 9519) Use of struct sctp_assoc_value in delayed_ack socket option. [ 227.302673][ T9519] Use struct sctp_sack_info instead [ 227.371184][ T9521] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1445'. [ 227.707541][ T9537] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1450'. [ 228.402328][ T9566] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1460'. [ 228.628111][ T9573] sctp: [Deprecated]: syz.2.1462 (pid 9573) Use of struct sctp_assoc_value in delayed_ack socket option. [ 228.628111][ T9573] Use struct sctp_sack_info instead [ 228.660870][ T9575] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1463'. [ 228.694108][ T9575] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1463'. [ 228.943008][ T9582] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1468'. [ 229.077018][ T9586] netlink: 140 bytes leftover after parsing attributes in process `syz.4.1469'. [ 229.102043][ T9586] netlink: 10 bytes leftover after parsing attributes in process `syz.4.1469'. [ 229.147812][ T9586] bond0: (slave bond_slave_0): Releasing backup interface [ 229.180090][ T9586] bond_slave_0: left allmulticast mode [ 229.239890][ T9586] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 229.369228][ T9596] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1473'. [ 230.046703][ T9621] netlink: 'syz.2.1485': attribute type 29 has an invalid length. [ 230.088112][ T9621] netlink: 'syz.2.1485': attribute type 29 has an invalid length. [ 230.115899][ T9621] netlink: 'syz.2.1485': attribute type 29 has an invalid length. [ 230.146860][ T9621] netlink: 'syz.2.1485': attribute type 29 has an invalid length. [ 230.246360][ T9630] netlink: 'syz.4.1489': attribute type 29 has an invalid length. [ 230.328520][ T9630] netlink: 'syz.4.1489': attribute type 29 has an invalid length. [ 230.363361][ T9636] netlink: 'syz.4.1489': attribute type 29 has an invalid length. [ 230.441650][ T9630] netlink: 'syz.4.1489': attribute type 29 has an invalid length. [ 231.046651][ T9650] syzkaller0: entered promiscuous mode [ 231.071879][ T9650] syzkaller0: entered allmulticast mode [ 231.097974][ T9659] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 231.116209][ T9660] netlink: 'syz.3.1502': attribute type 10 has an invalid length. [ 231.605038][ T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 231.853798][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 231.865492][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 231.889873][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 231.904282][ T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 231.924008][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.964622][ T24] usb 5-1: config 0 descriptor?? [ 232.465016][ T24] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 232.487891][ T24] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 232.497444][ T24] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 232.507227][ T24] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 232.517944][ T24] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 232.526726][ T24] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 232.535473][ T24] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 232.546180][ T24] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 232.554184][ T24] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 232.562153][ T24] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 232.637348][ T24] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 232.722237][ T24] usb 5-1: USB disconnect, device number 2 [ 232.831445][ T9684] fido_id[9684]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 234.152968][ T9660] 8021q: adding VLAN 0 to HW filter on device team0 [ 234.163807][ T9660] bond0: (slave team0): Enslaving as an active interface with an up link [ 235.250796][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 235.455488][ T9726] syzkaller0: entered promiscuous mode [ 235.483090][ T9726] syzkaller0: entered allmulticast mode [ 236.413146][ T24] usb 2-1: new low-speed USB device number 2 using dummy_hcd [ 236.623948][ T24] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 236.635434][ T24] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 236.648998][ T24] usb 2-1: config 0 interface 0 has no altsetting 0 [ 236.657950][ T24] usb 2-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 236.683193][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.712831][ T24] usb 2-1: config 0 descriptor?? [ 237.195498][ T24] waltop 0003:172F:0037.0002: hidraw0: USB HID vff.f8 Device [HID 172f:0037] on usb-dummy_hcd.1-1/input0 [ 237.375915][ T24] usb 2-1: USB disconnect, device number 2 [ 239.092819][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 239.191128][ T9801] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1557'. [ 239.529751][ T9811] syz_tun: entered promiscuous mode [ 239.537965][ T9811] macsec1: entered promiscuous mode [ 239.543727][ T9811] vlan0: entered promiscuous mode [ 239.553953][ T9811] vlan0: left promiscuous mode [ 239.559404][ T9811] syz_tun: left promiscuous mode [ 240.228791][ T9837] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1571'. [ 240.453461][ T9846] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1575'. [ 240.462720][ T9846] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8 [ 241.220732][ T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 241.393052][ T24] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 241.435657][ T24] usb 2-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=17.a2 [ 241.459556][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 241.482635][ T24] usb 2-1: Product: syz [ 241.498545][ T24] usb 2-1: Manufacturer: syz [ 241.509643][ T24] usb 2-1: SerialNumber: syz [ 241.806989][ T24] net1080 2-1:7.0: probe with driver net1080 failed with error -22 [ 241.854220][ T24] usb 2-1: USB disconnect, device number 3 [ 242.181114][ T9883] binder: 9882:9883 ioctl c0306201 200000000080 returned -14 [ 242.203798][ T9883] binder: 9882:9883 ioctl c0306201 2000000003c0 returned -14 [ 243.370611][ T29] audit: type=1326 audit(1777003771.925:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9911 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 243.460768][ T29] audit: type=1326 audit(1777003771.935:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9911 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 243.548911][ T29] audit: type=1326 audit(1777003771.965:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9911 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 243.639970][ T29] audit: type=1326 audit(1777003771.965:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9911 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 243.700221][ T29] audit: type=1326 audit(1777003771.965:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9911 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 243.728932][ T29] audit: type=1326 audit(1777003771.965:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9911 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 243.755045][ T29] audit: type=1326 audit(1777003771.965:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9911 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 243.784964][ T29] audit: type=1326 audit(1777003771.965:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9911 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 243.811120][ T29] audit: type=1326 audit(1777003771.965:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9911 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=196 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 243.884203][ T29] audit: type=1326 audit(1777003771.965:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9911 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 244.798152][ T9945] capability: warning: `syz.4.1618' uses 32-bit capabilities (legacy support in use) [ 245.490693][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 246.190673][ T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 246.355092][ T24] usb 1-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 246.367549][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.410303][ T24] usb 1-1: Product: syz [ 246.428684][ T24] usb 1-1: Manufacturer: syz [ 246.452508][ T24] usb 1-1: SerialNumber: syz [ 246.561903][ T5928] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 246.704520][ T9986] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1633'. [ 246.750697][ T5928] usb 3-1: Using ep0 maxpacket: 16 [ 246.762195][ T5928] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 246.790696][ T5928] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 246.815839][ T5928] usb 3-1: config 0 interface 0 has no altsetting 0 [ 246.823505][ T5928] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 246.834633][ T5928] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.858954][ T5928] usb 3-1: config 0 descriptor?? [ 247.320244][ T5928] hid (null): unknown global tag 0xe [ 247.420649][ T24] rtl8150 1-1:1.0: couldn't reset the device [ 247.443678][ T24] rtl8150 1-1:1.0: probe with driver rtl8150 failed with error -5 [ 247.496713][ T5928] usb 3-1: USB disconnect, device number 2 [ 247.566178][ T24] usb 1-1: USB disconnect, device number 2 [ 248.018713][ T9993] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1636'. [ 251.234467][T10087] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1676'. [ 251.989866][T10113] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1685'. [ 253.452442][ T5928] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 253.597636][T10150] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1699'. [ 253.633092][ T5928] usb 4-1: Using ep0 maxpacket: 16 [ 253.687912][ T5928] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 253.726656][ T5928] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 253.779283][ T5928] usb 4-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28 [ 253.831833][ T5928] usb 4-1: config 0 interface 0 has no altsetting 0 [ 253.860582][ T5928] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 253.909698][ T5928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 253.955473][ T5928] usb 4-1: config 0 descriptor?? [ 254.531469][ T5928] hid (null): nested delimiters [ 254.549710][ T5928] hid (null): nested delimiters [ 254.563706][ T5928] hid (null): nested delimiters [ 254.869398][ T5928] usb 4-1: USB disconnect, device number 2 [ 255.730703][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 255.738588][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 