last executing test programs: 10.32634955s ago: executing program 0 (id=2162): r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockname$inet(r0, 0x0, &(0x7f0000000b40)) 10.148180174s ago: executing program 0 (id=2165): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='limits\x00') close(r0) socket$nl_xfrm(0x10, 0x3, 0x6) write$P9_RRENAMEAT(r0, &(0x7f0000000000)={0x7}, 0x7) 9.997094276s ago: executing program 0 (id=2168): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) dup3(r0, r1, 0x0) sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14}, 0x14}}, 0x0) 9.792599813s ago: executing program 0 (id=2173): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}}, 0x0) 8.812251153s ago: executing program 0 (id=2177): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = dup(r0) ioctl$USBDEVFS_REAPURBNDELAY(r1, 0x4004550d, 0x0) 8.789013734s ago: executing program 0 (id=2179): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r0, &(0x7f0000005b80)={0x0, 0x0, &(0x7f0000005b40)={&(0x7f0000002340)={0x28, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc}}}}, 0x28}}, 0x480c0) 5.52657221s ago: executing program 1 (id=2205): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.kill\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[], 0x33fe0}}, 0x0) r2 = io_uring_setup(0x104c, &(0x7f00000001c0)) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) close(r1) socket$packet(0x11, 0x2, 0x300) close(r2) 5.264205511s ago: executing program 1 (id=2207): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000001400), 0x0, 0x0) ioctl$TCSBRK(r0, 0x5409, 0x0) 5.100735875s ago: executing program 1 (id=2209): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r1, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = dup3(r1, r0, 0x0) sendmsg$NL80211_CMD_GET_STATION(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 4.991756554s ago: executing program 1 (id=2210): futex(&(0x7f000000cffc)=0x100000000000004, 0x0, 0x4, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x1, 0x0, 0x0, 0x0, 0x0) mlockall(0x3) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000bdb000/0x2000)=nil, 0x2000, 0x0) socket$unix(0x1, 0x0, 0x0) 3.828962609s ago: executing program 2 (id=2217): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r2, 0x40045730, 0x0) 3.524100583s ago: executing program 2 (id=2221): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000280)={{0x1, 0x1, 0x18}, './file2\x00'}) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x0, 0x0) syz_emit_ethernet(0x5e, &(0x7f0000003680)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @ipv4={'\x00', '\xff\xff', @local}, @empty}}}}}}, 0x0) setxattr$trusted_overlay_opaque(&(0x7f0000000140)='./file2\x00', &(0x7f0000000180), &(0x7f00000001c0), 0x2, 0x2) connect$inet6(0xffffffffffffffff, 0x0, 0x0) sched_rr_get_interval(0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x42, &(0x7f0000000040)=0xf2b, 0x4) getsockopt$inet6_buf(r1, 0x29, 0x6, &(0x7f0000000300)=""/30, &(0x7f0000000240)=0x1e) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0) setitimer(0x1, &(0x7f0000000580)={{0x77359400}, {0x0, 0xea60}}, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x3) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1) timer_create(0x0, 0x0, &(0x7f0000000200)) syz_io_uring_setup(0x0, &(0x7f0000000200), 0x0, 0x0) r3 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x7, 0x2) r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') pread64(r3, &(0x7f0000000180)=""/38, 0x26, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r5}) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0) 1.989532768s ago: executing program 4 (id=2227): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuacct.stat\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0) 1.988618288s ago: executing program 2 (id=2228): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@d}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r1, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, "00207d2000000000201b14700c1e0ac74f000000001280000000000900"}) ioctl$EVIOCGBITSND(r1, 0x8000451a, 0x0) 1.884164967s ago: executing program 3 (id=2229): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000), 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x2, @multicast2}], 0x10) 1.698633332s ago: executing program 4 (id=2230): r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$NL80211_CMD_DEL_INTERFACE(r0, 0x0, 0x0) 1.644549867s ago: executing program 3 (id=2231): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$KDENABIO(r0, 0x5450) 1.590501661s ago: executing program 4 (id=2232): r0 = fanotify_init(0x0, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0}, './file0/file0\x00'}) 1.404161746s ago: executing program 3 (id=2233): sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[], 0x68}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000003c0)={0x0, @in={{0x2, 0x0, @broadcast}}}, &(0x7f0000000040)=0x100) 1.403971796s ago: executing program 4 (id=2234): r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)={0x0, "3847cb4bfc80b4bf8606c35f4ea750eedd19f8d70dfb9f01b9a7b679d0130e5a2a251a8f76afe20c9342c4f0f3fd092471b22588d8d30b068350b3a0b68fde3e"}, 0x48, r0) keyctl$revoke(0x3, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, 0x0, 0x0) 1.333989392s ago: executing program 2 (id=2235): prlimit64(0x0, 0xe, &(0x7f0000000300)={0xff, 0x420000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) prctl$PR_CAPBSET_READ(0x17, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_SET_LEDBIT(r4, 0x40045569, 0x0) ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x11) ioctl$UI_DEV_SETUP(r4, 0x405c5503, 0x0) ioctl$UI_DEV_CREATE(r4, 0x5501) ioctl$UI_DEV_DESTROY(r4, 0x5502) 1.186354784s ago: executing program 3 (id=2236): dup(0xffffffffffffffff) io_setup(0x0, &(0x7f0000000000)=0x0) io_pgetevents(r0, 0x5, 0x5, &(0x7f00000000c0)=[{}, {}, {}, {}, {}], 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) io_destroy(r0) 551.878856ms ago: executing program 4 (id=2237): r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000700)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) socket$nl_netfilter(0x10, 0x3, 0xc) write$cgroup_freezer_state(r1, &(0x7f0000000000)='THAWED\x00', 0x7) 356.464731ms ago: executing program 2 (id=2238): r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) dup3(r1, r0, 0x0) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, 0x0, 0x0) 288.776597ms ago: executing program 1 (id=2239): r0 = socket(0x1d, 0x2, 0x6) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x136c}}, 0x0) 228.278102ms ago: executing program 3 (id=2240): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x2, @multicast2}], 0x10) 166.849267ms ago: executing program 4 (id=2241): socketpair(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000500)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private}}}}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @dev}}) 140.020129ms ago: executing program 2 (id=2242): r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)={0x14}, 0x14}}, 0x0) 234.17µs ago: executing program 1 (id=2243): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) r1 = dup(r0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r1, 0xc0605345, 0x0) 0s ago: executing program 3 (id=2244): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@d}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r1, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, "00207d2000000000201b14700c1e0ac74f000000001280000000000900"}) ioctl$EVIOCGBITSND(r1, 0x8000451a, 0x0) kernel console output (not intermixed with test programs): a:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 151.954179][ T4883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.982987][ T4883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 152.014123][ T4883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 152.049914][ T4883] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 152.078891][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 152.097980][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 152.110947][ T3686] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 152.125457][ T4883] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.151215][ T4883] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.160010][ T4883] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.198607][ T4883] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.380931][ T3686] usb 1-1: Using ep0 maxpacket: 8 [ 152.450119][ T3717] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.470845][ T3717] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.501887][ T3686] usb 1-1: config 0 has no interfaces? [ 152.507441][ T3686] usb 1-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 152.547248][ T3686] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.578757][ T3686] usb 1-1: config 0 descriptor?? [ 152.586019][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 152.599696][ T5188] syz.1.388 uses obsolete (PF_INET,SOCK_PACKET) [ 152.610406][ T4783] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.645400][ T4783] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.699972][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 152.872768][ T3686] usb 1-1: USB disconnect, device number 4 [ 154.526866][ T5226] input: syz1 as /devices/virtual/input/input11 [ 155.474141][ T5261] netlink: 24 bytes leftover after parsing attributes in process `syz.0.406'. [ 156.403963][ T5294] input: syz1 as /devices/virtual/input/input12 [ 157.248600][ T5305] netlink: 24 bytes leftover after parsing attributes in process `syz.1.419'. [ 157.401231][ T5308] netlink: 8 bytes leftover after parsing attributes in process `syz.3.420'. [ 158.602088][ T5326] loop1: detected capacity change from 0 to 256 [ 158.813642][ T5326] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 158.884674][ T26] audit: type=1800 audit(1722128962.089:7): pid=5326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.424" name="file1" dev="loop1" ino=1048616 res=0 errno=0 [ 158.998899][ T5332] syz.1.424: attempt to access beyond end of device [ 158.998899][ T5332] loop1: rw=0, sector=184, nr_sectors = 120 limit=256 [ 159.176015][ T26] audit: type=1804 audit(1722128962.379:8): pid=5326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.424" name="/newroot/94/file2/bus" dev="loop1" ino=1048618 res=1 errno=0 [ 159.935312][ T5352] netlink: 24 bytes leftover after parsing attributes in process `syz.4.433'. [ 160.941013][ T3688] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 161.136504][ T5380] input: syz1 as /devices/virtual/input/input13 [ 161.311049][ T3688] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 161.501256][ T3688] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 161.524408][ T3688] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.549988][ T3688] usb 5-1: Product: syz [ 161.563228][ T3688] usb 5-1: Manufacturer: syz [ 161.578861][ T3688] usb 5-1: SerialNumber: syz [ 163.452531][ T5404] loop2: detected capacity change from 0 to 256 [ 163.557414][ T5404] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 163.722438][ T26] audit: type=1800 audit(1722128966.929:9): pid=5404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.451" name="file1" dev="loop2" ino=1048619 res=0 errno=0 [ 163.786652][ T5404] syz.2.451: attempt to access beyond end of device [ 163.786652][ T5404] loop2: rw=0, sector=184, nr_sectors = 120 limit=256 [ 163.802560][ T3688] cdc_ether: probe of 5-1:1.0 failed with error -22 [ 163.879914][ T3688] usb 5-1: USB disconnect, device number 3 [ 164.016153][ T26] audit: type=1804 audit(1722128967.219:10): pid=5407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.451" name="/newroot/107/file2/bus" dev="loop2" ino=1048621 res=1 errno=0 [ 165.084087][ T5451] input: syz1 as /devices/virtual/input/input14 [ 165.294283][ T5426] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 165.636325][ T5462] netlink: 'syz.0.469': attribute type 1 has an invalid length. [ 165.664582][ T5461] loop4: detected capacity change from 0 to 1024 [ 165.851963][ T5461] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 165.969880][ T3657] Bluetooth: hci4: sending frame failed (-49) [ 165.977606][ T3655] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 166.347254][ T4883] EXT4-fs (loop4): unmounting filesystem. [ 166.576201][ T5486] loop2: detected capacity change from 0 to 1024 [ 166.788747][ T5489] loop0: detected capacity change from 0 to 256 [ 166.876520][ T5489] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 166.960774][ T26] audit: type=1800 audit(1722128970.159:11): pid=5489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.477" name="file1" dev="loop0" ino=1048622 res=0 errno=0 [ 167.043960][ T5489] syz.0.477: attempt to access beyond end of device [ 167.043960][ T5489] loop0: rw=0, sector=184, nr_sectors = 120 limit=256 [ 167.142846][ T5500] netlink: 'syz.4.483': attribute type 1 has an invalid length. [ 167.340210][ T5509] loop2: detected capacity change from 0 to 1024 [ 167.449614][ T5509] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 167.488152][ T5519] loop3: detected capacity change from 0 to 1024 [ 167.656211][ T5525] input: syz1 as /devices/virtual/input/input15 [ 169.554121][ T5583] loop3: detected capacity change from 0 to 256 [ 169.560971][ T3655] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 169.567415][ T3657] Bluetooth: hci4: command 0x1003 tx timeout [ 169.756624][ T3641] EXT4-fs (loop2): unmounting filesystem. [ 169.778800][ T5587] netlink: 'syz.1.518': attribute type 1 has an invalid length. [ 169.808553][ T5583] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 170.086170][ T26] audit: type=1800 audit(1722128973.289:12): pid=5583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.513" name="file1" dev="loop3" ino=1048625 res=0 errno=0 [ 170.151262][ T5583] syz.3.513: attempt to access beyond end of device [ 170.151262][ T5583] loop3: rw=0, sector=184, nr_sectors = 120 limit=256 [ 170.422132][ T26] audit: type=1804 audit(1722128973.629:13): pid=5603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.513" name="/newroot/107/file2/bus" dev="loop3" ino=1048627 res=1 errno=0 [ 170.885751][ T5617] input: syz1 as /devices/virtual/input/input16 [ 172.365973][ T3653] Bluetooth: hci3: command tx timeout [ 172.546312][ T5657] loop0: detected capacity change from 0 to 1024 [ 173.310644][ T5651] loop1: detected capacity change from 0 to 32768 [ 173.318404][ T5651] XFS: ikeep mount option is deprecated. [ 173.698649][ T5651] XFS (loop1): Mounting V5 Filesystem [ 173.947870][ T5693] loop4: detected capacity change from 0 to 1024 [ 173.960011][ T5651] XFS (loop1): Ending clean mount [ 173.985126][ T5651] XFS (loop1): Quotacheck needed: Please wait. [ 174.044202][ T5651] XFS (loop1): Quotacheck: Done. [ 174.098390][ T5697] loop0: detected capacity change from 0 to 256 [ 174.158227][ T26] audit: type=1800 audit(1722128977.359:14): pid=5651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.542" name="bus" dev="loop1" ino=9291 res=0 errno=0 [ 174.187280][ T5697] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 174.259412][ T26] audit: type=1800 audit(1722128977.459:15): pid=5697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.556" name="file1" dev="loop0" ino=1048628 res=0 errno=0 [ 174.269397][ T5703] netlink: 24 bytes leftover after parsing attributes in process `syz.4.561'. [ 174.301404][ T5697] syz.0.556: attempt to access beyond end of device [ 174.301404][ T5697] loop0: rw=0, sector=184, nr_sectors = 120 limit=256 [ 174.352263][ T3639] XFS (loop1): Unmounting Filesystem [ 174.451563][ T26] audit: type=1804 audit(1722128977.659:16): pid=5704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.556" name="/newroot/93/file2/bus" dev="loop0" ino=1048630 res=1 errno=0 [ 174.761143][ T3687] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 175.057828][ T5728] input: syz1 as /devices/virtual/input/input17 [ 175.120978][ T3687] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 175.152786][ T3687] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 175.212744][ T3687] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 175.243861][ T3687] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.275370][ T3687] usb 4-1: config 0 descriptor?? [ 175.323177][ T3687] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 176.051854][ T5735] loop4: detected capacity change from 0 to 1024 [ 176.719497][ T5744] netlink: 24 bytes leftover after parsing attributes in process `syz.0.575'. [ 177.313867][ T5764] loop4: detected capacity change from 0 to 1024 [ 177.426962][ T5766] loop2: detected capacity change from 0 to 256 [ 177.495742][ T3688] usb 4-1: USB disconnect, device number 5 [ 177.643419][ T5766] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 177.745304][ T26] audit: type=1800 audit(1722128980.949:17): pid=5766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.583" name="file1" dev="loop2" ino=1048631 res=0 errno=0 [ 177.790357][ T5766] syz.2.583: attempt to access beyond end of device [ 177.790357][ T5766] loop2: rw=0, sector=184, nr_sectors = 120 limit=256 [ 178.031723][ T26] audit: type=1804 audit(1722128981.239:18): pid=5784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.583" name="/newroot/136/file2/bus" dev="loop2" ino=1048633 res=1 errno=0 [ 178.147150][ T5791] input: syz1 as /devices/virtual/input/input18 [ 179.156292][ T5806] loop3: detected capacity change from 0 to 1024 [ 179.395956][ T5809] netlink: 24 bytes leftover after parsing attributes in process `syz.4.598'. [ 179.765297][ T5818] device lo entered promiscuous mode [ 179.786924][ T5817] device lo left promiscuous mode [ 179.845094][ T5820] loop2: detected capacity change from 0 to 736 [ 181.111437][ T5841] netlink: 24 bytes leftover after parsing attributes in process `syz.2.611'. [ 181.213159][ T5845] loop1: detected capacity change from 0 to 256 [ 181.316642][ T5845] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 181.457982][ T26] audit: type=1800 audit(1722128984.659:19): pid=5845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.609" name="file1" dev="loop1" ino=1048634 res=0 errno=0 [ 181.477936][ T5845] syz.1.609: attempt to access beyond end of device [ 181.477936][ T5845] loop1: rw=0, sector=184, nr_sectors = 120 limit=256 [ 181.624652][ T26] audit: type=1804 audit(1722128984.829:20): pid=5845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.609" name="/newroot/125/file2/bus" dev="loop1" ino=1048636 res=1 errno=0 [ 181.904463][ T5866] input: syz1 as /devices/virtual/input/input19 [ 183.545997][ T5875] loop3: detected capacity change from 0 to 736 [ 183.652316][ T4360] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 184.261555][ T5882] netlink: 24 bytes leftover after parsing attributes in process `syz.0.624'. [ 184.381149][ T5885] loop1: detected capacity change from 0 to 1024 [ 184.785726][ T5891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.628'. [ 185.406423][ T5906] loop4: detected capacity change from 0 to 256 [ 185.620984][ T5906] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 185.640340][ T5908] input: syz1 as /devices/virtual/input/input20 [ 186.058954][ T3653] Bluetooth: hci0: command 0x0406 tx timeout [ 186.072376][ T3653] Bluetooth: hci1: command 0x0406 tx timeout [ 186.085885][ T26] audit: type=1800 audit(1722128989.289:21): pid=5906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.632" name="file1" dev="loop4" ino=1048637 res=0 errno=0 [ 186.241185][ T5913] syz.4.632: attempt to access beyond end of device [ 186.241185][ T5913] loop4: rw=0, sector=184, nr_sectors = 120 limit=256 [ 186.389126][ T5916] netlink: 24 bytes leftover after parsing attributes in process `syz.0.636'. [ 186.495220][ T26] audit: type=1804 audit(1722128989.699:22): pid=5913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.632" name="/newroot/51/file2/bus" dev="loop4" ino=1048639 res=1 errno=0 [ 186.537190][ T5919] loop1: detected capacity change from 0 to 1024 [ 186.698964][ T5924] hfsplus: request for non-existent node 16777216 in B*Tree [ 186.729124][ T5924] hfsplus: request for non-existent node 16777216 in B*Tree [ 186.873649][ T5928] loop0: detected capacity change from 0 to 736 [ 187.006288][ T5931] netlink: 8 bytes leftover after parsing attributes in process `syz.1.641'. [ 187.482011][ T5940] input: syz1 as /devices/virtual/input/input21 [ 187.796453][ T5948] netlink: 24 bytes leftover after parsing attributes in process `syz.1.649'. [ 188.232548][ T5955] loop0: detected capacity change from 0 to 1024 [ 188.347570][ T5959] netlink: 8 bytes leftover after parsing attributes in process `syz.1.653'. [ 189.263600][ T5977] loop4: detected capacity change from 0 to 256 [ 189.298630][ T5977] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 189.316231][ T26] audit: type=1800 audit(1722128992.519:23): pid=5977 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.660" name="file1" dev="loop4" ino=1048640 res=0 errno=0 [ 189.339570][ T5977] syz.4.660: attempt to access beyond end of device [ 189.339570][ T5977] loop4: rw=0, sector=184, nr_sectors = 120 limit=256 [ 189.411881][ T26] audit: type=1804 audit(1722128992.619:24): pid=5979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.660" name="/newroot/57/file2/bus" dev="loop4" ino=1048642 res=1 errno=0 [ 189.688642][ T5983] loop1: detected capacity change from 0 to 736 [ 189.839659][ T5985] netlink: 24 bytes leftover after parsing attributes in process `syz.4.663'. [ 189.940550][ T5987] input: syz1 as /devices/virtual/input/input22 [ 191.151492][ T3653] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 191.162134][ T3653] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 191.171697][ T3653] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 191.179672][ T3653] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 191.194111][ T3653] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 191.202028][ T3653] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 191.322699][ T6017] input: syz1 as /devices/virtual/input/input23 [ 191.342875][ T4656] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.421768][ T6016] netlink: 24 bytes leftover after parsing attributes in process `syz.3.676'. [ 191.544783][ T4656] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.656789][ T4656] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.835723][ T4656] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.279292][ T6010] chnl_net:caif_netlink_parms(): no params data found [ 192.306022][ T6046] input: syz1 as /devices/virtual/input/input24 [ 192.787497][ T6058] netlink: 'syz.3.691': attribute type 1 has an invalid length. [ 193.105192][ T6010] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.138981][ T6010] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.181625][ T6010] device bridge_slave_0 entered promiscuous mode [ 193.227769][ T6010] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.240992][ T3655] Bluetooth: hci2: command tx timeout [ 193.306462][ T6010] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.356526][ T6010] device bridge_slave_1 entered promiscuous mode [ 193.441721][ T6072] netlink: 24 bytes leftover after parsing attributes in process `syz.3.692'. [ 193.680292][ T6010] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 193.789848][ T6010] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.022639][ T6010] team0: Port device team_slave_0 added [ 194.045843][ T6010] team0: Port device team_slave_1 added [ 194.095214][ T6093] input: syz1 as /devices/virtual/input/input25 [ 194.368682][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.376507][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.579681][ T6010] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.597464][ T6010] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.640778][ T6010] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.871888][ T6010] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.889005][ T6010] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.928937][ T6010] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.948322][ T6100] netlink: 16 bytes leftover after parsing attributes in process `syz.4.700'. [ 195.007480][ T6103] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.043493][ T6103] team0: Port device bond0 added [ 195.277723][ T6010] device hsr_slave_0 entered promiscuous mode [ 195.294224][ T6010] device hsr_slave_1 entered promiscuous mode [ 195.312598][ T6010] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 195.320826][ T3653] Bluetooth: hci2: command tx timeout [ 195.341285][ T6010] Cannot create hsr debugfs directory [ 195.368768][ T4656] device hsr_slave_0 left promiscuous mode [ 195.376328][ T4656] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 195.384458][ T4656] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 195.405270][ T4656] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 195.413057][ T4656] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 195.424988][ T4656] device bridge_slave_1 left promiscuous mode [ 195.437482][ T4656] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.447433][ T4656] device bridge_slave_0 left promiscuous mode [ 195.458174][ T4656] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.493583][ T4656] device veth1_macvtap left promiscuous mode [ 195.509627][ T4656] device veth0_macvtap left promiscuous mode [ 195.526332][ T4656] device veth1_vlan left promiscuous mode [ 195.584204][ T4656] device veth0_vlan left promiscuous mode [ 196.049054][ T4656] bond1 (unregistering): Released all slaves [ 196.280956][ T3653] Bluetooth: hci5: command 0x0406 tx timeout [ 196.738122][ T4656] team0 (unregistering): Port device team_slave_1 removed [ 196.804854][ T4656] team0 (unregistering): Port device team_slave_0 removed [ 196.868890][ T4656] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 196.939567][ T4656] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 197.266496][ T4656] team0 (unregistering): Port device bond0 removed [ 197.370510][ T4656] bond0 (unregistering): Released all slaves [ 197.406136][ T3647] Bluetooth: hci2: command tx timeout [ 197.446826][ T6116] netlink: 24 bytes leftover after parsing attributes in process `syz.2.706'. [ 199.452066][ T6200] netlink: 24 bytes leftover after parsing attributes in process `syz.1.731'. [ 199.481094][ T3647] Bluetooth: hci2: command tx timeout [ 199.835595][ T6010] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 199.896533][ T6010] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 199.928846][ T6010] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 199.964687][ T6010] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 200.266703][ T6010] 8021q: adding VLAN 0 to HW filter on device bond0 [ 200.310453][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 200.329523][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 200.366421][ T6010] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.398987][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 200.423627][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.441827][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.449015][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.494379][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 200.502805][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 200.531181][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 200.551319][ T3690] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.558445][ T3690] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.610606][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 200.668737][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 200.691871][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 200.712615][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.742277][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 200.771941][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 200.801772][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 200.841919][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 200.876896][ T6010] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 200.928686][ T6010] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 200.950350][ T3653] Bluetooth: hci4: sending frame failed (-49) [ 200.958030][ T3647] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 200.989404][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 201.011990][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 201.031551][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 201.089591][ T6248] netlink: 24 bytes leftover after parsing attributes in process `syz.2.745'. [ 201.560788][ T3647] Bluetooth: hci2: command tx timeout [ 201.948880][ T6285] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 202.000564][ T6285] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 202.036565][ T6285] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 202.128974][ T6285] device bridge_slave_0 left promiscuous mode [ 202.167357][ T6285] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.222679][ T6285] device bridge_slave_1 left promiscuous mode [ 202.259173][ T6285] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.312769][ T6285] bond0: (slave bond_slave_0): Releasing backup interface [ 202.379497][ T6285] bond0: (slave bond_slave_1): Releasing backup interface [ 202.593423][ T6285] team0: Port device team_slave_0 removed [ 202.719349][ T6285] team0: Port device team_slave_1 removed [ 202.752255][ T6285] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 202.790884][ T6285] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 202.822752][ T6285] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 202.830233][ T6285] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 202.970562][ T6301] netlink: 24 bytes leftover after parsing attributes in process `syz.1.762'. [ 203.103202][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 203.111492][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 203.151466][ T6320] input: syz1 as /devices/virtual/input/input26 [ 203.215917][ T6010] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.434071][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 203.474739][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 203.622541][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 203.641612][ T3663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 203.677014][ T6010] device veth0_vlan entered promiscuous mode [ 203.696045][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 203.708833][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 203.759884][ T6010] device veth1_vlan entered promiscuous mode [ 203.860150][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 203.869226][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 203.878437][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 203.889928][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 203.902471][ T6010] device veth0_macvtap entered promiscuous mode [ 203.923961][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 203.963576][ T6010] device veth1_macvtap entered promiscuous mode [ 204.046614][ T6010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.093063][ T6010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.160813][ T6010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.191772][ T6010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.222719][ T6010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.271142][ T6010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.330193][ T6010] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 204.348180][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 204.367922][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 204.402030][ T6010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.436494][ T6010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.510115][ T6010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.565472][ T6010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.608669][ T6010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.646337][ T6010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.685406][ T6010] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 204.721767][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 204.738293][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 204.764753][ T6010] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.790735][ T6010] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.800059][ T6010] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.854915][ T6010] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.913834][ T6359] netlink: 24 bytes leftover after parsing attributes in process `syz.3.778'. [ 205.070834][ T3688] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 205.106106][ T6363] netlink: 'syz.2.779': attribute type 1 has an invalid length. [ 205.255649][ T6366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.779'. [ 205.291077][ T6366] netlink: 12 bytes leftover after parsing attributes in process `syz.2.779'. [ 