last executing test programs: 6m34.301353105s ago: executing program 1 (id=2218): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f000009df00)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x2, 0x1, 0x4, 0x0, 0xffff}, 0x20) 6m34.301118051s ago: executing program 1 (id=2220): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e) 6m33.39012229s ago: executing program 1 (id=2236): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x16, 0xd, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x86}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="0cff0900a244984f2595f43dfb1e", 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 6m33.387718209s ago: executing program 1 (id=2237): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x8) 6m33.34287072s ago: executing program 1 (id=2238): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x100000) fcntl$setpipe(r0, 0x407, 0x8005) 6m32.77827093s ago: executing program 3 (id=2258): capset(&(0x7f0000000300)={0x20071026}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x4}) r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 6m32.771059191s ago: executing program 3 (id=2259): r0 = socket$l2tp(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @empty}, 0x10) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10) 6m32.711609722s ago: executing program 3 (id=2262): keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6e65772064656661756c7420757365723a7379b5d1ef7a20303430"], 0x2a, 0x0) r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) keyctl$read(0xb, r0, &(0x7f0000000240)=""/112, 0x349b7f55) 6m32.711546809s ago: executing program 1 (id=2263): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0xc0580, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000840)={0x6, 0x0, @pic={0x9, 0x0, 0x0, 0x5, 0x1d, 0xf8, 0x9, 0xb, 0x3, 0xfb, 0x2, 0x8, 0x9a, 0x42, 0x3, 0x81}}) 6m32.629376077s ago: executing program 32 (id=2263): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0xc0580, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000840)={0x6, 0x0, @pic={0x9, 0x0, 0x0, 0x5, 0x1d, 0xf8, 0x9, 0xb, 0x3, 0xfb, 0x2, 0x8, 0x9a, 0x42, 0x3, 0x81}}) 6m32.601010169s ago: executing program 3 (id=2265): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x8) 6m32.595468427s ago: executing program 3 (id=2266): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x8, 0x0, 0x7fffffff}]}) r0 = timerfd_create(0x0, 0x80800) timerfd_gettime(r0, &(0x7f0000000000)) 6m32.250849768s ago: executing program 3 (id=2276): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x20, r1, 0xb03, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}]}]}, 0x20}}, 0x0) 6m32.250743729s ago: executing program 33 (id=2276): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x20, r1, 0xb03, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}]}]}, 0x20}}, 0x0) 6m23.232503554s ago: executing program 4 (id=2496): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r0, @ANYBLOB="10100000000000000800200005000000e4031680a40001800c00070000000000adffffff0c00", @ANYRES16=r0, @ANYBLOB="4b76f3b6"], 0x40c}}, 0x4000000) 6m23.161608261s ago: executing program 4 (id=2498): r0 = socket(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ppp={{0x8}, {0xc, 0x2, 0x0, 0x1, {0x8, 0x1, r1}}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0xc}]}, 0x40}}, 0x0) 6m23.062567794s ago: executing program 4 (id=2505): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) sendmsg$rds(r0, &(0x7f0000001380)={&(0x7f00000000c0)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000380)=[@cswp={0x58, 0x114, 0x7, {{0x7ff80000, 0x101}, 0x0, 0x0, 0x89, 0x4, 0xeb, 0x10000000008a, 0x22, 0x77}}, @zcopy_cookie={0x10, 0x114, 0xc, 0x2de}], 0x68}, 0x0) 6m23.002902979s ago: executing program 4 (id=2508): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) read$FUSE(r0, &(0x7f0000009780)={0x2020}, 0x2020) write$FUSE_DIRENTPLUS(r0, &(0x7f0000000180)={0x10, 0xfffffff5, 0x3}, 0x10) 6m22.942686099s ago: executing program 4 (id=2511): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 6m22.9421409s ago: executing program 4 (id=2514): syz_usb_connect(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a8230800090400bc6435fb4d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r0, 0x0, 0x0) 6m13.272314501s ago: executing program 5 (id=2833): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x5522, 0x0) ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522) 6m13.212558847s ago: executing program 5 (id=2836): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)={0x24, r1, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@GTPA_LINK={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1000000}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 6m13.212326328s ago: executing program 5 (id=2838): setuid(0xee00) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000500), 0x8) 6m13.141040014s ago: executing program 5 (id=2839): setresuid(0xee00, 0xee00, 0x0) r0 = socket$kcm(0x2, 0x922000000001, 0x106) setsockopt$sock_attach_bpf(r0, 0x1, 0xc, &(0x7f00000002c0), 0x4) 6m13.140881708s ago: executing program 5 (id=2840): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100) fcntl$notify(r0, 0x402, 0x8000000b) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20) 6m13.072761163s ago: executing program 5 (id=2841): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x1, @broadcast, 'ip6gre0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000080)={0x18, 0x0, {0x8002, @random="f985d6b3bcf5", 'syzkaller0\x00'}}) 6m7.922439285s ago: executing program 34 (id=2514): syz_usb_connect(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a8230800090400bc6435fb4d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r0, 0x0, 0x0) 5m57.963870394s ago: executing program 35 (id=2841): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x1, @broadcast, 'ip6gre0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000080)={0x18, 0x0, {0x8002, @random="f985d6b3bcf5", 'syzkaller0\x00'}}) 5m12.982126178s ago: executing program 7 (id=4528): r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xca) bind$ax25(r0, &(0x7f0000000280)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @bcast, @null]}, 0x48) connect$ax25(r0, &(0x7f0000000300)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5}, [@bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) 