255.749924][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.756433][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.839108][T10202] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1721'. [ 255.880629][T10202] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1721'. [ 255.985251][T10202] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1721'. [ 255.986236][ T35] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 256.016938][T10202] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1721'. [ 256.038247][ T35] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 256.056847][ T35] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 256.087462][ T35] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 256.604747][ T5928] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 256.784391][ T5928] usb 4-1: Using ep0 maxpacket: 32 [ 256.813167][ T5928] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 256.840824][ T5928] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 127, changing to 10 [ 256.859565][ T5928] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0 [ 256.871944][ T5928] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 0 [ 256.891121][ T5928] usb 4-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice= 0.40 [ 256.925368][ T5928] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.941026][ T5928] usb 4-1: Product: syz [ 256.956467][ T5928] usb 4-1: Manufacturer: syz [ 256.962256][ T5928] usb 4-1: SerialNumber: syz [ 257.234767][ T5928] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 257.924038][ T5928] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -12 [ 257.986756][ T5928] usb 4-1: USB disconnect, device number 3 [ 258.063785][ T5846] udevd[5846]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 258.499946][T10273] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 258.759752][T10276] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1751'. [ 259.292151][T10288] syzkaller0: entered promiscuous mode [ 259.297816][T10288] syzkaller0: entered allmulticast mode [ 260.438697][T10316] kvm: requested 25980 ns i8254 timer period limited to 200000 ns [ 260.462780][T10316] kvm: requested 196952 ns i8254 timer period limited to 200000 ns [ 260.486073][T10316] kvm: requested 183542 ns i8254 timer period limited to 200000 ns [ 260.495370][T10316] kvm: requested 9219 ns i8254 timer period limited to 200000 ns [ 260.517499][T10316] kvm: requested 25980 ns i8254 timer period limited to 200000 ns [ 260.542355][T10316] kvm: requested 62857 ns i8254 timer period limited to 200000 ns [ 260.561906][T10316] kvm: requested 129904 ns i8254 timer period limited to 200000 ns [ 260.590987][T10316] kvm: requested 25980 ns i8254 timer period limited to 200000 ns [ 260.600809][T10316] kvm: requested 143314 ns i8254 timer period limited to 200000 ns [ 260.610228][T10316] kvm: requested 49447 ns i8254 timer period limited to 200000 ns [ 260.859841][ C0] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 260.997680][T10326] input: syz1 as /devices/virtual/input/input6 [ 262.834423][T10303] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 263.078939][T10337] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1770'. [ 264.058832][T10361] kvm: emulating exchange as write [ 264.480525][ T1765] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 264.670679][ T1765] usb 2-1: Using ep0 maxpacket: 16 [ 264.697678][ T1765] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 264.743614][ T1765] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8 [ 264.772262][ T1765] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16 [ 264.826861][ T1765] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 264.857282][ T1765] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 264.880712][ T1765] usb 2-1: Product: syz [ 264.891227][ T1765] usb 2-1: Manufacturer: syz [ 264.905059][ T1765] usb 2-1: SerialNumber: syz [ 265.044201][T10380] syzkaller0: entered promiscuous mode [ 265.070099][T10380] syzkaller0: entered allmulticast mode [ 265.148800][T10368] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1777'. [ 266.115242][T10394] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1789'. [ 267.468585][ T1765] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found [ 267.475932][ T1765] cdc_ncm 2-1:1.0: bind() failure [ 267.552808][ T1765] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found [ 267.570693][ T1765] cdc_ncm 2-1:1.1: bind() failure [ 267.669284][ T1765] usb 2-1: USB disconnect, device number 4 [ 268.858106][T10414] xt_hashlimit: size too large, truncated to 1048576 [ 269.384933][T10394] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.406502][T10394] bridge_slave_0 (unregistering): left allmulticast mode [ 269.436866][T10394] bridge_slave_0 (unregistering): left promiscuous mode [ 269.450773][T10394] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.748554][T10426] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1803'. [ 269.788926][T10426] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8 [ 271.074325][T10443] syzkaller0: entered promiscuous mode [ 271.082002][T10443] syzkaller0: entered allmulticast mode [ 271.332719][T10458] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1816'. [ 271.363582][T10458] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8 [ 271.574642][T10463] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1819'. [ 272.624341][T10490] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1829'. [ 272.634966][T10490] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8 [ 272.995298][T10499] netlink: 216 bytes leftover after parsing attributes in process `syz.2.1832'. [ 273.006732][T10499] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1832'. [ 274.423286][T10534] binder: 10533:10534 ioctl c0306201 0 returned -14 [ 274.434622][T10534] binder: 10533:10534 ioctl 4004af61 0 returned -22 [ 275.997703][T10513] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 276.351792][T10545] UHID_CREATE from different security context by process 860 (syz.2.1849), this is not allowed. [ 276.934899][T10562] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1857'. [ 276.953574][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 276.953627][ T29] audit: type=1326 audit(1777003805.505:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10559 comm="syz.4.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 276.976376][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 277.001758][ T24] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 277.040607][ T29] audit: type=1326 audit(1777003805.515:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10559 comm="syz.4.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 277.120582][ T29] audit: type=1326 audit(1777003805.535:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10559 comm="syz.4.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 277.183386][ T24] usb 2-1: unable to get BOS descriptor or descriptor too short [ 277.217275][ T29] audit: type=1326 audit(1777003805.535:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10559 comm="syz.4.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 277.241028][ T24] usb 2-1: not running at top speed; connect to a high speed hub [ 277.268791][ T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 277.289783][ T24] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 277.299384][ T29] audit: type=1326 audit(1777003805.535:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10559 comm="syz.4.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 277.344011][ T24] usb 2-1: New USB device found, idVendor=1235, idProduct=8213, bcdDevice= 0.40 [ 277.363533][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 277.376583][ T29] audit: type=1326 audit(1777003805.535:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10559 comm="syz.4.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 277.419361][ T24] usb 2-1: Product: syz [ 277.425582][ T24] usb 2-1: Manufacturer: syz [ 277.443202][ T24] usb 2-1: SerialNumber: syz [ 277.469464][T10567] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1859'. [ 277.481607][ T29] audit: type=1326 audit(1777003805.535:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10559 comm="syz.4.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 277.536968][ T24] usb 2-1: 0:1 : does not exist [ 277.549887][ T24] usb 2-1: unit 3 not found! [ 277.561764][ T29] audit: type=1326 audit(1777003805.535:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10559 comm="syz.4.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 277.589600][ T24] usb 2-1: unit 13 not found! [ 277.601076][T10565] syzkaller0: entered promiscuous mode [ 277.601623][ T24] usb 2-1: Focusrite Scarlett Gen 3 Mixer Driver enabled (pid=0x8213); report any issues to https://github.com/geoffreybennett/scarlett-gen2/issues [ 277.619635][T10565] syzkaller0: entered allmulticast mode [ 277.622153][ T29] audit: type=1326 audit(1777003805.535:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10559 comm="syz.4.