205.340815][ T3688] usb 2-1: Using ep0 maxpacket: 8 [ 205.397900][ T6375] input: syz1 as /devices/virtual/input/input27 [ 205.562483][ T6376] netlink: 24 bytes leftover after parsing attributes in process `syz.3.780'. [ 205.827388][ T6377] bridge0: port 1(macvlan2) entered blocking state [ 205.861851][ T6377] bridge0: port 1(macvlan2) entered disabled state [ 205.874107][ T6377] device macvlan2 entered promiscuous mode [ 205.904467][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.909767][ T3688] usb 2-1: config 0 has no interfaces? [ 205.918294][ T3688] usb 2-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 205.937689][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 205.967434][ T3688] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.004175][ T3688] usb 2-1: config 0 descriptor?? [ 206.022346][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 206.052724][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.061556][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.099675][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 206.738274][ T6408] netlink: 24 bytes leftover after parsing attributes in process `syz.3.789'. [ 207.338446][ T6418] netlink: 'syz.3.791': attribute type 1 has an invalid length. [ 207.384895][ T6418] netlink: 8 bytes leftover after parsing attributes in process `syz.3.791'. [ 207.395453][ T6418] netlink: 12 bytes leftover after parsing attributes in process `syz.3.791'. [ 207.562559][ T6427] netlink: 24 bytes leftover after parsing attributes in process `syz.4.792'. [ 207.715740][ T3690] usb 2-1: USB disconnect, device number 15 [ 207.743457][ T6431] bridge0: port 3(macvlan2) entered blocking state [ 207.801127][ T6431] bridge0: port 3(macvlan2) entered disabled state [ 207.842537][ T6431] device macvlan2 entered promiscuous mode [ 207.906699][ T6438] input: syz1 as /devices/virtual/input/input28 [ 208.560616][ T6461] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 208.585246][ T6461] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 208.609804][ T6461] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 208.685476][ T6461] device macvlan2 left promiscuous mode [ 208.711830][ T6461] bridge0: port 1(macvlan2) entered disabled state [ 208.757290][ T6469] netlink: 'syz.2.804': attribute type 1 has an invalid length. [ 208.960336][ T6476] netlink: 24 bytes leftover after parsing attributes in process `syz.1.805'. [ 209.090072][ T6475] netlink: 8 bytes leftover after parsing attributes in process `syz.2.804'. [ 209.123747][ T6475] netlink: 12 bytes leftover after parsing attributes in process `syz.2.804'. [ 209.164002][ T6479] bridge0: port 3(macvlan2) entered blocking state [ 209.179769][ T6479] bridge0: port 3(macvlan2) entered disabled state [ 209.203783][ T6479] device macvlan2 entered promiscuous mode [ 209.318259][ T6495] netlink: 4 bytes leftover after parsing attributes in process `syz.3.808'. [ 210.079540][ T6513] input: syz1 as /devices/virtual/input/input29 [ 211.601501][ T6544] netlink: 'syz.3.823': attribute type 1 has an invalid length. [ 211.644002][ T6544] netlink: 8 bytes leftover after parsing attributes in process `syz.3.823'. [ 211.798213][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 213.099677][ T6565] syz.3.831[6565] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 213.099790][ T6565] syz.3.831[6565] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 213.136107][ T6567] input: syz1 as /devices/virtual/input/input30 [ 213.337536][ T6576] netlink: 'syz.2.834': attribute type 1 has an invalid length. [ 213.400141][ T6576] netlink: 8 bytes leftover after parsing attributes in process `syz.2.834'. [ 214.385420][ T6618] netlink: 'syz.3.848': attribute type 1 has an invalid length. [ 214.469618][ T6620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.848'. [ 215.306698][ T6651] netlink: 'syz.0.861': attribute type 1 has an invalid length. [ 215.366524][ T6651] netlink: 8 bytes leftover after parsing attributes in process `syz.0.861'. [ 217.371446][ T6714] netlink: 24 bytes leftover after parsing attributes in process `syz.0.890'. [ 217.943930][ T6737] netlink: 8 bytes leftover after parsing attributes in process `syz.1.899'. [ 218.209138][ T6747] netlink: 'syz.3.904': attribute type 1 has an invalid length. [ 218.393729][ T6750] netlink: 8 bytes leftover after parsing attributes in process `syz.3.904'. [ 218.453955][ T6760] nbd1: detected capacity change from 0 to 8388607 [ 218.608164][ T6767] netlink: 8 bytes leftover after parsing attributes in process `syz.3.912'. [ 219.162945][ T6787] netlink: 'syz.4.922': attribute type 1 has an invalid length. [ 219.181982][ T3653] block nbd1: Receive control failed (result -104) [ 219.304984][ T6795] xt_limit: Overflow, try lower: 0/0 [ 219.728385][ T6770] loop3: detected capacity change from 0 to 32768 [ 219.770117][ T6770] XFS: ikeep mount option is deprecated. [ 219.880506][ T6820] netlink: 'syz.4.936': attribute type 1 has an invalid length. [ 219.903526][ T6818] input: syz0 as /devices/virtual/input/input31 [ 219.930244][ T6770] XFS (loop3): Mounting V5 Filesystem [ 220.158557][ T6770] XFS (loop3): Ending clean mount [ 220.195417][ T6770] XFS (loop3): Quotacheck needed: Please wait. [ 220.283348][ T6770] XFS (loop3): Quotacheck: Done. [ 220.366338][ T26] audit: type=1800 audit(1722129023.569:25): pid=6770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.915" name="bus" dev="loop3" ino=9291 res=0 errno=0 [ 220.524906][ T3737] XFS (loop3): Unmounting Filesystem [ 224.490095][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 224.750842][ T14] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 225.115109][ T14] usb 4-1: Using ep0 maxpacket: 8 [ 225.241489][ T14] usb 4-1: config 0 has no interfaces? [ 225.247712][ T14] usb 4-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 226.212782][ T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.223716][ T14] usb 4-1: config 0 descriptor?? [ 226.431515][ T6940] netlink: 'syz.4.981': attribute type 1 has an invalid length. [ 227.944329][ T14] usb 4-1: USB disconnect, device number 6 [ 228.382675][ T6972] netlink: 'syz.3.994': attribute type 1 has an invalid length. [ 228.600179][ T6982] loop0: detected capacity change from 0 to 256 [ 228.613203][ T6982] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 228.630093][ T26] audit: type=1800 audit(1722129031.839:26): pid=6982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.998" name="file1" dev="loop0" ino=1048646 res=0 errno=0 [ 228.656651][ T6982] syz.0.998: attempt to access beyond end of device [ 228.656651][ T6982] loop0: rw=0, sector=184, nr_sectors = 120 limit=256 [ 228.729850][ T26] audit: type=1804 audit(1722129031.929:27): pid=6986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.998" name="/newroot/54/file2/bus" dev="loop0" ino=1048648 res=1 errno=0 [ 228.930521][ T6965] loop2: detected capacity change from 0 to 32768 [ 228.961582][ T6965] XFS: ikeep mount option is deprecated. [ 229.010570][ T6965] XFS (loop2): Mounting V5 Filesystem [ 229.055849][ T3647] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 229.066322][ T3647] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 229.075493][ T3647] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 229.087233][ T3647] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 229.096459][ T3647] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 229.106283][ T3647] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 229.168194][ T6965] XFS (loop2): Ending clean mount [ 229.181150][ T6965] XFS (loop2): Quotacheck needed: Please wait. [ 229.229950][ T6965] XFS (loop2): Quotacheck: Done. [ 229.312532][ T26] audit: type=1800 audit(1722129032.519:28): pid=6965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.989" name="bus" dev="loop2" ino=9291 res=0 errno=0 [ 229.466389][ T3641] XFS (loop2): Unmounting Filesystem [ 229.851337][ T6990] chnl_net:caif_netlink_parms(): no params data found [ 230.063952][ T7015] netlink: 'syz.4.1006': attribute type 1 has an invalid length. [ 230.168177][ T7020] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1006'. [ 230.230806][ T6990] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.237995][ T6990] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.255942][ T6990] device bridge_slave_0 entered promiscuous mode [ 230.269845][ T6990] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.290587][ T6990] bridge0: port 2(bridge_slave_1) entered disabled state [ 230.323733][ T6990] device bridge_slave_1 entered promiscuous mode [ 230.401571][ T3686] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 230.465968][ T6990] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 230.495866][ T6990] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 230.551494][ T7033] loop0: detected capacity change from 0 to 256 [ 230.563597][ T7033] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 230.586481][ T26] audit: type=1800 audit(1722129033.789:29): pid=7033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1009" name="file1" dev="loop0" ino=1048649 res=0 errno=0 [ 230.608145][ T7033] syz.0.1009: attempt to access beyond end of device [ 230.608145][ T7033] loop0: rw=0, sector=184, nr_sectors = 120 limit=256 [ 230.635472][ T6990] team0: Port device team_slave_0 added [ 230.650742][ T3686] usb 3-1: Using ep0 maxpacket: 8 [ 230.661914][ T6990] team0: Port device team_slave_1 added [ 230.683143][ T26] audit: type=1804 audit(1722129033.899:30): pid=7037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1009" name="/newroot/60/file2/bus" dev="loop0" ino=1048651 res=1 errno=0 [ 230.771017][ T3686] usb 3-1: config 0 has no interfaces? [ 230.776604][ T3686] usb 3-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 230.787051][ T6990] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 230.794797][ T6990] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.840801][ T3686] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.850973][ T3686] usb 3-1: config 0 descriptor?? [ 230.879370][ T6990] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 230.905312][ T6990] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 230.920730][ T6990] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.991088][ T6990] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 231.064732][ T6990] device hsr_slave_0 entered promiscuous mode [ 231.081423][ T6990] device hsr_slave_1 entered promiscuous mode [ 231.161970][ T3647] Bluetooth: hci4: command tx timeout [ 231.389385][ T6990] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.560509][ T6990] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.727465][ T6990] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.873645][ T6990] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.884673][ T6990] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 232.925222][ T6990] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 232.985854][ T6990] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 233.099640][ T6990] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 233.157644][ T154] usb 3-1: USB disconnect, device number 3 [ 233.241505][ T3647] Bluetooth: hci4: command tx timeout [ 233.309994][ T7076] loop0: detected capacity change from 0 to 256 [ 233.324178][ T7076] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 233.341260][ T26] audit: type=1800 audit(1722129036.549:31): pid=7076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1022" name="file1" dev="loop0" ino=1048652 res=0 errno=0 [ 233.365624][ T7076] syz.0.1022: attempt to access beyond end of device [ 233.365624][ T7076] loop0: rw=0, sector=184, nr_sectors = 120 limit=256 [ 233.447483][ T26] audit: type=1804 audit(1722129036.639:32): pid=7082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1022" name="/newroot/67/file2/bus" dev="loop0" ino=1048654 res=1 errno=0 [ 233.561596][ T6990] 8021q: adding VLAN 0 to HW filter on device bond0 [ 233.601600][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 233.613580][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 233.645543][ T6990] 8021q: adding VLAN 0 to HW filter on device team0 [ 233.677141][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 233.693243][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 233.712240][ T3686] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.720149][ T3686] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.751960][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 233.770966][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 233.779901][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 233.809697][ T3686] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.816921][ T3686] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.830406][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 233.849458][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 233.870227][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 233.902882][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 233.935336][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 233.959235][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 233.979880][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 234.028773][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 234.038327][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 234.074552][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 234.087169][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 234.113585][ T6990] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 234.416358][ T7075] loop2: detected capacity change from 0 to 32768 [ 234.442102][ T7075] XFS: ikeep mount option is deprecated. [ 234.509952][ T7075] XFS (loop2): Mounting V5 Filesystem [ 234.684124][ T7075] XFS (loop2): Ending clean mount [ 234.699829][ T7075] XFS (loop2): Quotacheck needed: Please wait. [ 234.859901][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 234.868892][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 234.964559][ T6990] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 235.015262][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 235.027149][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 235.099535][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 235.112250][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 235.132953][ T6990] device veth0_vlan entered promiscuous mode [ 235.147106][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 235.157568][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 235.181922][ T6990] device veth1_vlan entered promiscuous mode [ 235.262134][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 235.321332][ T3647] Bluetooth: hci4: command tx timeout [ 235.349160][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 235.440886][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 235.498142][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 235.579729][ T6990] device veth0_macvtap entered promiscuous mode [ 235.650794][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 235.690025][ T6990] device veth1_macvtap entered promiscuous mode [ 235.696650][ T7075] XFS (loop2): Quotacheck: Done. [ 235.790369][ T26] audit: type=1800 audit(1722129038.989:33): pid=7075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1024" name="bus" dev="loop2" ino=9291 res=0 errno=0 [ 235.881068][ T3688] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 235.931489][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.987180][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.997503][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.008317][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.024977][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.035762][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.050152][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.067611][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.079175][ T3641] XFS (loop2): Unmounting Filesystem [ 236.083049][ T6990] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 236.099959][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 236.109674][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 236.133014][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.148072][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.170992][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.178390][ T3688] usb 5-1: Using ep0 maxpacket: 8 [ 