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 277.651440][ T24] usb 2-1: Error initialising Scarlett Gen 3 Mixer Driver: -22 [ 277.706831][ T29] audit: type=1326 audit(1777003805.535:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10559 comm="syz.4.1856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 277.898914][ T24] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 277.980987][ T24] usb 2-1: USB disconnect, device number 5 [ 278.099351][ T6712] udevd[6712]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 279.411249][T10601] netlink: 'syz.1.1869': attribute type 16 has an invalid length. [ 279.419269][T10601] netlink: 'syz.1.1869': attribute type 17 has an invalid length. [ 281.392788][T10590] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 281.423713][T10590] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 281.440061][T10600] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1868'. [ 281.493316][T10601] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 281.537687][T10590] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 281.544812][T10590] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 281.557738][T10590] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 281.566410][T10590] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 281.575956][T10590] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 281.591733][T10590] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 282.456923][T10632] syzkaller0: entered promiscuous mode [ 282.468276][T10632] syzkaller0: entered allmulticast mode [ 282.503718][T10638] syzkaller0: entered promiscuous mode [ 282.510806][T10638] syzkaller0: entered allmulticast mode [ 283.430754][ T5850] Bluetooth: hci1: command 0x0406 tx timeout [ 283.573080][ T5850] Bluetooth: hci3: command 0x0406 tx timeout [ 283.573574][ T50] Bluetooth: hci2: command 0x0406 tx timeout [ 283.666888][ T50] Bluetooth: hci4: command 0x0406 tx timeout [ 283.731766][T10650] netlink: 'syz.1.1884': attribute type 3 has an invalid length. [ 283.778335][T10650] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1884'. [ 285.504776][ T50] Bluetooth: hci1: command 0x0406 tx timeout [ 285.653982][ T50] Bluetooth: hci3: command 0x0406 tx timeout [ 285.654038][ T5850] Bluetooth: hci2: command 0x0406 tx timeout [ 285.684438][T10647] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1883'. [ 285.730590][ T5850] Bluetooth: hci4: command 0x0406 tx timeout [ 286.546166][T10658] bond1: (slave macvlan1): Releasing active interface [ 286.738338][T10687] syzkaller0: entered promiscuous mode [ 286.747283][T10687] syzkaller0: entered allmulticast mode [ 287.440791][ T5948] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 287.628960][ T5948] usb 4-1: unable to get BOS descriptor or descriptor too short [ 287.661587][ T5948] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 287.690658][ T5948] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 287.723463][ T5948] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 287.783221][ T5948] usb 4-1: New USB device found, idVendor=0644, idProduct=8047, bcdDevice= 0.40 [ 287.803452][ T5948] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 287.823338][ T5948] usb 4-1: Product: syz [ 287.831131][ T5948] usb 4-1: Manufacturer: syz [ 287.841391][ T5948] usb 4-1: SerialNumber: syz [ 288.177600][ T5948] usb 4-1: 1:1 : sample bitwidth 62 in over sample bytes 4 [ 288.203950][ T5948] usb 4-1: 1:1 : unsupported format bits 0x19050606 [ 288.220569][ T5948] usb 4-1: parse_audio_format_rates_v2v3(): unable to find clock source (clock -22) [ 288.294810][ T5948] usb 4-1: failed to enable PITCH for EP 0x1 [ 288.314019][ T5948] usb 4-1: unit 2 not found! [ 288.319552][ T5948] usb 4-1: unit 0 not found! [ 288.768258][ T5948] usb 4-1: USB disconnect, device number 4 [ 288.883520][T10713] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1904'. [ 290.884828][T10691] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1897'. [ 292.084886][T10750] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1919'. [ 292.731269][T10761] syzkaller0: entered promiscuous mode [ 292.760582][T10761] syzkaller0: entered allmulticast mode [ 293.010676][ T5911] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 293.194759][ T5911] usb 1-1: config 2 has an invalid interface number: 79 but max is 0 [ 293.213011][ T5911] usb 1-1: config 2 has no interface number 0 [ 293.232664][ T5911] usb 1-1: config 2 interface 79 altsetting 13 bulk endpoint 0x1 has invalid maxpacket 64 [ 293.244315][ T5911] usb 1-1: config 2 interface 79 altsetting 13 bulk endpoint 0x82 has invalid maxpacket 1023 [ 293.255150][ T5911] usb 1-1: config 2 interface 79 has no altsetting 0 [ 293.264654][ T5911] usb 1-1: New USB device found, idVendor=0ab4, idProduct=0011, bcdDevice=ca.fb [ 293.274239][ T5911] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.282764][ T5911] usb 1-1: Product: syz [ 293.297040][ T5911] usb 1-1: Manufacturer: syz [ 293.302302][ T5911] usb 1-1: SerialNumber: syz [ 293.333112][T10768] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 293.357599][T10768] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 293.616373][ T5911] esd_usb 1-1:2.79: sending version message failed [ 293.648180][ T5911] esd_usb 1-1:2.79: probe with driver esd_usb failed with error -71 [ 293.695193][ T5911] usb 1-1: USB disconnect, device number 3 [ 293.747050][T10781] netlink: 43 bytes leftover after parsing attributes in process `syz.1.1931'. [ 294.150750][ T5911] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 294.312523][ T5911] usb 1-1: config 2 has an invalid interface number: 79 but max is 0 [ 294.330509][ T5911] usb 1-1: config 2 has no interface number 0 [ 294.336704][ T5911] usb 1-1: config 2 interface 79 altsetting 13 bulk endpoint 0x1 has invalid maxpacket 64 [ 294.360472][ T5911] usb 1-1: config 2 interface 79 altsetting 13 bulk endpoint 0x82 has invalid maxpacket 1023 [ 294.380529][ T5911] usb 1-1: config 2 interface 79 has no altsetting 0 [ 294.391663][ T5911] usb 1-1: New USB device found, idVendor=0ab4, idProduct=0011, bcdDevice=ca.fb [ 294.400986][ T5911] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.409039][ T5911] usb 1-1: Product: syz [ 294.413838][ T5911] usb 1-1: Manufacturer: syz [ 294.418477][ T5911] usb 1-1: SerialNumber: syz [ 294.454235][T10768] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 294.463285][T10768] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 294.725019][ T5911] esd_usb 1-1:2.79: sending version message failed [ 294.748760][ T5911] esd_usb 1-1:2.79: probe with driver esd_usb failed with error -71 [ 294.813609][ T5911] usb 1-1: USB disconnect, device number 4 [ 298.821072][T10834] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 299.145685][T10837] syzkaller0: entered promiscuous mode [ 299.151967][T10837] syzkaller0: entered allmulticast mode [ 299.591739][ T5911] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 299.773062][ T5911] usb 3-1: Using ep0 maxpacket: 32 [ 299.780708][ T5911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 299.808792][ T5911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 299.830264][ T5911] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 299.856318][ T5911] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.897997][ T5911] usb 3-1: config 0 descriptor?? [ 300.328690][ T5911] hid_parser_main: 45 callbacks suppressed [ 300.328713][ T5911] savu 0003:1E7D:2D5A.0005: unknown main item tag 0x0 [ 300.353755][ T5911] savu 0003:1E7D:2D5A.0005: unknown main item tag 0x0 [ 300.361517][ T5911] savu 0003:1E7D:2D5A.0005: unknown main item tag 0x0 [ 300.381297][ T5911] savu 0003:1E7D:2D5A.0005: unknown main item tag 0x0 [ 300.388231][ T5911] savu 0003:1E7D:2D5A.0005: unknown main item tag 0x0 [ 300.406519][ T5911] savu 0003:1E7D:2D5A.0005: unbalanced collection at end of report description [ 300.416358][ T5911] savu 0003:1E7D:2D5A.0005: parse failed [ 300.422975][ T24] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 300.441336][ T5911] savu 0003:1E7D:2D5A.0005: probe with driver savu failed with error -22 [ 300.568245][ T807] usb 3-1: USB disconnect, device number 3 [ 300.618377][ T24] usb 1-1: unable to get BOS descriptor or descriptor too short [ 300.628343][ T24] usb 1-1: not running at top speed; connect to a high speed hub [ 300.648862][ T24] usb 1-1: config 64 has an invalid interface number: 72 but max is 0 [ 300.668202][ T24] usb 1-1: config 64 has no interface number 0 [ 300.674908][ T24] usb 1-1: config 64 interface 72 altsetting 2 has an endpoint descriptor with address 0xF6, changing to 0x86 [ 300.698076][ T24] usb 1-1: config 64 interface 72 altsetting 2 endpoint 0x86 has invalid maxpacket 1024, setting to 64 [ 300.721538][ T24] usb 1-1: config 64 interface 72 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0 [ 300.731967][ T24] usb 1-1: config 64 interface 72 has no altsetting 0 [ 300.767639][ T24] usb 1-1: New USB device found, idVendor=0763, idProduct=1011, bcdDevice=fc.11 [ 300.779325][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.798077][ T24] usb 1-1: Product: syz [ 300.802560][ T24] usb 1-1: Manufacturer: syz [ 300.807305][ T24] usb 1-1: SerialNumber: syz [ 301.058601][ T24] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 301.346738][ T24] usb 1-1: USB disconnect, device number 5 [ 301.425884][T10268] udevd[10268]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:64.72/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 303.026641][T10870] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1960'. [ 305.075797][T10918] syzkaller0: entered promiscuous mode [ 305.105436][T10918] syzkaller0: entered allmulticast mode [ 305.191588][T10916] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 305.564533][T10922] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 310.455994][T10966] syzkaller0: entered promiscuous mode [ 310.471846][T10966] syzkaller0: entered allmulticast mode [ 312.053142][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 312.298817][T10994] syzkaller0: entered promiscuous mode [ 312.318288][T10994] syzkaller0: entered allmulticast mode [ 312.833801][T11004] syzkaller0: entered promiscuous mode [ 312.855831][T11004] syzkaller0: entered allmulticast mode [ 313.360819][ T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 313.524009][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 313.524679][T11026] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2016'. [ 313.578544][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 313.620999][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 313.657163][ T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 313.676834][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 313.708279][ T24] usb 5-1: config 0 descriptor?? [ 313.849510][T11031] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 313.952091][T11013] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2009'. [ 316.381149][ T5911] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 316.447451][T11060] netlink: 'syz.1.2023': attribute type 2 has an invalid length. [ 316.465656][ T24] usbhid 5-1:0.0: can't add hid device: -71 [ 316.485324][ T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 316.535938][ T24] usb 5-1: USB disconnect, device number 3 [ 316.552435][ T5911] usb 4-1: Using ep0 maxpacket: 8 [ 316.573130][ T5911] usb 4-1: config 0 has an invalid interface number: 55 but max is 0 [ 316.600486][ T5911] usb 4-1: config 0 has no interface number 0 [ 316.619671][ T5911] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 316.641854][ T5911] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 316.671096][ T5911] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 316.692784][ T5911] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 316.716239][ T5911] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 316.732040][ T5911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.757339][ T5911] usb 4-1: config 0 descriptor?? [ 316.832872][ T5911] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 317.029990][ T5911] usb 4-1: USB disconnect, device