236.190715][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.222781][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.243043][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.255645][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.266533][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.291462][ T6990] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 236.324423][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 236.333092][ T3688] usb 5-1: config 0 has no interfaces? [ 236.338617][ T3688] usb 5-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 236.365766][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 236.374649][ T3688] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.386992][ T6990] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.409489][ T3688] usb 5-1: config 0 descriptor?? [ 236.421379][ T6990] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.443112][ T6990] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.456977][ T6990] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.690116][ T7117] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.718720][ T7117] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.756260][ T3719] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 236.791754][ T3913] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.811236][ T3913] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.839905][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 237.403624][ T3647] Bluetooth: hci4: command tx timeout [ 237.772732][ T7170] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 237.897653][ T7170] team0: Port device bond0 removed [ 237.905792][ T7170] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 237.913964][ T7170] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 237.950437][ T7170] device bridge_slave_0 left promiscuous mode [ 237.959721][ T7170] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.980044][ T3690] usb 5-1: USB disconnect, device number 4 [ 237.984472][ T7170] device bridge_slave_1 left promiscuous mode [ 237.995217][ T7170] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.024622][ T7170] bond0: (slave bond_slave_0): Releasing backup interface [ 238.062619][ T7170] bond0: (slave bond_slave_1): Releasing backup interface [ 238.101638][ T7170] team0: Port device team_slave_0 removed [ 238.138133][ T7170] team0: Port device team_slave_1 removed [ 238.167356][ T7170] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 238.197908][ T7170] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 238.209501][ T7170] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 238.225449][ T7170] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 239.224299][ T7223] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 239.258299][ T7223] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 239.280866][ T3663] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 239.293879][ T7223] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 239.540795][ T3663] usb 1-1: Using ep0 maxpacket: 8 [ 239.680950][ T3663] usb 1-1: config 0 has no interfaces? [ 239.686499][ T3663] usb 1-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 239.730802][ T3663] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.748571][ T3663] usb 1-1: config 0 descriptor?? [ 240.399065][ T7253] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 241.143844][ T7283] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1096'. [ 241.168414][ T7284] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 241.220392][ T7284] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 241.241921][ T7284] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 241.283223][ T7284] device bridge_slave_0 left promiscuous mode [ 241.298550][ T7284] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.322019][ T7284] device bridge_slave_1 left promiscuous mode [ 241.341695][ T7284] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.371297][ T7284] bond0: (slave bond_slave_0): Releasing backup interface [ 241.422989][ T7284] bond0: (slave bond_slave_1): Releasing backup interface [ 241.535221][ T7284] team0: Port device team_slave_0 removed [ 241.630339][ T7284] team0: Port device team_slave_1 removed [ 241.641662][ T7284] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 241.696847][ T7284] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 241.750241][ T7284] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 241.769155][ T7284] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 241.884456][ T7286] 8021q: adding VLAN 0 to HW filter on device bond0 [ 241.913883][ T7286] team0: Port device bond0 added [ 241.971158][ T3663] usb 1-1: USB disconnect, device number 5 [ 242.489072][ T7317] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1110'. [ 242.949514][ T7337] loop4: detected capacity change from 0 to 736 [ 242.988086][ T7340] kernel profiling enabled (shift: 0) [ 243.070778][ T3658] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 243.230810][ T154] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 243.370038][ T7348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1122'. [ 243.491071][ T154] usb 4-1: Using ep0 maxpacket: 8 [ 243.611023][ T154] usb 4-1: config 0 has no interfaces? [ 243.619213][ T154] usb 4-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 243.636607][ T154] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.663688][ T154] usb 4-1: config 0 descriptor?? [ 244.501941][ T7370] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1133'. [ 244.826834][ T7381] loop4: detected capacity change from 0 to 256 [ 244.879270][ T7381] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 244.940084][ T7381] syz.4.1135: attempt to access beyond end of device [ 244.940084][ T7381] loop4: rw=0, sector=184, nr_sectors = 120 limit=256 [ 244.980767][ T26] audit: type=1800 audit(1722129048.129:34): pid=7381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1135" name="file1" dev="loop4" ino=1048658 res=0 errno=0 [ 245.314424][ T7379] loop1: detected capacity change from 0 to 736 [ 245.424612][ T26] audit: type=1804 audit(1722129048.289:35): pid=7384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1135" name="/newroot/170/file2/bus" dev="loop4" ino=1048660 res=1 errno=0 [ 245.967606][ T7] usb 4-1: USB disconnect, device number 7 [ 246.288177][ T7405] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1144'. [ 246.653374][ T7417] loop1: detected capacity change from 0 to 256 [ 246.681658][ T7417] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 246.734785][ T7417] syz.1.1148: attempt to access beyond end of device [ 246.734785][ T7417] loop1: rw=0, sector=184, nr_sectors = 120 limit=256 [ 246.790839][ T26] audit: type=1800 audit(1722129049.929:36): pid=7417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1148" name="file1" dev="loop1" ino=1048661 res=0 errno=0 [ 247.417009][ T26] audit: type=1804 audit(1722129050.039:37): pid=7419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1148" name="/newroot/23/file2/bus" dev="loop1" ino=1048663 res=1 errno=0 [ 247.694088][ T7432] loop3: detected capacity change from 0 to 736 [ 248.017402][ T7445] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1158'. [ 248.041125][ T7] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 248.292667][ T7] usb 2-1: Using ep0 maxpacket: 8 [ 248.441298][ T7] usb 2-1: config 0 has no interfaces? [ 248.454537][ T7461] loop2: detected capacity change from 0 to 256 [ 248.506867][ T7] usb 2-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 248.578120][ T7461] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 248.621862][ T26] audit: type=1800 audit(1722129051.819:38): pid=7461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1162" name="file1" dev="loop2" ino=1048664 res=0 errno=0 [ 248.655852][ T7461] syz.2.1162: attempt to access beyond end of device [ 248.655852][ T7461] loop2: rw=0, sector=184, nr_sectors = 120 limit=256 [ 248.773781][ T26] audit: type=1804 audit(1722129051.969:39): pid=7465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1162" name="/newroot/244/file2/bus" dev="loop2" ino=1048666 res=1 errno=0 [ 248.882808][ T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.211701][ T7] usb 2-1: config 0 descriptor?? [ 249.270806][ T52] block nbd1: Possible stuck request ffff88801fe70000: control (read@0,4096B). Runtime 30 seconds [ 249.456878][ T7] usb 2-1: USB disconnect, device number 16 [ 249.496663][ T7473] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1170'. [ 250.059338][ T7494] loop4: detected capacity change from 0 to 256 [ 250.098839][ T7494] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 250.136586][ T26] audit: type=1800 audit(1722129053.329:40): pid=7494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1177" name="file1" dev="loop4" ino=1048667 res=0 errno=0 [ 250.162833][ T7494] syz.4.1177: attempt to access beyond end of device [ 250.162833][ T7494] loop4: rw=0, sector=184, nr_sectors = 120 limit=256 [ 250.677880][ T26] audit: type=1804 audit(1722129053.479:41): pid=7498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1177" name="/newroot/181/file2/bus" dev="loop4" ino=1048669 res=1 errno=0 [ 251.582338][ T7533] loop0: detected capacity change from 0 to 256 [ 251.626254][ T7533] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 251.676471][ T7533] syz.0.1191: attempt to access beyond end of device [ 251.676471][ T7533] loop0: rw=0, sector=184, nr_sectors = 120 limit=256 [ 251.740852][ T26] audit: type=1800 audit(1722129054.869:42): pid=7533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1191" name="file1" dev="loop0" ino=1048670 res=0 errno=0 [ 251.771093][ T14] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 252.070813][ T14] usb 3-1: Using ep0 maxpacket: 8 [ 252.149628][ T26] audit: type=1804 audit(1722129054.989:43): pid=7535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1191" name="/newroot/100/file2/bus" dev="loop0" ino=1048672 res=1 errno=0 [ 252.211633][ T14] usb 3-1: config 0 has no interfaces? [ 252.240397][ T14] usb 3-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 252.381081][ T14] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.445047][ T14] usb 3-1: config 0 descriptor?? [ 252.684298][ T7] usb 3-1: USB disconnect, device number 4 [ 252.934585][ T14] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 253.317639][ T14] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 253.347391][ T14] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 253.590822][ T14] usb 5-1: string descriptor 0 read error: -22 [ 253.598497][ T14] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 253.630937][ T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 253.708890][ T14] usb 5-1: 0:2 : does not exist [ 253.917455][ T3699] usb 5-1: USB disconnect, device number 5 [ 254.840808][ T7] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 255.080755][ T7] usb 1-1: Using ep0 maxpacket: 8 [ 255.200957][ T7] usb 1-1: config 0 has no interfaces? [ 255.206632][ T7] usb 1-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 255.240762][ T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.280179][ T7] usb 1-1: config 0 descriptor?? [ 255.288762][ T7596] loop1: detected capacity change from 0 to 32768 [ 255.321947][ T7596] XFS: ikeep mount option is deprecated. [ 255.448169][ T7596] XFS (loop1): Mounting V5 Filesystem [ 255.546983][ T7] usb 1-1: USB disconnect, device number 6 [ 255.615210][ T7596] XFS (loop1): Ending clean mount [ 255.636014][ T7596] XFS (loop1): Quotacheck needed: Please wait. [ 255.652355][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.658706][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.778960][ T7596] XFS (loop1): Quotacheck: Done. [ 255.831364][ T26] audit: type=1804 audit(1722129059.039:44): pid=7596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1218" name="/newroot/37/file0/bus" dev="loop1" ino=9290 res=1 errno=0 [ 255.896232][ T26] audit: type=1800 audit(1722129059.079:45): pid=7596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1218" name="bus" dev="loop1" ino=9291 res=0 errno=0 [ 255.983854][ T6990] XFS (loop1): Unmounting Filesystem [ 256.793543][ T7659] input: syz1 as /devices/virtual/input/input33 [ 257.721124][ T3647] Bluetooth: hci3: command 0x0406 tx timeout [ 257.923527][ T3699] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 258.185130][ T3699] usb 5-1: Using ep0 maxpacket: 8 [ 258.603264][ T7692] input: syz1 as /devices/virtual/input/input34 [ 258.844276][ T3699] usb 5-1: config 0 has no interfaces? [ 258.963804][ T3699] usb 5-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 259.104545][ T3699] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.141755][ T3699] usb 5-1: config 0 descriptor?? [ 259.420863][ T7661] loop0: detected capacity change from 0 to 32768 [ 259.440253][ T3699] usb 5-1: USB disconnect, device number 6 [ 259.498058][ T7661] XFS: ikeep mount option is deprecated. [ 259.580813][ T7661] XFS (loop0): Mounting V5 Filesystem [ 259.728528][ T7661] XFS (loop0): Ending clean mount [ 259.739909][ T7661] XFS (loop0): Quotacheck needed: Please wait. [ 259.814003][ T7661] XFS (loop0): Quotacheck: Done. [ 259.848692][ T6010] XFS (loop0): Unmounting Filesystem [ 260.193540][ T7734] input: syz1 as /devices/virtual/input/input35 [ 261.733831][ T7750] loop1: detected capacity change from 0 to 32768 [ 261.740893][ T14] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 261.789413][ T7750] XFS: ikeep mount option is deprecated. [ 261.806944][ T7766] input: syz1 as /devices/virtual/input/input36 [ 262.060792][ T14] usb 5-1: Using ep0 maxpacket: 8 [ 262.181692][ T14] usb 5-1: config 0 has no interfaces? [ 262.230095][ T14] usb 5-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 262.330329][ T7750] XFS (loop1): Mounting V5 Filesystem [ 262.499686][ T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.572985][ T14] usb 5-1: config 0 descriptor?? [ 262.607540][ T7750] XFS (loop1): Ending clean mount [ 262.627946][ T7750] XFS (loop1): Quotacheck needed: Please wait. [ 262.721890][ T7750] XFS (loop1): Quotacheck: Done. [ 262.815747][ T26] audit: type=1800 audit(1722129066.019:46): pid=7750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1275" name="bus" dev="loop1" ino=9291 res=0 errno=0 [ 262.842444][ T14] usb 5-1: USB disconnect, device number 7 [ 262.946383][ T6990] XFS (loop1): Unmounting Filesystem [ 263.331075][ T7802] input: syz1 as /devices/virtual/input/input37 [ 264.891967][ T7833] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1306'. [ 265.058365][ T7843] input: syz1 as /devices/virtual/input/input38 [ 266.774408][ T7880] input: syz1 as /devices/virtual/input/input39 [ 267.663720][ T7885] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1324'. [ 268.279153][ T7899] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 268.327079][ T7899] team0: Port device bond0 removed [ 268.345515][ T7899] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 268.361298][ T7899] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 268.408616][ T7904] 8021q: adding VLAN 0 to HW filter on device bond0 [ 268.454239][ T7904] team0: Port device bond0 added [ 268.649445][ T7916] input: syz1 as /devices/virtual/input/input40 [ 269.579680][ T7921] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1337'. [ 270.316395][ T7958] input: syz1 as /devices/virtual/input/input41 [ 271.625618][ T7989] loop0: detected capacity change from 0 to 256 [ 272.704979][ T7989] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 272.723657][ T26] audit: type=1800 audit(1722129075.929:47): pid=7988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1362" name="file1" dev="loop0" ino=1048673 res=0 errno=0 [ 272.746651][ T7988] syz.0.1362: attempt to access beyond end of device [ 272.746651][ T7988] loop0: rw=0, sector=184, nr_sectors = 120 limit=256 [ 272.898094][ T26] audit: type=1804 audit(1722129076.019:48): pid=7989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1362" name="/newroot/131/file2/bus" dev="loop0" ino=1048675 res=1 errno=0 [ 273.143968][ T8001] input: syz1 as /devices/virtual/input/input42 [ 274.420054][ T8024] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc. [ 274.859130][ T8046] loop0: detected capacity change from 0 to 256 [ 274.902843][ T8046] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 274.946891][ T8046] syz.0.1380: attempt to access beyond end of device [ 274.946891][ T8046] loop0: rw=0, sector=184, nr_sectors = 120 limit=256 [ 275.060344][ T26] audit: type=1800 audit(1722129078.139:49): pid=8046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1380" name="file1" dev="loop0" ino=1048676 res=0 errno=0 [ 275.818249][ T26] audit: type=1804 audit(1722129078.309:50): pid=8050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1380" name="/newroot/134/file2/bus" dev="loop0" ino=1048678 res=1 errno=0 [ 276.119443][ T8058] input: syz1 as /devices/virtual/input/input43 [ 277.907505][ T8086] loop0: detected capacity change from 0 to 256 [ 277.948147][ T8086] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 278.062709][ T26] audit: type=1800 audit(1722129081.259:51): pid=8086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1393" name="file1" dev="loop0" ino=1048679 res=0 errno=0 [ 278.122556][ T8088] syz.0.1393: attempt to access beyond end of device [ 278.122556][ T8088] loop0: rw=0, sector=184, nr_sectors = 120 limit=256 [ 278.635987][ T26] audit: type=1804 audit(1722129081.429:52): pid=8088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1393" name="/newroot/137/file2/bus" dev="loop0" ino=1048681 res=1 errno=0 [ 279.019477][ T3647] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 279.029631][ T3647] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 279.048747][ T3647] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 279.056870][ T3647] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 279.066128][ T3647] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 279.073656][ T3647] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 280.132474][ T52] block nbd1: Possible stuck request ffff88801fe70000: control (read@0,4096B). Runtime 60 seconds [ 280.202112][ T8098] chnl_net:caif_netlink_parms(): no params data found [ 280.359185][ T8127] loop4: detected capacity change from 0 to 256 [ 280.400795][ T8127] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 280.445279][ T26] audit: type=1800 audit(1722129083.639:53): pid=8127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1405" name="file1" dev="loop4" ino=1048682 res=0 errno=0 [ 280.472449][ T8127] syz.4.1405: attempt to access beyond end of device [ 280.472449][ T8127] loop4: rw=0, sector=184, nr_sectors = 120 limit=256 [ 280.732667][ T8098] bridge0: port 1(bridge_slave_0) entered blocking state [ 280.903099][ T8098] bridge0: port 1(bridge_slave_0) entered disabled state [ 280.971292][ T26] audit: type=1804 audit(1722129083.789:54): pid=8130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1405" name="/newroot/228/file2/bus" dev="loop4" ino=1048684 res=1 errno=0 [ 281.135127][ T8098] device bridge_slave_0 entered promiscuous mode [ 281.161751][ T3653] Bluetooth: hci5: command tx timeout [ 281.221691][ T8098] bridge0: port 2(bridge_slave_1) entered blocking state [ 281.258070][ T8098] bridge0: port 2(bridge_slave_1) entered disabled state [ 281.297323][ T8098] device bridge_slave_1 entered promiscuous mode [ 281.414539][ T8098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 281.466730][ T8098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 281.595583][ T8098] team0: Port device team_slave_0 added [ 281.621686][ T8098] team0: Port device team_slave_1 added [ 281.726019][ T8098] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 281.768186][ T8098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 281.845577][ T8098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 281.872413][ T8098] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 281.879964][ T8098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 282.013277][ T8098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 282.794469][ T8098] device hsr_slave_0 entered promiscuous mode [ 282.828770][ T8098] device hsr_slave_1 entered promiscuous mode [ 282.844882][ T8098] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 282.866655][ T8098] Cannot create hsr debugfs directory [ 283.236506][ T8098] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.248228][ T3653] Bluetooth: hci5: command tx timeout [ 283.422599][ T8098] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.550601][ T8098] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 283.711952][ T8098] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 284.243480][ T8098] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 284.631454][ T8098] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 284.756554][ T8098] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 284.802824][ T8098] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 285.148580][ T8098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 285.185993][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 285.195934][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 285.208722][ T8098] 8021q: adding VLAN 0 to HW filter on device team0 [ 285.234694][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 285.244619][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 285.257824][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.265068][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 285.276492][ T8201] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1432'. [ 285.320796][ T3653] Bluetooth: hci5: command tx timeout [ 285.359999][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 285.388782][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 285.411612][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 285.443359][ T3699] bridge0: port 2(bridge_slave_1) entered blocking state [ 285.450751][ T3699] bridge0: port 2(bridge_slave_1) entered forwarding state [ 285.469456][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 285.523110][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 285.549451][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 285.569519][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 285.621307][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 285.650030][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 285.670603][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 285.702367][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 285.750597][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 285.773655][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 285.811477][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 285.853221][ T8098] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 286.441297][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 286.448889][ T3699] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 286.541029][ T8098] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 286.610537][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 286.630485][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 286.704919][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 286.714895][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 286.726640][ T8098] device veth0_vlan entered promiscuous mode [ 286.751896][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 286.760114][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 286.776097][ T8098] device veth1_vlan entered promiscuous mode [ 286.809595][ T8232] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1443'. [ 286.879168][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 286.899895][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 286.926868][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 286.967308][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 286.988737][ T8098] device veth0_macvtap entered promiscuous mode [ 287.062783][ T8098] device veth1_macvtap entered promiscuous mode [ 287.132409][ T8098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 287.179806][ T8098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.219772][ T8098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 287.242286][ T8098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.262792][ T8098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 287.280211][ T8098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.308774][ T8098] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 287.333708][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 287.353267][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 287.369280][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 287.379575][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 287.400944][ T3653] Bluetooth: hci5: command tx timeout [ 287.407944][ T8098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.428433][ T8098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.439576][ T8098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.451329][ T8098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.461390][ T8098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 287.472185][ T8098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 287.492409][ T8098] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 287.503031][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 287.516087][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 287.528125][ T8098] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.539322][ T8098] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.559883][ T8098] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.569025][ T8098] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.718934][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.743368][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.814945][ T8251] input: syz1 as /devices/virtual/input/input44 [ 287.947058][ T7495] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 288.105247][ T7495] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 288.143564][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 288.351699][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 289.178938][ T8283] input: syz1 as /devices/virtual/input/input46 [ 291.884585][ T8328] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 291.932867][ T8328] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 291.949255][ T8328] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 292.023612][ T8331] 8021q: adding VLAN 0 to HW filter on device bond0 [ 292.062557][ T8331] team0: Port device bond0 added [ 293.958150][ T22] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 294.083373][ T3653] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 294.120333][ T3653] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 294.139549][ T3653] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 294.148873][ T3653] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 294.161301][ T3653] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 294.168897][ T3653] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 294.230951][ T22] usb 5-1: Using ep0 maxpacket: 8 [ 294.351194][ T22] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 294.370820][ T22] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 294.420067][ T22] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 294.457893][ T22] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 294.511791][ T22] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 294.556056][ T22] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.772755][ T8374] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1495'. [ 294.870962][ T22] usb 5-1: GET_CAPABILITIES returned 0 [ 294.876527][ T22] usbtmc 5-1:16.0: can't read capabilities [ 295.047794][ T8363] chnl_net:caif_netlink_parms(): no params data found [ 295.150773][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.162252][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.171406][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.180540][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.189667][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.198805][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.207950][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.217084][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.226203][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.235392][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.244522][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.253653][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.262762][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.271840][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.280907][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.289963][ C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.315476][ T3648] usb 5-1: USB disconnect, device number 8 [ 295.524402][ T8363] bridge0: port 1(bridge_slave_0) entered blocking state [ 295.590893][ T8363] bridge0: port 1(bridge_slave_0) entered disabled state [ 295.599287][ T8363] device bridge_slave_0 entered promiscuous mode [ 295.634767][ T8363] bridge0: port 2(bridge_slave_1) entered blocking state [ 295.695131][ T8363] bridge0: port 2(bridge_slave_1) entered disabled state [ 295.718765][ T8363] device bridge_slave_1 entered promiscuous mode [ 295.802623][ T8363] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 295.834367][ T8363] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 295.958594][ T8363] team0: Port device team_slave_0 added [ 295.979858][ T8363] team0: Port device team_slave_1 added [ 296.075264][ T8363] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 296.090860][ T8363] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 296.199085][ T8363] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 296.210122][ T3655] Bluetooth: hci6: command tx timeout [ 296.230028][ T8363] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 296.237611][ T8363] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 296.340802][ T8363] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 297.132089][ T8363] device hsr_slave_0 entered promiscuous mode [ 297.181641][ T8363] device hsr_slave_1 entered promiscuous mode [ 297.218019][ T8363] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 297.246165][ T8363] Cannot create hsr debugfs directory [ 297.301034][ T8412] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1505'. [ 297.519170][ T8417] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1507'. [ 297.705451][ T8406] loop4: detected capacity change from 0 to 32768 [ 297.765669][ T8406] XFS: ikeep mount option is deprecated. [ 297.850825][ T8406] XFS (loop4): Mounting V5 Filesystem [ 297.872077][ T8363] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.910895][ T3686] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 297.931078][ T8406] XFS (loop4): Ending clean mount [ 297.938086][ T8406] XFS (loop4): Quotacheck needed: Please wait. [ 298.006408][ T8363] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.011748][ T8406] XFS (loop4): Quotacheck: Done. [ 298.137193][ T4883] XFS (loop4): Unmounting Filesystem [ 298.161043][ T3686] usb 3-1: Using ep0 maxpacket: 8 [ 298.201678][ T8363] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.282554][ T3686] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 298.291412][ T3655] Bluetooth: hci6: command tx timeout [ 298.325153][ T3686] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 298.367093][ T3686] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 298.397634][ T3686] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 298.441275][ T3686] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 298.451392][ T3686] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 298.529827][ T8363] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.720878][ T3686] usb 3-1: GET_CAPABILITIES returned 0 [ 298.726617][ T3686] usbtmc 3-1:16.0: can't read capabilities [ 298.870218][ T8363] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 298.908332][ T8363] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 298.930875][ T3686] usb 3-1: USB disconnect, device number 5 [ 298.976810][ T8363] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 298.999879][ T8363] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 299.130057][ T8471] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 299.164762][ T8471] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 299.175310][ T8471] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 299.193271][ T8471] device bridge_slave_0 left promiscuous mode [ 299.200226][ T8471] bridge0: port 1(bridge_slave_0) entered disabled state [ 299.211308][ T8471] device bridge_slave_1 left promiscuous mode [ 299.217611][ T8471] bridge0: port 2(bridge_slave_1) entered disabled state [ 299.233406][ T8471] bond0: (slave bond_slave_0): Releasing backup interface [ 299.286780][ T8471] bond0: (slave bond_slave_1): Releasing backup interface [ 299.359619][ T8471] team0: Port device team_slave_0 removed [ 299.385126][ T8471] team0: Port device team_slave_1 removed [ 299.400355][ T8471] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 299.409232][ T8471] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 299.418726][ T8471] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 299.428055][ T8471] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 299.464015][ T8463] loop4: detected capacity change from 0 to 32768 [ 299.484640][ T8472] 8021q: adding VLAN 0 to HW filter on device bond0 [ 299.501655][ T8463] XFS: ikeep mount option is deprecated. [ 299.509413][ T8472] team0: Port device bond0 added [ 299.624517][ T8463] XFS (loop4): Mounting V5 Filesystem [ 299.812170][ T8363] 8021q: adding VLAN 0 to HW filter on device bond0 [ 299.855324][ T8463] XFS (loop4): Ending clean mount [ 299.883796][ T8463] XFS (loop4): Quotacheck needed: Please wait. [ 299.903084][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 299.917467][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 299.952774][ T8363] 8021q: adding VLAN 0 to HW filter on device team0 [ 299.975503][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 299.994454][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 300.025024][ T8463] XFS (loop4): Quotacheck: Done. [ 300.027231][ T3686] bridge0: port 1(bridge_slave_0) entered blocking state [ 300.037249][ T3686] bridge0: port 1(bridge_slave_0) entered forwarding state [ 300.132947][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 300.153077][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 300.183604][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 300.199184][ T4883] XFS (loop4): Unmounting Filesystem [ 300.210148][ T3648] bridge0: port 2(bridge_slave_1) entered blocking state [ 300.217519][ T3648] bridge0: port 2(bridge_slave_1) entered forwarding state [ 300.271231][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 300.280527][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 300.304054][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 300.321905][ T3648] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 300.371429][ T3655] Bluetooth: hci6: command tx timeout [ 300.383921][ T3727] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 300.402992][ T3727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 300.419981][ T3727] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 300.445622][ T3727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 300.471630][ T3727] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 300.480113][ T3727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 300.501704][ T3727] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 300.513451][ T8363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 300.690735][ T3690] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 300.930751][ T3690] usb 1-1: Using ep0 maxpacket: 8 [ 301.020946][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 301.045605][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 301.051082][ T3690] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 301.070850][ T3690] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 301.088095][ T8363] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 301.119076][ T3690] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 301.149808][ T3690] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 301.164810][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 301.192194][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 301.200970][ T3690] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 301.210095][ T3690] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.280054][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 301.298778][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 301.318526][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 301.336744][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 301.353063][ T8363] device veth0_vlan entered promiscuous mode [ 301.380961][ T8363] device veth1_vlan entered promiscuous mode [ 301.436757][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 301.451709][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 301.470561][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 301.495389][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 301.510935][ T3690] usb 1-1: GET_CAPABILITIES returned 0 [ 301.514513][ T8363] device veth0_macvtap entered promiscuous mode [ 301.516482][ T3690] usbtmc 1-1:16.0: can't read capabilities [ 301.563393][ T8363] device veth1_macvtap entered promiscuous mode [ 301.618773][ T8363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.670595][ T8363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.690983][ T8363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.716398][ T3688] usb 1-1: USB disconnect, device number 7 [ 301.735105][ T8363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.765759][ T8363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 301.800794][ T8363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 301.852072][ T8363] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 301.881572][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 301.902772][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 301.951755][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 301.980929][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 302.012917][ T8363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.033308][ T8534] loop4: detected capacity change from 0 to 32768 [ 302.039975][ T8363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.074317][ T8534] XFS: ikeep mount option is deprecated. [ 302.091912][ T8363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.113634][ T8363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.133196][ T8363] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 302.144117][ T8363] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 302.156258][ T8363] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 302.169174][ T8534] XFS (loop4): Mounting V5 Filesystem [ 302.169187][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 302.170123][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 302.205681][ T8363] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.242961][ T8363] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.257134][ T8363] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.269020][ T8534] XFS (loop4): Ending clean mount [ 302.301769][ T8534] XFS (loop4): Quotacheck needed: Please wait. [ 302.307170][ T8363] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.397339][ T8534] XFS (loop4): Quotacheck: Done. [ 302.441153][ T3655] Bluetooth: hci6: command tx timeout [ 302.554069][ T7495] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 302.593937][ T7495] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 302.637768][ T4883] XFS (loop4): Unmounting Filesystem [ 302.645743][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 302.704562][ T7495] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 302.718283][ T7495] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 302.754644][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 303.870945][ T3687] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 304.150834][ T3687] usb 1-1: Using ep0 maxpacket: 8 [ 304.283918][ T3687] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 304.305861][ T3687] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 304.344946][ T8579] loop4: detected capacity change from 0 to 32768 [ 304.352385][ T8579] XFS: ikeep mount option is deprecated. [ 304.366802][ T3687] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 304.396752][ T3687] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 304.399869][ T8579] XFS (loop4): Mounting V5 Filesystem [ 304.410818][ T3687] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 304.425498][ T3687] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 304.518988][ T8579] XFS (loop4): Ending clean mount [ 304.536685][ T8579] XFS (loop4): Quotacheck needed: Please wait. [ 304.634369][ T8579] XFS (loop4): Quotacheck: Done. [ 304.731109][ T3687] usb 1-1: GET_CAPABILITIES returned 0 [ 304.741489][ T3687] usbtmc 1-1:16.0: can't read capabilities [ 304.832988][ T4883] XFS (loop4): Unmounting Filesystem [ 304.961713][ T22] usb 1-1: USB disconnect, device number 8 [ 306.559408][ T8637] loop0: detected capacity change from 0 to 32768 [ 306.583700][ T8637] XFS: ikeep mount option is deprecated. [ 306.654968][ T8637] XFS (loop0): Mounting V5 Filesystem [ 306.819004][ T8637] XFS (loop0): Ending clean mount [ 306.847073][ T8637] XFS (loop0): Quotacheck needed: Please wait. [ 306.853557][ T3687] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 306.961281][ T8637] XFS (loop0): Quotacheck: Done. [ 307.035003][ T26] audit: type=1800 audit(1722129110.239:55): pid=8637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1582" name="bus" dev="loop0" ino=9291 res=0 errno=0 [ 307.121144][ T3687] usb 4-1: Using ep0 maxpacket: 8 [ 307.182425][ T6010] XFS (loop0): Unmounting Filesystem [ 307.269074][ T3687] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 307.290859][ T3687] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 307.341437][ T3687] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 307.363569][ T3687] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 307.389732][ T3687] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 307.405459][ T3687] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.691025][ T3687] usb 4-1: GET_CAPABILITIES returned 0 [ 307.696984][ T3687] usbtmc 4-1:16.0: can't read capabilities [ 307.950174][ T3687] usb 4-1: USB disconnect, device number 8 [ 309.620735][ T3690] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 309.860844][ T3690] usb 1-1: Using ep0 maxpacket: 8 [ 309.980923][ T3690] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 310.004377][ T8776] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1626'. [ 310.030954][ T3690] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 310.059184][ T3690] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 310.093599][ T3690] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 310.127813][ T3690] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 310.146924][ T3690] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.310727][ T3727] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 310.421045][ T3690] usb 1-1: GET_CAPABILITIES returned 0 [ 310.426926][ T3690] usbtmc 1-1:16.0: can't read capabilities [ 310.665030][ T3727] usb 5-1: Using ep0 maxpacket: 8 [ 310.701019][ T52] block nbd1: Possible stuck request ffff88801fe70000: control (read@0,4096B). Runtime 90 seconds [ 310.716803][ T3687] usb 1-1: USB disconnect, device number 9 [ 310.791000][ T3727] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 310.802690][ T3727] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.813917][ T3727] usb 5-1: config 0 descriptor?? [ 311.001005][ T3655] Bluetooth: hci6: command tx timeout [ 311.476374][ T8822] loop3: detected capacity change from 0 to 256 [ 312.013973][ T8822] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 312.062856][ T26] audit: type=1800 audit(1722129115.259:56): pid=8822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1639" name="file1" dev="loop3" ino=1048691 res=0 errno=0 [ 312.095111][ T8822] syz.3.1639: attempt to access beyond end of device [ 312.095111][ T8822] loop3: rw=0, sector=184, nr_sectors = 120 limit=256 [ 312.257340][ T26] audit: type=1804 audit(1722129115.419:57): pid=8827 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1639" name="/newroot/54/file2/bus" dev="loop3" ino=1048693 res=1 errno=0 [ 313.170830][ T3690] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 313.370457][ T8864] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1658'. [ 313.456820][ T3690] usb 4-1: Using ep0 maxpacket: 8 [ 313.581112][ T3690] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 313.619433][ T3690] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 313.648650][ T3690] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 313.693840][ T3690] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 313.811164][ T3690] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 313.823671][ T3690] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.030828][ T3727] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 314.050889][ T3653] Bluetooth: hci2: command 0x0406 tx timeout [ 314.084434][ T3727] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9 [ 314.095705][ T3690] usb 4-1: GET_CAPABILITIES returned 0 [ 314.105332][ T3690] usbtmc 4-1:16.0: can't read capabilities [ 314.157875][ T3727] asix: probe of 5-1:0.0 failed with error -71 [ 314.209270][ T3727] usb 5-1: USB disconnect, device number 9 [ 314.343694][ T3686] usb 4-1: USB disconnect, device number 9 [ 314.641095][ T8899] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1671'. [ 315.550592][ T8938] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1687'. [ 315.570739][ T3686] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 315.812032][ T3686] usb 3-1: Using ep0 maxpacket: 8 [ 315.835167][ T8950] serio: Serial port pts0 [ 315.931022][ T3686] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 315.942020][ T3686] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 315.965105][ T3686] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 315.994177][ T3686] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 316.018597][ T3686] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 316.077651][ T3686] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 316.098181][ T3686] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.489107][ T3686] usb 3-1: usb_control_msg returned -32 [ 316.496292][ T3686] usbtmc 3-1:16.0: can't read capabilities [ 317.088902][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.097859][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.209624][ T9029] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1726'. [ 318.329965][ T3690] usb 3-1: USB disconnect, device number 6 [ 318.902194][ T9045] input: syz1 as /devices/virtual/input/input47 [ 320.151114][ T14] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 320.390877][ T14] usb 3-1: Using ep0 maxpacket: 8 [ 320.671083][ T14] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 320.693810][ T14] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.718435][ T14] usb 3-1: Product: syz [ 320.730782][ T14] usb 3-1: Manufacturer: syz [ 320.735515][ T14] usb 3-1: SerialNumber: syz [ 320.884710][ T14] usb 3-1: config 0 descriptor?? [ 320.933600][ T14] gspca_main: se401-2.14.0 probing 047d:5003 [ 321.143808][ T9056] loop2: detected capacity change from 0 to 256 [ 321.240048][ T9056] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 321.780578][ T9091] input: syz1 as /devices/virtual/input/input48 [ 322.720937][ T14] usb 3-1: reset high-speed USB device number 7 using dummy_hcd [ 322.910956][ T14] usb 3-1: device descriptor read/64, error -32 [ 322.930883][ T3690] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 323.191137][ T3690] usb 1-1: Using ep0 maxpacket: 8 [ 323.196921][ T14] usb 3-1: reset high-speed USB device number 7 using dummy_hcd [ 323.321251][ T3690] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 323.348459][ T3690] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.370905][ T14] usb 3-1: device descriptor read/64, error -32 [ 323.397727][ T3690] usb 1-1: config 0 descriptor?? [ 323.652107][ T14] usb 3-1: reset high-speed USB device number 7 using dummy_hcd [ 323.740817][ T14] usb 3-1: device descriptor read/8, error -32 [ 324.060868][ T14] usb 3-1: reset high-speed USB device number 7 using dummy_hcd [ 324.140886][ T14] usb 3-1: device descriptor read/8, error -32 [ 324.264191][ T14] gspca_se401: read req failed req 0x06 error -19 [ 324.280475][ T14] usb 3-1: USB disconnect, device number 7 [ 324.430776][ T14] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 325.790848][ T14] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 326.130891][ T14] usb 2-1: Using ep0 maxpacket: 8 [ 326.210933][ T3690] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 326.240867][ T3690] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9 [ 326.266505][ T3690] asix: probe of 1-1:0.0 failed with error -71 [ 326.301471][ T3690] usb 1-1: USB disconnect, device number 10 [ 326.326141][ T9210] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 326.351648][ T9210] team0: Port device bond0 removed [ 326.360450][ T9210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 326.368691][ T9210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 