number 5 [ 317.065107][ T5911] ldusb 4-1:0.55: LD USB Device #0 now disconnected [ 317.177603][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.184892][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.299110][T11069] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2029'. [ 317.752689][ T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 317.933774][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 317.973031][ T9] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 318.006595][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.057176][ T9] usb 3-1: config 0 descriptor?? [ 318.315568][ T9] usbhid 3-1:0.0: can't add hid device: -71 [ 318.337849][ T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 318.379210][ T9] usb 3-1: USB disconnect, device number 4 [ 318.840629][ T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 319.012934][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 319.050744][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 319.094615][ T9] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 319.119163][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 319.173235][ T9] usb 3-1: config 0 descriptor?? [ 319.208027][ T9] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 319.278522][ T9] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 321.160584][ T5911] usb 3-1: USB disconnect, device number 5 [ 321.213516][ T5911] ldusb 3-1:0.0: LD USB Device #0 now disconnected [ 321.592922][ T5911] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 321.789529][ T5911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 321.836860][ T5911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 321.876456][ T5911] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 321.904269][ T5911] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.943585][ T5911] usb 3-1: config 0 descriptor?? [ 322.455836][ T5911] elan 0003:04F3:0755.0006: unknown main item tag 0x0 [ 322.479994][ T5911] elan 0003:04F3:0755.0006: unknown main item tag 0x0 [ 322.507454][ T5911] elan 0003:04F3:0755.0006: unknown main item tag 0x0 [ 322.537068][ T5911] elan 0003:04F3:0755.0006: unknown main item tag 0x0 [ 322.551645][T11153] syzkaller0: entered promiscuous mode [ 322.561068][ T5911] elan 0003:04F3:0755.0006: unknown main item tag 0x0 [ 322.575762][ T5911] elan 0003:04F3:0755.0006: failed to start in urb: -90 [ 322.583562][T11153] syzkaller0: entered allmulticast mode [ 322.620589][ T5911] elan 0003:04F3:0755.0006: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.2-1/input0 [ 322.687070][ T5911] usb 3-1: USB disconnect, device number 6 [ 322.822157][T11156] fido_id[11156]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 325.646941][T11191] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2072'. [ 326.048993][T11195] syzkaller0: entered promiscuous mode [ 326.080612][T11195] syzkaller0: entered allmulticast mode [ 326.464155][T11201] netlink: 'syz.0.2071': attribute type 2 has an invalid length. [ 326.774685][T11208] syzkaller0: entered promiscuous mode [ 326.790904][T11208] syzkaller0: entered allmulticast mode [ 328.240141][T11229] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2084'. [ 328.599465][T11233] syzkaller0: entered promiscuous mode [ 328.632225][T11233] syzkaller0: entered allmulticast mode [ 329.407318][T11248] syzkaller0: entered promiscuous mode [ 329.426184][T11248] syzkaller0: entered allmulticast mode [ 330.509302][T11271] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2098'. [ 331.878639][T11288] syzkaller0: entered promiscuous mode [ 331.902523][T11288] syzkaller0: entered allmulticast mode [ 331.929664][T11290] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2106'. [ 332.244318][T11290] syzkaller0: entered promiscuous mode [ 332.258203][T11290] syzkaller0: entered allmulticast mode [ 332.646829][T11305] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2111'. [ 333.538827][T11321] xt_hashlimit: size too large, truncated to 1048576 [ 333.983651][T11332] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2122'. [ 334.030550][ T5839] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 334.201460][ T5839] usb 4-1: Using ep0 maxpacket: 16 [ 334.223877][ T5839] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 334.238688][ T5839] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 334.261261][ T5839] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 334.279980][ T5839] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 334.298522][ T5839] usb 4-1: Product: syz [ 334.310553][ T5839] usb 4-1: Manufacturer: syz [ 334.320352][ T5839] usb 4-1: SerialNumber: syz [ 334.344027][ T5839] usb 4-1: config 0 descriptor?? [ 334.374494][ T5839] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 334.384501][ T5839] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class) [ 334.411640][T11342] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 334.418589][T11342] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 334.424917][ T5911] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 334.434075][T11342] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 334.441539][T11342] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 334.451865][ T9] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 334.595765][ T5911] usb 3-1: config 1 interface 0 altsetting 13 endpoint 0x2 has an invalid bInterval 32, changing to 9 [ 334.607124][ T5911] usb 3-1: config 1 interface 0 has no altsetting 0 [ 334.623792][ T5911] usb 3-1: string descriptor 0 read error: -22 [ 334.648435][ T5911] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 334.651218][ T9] usb 5-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=49.83 [ 334.658966][ T5911] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 334.677377][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 334.694427][ T9] usb 5-1: Product: syz [ 334.706607][ T9] usb 5-1: Manufacturer: syz [ 334.713326][ T9] usb 5-1: SerialNumber: syz [ 334.726706][ T9] usb 5-1: config 0 descriptor?? [ 334.745511][ T9] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 334.953689][ T9] gspca_m5602: Failed to find a sensor [ 334.961426][ T9] ALi m5602 5-1:0.0: ALi m5602 webcam failed [ 334.972210][ T9] usb 5-1: USB disconnect, device number 4 [ 334.982424][ T5839] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 334.998447][ T5839] em28xx 4-1:0.0: Config register raw data: 0xfffffffb [ 335.106924][T11337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 335.116658][T11337] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 335.130285][ T5911] keytouch 0003:0926:3333.0007: fixing up Keytouch IEC report descriptor [ 335.169044][ T5911] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/0003:0926:3333.0007/input/input7 [ 335.273086][ T1765] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 335.347303][ T5911] keytouch 0003:0926:3333.0007: input,hidraw0: USB HID v0.05 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 335.388993][ T5911] usb 3-1: USB disconnect, device number 7 [ 335.418027][T11330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 335.456917][T11330] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 335.468189][ T1765] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 335.497349][ T1765] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 335.501032][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 335.513401][ T1765] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 335.532444][ T1765] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 335.563776][ T1765] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 335.582951][T11356] fido_id[11356]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 335.597859][ T1765] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.612685][ T1765] usb 2-1: config 0 descriptor?? [ 335.696680][ T5839] em28xx 4-1:0.0: Unknown AC97 audio processor detected! [ 335.705332][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 2 [ 335.710910][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 335.715004][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 4 [ 335.724855][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 6 [ 335.730741][ T9] usb 5-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=49.83 [ 335.741405][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 54 [ 335.741954][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 335.749490][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 56 [ 335.758755][ T9] usb 5-1: Product: syz [ 335.768762][ T9] usb 5-1: Manufacturer: syz [ 335.774397][ T9] usb 5-1: SerialNumber: syz [ 335.784279][ T9] usb 5-1: config 0 descriptor?? [ 335.797000][ T9] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 335.978390][T11359] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2134'. [ 336.067015][ T1765] plantronics 0003:047F:FFFF.0008: ignoring exceeding usage max [ 336.107711][ T1765] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 336.215094][T11362] plantronics 0003:047F:FFFF.0008: pid 11362 passed too short report [ 336.383531][T11330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 336.401311][T11330] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 336.415780][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 20 [ 336.431274][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 16 [ 336.442857][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 12 [ 336.450637][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 14 [ 336.461788][ T5850] Bluetooth: hci4: command 0x0406 tx timeout [ 336.461813][ T50] Bluetooth: hci3: command 0x0406 tx timeout [ 336.461844][ T50] Bluetooth: hci2: command 0x0406 tx timeout [ 336.461868][ T50] Bluetooth: hci1: command 0x0406 tx timeout [ 336.461978][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 18 [ 336.496192][T11371] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 336.507727][T11371] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 336.522142][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 22 [ 336.535422][ T5839] em28xx 4-1:0.0: couldn't setup AC97 register 24 [ 336.551652][ T5839] em28xx 4-1:0.0: Binding audio extension [ 336.559661][ T5839] em28xx 4-1:0.0: em28xx-audio.c: Copyright (C) 2006 Markus Rechberger [ 336.568574][ T5839] em28xx 4-1:0.0: em28xx-audio.c: Copyright (C) 2007-2016 Mauro Carvalho Chehab [ 336.596774][ T5839] em28xx 4-1:0.0: alt 0 doesn't exist on interface 7 [ 336.629895][ T5839] usb 4-1: USB disconnect, device number 6 [ 336.637597][ T5839] em28xx 4-1:0.0: Disconnecting em28xx [ 336.643513][ T5839] em28xx 4-1:0.0: Closing audio extension [ 336.684774][ T5839] em28xx 4-1:0.0: Freeing device [ 337.020519][ T1765] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 337.173706][ T1765] usb 3-1: Using ep0 maxpacket: 32 [ 337.189620][T11371] usb 2-1: string descriptor 0 read error: -71 [ 337.214633][ T1765] usb 3-1: config 139 has an invalid interface number: 49 but max is 0 [ 337.240589][ T1765] usb 3-1: config 139 has no interface number 0 [ 337.265223][ T1765] usb 3-1: config 139 interface 49 has no altsetting 0 [ 337.294579][ T1765] usb 3-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=72.75 [ 337.320597][ T1765] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 337.349243][ T1765] usb 3-1: Product: syz [ 337.365867][ T1765] usb 3-1: Manufacturer: syz [ 337.383660][ T1765] usb 3-1: SerialNumber: syz [ 337.823602][T11375] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 337.868320][T11375] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 337.904699][T11385] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2145'. [ 337.914254][ T1765] radio-usb-si4713 3-1:139.49: Si4713 development board discovered: (10C4:8244) [ 338.011918][ T5948] usb 2-1: USB disconnect, device number 6 [ 338.310596][ T5839] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 338.339854][ T1765] radio-usb-si4713 3-1:139.49: probe with driver radio-usb-si4713 failed with error -71 [ 338.360977][ T1765] usbhid 3-1:139.49: couldn't find an input interrupt endpoint [ 338.379227][ T1765] usb 3-1: USB disconnect, device number 8 [ 338.483437][ T5839] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 338.493818][ T5839] usb 4-1: config 0 has no interfaces? [ 338.499378][ T5839] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 338.509124][ T5839] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.521999][ T5839] usb 4-1: config 0 descriptor?? [ 338.654464][ T9] gspca_m5602: Failed to find a sensor [ 338.669758][ T9] ALi m5602 5-1:0.0: ALi m5602 webcam failed [ 338.683257][ T9] usb 5-1: USB disconnect, device number 5 [ 339.230810][ T5839] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 339.351459][ T1765] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 339.392566][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 339.403612][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.413588][ T5839] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 339.427885][ T5839] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 339.437136][ T5839] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.449482][ T5839] usb 2-1: config 0 descriptor?? [ 339.480544][ T24] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 339.503196][ T1765] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 339.514465][ T1765] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.524751][ T1765] usb 3-1: config 0 interface 0 has no altsetting 0 [ 339.531618][ T1765] usb 3-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00 [ 339.540899][ T1765] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.556202][ T1765] usb 3-1: config 0 descriptor?? [ 339.653436][ T24] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 339.680361][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 339.697309][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 339.707195][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 339.720306][ T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 339.729535][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.744730][ T24] usb 5-1: config 0 descriptor?? [ 339.818281][T11412] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2156'. [ 339.893005][ T5839] plantronics 0003:047F:FFFF.0009: reserved main item tag 0xd [ 339.931775][ T5839] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 340.006331][ T1765] hid-steam 0003:28DE:1102.000A: unknown main item tag 0x0 [ 340.029607][ T1765] hid-steam 0003:28DE:1102.000A: unknown main item tag 0x0 [ 340.048570][ T1765] hid-steam 0003:28DE:1102.000A: : USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.2-1/input0 [ 340.140974][ T1765] hid-steam 0003:28DE:1102.000A: Steam Controller 'XXXXXXXXXX' connected [ 340.164848][ T1765] input: Steam Controller as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:28DE:1102.000A/input/input9 [ 340.180525][ T24] plantronics 0003:047F:FFFF.000B: ignoring exceeding usage max [ 340.194751][ T5839] usb 2-1: USB disconnect, device number 7 [ 340.327929][ T24] plantronics 0003:047F:FFFF.000B: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 340.347916][ T1765] hid-steam 0003:28DE:1102.000C: unknown main item tag 0x0 [ 340.357918][ T1765] hid-steam 0003:28DE:1102.000C: unknown main item tag 0x0 [ 340.389203][T11405] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 340.427466][T11405] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 340.474708][T11405] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 340.500987][T11405] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 340.536610][T11405] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 340.547853][ T1765] hid-steam 0003:28DE:1102.000C: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.2-1/input0 [ 340.588852][T11405] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 340.637595][ T1765] usb 3-1: USB disconnect, device number 9 [ 340.708528][T11423] fido_id[11423]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 340.768005][ T1765] hid-steam 0003:28DE:1102.000A: Steam Controller 'XXXXXXXXXX' disconnected [ 340.855331][ T24] usb 5-1: USB disconnect, device number 6 [ 340.970673][ T46] usb 4-1: USB disconnect, device number 7 [ 341.130506][ T5839] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 341.270624][ T1765] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 341.291433][ T5839] usb 2-1: Using ep0 maxpacket: 16 [ 341.303628][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 341.319663][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 341.337937][T11437] syzkaller0: entered promiscuous mode [ 341.344281][ T5839] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 341.358126][T11437] syzkaller0: entered allmulticast mode [ 341.363874][ T5839] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 341.374436][ T5839] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.388246][ T5839] usb 2-1: config 0 descriptor?? [ 341.432513][ T1765] usb 3-1: Using ep0 maxpacket: 8 [ 341.465370][ T1765] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 341.488804][ T1765] usb 3-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 341.510959][ T1765] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 341.523710][ T1765] usb 3-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 341.535964][ T1765] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 341.554558][ T1765] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 341.578066][ T1765] usb 3-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 341.616172][ T1765] usb 3-1: config 168 interface 0 has no altsetting 0 [ 341.637095][ T1765] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 341.645279][ T1765] usb 3-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 341.682677][ T1765] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 341.708735][ T1765] usb 3-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 341.733072][ T1765] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 341.744774][ T1765] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 341.761802][ T1765] usb 3-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 341.778346][ T1765] usb 3-1: config 168 interface 0 has no altsetting 0 [ 341.792930][ T1765] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 341.801067][ T1765] usb 3-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 341.820988][ T1765] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 341.836414][ T5839] microsoft 0003:045E:07DA.000D: unknown main item tag 0x0 [ 341.854779][ T5839] microsoft 0003:045E:07DA.000D: unknown main item tag 0x0 [ 341.863500][ T1765] usb 3-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 341.875994][ T5839] microsoft 0003:045E:07DA.000D: unknown main item tag 0x0 [ 341.883514][ T5839] microsoft 0003:045E:07DA.000D: unknown main item tag 0x0 [ 341.893673][ T1765] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 341.910510][ T5839] microsoft 0003:045E:07DA.000D: unknown main item tag 0x0 [ 341.928057][ T1765] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 341.948525][ T5839] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.000D/input/input10 [ 341.971155][ T1765] usb 3-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 341.988717][ T1765] usb 3-1: config 168 interface 0 has no altsetting 0 [ 341.998986][ T1765] usb 3-1: string descriptor 0 read error: -22 [ 342.005716][ T1765] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 342.025612][ T1765] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.067236][ T5839] microsoft 0003:045E:07DA.000D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 342.097092][ T1765] adutux 3-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 342.128073][ T5839] usb 2-1: USB disconnect, device number 8 [ 342.258277][T11455] fido_id[11455]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 342.639426][T11456] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 342.666428][T11456] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 342.707778][T11456] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 342.736766][T11456] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 343.191836][T11456] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 343.208868][T11456] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 343.220060][ T5839] usb 3-1: USB disconnect, device number 10 [ 344.784522][ T10] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 344.982372][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 344.995644][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 345.006958][ T10] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 345.018031][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 345.040120][ T10] usb 5-1: config 0 descriptor?? [ 345.483226][ T10] usbhid 5-1:0.0: can't add hid device: -71 [ 345.497247][ T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 345.520111][ T10] usb 5-1: USB disconnect, device number 7 [ 346.484569][T11503] syzkaller0: entered promiscuous mode [ 346.497362][T11503] syzkaller0: entered allmulticast mode [ 346.617457][T11509] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2195'. [ 347.160564][ T5839] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 