326.392178][ T9213] 8021q: adding VLAN 0 to HW filter on device bond0 [ 326.420870][ T14] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 326.430007][ T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.445194][ T14] usb 2-1: Product: syz [ 326.449430][ T14] usb 2-1: Manufacturer: syz [ 326.450334][ T9213] team0: Port device bond0 added [ 326.462958][ T14] usb 2-1: SerialNumber: syz [ 326.484638][ T14] usb 2-1: config 0 descriptor?? [ 326.487196][ T3663] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 326.523173][ T14] gspca_main: se401-2.14.0 probing 047d:5003 [ 326.740892][ T3663] usb 4-1: Using ep0 maxpacket: 32 [ 326.742967][ T9185] loop1: detected capacity change from 0 to 256 [ 326.810013][ T9185] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 326.871540][ T3663] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 326.911102][ T3663] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 326.932265][ T3663] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 326.953457][ T3663] usb 4-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 326.968586][ T3663] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.001967][ T3663] usb 4-1: config 0 descriptor?? [ 327.472975][ T3663] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0 [ 327.484805][ T3663] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0 [ 327.531172][ T3663] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0 [ 327.551836][ T3663] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0 [ 327.575518][ T3663] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0 [ 327.584702][ T9242] team0: Port device bond0 removed [ 327.610161][ T3663] ntrig 0003:1B96:000A.0003: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.3-1/input0 [ 327.624209][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 327.698324][ T3663] usb 4-1: USB disconnect, device number 10 [ 327.705940][ T9242] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 327.730764][ T14] usb 2-1: reset high-speed USB device number 17 using dummy_hcd [ 327.773023][ T9242] device bridge_slave_0 left promiscuous mode [ 327.779449][ T9242] bridge0: port 1(bridge_slave_0) entered disabled state [ 327.894333][ T9242] device bridge_slave_1 left promiscuous mode [ 327.910758][ T14] usb 2-1: device descriptor read/64, error -32 [ 327.931392][ T9242] bridge0: port 2(bridge_slave_1) entered disabled state [ 328.014901][ T9242] bond0: (slave bond_slave_0): Releasing backup interface [ 328.069916][ T9242] bond0: (slave bond_slave_1): Releasing backup interface [ 328.174374][ T9242] team0: Port device team_slave_0 removed [ 328.180741][ T14] usb 2-1: reset high-speed USB device number 17 using dummy_hcd [ 328.333412][ T9242] team0: Port device team_slave_1 removed [ 328.360937][ T14] usb 2-1: device descriptor read/64, error -32 [ 328.371951][ T9242] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 328.410051][ T9242] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 328.441997][ T9242] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 328.449500][ T9242] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 328.539590][ T9242] device macvlan2 left promiscuous mode [ 328.569964][ T9242] bridge0: port 3(macvlan2) entered disabled state [ 328.630105][ T9244] 8021q: adding VLAN 0 to HW filter on device bond0 [ 328.637234][ T14] usb 2-1: reset high-speed USB device number 17 using dummy_hcd [ 328.652376][ T9244] team0: Port device bond0 added [ 328.724980][ T14] usb 2-1: device descriptor read/8, error -32 [ 329.010840][ T14] usb 2-1: reset high-speed USB device number 17 using dummy_hcd [ 329.090151][ T9277] serio: Serial port pts0 [ 329.100856][ T14] usb 2-1: device descriptor read/8, error -32 [ 329.222912][ T14] gspca_se401: read req failed req 0x06 error -19 [ 329.250162][ T14] usb 2-1: USB disconnect, device number 17 [ 329.798917][ T9294] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 329.880155][ T9294] team0: Port device bond0 removed [ 329.903609][ T9294] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 329.947479][ T9294] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 330.089386][ T9299] 8021q: adding VLAN 0 to HW filter on device bond0 [ 330.102265][ T9299] team0: Port device bond0 added [ 330.343467][ T9286] loop1: detected capacity change from 0 to 32768 [ 330.351968][ T9286] XFS: ikeep mount option is deprecated. [ 330.451008][ T9318] loop0: detected capacity change from 0 to 256 [ 330.498016][ T9318] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 330.536476][ T9318] syz.0.1833: attempt to access beyond end of device [ 330.536476][ T9318] loop0: rw=0, sector=184, nr_sectors = 120 limit=256 [ 330.591087][ T3687] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 330.630390][ T26] audit: type=1800 audit(1722129133.739:58): pid=9318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1833" name="file1" dev="loop0" ino=1048696 res=0 errno=0 [ 330.930816][ T3687] usb 3-1: Using ep0 maxpacket: 8 [ 330.971644][ T26] audit: type=1804 audit(1722129133.869:59): pid=9321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1833" name="/newroot/239/file2/bus" dev="loop0" ino=1048697 res=1 errno=0 [ 331.020589][ T9286] XFS (loop1): Mounting V5 Filesystem [ 331.264297][ T9286] XFS (loop1): Ending clean mount [ 331.292566][ T3687] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 331.325494][ T3687] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 331.352057][ T3687] usb 3-1: Product: syz [ 331.370705][ T3687] usb 3-1: Manufacturer: syz [ 331.386952][ T3687] usb 3-1: SerialNumber: syz [ 331.409636][ T3687] usb 3-1: config 0 descriptor?? [ 331.432672][ T9286] XFS (loop1): Quotacheck needed: Please wait. [ 331.464047][ T3687] gspca_main: se401-2.14.0 probing 047d:5003 [ 331.500187][ T9286] XFS (loop1): Quotacheck: Done. [ 331.588882][ T26] audit: type=1800 audit(1722129134.789:60): pid=9286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1822" name="bus" dev="loop1" ino=9291 res=0 errno=0 [ 331.691321][ T9309] loop2: detected capacity change from 0 to 256 [ 331.738326][ T8363] XFS (loop1): Unmounting Filesystem [ 331.743684][ T9309] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 332.690928][ T3687] usb 3-1: reset high-speed USB device number 9 using dummy_hcd [ 332.886639][ T3687] usb 3-1: device descriptor read/64, error -32 [ 333.160961][ T3687] usb 3-1: reset high-speed USB device number 9 using dummy_hcd [ 333.350885][ T3687] usb 3-1: device descriptor read/64, error -32 [ 333.650903][ T3687] usb 3-1: reset high-speed USB device number 9 using dummy_hcd [ 333.740950][ T3687] usb 3-1: device descriptor read/8, error -32 [ 333.775408][ T9387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.811056][ T9365] loop1: detected capacity change from 0 to 32768 [ 333.818300][ T9365] XFS: ikeep mount option is deprecated. [ 333.847784][ T9387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.905028][ T9387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.930465][ T9387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.943290][ T9387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.970111][ T9365] XFS (loop1): Mounting V5 Filesystem [ 334.027817][ T9387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 334.050066][ T3687] usb 3-1: reset high-speed USB device number 9 using dummy_hcd [ 334.059050][ T9390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1863'. [ 334.197024][ T9365] XFS (loop1): Ending clean mount [ 334.262665][ T9365] XFS (loop1): Quotacheck needed: Please wait. [ 334.350084][ T3687] usb 3-1: device not accepting address 9, error -71 [ 334.359999][ T9365] XFS (loop1): Quotacheck: Done. [ 334.365612][ T3687] gspca_se401: read req failed req 0x06 error -19 [ 334.368867][ T3687] usb 3-1: USB disconnect, device number 9 [ 334.492807][ T26] audit: type=1800 audit(1722129137.699:61): pid=9365 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1852" name="bus" dev="loop1" ino=9291 res=0 errno=0 [ 334.649652][ T8363] XFS (loop1): Unmounting Filesystem [ 335.290947][ T3663] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 335.540697][ T3663] usb 5-1: Using ep0 maxpacket: 8 [ 335.840839][ T3663] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 335.870312][ T3663] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 335.883539][ T3663] usb 5-1: Product: syz [ 335.887773][ T3663] usb 5-1: Manufacturer: syz [ 335.903031][ T3663] usb 5-1: SerialNumber: syz [ 335.924616][ T3663] usb 5-1: config 0 descriptor?? [ 336.002886][ T3663] gspca_main: se401-2.14.0 probing 047d:5003 [ 336.224577][ T9431] loop4: detected capacity change from 0 to 256 [ 336.275200][ T9431] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 337.250918][ T3663] usb 5-1: reset high-speed USB device number 10 using dummy_hcd [ 337.431054][ T3663] usb 5-1: device descriptor read/64, error -32 [ 337.508854][ T9513] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1914'. [ 337.724276][ T3663] usb 5-1: reset high-speed USB device number 10 using dummy_hcd [ 337.930827][ T3663] usb 5-1: device descriptor read/64, error -32 [ 338.200809][ T3663] usb 5-1: reset high-speed USB device number 10 using dummy_hcd [ 338.281409][ T3663] usb 5-1: device descriptor read/8, error -32 [ 338.408986][ T9545] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1930'. [ 338.673933][ T3663] usb 5-1: reset high-speed USB device number 10 using dummy_hcd [ 338.750854][ T3663] usb 5-1: device descriptor read/8, error -32 [ 338.881284][ T3663] gspca_se401: read req failed req 0x06 error -19 [ 338.921608][ T3663] usb 5-1: USB disconnect, device number 10 [ 339.090848][ T3663] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 339.290762][ T3663] usb 5-1: device descriptor read/64, error -32 [ 339.764190][ T9557] loop2: detected capacity change from 0 to 32768 [ 339.791443][ T9557] XFS: ikeep mount option is deprecated. [ 339.864900][ T9557] XFS (loop2): Mounting V5 Filesystem [ 340.053428][ T9588] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1944'. [ 340.147910][ T9557] XFS (loop2): Ending clean mount [ 340.171634][ T9557] XFS (loop2): Quotacheck needed: Please wait. [ 340.239247][ T9557] XFS (loop2): Quotacheck: Done. [ 340.306684][ T26] audit: type=1800 audit(1722129143.509:62): pid=9557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1935" name="bus" dev="loop2" ino=9291 res=0 errno=0 [ 340.413396][ T3641] XFS (loop2): Unmounting Filesystem [ 340.761291][ T52] block nbd1: Possible stuck request ffff88801fe70000: control (read@0,4096B). Runtime 120 seconds [ 341.272738][ T9619] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1958'. [ 342.847971][ T9665] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 342.914874][ T9665] team0: Port device bond0 removed [ 342.951626][ T9665] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 342.982699][ T9665] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 343.101546][ T9669] 8021q: adding VLAN 0 to HW filter on device bond0 [ 343.137146][ T9669] team0: Port device bond0 added [ 344.878796][ T9740] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 344.913624][ T9740] team0: Port device bond0 removed [ 344.942574][ T9740] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 344.960976][ T9740] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 345.058839][ T9746] 8021q: adding VLAN 0 to HW filter on device bond0 [ 345.129287][ T9746] team0: Port device bond0 added [ 345.286049][ T9758] input: syz1 as /devices/virtual/input/input49 [ 351.636663][ T9891] loop0: detected capacity change from 0 to 32768 [ 351.681564][ T9891] XFS: ikeep mount option is deprecated. [ 351.770234][ T9891] XFS (loop0): Mounting V5 Filesystem [ 351.974724][ T9891] XFS (loop0): Ending clean mount [ 352.019187][ T9891] XFS (loop0): Quotacheck needed: Please wait. [ 352.113971][ T9891] XFS (loop0): Quotacheck: Done. [ 352.176536][ T26] audit: type=1800 audit(1722129155.379:63): pid=9891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2076" name="bus" dev="loop0" ino=9291 res=0 errno=0 [ 352.299752][ T6010] XFS (loop0): Unmounting Filesystem [ 352.322228][ T9921] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 352.368984][ T9921] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 352.453240][ T9921] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 352.492796][ T9921] device bridge_slave_0 left promiscuous mode [ 352.513549][ T9921] bridge0: port 1(bridge_slave_0) entered disabled state [ 352.560180][ T9921] device bridge_slave_1 left promiscuous mode [ 352.591670][ T9921] bridge0: port 2(bridge_slave_1) entered disabled state [ 352.684133][ T9921] bond0: (slave bond_slave_0): Releasing backup interface [ 352.784594][ T9921] bond0: (slave bond_slave_1): Releasing backup interface [ 352.963802][ T9921] team0: Port device team_slave_0 removed [ 353.061946][ T9921] team0: Port device team_slave_1 removed [ 353.076928][ T9921] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 353.088083][ T9921] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 353.108763][ T9921] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 353.118122][ T9921] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 353.188036][ T9926] 8021q: adding VLAN 0 to HW filter on device bond0 [ 353.204338][ T9926] team0: Port device bond0 added [ 353.916966][ T9968] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 354.008436][ T9968] team0: Port device bond0 removed [ 354.025562][ T9968] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 354.063129][ T9968] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 354.157558][ T9972] 8021q: adding VLAN 0 to HW filter on device bond0 [ 354.240249][ T9972] team0: Port device bond0 added [ 355.001016][ T3653] Bluetooth: hci4: command 0x0406 tx timeout [ 356.340804][ T8051] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 356.581421][ T8051] usb 4-1: Using ep0 maxpacket: 8 [ 356.711203][ T8051] usb 4-1: config 0 has no interfaces? [ 356.716797][ T8051] usb 4-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 356.750539][ T8051] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 356.779502][ T8051] usb 4-1: config 0 descriptor?? [ 357.044897][ T8051] usb 4-1: USB disconnect, device number 11 [ 359.773141][ T3653] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 359.783538][ T3653] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 359.792741][ T3653] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 359.803537][ T3653] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 359.815083][ T3653] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 359.822621][ T3653] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 359.925133][ T7117] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.990945][ T8051] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 360.115844][ T7117] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.252217][ T8051] usb 3-1: Using ep0 maxpacket: 8 [ 360.304431][ T7117] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.371011][ T8051] usb 3-1: config 0 has no interfaces? [ 360.376570][ T8051] usb 3-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 360.393896][ T8051] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.411377][ T8051] usb 3-1: config 0 descriptor?? [ 360.699631][ T8051] usb 3-1: USB disconnect, device number 10 [ 360.987724][ T7117] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.573350][T10162] chnl_net:caif_netlink_parms(): no params data found [ 361.881124][ T3655] Bluetooth: hci2: command tx timeout [ 363.126923][T10162] bridge0: port 1(bridge_slave_0) entered blocking state [ 363.135842][T10162] bridge0: port 1(bridge_slave_0) entered disabled state [ 363.165467][T10162] device bridge_slave_0 entered promiscuous mode [ 363.329310][T10162] bridge0: port 2(bridge_slave_1) entered blocking state [ 363.341417][T10162] bridge0: port 2(bridge_slave_1) entered disabled state [ 363.360138][T10162] device bridge_slave_1 entered promiscuous mode [ 363.592130][T10162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 363.783619][T10162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 364.002941][ T3655] Bluetooth: hci2: command tx timeout [ 365.046959][T10162] team0: Port device team_slave_0 added [ 365.156269][T10162] team0: Port device team_slave_1 added [ 365.296550][T10162] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 365.320339][T10162] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 365.440269][T10162] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 365.621634][T10162] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 