347.342592][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 347.361305][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 347.371417][ T5839] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 347.380650][ T5839] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 347.406678][ T5839] usb 3-1: config 0 descriptor?? [ 347.424269][ T1765] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 347.600581][ T1765] usb 5-1: Using ep0 maxpacket: 8 [ 347.611713][ T1765] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 347.627180][ T1765] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 347.657673][ T1765] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 347.693802][ T1765] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 347.729375][ T1765] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 347.762919][ T1765] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 347.783783][ T1765] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 347.855285][ T5839] usbhid 3-1:0.0: can't add hid device: -71 [ 347.890638][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 347.918055][ T5839] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 347.987207][ T5839] usb 3-1: USB disconnect, device number 11 [ 348.364451][T11549] netlink: 'syz.1.2212': attribute type 10 has an invalid length. [ 348.711652][T11564] usbtmc 5-1:16.0: simple usb_control_msg failed -32 [ 348.727019][ T1765] usb 5-1: USB disconnect, device number 8 [ 348.900274][T11549] team0: Device wg1 is of different type [ 349.366887][T11569] netlink: 1047 bytes leftover after parsing attributes in process `syz.1.2218'. [ 351.532330][T11627] syzkaller0: entered promiscuous mode [ 351.578805][T11627] syzkaller0: entered allmulticast mode [ 353.652470][T11681] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2268'. [ 354.161442][T11694] netlink: 1688 bytes leftover after parsing attributes in process `syz.0.2273'. [ 354.206913][T11692] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 354.530124][T11703] gretap1: entered promiscuous mode [ 354.985680][T11712] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2282'. [ 355.778705][T11732] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2292'. [ 355.863554][T11735] netlink: 'syz.1.2293': attribute type 72 has an invalid length. [ 355.915887][T11734] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 356.027652][T11736] gretap1: entered promiscuous mode [ 358.100246][T11778] netlink: 'syz.2.2311': attribute type 72 has an invalid length. [ 358.156723][T11777] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 358.728252][T11790] syzkaller0: entered promiscuous mode [ 358.757784][T11790] syzkaller0: entered allmulticast mode [ 359.236344][ T5839] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 359.440429][ T5839] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 359.513765][ T5839] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 359.575896][ T5839] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 359.631636][ T5839] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.694229][ T5839] usb 4-1: config 0 descriptor?? [ 360.097163][T11815] netlink: 'syz.0.2328': attribute type 72 has an invalid length. [ 360.155387][T11814] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 360.452778][T11824] tap0: tun_chr_ioctl cmd 21731 [ 360.701014][T11834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 360.722536][T11834] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 360.776887][T11832] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2336'. [ 360.808620][T11833] syz_tun: entered allmulticast mode [ 360.827167][T11829] syz_tun: left allmulticast mode [ 360.849628][T11835] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2336'. [ 360.900133][T11837] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2336'. [ 362.049757][T11863] tipc: Enabled bearer , priority 0 [ 362.098600][T11863] syzkaller0: entered promiscuous mode [ 362.135083][T11863] syzkaller0: entered allmulticast mode [ 362.195036][T11863] tipc: Resetting bearer [ 362.249598][T11862] tipc: Resetting bearer [ 362.934718][T11862] tipc: Disabling bearer [ 362.954175][ T5839] usb 4-1: USB disconnect, device number 8 [ 363.067208][T11869] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2351'. [ 363.129129][T11871] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2351'. [ 363.412176][T11883] netlink: 'syz.2.2357': attribute type 1 has an invalid length. [ 363.911175][T11896] syzkaller0: entered promiscuous mode [ 363.944669][T11896] syzkaller0: entered allmulticast mode [ 364.180406][ C0] sched: DL replenish lagged too much [ 364.359677][T11908] x_tables: duplicate underflow at hook 1 [ 364.574925][T11912] netlink: 'syz.0.2370': attribute type 8 has an invalid length. [ 364.631496][T11912] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2370'. [ 365.262852][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 365.262869][ T29] audit: type=1326 audit(1777003893.825:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11927 comm="syz.3.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 365.302145][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 365.377060][ T29] audit: type=1326 audit(1777003893.825:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11927 comm="syz.3.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 365.457953][ T29] audit: type=1326 audit(1777003893.855:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11927 comm="syz.3.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 365.535449][ T29] audit: type=1326 audit(1777003893.855:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11927 comm="syz.3.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 365.644601][T11912] erspan0: entered promiscuous mode [ 365.652901][ T29] audit: type=1326 audit(1777003893.855:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11927 comm="syz.3.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 365.706168][T11912] gretap0: entered promiscuous mode [ 365.740028][T11912] hsr1: entered promiscuous mode [ 365.764500][ T29] audit: type=1326 audit(1777003893.855:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11927 comm="syz.3.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 365.864204][ T29] audit: type=1326 audit(1777003893.855:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11927 comm="syz.3.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 365.958473][T11921] tipc: Enabling of bearer rejected, failed to enable media [ 366.018494][ T29] audit: type=1326 audit(1777003893.855:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11927 comm="syz.3.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 366.179521][ T29] audit: type=1326 audit(1777003893.855:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11927 comm="syz.3.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 366.215307][T11934] faux_driver vgem: [drm] Unknown color mode 127; guessing buffer size. [ 366.342423][ T29] audit: type=1326 audit(1777003893.855:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11927 comm="syz.3.2374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fa0db79cdd9 code=0x7ffc0000 [ 368.370639][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 369.475567][T11994] tipc: Enabling of bearer rejected, failed to enable media [ 370.135769][T12009] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2409'. [ 371.081122][T12034] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2420'. [ 371.090817][T12033] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 371.098075][T12033] IPv6: NLM_F_CREATE should be set when creating new route [ 371.105606][T12033] IPv6: NLM_F_CREATE should be set when creating new route [ 372.673653][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 372.673677][ T29] audit: type=1326 audit(1777003901.235:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12061 comm="syz.4.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 372.911362][ T29] audit: type=1326 audit(1777003901.235:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12061 comm="syz.4.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 373.132224][ T29] audit: type=1326 audit(1777003901.275:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12061 comm="syz.4.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 373.292321][ T29] audit: type=1326 audit(1777003901.275:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12061 comm="syz.4.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 373.478096][ T29] audit: type=1326 audit(1777003901.275:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12061 comm="syz.4.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 373.661353][ T29] audit: type=1326 audit(1777003901.275:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12061 comm="syz.4.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 373.849648][ T29] audit: type=1326 audit(1777003901.275:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12061 comm="syz.4.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 374.054878][ T29] audit: type=1326 audit(1777003901.275:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12061 comm="syz.4.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f2beff9cdd9 code=0x7ffc0000 [ 374.784240][T12097] syzkaller0: entered promiscuous mode [ 374.836639][T12097] syzkaller0: entered allmulticast mode [ 377.164555][T12148] capability: warning: `syz.0.2471' uses deprecated v2 capabilities in a way that may be insecure [ 377.657486][T12157] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2477'. [ 377.735050][T12157] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2477'. [ 378.568048][T12177] netlink: 'syz.0.2486': attribute type 1 has an invalid length. [ 378.635013][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.646856][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.886222][T12177] 8021q: adding VLAN 0 to HW filter on device bond2 [ 379.086676][T12184] bond2: (slave ip6erspan0): making interface the new active one [ 379.142895][T12184] bond2: (slave ip6erspan0): Enslaving as an active interface with an up link [ 379.220142][T12193] tipc: Enabled bearer , priority 0 [ 379.269291][T12196] syzkaller0: entered promiscuous mode [ 379.295860][T12196] syzkaller0: entered allmulticast mode [ 379.445989][T12189] tipc: Resetting bearer [ 379.508431][T12187] tipc: Resetting bearer [ 379.655561][T12187] tipc: Disabling bearer [ 380.950031][T12229] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2508'. [ 381.048488][T12229] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 381.289265][T12235] tipc: Enabling of bearer rejected, failed to enable media [ 382.764103][ T46] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 383.036416][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 383.147832][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 383.260074][ T46] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 383.296540][T12278] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2531'. [ 383.359121][ T46] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 383.427298][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.522323][ T46] usb 2-1: config 0 descriptor?? [ 384.003625][ T46] usbhid 2-1:0.0: can't add hid device: -71 [ 384.051004][ T46] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 384.153790][ T46] usb 2-1: USB disconnect, device number 9 [ 384.234825][T12289] tipc: Enabled bearer , priority 0 [ 384.332385][T12293] syzkaller0: entered promiscuous mode [ 384.364091][T12293] syzkaller0: entered allmulticast mode [ 384.519221][T12293] tipc: Resetting bearer [ 384.586629][T12287] tipc: Resetting bearer [ 384.717758][T12299] program syz.4.2540 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 384.764849][T12287] tipc: Disabling bearer [ 385.977746][T12331] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2553'. [ 386.766417][ T1765] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 387.147776][ T1765] hid-generic 0000:0000:0000.000E: hidraw0: HID v0.00 Device [syz1] on syz0 [ 388.226744][T12360] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.2565'. [ 389.031406][T12373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2571'. [ 389.092258][T12373] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0) [ 391.509099][T12418] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2588'. [ 392.176623][T12427] syzkaller0: entered promiscuous mode [ 392.218949][T12427] syzkaller0: entered allmulticast mode [ 393.020001][T12445] tipc: Enabled bearer , priority 10 [ 393.970910][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 396.426564][ T29] audit: type=1326 audit(1777003924.985:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 396.555107][ T29] audit: type=1326 audit(1777003925.015:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 396.706514][ T29] audit: type=1326 audit(1777003925.025:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 396.853265][ T29] audit: type=1326 audit(1777003925.025:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 396.997800][ T29] audit: type=1326 audit(1777003925.025:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 397.151398][ T29] audit: type=1326 audit(1777003925.025:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 397.294944][ T29] audit: type=1326 audit(1777003925.035:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 399.093023][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 404.222145][ C0] ip6_tunnel: ip6gre3 xmit: Local address not yet configured! [ 431.085961][ T29] audit: type=1326 audit(1777003925.035:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 440.990622][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 442.686278][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 448.802629][ T29] audit: type=1326 audit(1777003925.035:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 455.415932][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 470.664470][ T29] audit: type=1326 audit(1777003925.035:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 492.034091][ T29] audit: type=1326 audit(1777003925.035:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 509.452968][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 509.466846][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 517.678289][ T29] audit: type=1326 audit(1777003925.045:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fb47439cdd9 code=0x7ffc0000 [ 564.111749][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 564.125743][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.175444][ C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 603.891954][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 626.074837][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 628.290268][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 628.297263][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P137/1:b..l P5860/1:b..l [ 628.306697][ C0] rcu: (detected by 0, t=10503 jiffies, g=73873, q=490 ncpus=2) [ 628.314444][ C0] task:syz-executor state:R running task stack:20832 pid:5860 tgid:5860 ppid:5834 task_flags:0x400140 flags:0x00080000 [ 628.329123][ C0] Call Trace: [ 628.332422][ C0] [ 628.335371][ C0] __schedule+0x17b4/0x5680 [ 628.339950][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 628.344914][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 628.349884][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 628.354844][ C0] ? __pfx___schedule+0x10/0x10 [ 628.359718][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 628.364699][ C0] preempt_schedule_irq+0x4d/0xa0 [ 628.369745][ C0] irqentry_exit+0x14f/0x730 [ 628.374360][ C0] ? trace_irq_disable+0x3b/0x140 [ 628.379500][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 628.385516][ C0] RIP: 0010:rcu_is_watching+0x67/0xb0 [ 628.390961][ C0] Code: 89 f7 e8 ec 17 86 00 48 c7 c3 d8 f9 41 93 49 03 1e 48 89 d8 48 c1 e8 03 42 0f b6 04 38 84 c0 75 34 8b 03 65 ff 0d d9 cb 95 11 <74> 11 83 e0 04 c1 e8 02 5b 41 5e 41 5f c3 cc cc cc cc cc e8 01 d7 [ 628.411023][ C0] RSP: 0018:ffffc900042d6f98 EFLAGS: 00000286 [ 628.417113][ C0] RAX: 00000000000a09e4 RBX: ffff8880b87339d8 RCX: 0000000080000001 [ 628.425102][ C0] RDX: 00000000754f167e RSI: ffffffff8c289f40 RDI: ffffffff8c289f00 [ 628.433094][ C0] RBP: dffffc0000000000 R08: ffffffff81771256 R09: ffffffff8e95cce0 [ 628.441082][ C0] R10: ffffc900042d70d8 R11: ffffffff81b105c0 R12: ffffc900042d70c0 [ 628.449069][ C0] R13: 1ffff9200085ae11 R14: ffffffff8e29a798 R15: dffffc0000000000 [ 628.457070][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 628.463260][ C0] ? unwind_next_frame+0xa6/0x2550 [ 628.468456][ C0] ? rcu_is_watching+0x15/0xb0 [ 628.473249][ C0] ? tomoyo_encode+0x28b/0x550 [ 628.478035][ C0] ? unwind_next_frame+0xa6/0x2550 [ 628.483172][ C0] unwind_next_frame+0xd5/0x2550 [ 628.488135][ C0] ? unwind_next_frame+0xa6/0x2550 [ 628.493263][ C0] ? __kmalloc_noprof+0x316/0x760 [ 628.498313][ C0] ? tomoyo_encode+0x28b/0x550 [ 628.503096][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 628.509363][ C0] arch_stack_walk+0x11b/0x150 [ 628.514155][ C0] ? tomoyo_encode+0x28b/0x550 [ 628.518941][ C0] stack_trace_save+0xa9/0x100 [ 628.523722][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 628.529130][ C0] save_stack+0x122/0x230 [ 628.533478][ C0] ? __pfx_save_stack+0x10/0x10 [ 628.538344][ C0] ? __free_frozen_pages+0xbc7/0xd30 [ 628.543645][ C0] ? __slab_free+0x274/0x2c0 [ 628.548336][ C0] ? qlist_free_all+0x99/0x100 [ 628.553110][ C0] ? kasan_quarantine_reduce+0x148/0x160 [ 628.558767][ C0] ? __kasan_slab_alloc+0x22/0x80 [ 628.563820][ C0] ? __kmalloc_noprof+0x316/0x760 [ 628.568867][ C0] ? tomoyo_encode+0x28b/0x550 [ 628.573700][ C0] ? page_ext_put+0x97/0xc0 [ 628.578316][ C0] __reset_page_owner+0x71/0x1f0 [ 628.583464][ C0] __free_frozen_pages+0xbc7/0xd30 [ 628.589068][ C0] __slab_free+0x274/0x2c0 [ 628.593530][ C0] qlist_free_all+0x99/0x100 [ 628.598417][ C0] kasan_quarantine_reduce+0x148/0x160 [ 628.603913][ C0] __kasan_slab_alloc+0x22/0x80 [ 628.608880][ C0] __kmalloc_noprof+0x316/0x760 [ 628.613774][ C0] ? tomoyo_encode+0x28b/0x550 [ 628.618562][ C0] ? __kmalloc_noprof+0x1b8/0x760 [ 628.623735][ C0] tomoyo_encode+0x28b/0x550 [ 628.628357][ C0] tomoyo_realpath_from_path+0x58d/0x5d0 [ 628.634110][ C0] tomoyo_check_open_permission+0x229/0x470 [ 628.640219][ C0] ? tomoyo_check_open_permission+0x1d3/0x470 [ 628.646310][ C0] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 628.652935][ C0] ? __asan_memset+0x22/0x50 [ 628.658103][ C0] security_file_open+0xa9/0x240 [ 628.663082][ C0] do_dentry_open+0x384/0x14e0 [ 628.667913][ C0] ? vfs_open+0x31/0x340 [ 628.672231][ C0] vfs_open+0x3b/0x340 [ 628.676337][ C0] ? path_openat+0x2df0/0x3860 [ 628.681176][ C0] path_openat+0x2e08/0x3860 [ 628.685907][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 628.691946][ C0] ? stack_depot_save_flags+0x33/0x810 [ 628.697608][ C0] ? __pfx_path_openat+0x10/0x10 [ 628.702573][ C0] ? __x64_sys_openat+0x138/0x170 [ 628.707650][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 628.712741][ C0] do_file_open+0x23e/0x4a0 [ 628.717289][ C0] ? __pfx_do_file_open+0x10/0x10 [ 628.722368][ C0] ? _raw_spin_unlock+0x28/0x50 [ 628.727242][ C0] ? alloc_fd+0x64b/0x6c0 [ 628.731746][ C0] do_sys_openat2+0x113/0x200 [ 628.736472][ C0] ? __pfx_do_sys_openat2+0x10/0x10 [ 628.741718][ C0] ? __x64_sys_umount+0x12a/0x170 [ 628.746799][ C0] ? __pfx___x64_sys_umount+0x10/0x10 [ 628.752239][ C0] __x64_sys_openat+0x138/0x170 [ 628.757359][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.764086][ C0] do_syscall_64+0x15f/0xf80 [ 628.768713][ C0] ? trace_irq_disable+0x3b/0x140 [ 628.773870][ C0] ? clear_bhb_loop+0x40/0x90 [ 628.778575][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.784589][ C0] RIP: 0033:0x7f740259c0fc [ 628.789032][ C0] RSP: 002b:00007f740293ec50 EFLAGS: 00000206 ORIG_RAX: 0000000000000101 [ 628.797584][ C0] RAX: ffffffffffffffda RBX: 00007f7402632120 RCX: 00007f740259c0fc [ 628.805815][ C0] RDX: 0000000000090800 RSI: 00007f740293fe00 RDI: 00000000ffffff9c [ 628.813927][ C0] RBP: 00007f740293fdec R08: 0000000000000000 R09: 0000000000000000 [ 628.822018][ C0] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f740293fe00 [ 628.830194][ C0] R13: 00007f7402632120 R14: 0000000000060b76 R15: 00007f740293fe40 [ 628.838217][ C0] [ 628.841259][ C0] task:kworker/u8:5 state:R running task stack:23144 pid:137 tgid:137 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 628.854954][ C0] Workqueue: events_unbound toggle_allocation_gate [ 628.861491][ C0] Call Trace: [ 628.864814][ C0] [ 628.867866][ C0] __schedule+0x17b4/0x5680 [ 628.872425][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 628.877516][ C0] ? __pfx___schedule+0x10/0x10 [ 628.883380][ C0] ? __pfx___schedule+0x10/0x10 [ 628.888431][ C0] ? lockdep_hardirqs_on+0x7a/0x110 [ 628.893655][ C0] ? irqentry_exit+0x218/0x730 [ 628.898441][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 628.903842][ C0] preempt_schedule_common+0x82/0xd0 [ 628.909496][ C0] ? __kmalloc_node_noprof+0x108/0x7c0 [ 628.914981][ C0] preempt_schedule_thunk+0x16/0x30 [ 628.920232][ C0] _raw_spin_unlock+0x3f/0x50 [ 628.924933][ C0] __text_poke+0x7b9/0x9a0 [ 628.929379][ C0] ? __pfx_text_poke_memcpy+0x10/0x10 [ 628.934771][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 628.941135][ C0] ? __kmalloc_node_noprof+0x108/0x7c0 [ 628.946613][ C0] ? __pfx___text_poke+0x10/0x10 [ 628.951579][ C0] smp_text_poke_batch_finish+0xd36/0x1160 [ 628.957416][ C0] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 628.964009][ C0] ? arch_jump_label_transform_queue+0x97/0x110 [ 628.970291][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 628.976298][ C0] static_key_enable_cpuslocked+0x128/0x240 [ 628.982793][ C0] static_key_enable+0x1a/0x20 [ 628.987846][ C0] toggle_allocation_gate+0xab/0x290 [ 628.993677][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 628.999609][ C0] ? process_scheduled_works+0xa70/0x1860 [ 629.005556][ C0] ? process_scheduled_works+0xa70/0x1860 [ 629.011503][ C0] ? process_scheduled_works+0xa70/0x1860 [ 629.017276][ C0] process_scheduled_works+0xb5d/0x1860 [ 629.023402][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 629.029422][ C0] ? assign_work+0x3d5/0x5e0 [ 629.034051][ C0] worker_thread+0xa53/0xfc0 [ 629.038753][ C0] kthread+0x388/0x470 [ 629.042960][ C0] ? __pfx_worker_thread+0x10/0x10 [ 629.048092][ C0] ? __pfx_kthread+0x10/0x10 [ 629.052699][ C0] ret_from_fork+0x514/0xb70 [ 629.057332][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 629.062586][ C0] ? __switch_to+0xc79/0x1410 [ 629.067505][ C0] ? __pfx_kthread+0x10/0x10 [ 629.072310][ C0] ret_from_fork_asm+0x1a/0x30 [ 629.077478][ C0] [ 629.080984][ C0] rcu: rcu_preempt kthread starved for 10391 jiffies! g73873 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 629.093067][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 629.103323][ C0] rcu: RCU grace-period kthread stack dump: [ 629.109216][ C0] task:rcu_preempt state:R running task stack:27968 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 629.124646][ C0] Call Trace: [ 629.127937][ C0] [ 629.130887][ C0] __schedule+0x17b4/0x5680 [ 629.135419][ C0] ? __lock_acquire+0x6b5/0x2cf0 [ 629.140408][ C0] ? __pfx___schedule+0x10/0x10 [ 629.145287][ C0] ? schedule+0x90/0x360 [ 629.149556][ C0] schedule+0x164/0x360 [ 629.153990][ C0] schedule_timeout+0x158/0x2c0 [ 629.158867][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 629.164280][ C0] ? __pfx_process_timeout+0x10/0x10 [ 629.169620][ C0] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 629.175472][ C0] ? prepare_to_swait_event+0x340/0x370 [ 629.181058][ C0] rcu_gp_fqs_loop+0x312/0x11d0 [ 629.185954][ C0] ? __pfx_rcu_watching_snap_recheck+0x10/0x10 [ 629.192138][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 629.197459][ C0] ? _raw_spin_unlock_irq+0x2e/0x50 [ 629.203044][ C0] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 629.209060][ C0] rcu_gp_kthread+0x9e/0x2b0 [ 629.213678][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 629.219517][ C0] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 629.225439][ C0] ? __kthread_parkme+0x7a/0x1f0 [ 629.230408][ C0] ? __kthread_parkme+0x19c/0x1f0 [ 629.235466][ C0] kthread+0x388/0x470 [ 629.239569][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 629.244783][ C0] ? __pfx_kthread+0x10/0x10 [ 629.249400][ C0] ret_from_fork+0x514/0xb70 [ 629.254023][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 629.259180][ C0] ? __switch_to+0xc79/0x1410 [ 629.263906][ C0] ? __pfx_kthread+0x10/0x10 [ 629.268530][ C0] ret_from_fork_asm+0x1a/0x30 [ 629.273332][ C0] [ 629.276363][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 629.282717][ C0] CPU: 0 UID: 0 PID: 5507 Comm: dhcpcd Not tainted syzkaller #0 PREEMPT(full) [ 629.291706][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 629.301785][ C0] RIP: 0010:lock_acquire+0x221/0x350 [ 629.307101][ C0] Code: ff ff ff e8 a1 d7 16 0a f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 8b f2 9e 11 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d 58 0a 95 [ 629.326734][ C0] RSP: 0018:ffffc90000007500 EFLAGS: 00000286 [ 629.332828][ C0] RAX: fce3bb627cb98500 RBX: 0000000000000000 RCX: 0000000080000100 [ 629.340814][ C0] RDX: 00000000a42637f2 RSI: ffffffff8e24e53f RDI: ffffffff8c289f60 [ 629.348797][ C0] RBP: ffffffff8a0a14ab R08: ffffffff8a0a14ab R09: ffffffff8e95cce0 [ 629.356789][ C0] R10: ffffc90000007710 R11: fffff52000000ee4 R12: 0000000000000002 [ 629.364867][ C0] R13: ffffffff8e95cce0 R14: 0000000000000000 R15: 0000000000000246 [ 629.373033][ C0] FS: 00007f452f310780(0000) GS:ffff888125214000(0000) knlGS:0000000000000000 [ 629.381987][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 629.388594][ C0] CR2: 0000200000509030 CR3: 0000000034338000 CR4: 00000000003526f0 [ 629.396728][ C0] Call Trace: [ 629.400031][ C0] [ 629.402893][ C0] ip_vs_conn_out_get+0xcc/0x1000 [ 629.407938][ C0] ? ip_vs_conn_out_get+0xab/0x1000 [ 629.413173][ C0] ? ip_vs_conn_out_get+0xab/0x1000 [ 629.418888][ C0] ? __pfx_ip_vs_conn_out_get+0x10/0x10 [ 629.425164][ C0] ? irqentry_exit+0x218/0x730 [ 629.430052][ C0] ? lockdep_hardirqs_on+0x7a/0x110 [ 629.435477][ C0] ip_vs_conn_out_get_proto+0x29e/0x4a0 [ 629.441064][ C0] ? __pfx_ip_vs_fill_iph_skb_off+0x10/0x10 [ 629.447623][ C0] ? __pfx_ip_vs_conn_out_get_proto+0x10/0x10 [ 629.453723][ C0] ? ipt_do_table+0x2b2/0x1630 [ 629.459045][ C0] ? lockdep_hardirqs_on+0x7a/0x110 [ 629.464266][ C0] ? ipt_do_table+0x2b2/0x1630 [ 629.469072][ C0] ? __local_bh_enable_ip+0xd0/0x130 [ 629.474409][ C0] ? ipt_do_table+0x13d2/0x1630 [ 629.479295][ C0] ? __pfx_ip_vs_conn_out_get_proto+0x10/0x10 [ 629.485927][ C0] ip_vs_out_hook+0x5dc/0xfe0 [ 629.490718][ C0] ? __pfx_ip_vs_out_hook+0x10/0x10 [ 629.495967][ C0] ? NF_HOOK+0x9e/0x3c0 [ 629.500153][ C0] ? iptable_mangle_hook+0x189/0x4c0 [ 629.505476][ C0] ? NF_HOOK+0x9e/0x3c0 [ 629.509672][ C0] ? __pfx_ip_vs_out_hook+0x10/0x10 [ 629.514905][ C0] nf_hook_slow+0xc5/0x220 [ 629.519353][ C0] NF_HOOK+0x21f/0x3c0 [ 629.523448][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 629.529503][ C0] ? NF_HOOK+0x9e/0x3c0 [ 629.533769][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 629.538535][ C0] ? ip_rcv_finish_core+0xda3/0x1c00 [ 629.543865][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 629.549897][ C0] ? ip_local_deliver+0x12a/0x1b0 [ 629.554974][ C0] NF_HOOK+0x336/0x3c0 [ 629.559080][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 629.564229][ C0] ? NF_HOOK+0x9e/0x3c0 [ 629.568455][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 629.573069][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 629.578224][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 629.582780][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 629.587318][ C0] ? process_backlog+0x3eb/0x1950 [ 629.593611][ C0] process_backlog+0xaa3/0x1950 [ 629.600350][ C0] __napi_poll+0xae/0x340 [ 629.604822][ C0] ? skb_defer_free_flush+0x233/0x260 [ 629.610224][ C0] net_rx_action+0x627/0xf70 [ 629.614856][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 629.620111][ C0] ? xfrm_dev_backlog+0x24b/0x3c0 [ 629.625272][ C0] ? net_tx_action+0x5b6/0xc30 [ 629.630574][ C0] ? net_tx_action+0xbfb/0xc30 [ 629.635474][ C0] handle_softirqs+0x22a/0x840 [ 629.640290][ C0] ? __irq_exit_rcu+0xca/0x220 [ 629.645117][ C0] __irq_exit_rcu+0xca/0x220 [ 629.649740][ C0] irq_exit_rcu+0x9/0x30 [ 629.654006][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 629.659672][ C0] [ 629.662632][ C0] [ 629.665580][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 629.671582][ C0] RIP: 0010:__slab_free+0xb3/0x2c0 [ 629.676717][ C0] Code: 09 c1 89 4c 24 38 4d 85 ed 89 44 24 04 74 45 85 c0 74 41 45 31 e4 41 f6 46 0a 20 74 66 48 89 de 48 8b 5c 24 30 48 8b 4c 24 38 <48> 8b 44 24 40 48 8b 54 24 48 f0 48 0f c7 4e 20 48 89 f3 0f 84 e8 [ 629.696340][ C0] RSP: 0018:ffffc90003147790 EFLAGS: 00000202 [ 629.702523][ C0] RAX: 0000000000000011 RBX: ffff88804021f740 RCX: 0000000800130011 [ 629.710510][ C0] RDX: ffff88804021f740 RSI: ffffea0001008700 RDI: ffff888140e80a00 [ 629.718506][ C0] RBP: ffffc90003147820 R08: 0000000000000000 R09: ffffffff82311e1e [ 629.726519][ C0] R10: dffffc0000000000 R11: fffffbfff206701f R12: 0000000000000000 [ 629.734592][ C0] R13: ffff88804021fa80 R14: ffff888140e80a00 R15: 0000000000000000 [ 629.742596][ C0] ? qlist_free_all+0x8e/0x100 [ 629.747399][ C0] ? qlist_free_all+0x8e/0x100 [ 629.752188][ C0] qlist_free_all+0x99/0x100 [ 629.756795][ C0] kasan_quarantine_reduce+0x148/0x160 [ 629.762277][ C0] __kasan_slab_alloc+0x22/0x80 [ 629.767143][ C0] __kmalloc_noprof+0x316/0x760 [ 629.772013][ C0] ? security_prepare_creds+0x52/0x360 [ 629.777580][ C0] ? __kmalloc_noprof+0x1b8/0x760 [ 629.782695][ C0] security_prepare_creds+0x52/0x360 [ 629.788031][ C0] prepare_creds+0x57d/0x820 [ 629.792664][ C0] copy_creds+0x10e/0xa30 [ 629.797036][ C0] ? __raw_spin_lock_init+0x45/0x100 [ 629.802356][ C0] copy_process+0xd6c/0x4450 [ 629.806971][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 629.812121][ C0] ? process_backlog+0x3eb/0x1950 [ 629.817185][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 629.821718][ C0] ? process_backlog+0x180f/0x1950 [ 629.826863][ C0] ? __pfx_copy_process+0x10/0x10 [ 629.832791][ C0] kernel_clone+0x284/0x8f0 [ 629.837365][ C0] ? net_rx_action+0xdef/0xf70 [ 629.842165][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 629.847326][ C0] __x64_sys_clone+0x1b6/0x230 [ 629.852222][ C0] ? __pfx___x64_sys_clone+0x10/0x10 [ 629.857549][ C0] ? lockdep_softirqs_on+0x11d/0x180 [ 629.862859][ C0] ? handle_softirqs+0x715/0x840 [ 629.867827][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.873921][ C0] do_syscall_64+0x15f/0xf80 [ 629.878543][ C0] ? clear_bhb_loop+0x40/0x90 [ 629.883239][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.889164][ C0] RIP: 0033:0x7f452f3e4636 [ 629.893624][ C0] Code: 89 df e8 6d e8 f6 ff 45 31 c0 31 d2 31 f6 64 48 8b 04 25 10 00 00 00 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 52 89 c5 85 c0 75 31 64 48 8b 04 25 10 00 00 [ 629.913430][ C0] RSP: 002b:00007fff6edfefd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 629.921866][ C0] RAX: ffffffffffffffda RBX: 00007fff6edfefd8 RCX: 00007f452f3e4636 [ 629.929858][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 629.937870][ C0] RBP: 00007fff6ee1f520 R08: 0000000000000000 R09: 0000000000000001 [ 629.945866][ C0] R10: 00007f452f310a50 R11: 0000000000000246 R12: 00007fff6edff110 [ 629.953864][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 000056480656bac0 [ 629.961902][ C0] [ 636.159166][ T1314] ieee802154 phy1 wpan1: encryption failed: -22