365.628910][T10162] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 365.654866][ C0] vkms_vblank_simulate: vblank timer overrun [ 365.755424][T10162] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 366.761620][ T3647] Bluetooth: hci2: command tx timeout [ 367.001028][ T27] INFO: task syz.1.907:6753 blocked for more than 143 seconds. [ 367.009020][ T27] Not tainted 6.1.102-syzkaller #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 367.047151][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 367.110984][ T27] task:syz.1.907 state:D stack:27560 pid:6753 ppid:3639 flags:0x00004004 [ 367.216488][ T27] Call Trace: [ 367.219877][ T27] [ 367.236020][ T27] __schedule+0x143f/0x4570 [ 367.248096][ T27] ? __mutex_lock+0x6b4/0xd80 [ 367.253701][ T27] ? release_firmware_map_entry+0x186/0x186 [ 367.259736][ T27] ? __mutex_trylock_common+0x8d/0x2e0 [ 367.267477][ T27] ? do_raw_spin_unlock+0x137/0x8a0 [ 367.273139][ T27] schedule+0xbf/0x180 [ 367.277259][ T27] schedule_preempt_disabled+0xf/0x20 [ 367.299560][ T27] __mutex_lock+0x6b9/0xd80 [ 367.305416][ T27] ? __mutex_lock+0x53c/0xd80 [ 367.310153][ T27] ? blkdev_get_by_dev+0x148/0xa10 [ 367.315784][ T27] ? mutex_lock_nested+0x10/0x10 [ 367.325125][ T27] ? _atomic_dec_and_lock+0x96/0x130 [ 367.330484][ T27] ? iput+0x401/0x980 [ 367.335028][ T27] ? ilookup+0x1c8/0x200 [ 367.339425][ T27] ? disk_block_events+0xa1/0x110 [ 367.344957][ T27] ? blkdev_get_by_dev+0xe7/0xa10 [ 367.350076][ T27] blkdev_get_by_dev+0x148/0xa10 [ 367.355670][ T27] blkdev_open+0x12e/0x2e0 [ 367.360130][ T27] ? blkdev_mmap+0x1b0/0x1b0 [ 367.365267][ T27] do_dentry_open+0x7f9/0x10f0 [ 367.370140][ T27] path_openat+0x2644/0x2e60 [ 367.375286][ T27] ? mark_lock+0x9a/0x340 [ 367.379708][ T27] ? do_filp_open+0x480/0x480 [ 367.391423][ T27] do_filp_open+0x230/0x480 [ 367.396033][ T27] ? vfs_tmpfile+0x4a0/0x4a0 [ 367.401189][ T27] ? _raw_spin_unlock+0x24/0x40 [ 367.406118][ T27] ? alloc_fd+0x5a0/0x640 [ 367.410486][ T27] do_sys_openat2+0x13b/0x4f0 [ 367.416862][ T27] ? do_sys_open+0x220/0x220 [ 367.422877][ T27] __x64_sys_openat+0x243/0x290 [ 367.427794][ T27] ? __ia32_sys_open+0x270/0x270 [ 367.433257][ T27] ? syscall_enter_from_user_mode+0x2e/0x230 [ 367.439328][ T27] ? lockdep_hardirqs_on+0x94/0x130 [ 367.445077][ T27] ? syscall_enter_from_user_mode+0x2e/0x230 [ 367.451479][ T27] do_syscall_64+0x3b/0xb0 [ 367.455969][ T27] ? clear_bhb_loop+0x45/0xa0 [ 367.461379][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 367.467370][ T27] RIP: 0033:0x7fd91db75cd0 [ 367.472309][ T27] RSP: 002b:00007fd91e9fbb80 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 367.481197][ T27] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd91db75cd0 [ 367.489428][ T27] RDX: 0000000000000000 RSI: 00007fd91e9fbc20 RDI: 00000000ffffff9c [ 367.497964][ T27] RBP: 00007fd91e9fbc20 R08: 0000000000000000 R09: 002364626e2f7665 [ 367.530765][ T27] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 367.538867][ T27] R13: 000000000000000b R14: 00007fd91dd05f80 R15: 00007fff154946b8 [ 367.572890][ T27] [ 367.576086][ T27] INFO: task syz.1.907:6760 blocked for more than 143 seconds. [ 367.600672][ T27] Not tainted 6.1.102-syzkaller #0 [ 367.606366][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 367.630675][ T27] task:syz.1.907 state:D stack:26648 pid:6760 ppid:3639 flags:0x00004004 [ 367.640051][ T27] Call Trace: [ 367.649675][ T27] [ 367.652740][ T27] __schedule+0x143f/0x4570 [ 367.661437][ T27] ? __mutex_lock+0x6b4/0xd80 [ 367.666213][ T27] ? release_firmware_map_entry+0x186/0x186 [ 367.674079][ T27] ? __mutex_trylock_common+0x8d/0x2e0 [ 367.679642][ T27] ? do_raw_spin_unlock+0x137/0x8a0 [ 367.695771][ T27] schedule+0xbf/0x180 [ 367.699938][ T27] schedule_preempt_disabled+0xf/0x20 [ 367.710540][ T27] __mutex_lock+0x6b9/0xd80 [ 367.728882][ T27] ? __mutex_lock+0x53c/0xd80 [ 367.739611][ T27] ? blkdev_put+0x100/0x750 [ 367.750084][ T27] ? mutex_lock_nested+0x10/0x10 [ 367.766283][ T27] ? __fsnotify_parent+0x50b/0x730 [ 367.776430][ T27] blkdev_put+0x100/0x750 [ 367.788350][ T27] blkdev_close+0x56/0x80 [ 367.798277][ T27] ? blkdev_open+0x2e0/0x2e0 [ 367.810485][ T27] __fput+0x3f6/0x8d0 [ 367.814984][ T27] task_work_run+0x246/0x300 [ 367.819705][ T27] ? task_work_cancel+0x2b0/0x2b0 [ 367.830062][ T27] ? blkdev_ioctl+0x3a9/0x760 [ 367.835232][ T27] ? exit_to_user_mode_loop+0x39/0x100 [ 367.841417][ T27] exit_to_user_mode_loop+0xde/0x100 [ 367.846782][ T27] exit_to_user_mode_prepare+0xb1/0x140 [ 367.853768][ T27] syscall_exit_to_user_mode+0x60/0x270 [ 367.859374][ T27] do_syscall_64+0x47/0xb0 [ 367.864112][ T27] ? clear_bhb_loop+0x45/0xa0 [ 367.868878][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 367.874909][ T27] RIP: 0033:0x7fd91db77299 [ 367.879783][ T27] RSP: 002b:00007fd91e9db048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 367.888725][ T27] RAX: 0000000000000000 RBX: 00007fd91dd06058 RCX: 00007fd91db77299 [ 367.897155][ T27] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003 [ 367.905615][ T27] RBP: 00007fd91dbe48e6 R08: 0000000000000000 R09: 0000000000000000 [ 367.913720][ T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 367.921887][ T27] R13: 000000000000006e R14: 00007fd91dd06058 R15: 00007fff154946b8 [ 367.929984][ T27] [ 367.961068][ T27] [ 367.961068][ T27] Showing all locks held in the system: [ 367.980890][ T27] 1 lock held by rcu_tasks_kthre/12: [ 367.986269][ T27] #0: ffffffff8d32af10 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 368.009567][ T27] 1 lock held by rcu_tasks_trace/13: [ 368.014971][ T27] #0: ffffffff8d32b710 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 368.050975][ T27] 1 lock held by khungtaskd/27: [ 368.055879][ T27] #0: ffffffff8d32ad40 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 368.090699][ T27] 2 locks held by kworker/1:1/41: [ 368.095779][ T27] #0: ffff888012872138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 368.130678][ T27] #1: ffffc90000b27d20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 368.180676][ T27] 1 lock held by dhcpcd/3305: [ 368.185413][ T27] #0: ffffffff8e4f7668 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2a5/0x1b20 [ 368.230722][ T27] 3 locks held by kworker/0:3/3383: [ 368.235980][ T27] #0: ffff888012870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 368.284255][ T27] #1: ffffc9000371fd20 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 368.295489][ T27] #2: ffffffff8e4f7668 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xa/0x50 [ 368.319794][ T27] 2 locks held by getty/3398: [ 368.325781][ T27] #0: ffff88814b84a098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 368.336046][ T27] #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0 [ 368.347483][ T27] 3 locks held by syz-executor/3641: [ 368.353215][ T27] #0: ffff88807c71d0b8 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x1ff/0x500 [ 368.368652][ T27] #1: ffff88807c71c078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x48d/0x1020 [ 368.378602][ T27] #2: ffffffff8e64e7c8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x2a0 [ 368.388997][ T27] 2 locks held by kworker/0:5/3686: [ 368.395254][ T27] #0: ffff888012870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 368.406000][ T27] #1: ffffc9000401fd20 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 368.415817][ T27] 1 lock held by udevd/4360: [ 368.420422][ T27] #0: ffff88801fd634c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10 [ 368.431029][ T27] 3 locks held by syz-executor/4883: [ 368.436337][ T27] #0: ffff88805923d0b8 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x1ff/0x500 [ 368.447469][ T27] #1: ffff88805923c078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x48d/0x1020 [ 368.457297][ T27] #2: ffffffff8e64e7c8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x2a0 [ 368.467400][ T27] 1 lock held by syz.1.907/6753: [ 368.474484][ T27] #0: ffff88801fd634c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10 [ 368.484638][ T27] 1 lock held by syz.1.907/6760: [ 368.489589][ T27] #0: ffff88801fd634c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0x100/0x750 [ 368.499077][ T27] 4 locks held by kworker/u4:13/7117: [ 368.504562][ T27] #0: ffff888012a1e938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 368.514962][ T27] #1: ffffc900035ffd20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 368.525022][ T27] #2: ffffffff8e4eb310 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60 [ 368.534471][ T27] #3: ffffffff8e4f7668 (rtnl_mutex){+.+.}-{3:3}, at: wiphy_unregister+0x22f/0xb10 [ 368.543944][ T27] 3 locks held by kworker/u4:17/7495: [ 368.550067][ T27] #0: ffff888017ef6138 ((wq_completion)cfg80211){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 368.560847][ T27] #1: ffffc9000357fd20 ((work_completion)(&(&rdev->dfs_update_channels_wk)->work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 368.574464][ T27] #2: ffffffff8e4f7668 (rtnl_mutex){+.+.}-{3:3}, at: cfg80211_dfs_channels_update_work+0xbb/0x610 [ 368.586554][ T27] 1 lock held by syz.1.1420/8169: [ 368.591921][ T27] #0: ffff88801fd634c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10 [ 368.602528][ T27] 2 locks held by kworker/u4:19/9090: [ 368.607934][ T27] #0: ffff8880b983aa18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 368.617952][ T27] #1: ffffffff8d32ad40 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x16a/0x470 [ 368.627452][ T27] 2 locks held by syz-executor/10162: [ 368.632913][ T27] #0: ffffffff8e4f7668 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x7c1/0xff0 [ 368.642429][ T27] #1: ffffffff8d330338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x930 [ 368.654824][ T27] 1 lock held by syz.1.2243/10317: [ 368.659969][ T27] #0: ffffffff8d330338 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x930 [ 368.671011][ T27] 3 locks held by syz.3.2244/10321: [ 368.676233][ T27] #0: ffff8880242d50b8 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x1ff/0x500 [ 368.686290][ T27] #1: ffff8880242d4078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x48d/0x1020 [ 368.697743][ T27] #2: ffffffff8e64e7c8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xb8/0x2a0 [ 368.719672][ T27] [ 368.726102][ T27] ============================================= [ 368.726102][ T27] [ 368.735110][ T27] NMI backtrace for cpu 0 [ 368.739468][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 6.1.102-syzkaller #0 [ 368.747401][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 368.757491][ T27] Call Trace: [ 368.760802][ T27] [ 368.763761][ T27] dump_stack_lvl+0x1e3/0x2cb [ 368.768496][ T27] ? nf_tcp_handle_invalid+0x642/0x642 [ 368.774002][ T27] ? panic+0x764/0x764 [ 368.778097][ T27] ? vprintk_emit+0x622/0x740 [ 368.782821][ T27] ? printk_sprint+0x490/0x490 [ 368.787621][ T27] ? nmi_cpu_backtrace+0x252/0x560 [ 368.792773][ T27] nmi_cpu_backtrace+0x4e1/0x560 [ 368.798186][ T27] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 368.804371][ T27] ? _printk+0xd1/0x111 [ 368.808557][ T27] ? panic+0x764/0x764 [ 368.812662][ T27] ? __wake_up_klogd+0xcc/0x100 [ 368.817550][ T27] ? panic+0x764/0x764 [ 368.821657][ T27] ? nmi_trigger_cpumask_backtrace+0xe2/0x3f0 [ 368.827762][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 368.833874][ T27] nmi_trigger_cpumask_backtrace+0x1b0/0x3f0 [ 368.839895][ T27] watchdog+0xf88/0xfd0 [ 368.844095][ T27] ? watchdog+0x1f8/0xfd0 [ 368.848475][ T27] kthread+0x28d/0x320 [ 368.850672][ T3647] Bluetooth: hci2: command tx timeout [ 368.852555][ T27] ? hungtask_pm_notify+0x50/0x50 [ 368.852585][ T27] ? kthread_blkcg+0xd0/0xd0 [ 368.852605][ T27] ret_from_fork+0x1f/0x30 [ 368.852649][ T27] [ 368.854166][ T27] Sending NMI from CPU 0 to CPUs 1: [ 368.881053][ C1] NMI backtrace for cpu 1 [ 368.881067][ C1] CPU: 1 PID: 8885 Comm: udevd Not tainted 6.1.102-syzkaller #0 [ 368.881085][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 368.881096][ C1] RIP: 0010:debug_check_no_obj_freed+0xbb/0x4e0 [ 368.881129][ C1] Code: 00 00 48 ff cb 74 ac 48 89 5c 24 08 48 89 44 24 40 4c 89 f8 48 c1 e8 0c 48 b9 eb 83 b5 80 46 86 c8 61 48 0f af c1 48 c1 e8 2f <83> e0 f8 48 8d 9c c0 00 d6 13 92 48 8d bc c0 08 d6 13 92 48 89 7c [ 368.881155][ C1] RSP: 0018:ffffc9000347fc48 EFLAGS: 00000a03 [ 368.881171][ C1] RAX: 0000000000014f73 RBX: 0000000000000002 RCX: 61c8864680b583eb [ 368.881183][ C1] RDX: dffffc0000000000 RSI: 0000000000001000 RDI: ffff888061126600 [ 368.881196][ C1] RBP: 0000000000000000 R08: ffffffff813db118 R09: ffffed100c224cc3 [ 368.881209][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 368.881221][ C1] R13: ffff888061126600 R14: ffff888061127600 R15: ffff888061126000 [ 368.881235][ C1] FS: 00007f4669cc1c80(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 368.881251][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 368.881263][ C1] CR2: 00005556261e7508 CR3: 000000004df1f000 CR4: 00000000003506e0 [ 368.881278][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 368.881289][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 368.881300][ C1] Call Trace: [ 368.881305][ C1] [ 368.881311][ C1] ? nmi_cpu_backtrace+0x3de/0x560 [ 368.881336][ C1] ? read_lock_is_recursive+0x10/0x10 [ 368.881364][ C1] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 368.881390][ C1] ? nmi_handle+0x25/0x440 [ 368.881425][ C1] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 368.881453][ C1] ? nmi_handle+0x12e/0x440 [ 368.881479][ C1] ? nmi_handle+0x25/0x440 [ 368.881505][ C1] ? debug_check_no_obj_freed+0xbb/0x4e0 [ 368.881537][ C1] ? default_do_nmi+0x62/0x150 [ 368.881563][ C1] ? exc_nmi+0xa8/0x100 [ 368.881588][ C1] ? end_repeat_nmi+0x16/0x31 [ 368.881614][ C1] ? __phys_addr+0xa8/0x170 [ 368.881638][ C1] ? debug_check_no_obj_freed+0xbb/0x4e0 [ 368.881664][ C1] ? debug_check_no_obj_freed+0xbb/0x4e0 [ 368.881692][ C1] ? debug_check_no_obj_freed+0xbb/0x4e0 [ 368.881719][ C1] [ 368.881724][ C1] [ 368.881737][ C1] kmem_cache_free+0x241/0x510 [ 368.881759][ C1] ? do_sys_openat2+0x1f9/0x4f0 [ 368.881788][ C1] do_sys_openat2+0x1f9/0x4f0 [ 368.881813][ C1] ? kmem_cache_free+0x292/0x510 [ 368.881836][ C1] ? do_sys_open+0x220/0x220 [ 368.881862][ C1] ? do_unlinkat+0x7a7/0x820 [ 368.881889][ C1] __x64_sys_openat+0x243/0x290 [ 368.881917][ C1] ? __ia32_sys_open+0x270/0x270 [ 368.881944][ C1] ? syscall_enter_from_user_mode+0x2e/0x230 [ 368.881962][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 368.881979][ C1] ? syscall_enter_from_user_mode+0x2e/0x230 [ 368.882000][ C1] do_syscall_64+0x3b/0xb0 [ 368.882022][ C1] ? clear_bhb_loop+0x45/0xa0 [ 368.882045][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 368.882066][ C1] RIP: 0033:0x7f46699169a4 [ 368.882079][ C1] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83 [ 368.882093][ C1] RSP: 002b:00007ffccf0cc000 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 368.882110][ C1] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f46699169a4 [ 368.882122][ C1] RDX: 0000000000080000 RSI: 00007ffccf0cc138 RDI: 00000000ffffff9c [ 368.882134][ C1] RBP: 00007ffccf0cc138 R08: 0000000000000008 R09: 0000000000000001 [ 368.882145][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000080000 [ 368.882155][ C1] R13: 000056302ed90b42 R14: 0000000000000001 R15: 000056302f616910 [ 368.882177][ C1] [ 369.280029][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 369.286939][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.102-syzkaller #0 [ 369.294861][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 369.304941][ T27] Call Trace: [ 369.308236][ T27] [ 369.311186][ T27] dump_stack_lvl+0x1e3/0x2cb [ 369.315898][ T27] ? nf_tcp_handle_invalid+0x642/0x642 [ 369.321396][ T27] ? panic+0x764/0x764 [ 369.325490][ T27] ? llist_add_batch+0x160/0x1d0 [ 369.330467][ T27] ? vscnprintf+0x59/0x80 [ 369.334810][ T27] panic+0x318/0x764 [ 369.338710][ T27] ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0 [ 369.344893][ T27] ? memcpy_page_flushcache+0xfc/0xfc [ 369.350275][ T27] ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0 [ 369.356447][ T27] ? nmi_trigger_cpumask_backtrace+0x33a/0x3f0 [ 369.362618][ T27] ? nmi_trigger_cpumask_backtrace+0x33f/0x3f0 [ 369.368796][ T27] watchdog+0xfc7/0xfd0 [ 369.372974][ T27] ? watchdog+0x1f8/0xfd0 [ 369.377316][ T27] kthread+0x28d/0x320 [ 369.381388][ T27] ? hungtask_pm_notify+0x50/0x50 [ 369.386424][ T27] ? kthread_blkcg+0xd0/0xd0 [ 369.391021][ T27] ret_from_fork+0x1f/0x30 [ 369.395465][ T27] [ 369.398788][ T27] Kernel Offset: disabled [ 369.403121][ T27] Rebooting in 86400 seconds..