5m12.931474678s ago: executing program 7 (id=4530): r0 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41) ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r0, 0x40146f2c, &(0x7f0000000100)={0x2, 0x1, 0x3, 0x14, 0x4}) ioctl$DVB_DEMUX_DMX_ADD_PID(r0, 0x40026f33, &(0x7f0000000040)=0x312) 5m12.857315167s ago: executing program 7 (id=4533): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x26020895}, 0x4000800) 5m12.807776336s ago: executing program 7 (id=4536): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0xc) 5m12.717581149s ago: executing program 7 (id=4538): mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_int(r0, 0x0, 0x31, &(0x7f0000000180)=0x1, 0x21) 5m12.521521202s ago: executing program 7 (id=4546): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x11, r0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) 5m12.40132604s ago: executing program 36 (id=4546): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x11, r0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) 3.068707126s ago: executing program 6 (id=11386): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000400)=ANY=[@ANYBLOB="1201000009b768405e0483020b9901e40201090227000100000000090400fb015cc7aa00090509"], 0x0) syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x3, 0x101000) syz_usb_disconnect(r0) syz_usb_connect$cdc_ecm(0x3, 0x4d, &(0x7f0000000200)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x6, 0x40, 0xd, "", [{{0x9, 0x4, 0x0, 0x75, 0x3, 0x2, 0x6, 0x0, 0xfc, {{0x5}, {0x5, 0x24, 0x0, 0xc}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x5, 0xce23, 0x3}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x7, 0x1, 0xe}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x8, 0x6, 0x9b}}}}}]}}]}}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0x0, 0x0}, {0x6, &(0x7f00000002c0)=@string={0x6, 0x3, "ac01d57f"}}, {0x0, 0x0}]}) 866.214774ms ago: executing program 8 (id=11429): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8be000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7733, 0x2000, 0x1fffff, 0x34f}, 0x0, 0x0, &(0x7f0000000000)) 746.90709ms ago: executing program 0 (id=11430): recvmmsg(0xffffffffffffffff, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f0000001840)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4}, 0xffff}], 0x1, 0x2002, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto$inet6(r0, &(0x7f0000000400)="2ae0e710", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c) recvmmsg(r0, &(0x7f0000000d80), 0x4000000000001e9, 0x10162, 0x0) 679.861286ms ago: executing program 0 (id=11432): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r2, 0x4068aea3, &(0x7f00000001c0)={0xc7, 0x0, 0x1}) 610.158636ms ago: executing program 2 (id=11433): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) r1 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040)={0x8a83, 0x8, 0xffffff00, 0x38000, 0x2, "1039db8d79bea18fa3015ae9ae6901313cf366"}) 601.900775ms ago: executing program 2 (id=11434): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) write$dsp(r0, &(0x7f0000000d80)="913982b180a3", 0x6) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000180)=0x101) 553.003409ms ago: executing program 0 (id=11435): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) getpeername(r0, 0x0, &(0x7f00000000c0)) 547.589843ms ago: executing program 8 (id=11436): pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) fcntl$setpipe(r0, 0x407, 0x2000000) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff) sendfile(r0, r1, 0x0, 0xfffc80) 513.597988ms ago: executing program 0 (id=11437): io_setup(0x8, &(0x7f0000000000)=0x0) r1 = eventfd2(0x0, 0x80001) io_submit(r0, 0x1, &(0x7f0000000600)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) writev(r1, &(0x7f0000000580)=[{&(0x7f0000000640)="1b4fc2f0623b3d9c", 0x8}], 0x1) 470.358279ms ago: executing program 8 (id=11438): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000000)={0x3, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000001040)={0x3, {{0x2, 0x0, @multicast1}}}, 0x88) getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000000000)=""/4091, &(0x7f0000001000)=0xffb) 464.766082ms ago: executing program 2 (id=11439): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r1) sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000240)={&(0x7f0000000fc0)={0x14, r2, 0x1, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x840}, 0x800) 420.772862ms ago: executing program 8 (id=11440): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000001900), r1) sendmsg$NFC_CMD_LLC_GET_PARAMS(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x1c, r2, 0x1, 0x70bd27, 0x25dfdbff, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x80) 354.444397ms ago: executing program 2 (id=11441): r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000180), 0x315900, 0x0) fchdir(r0) mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x10005c9, 0x0) syz_open_procfs(0x0, &(0x7f0000000200)='net/llc/socket\x00') 353.880607ms ago: executing program 8 (id=11442): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x6, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) landlock_add_rule$LANDLOCK_RULE_NET_PORT(0xffffffffffffffff, 0x2, 0x0, 0x0) 353.298362ms ago: executing program 0 (id=11443): ioctl$KVM_GET_EMULATED_CPUID(0xffffffffffffffff, 0xc008ae09, &(0x7f0000000000)={0x3, 0x0, [{0x0, 0x84, 0x4, 0x9, 0x4, 0x0, 0xb}, {0xb, 0x5, 0x0, 0xd, 0x9, 0x0, 0x9}, {0x80000000, 0xffffffff, 0x4, 0x2d, 0x3, 0x40007, 0x1000}]}) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff, 0xf}, 0x10) sendmsg$kcm(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="2e00000022008102e00f80ecdb4cb9020a", 0x4a}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0) 315.733211ms ago: executing program 6 (id=11444): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000001380)={'batadv_slave_1\x00', 0x0}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f00000014c0)={@loopback, 0x72, r1}) 311.859019ms ago: executing program 2 (id=11445): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) openat2(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', &(0x7f0000000280)={0x591002, 0x8c, 0xc}, 0x18) 281.718151ms ago: executing program 0 (id=11446): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x800000000006, 0x5, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) truncate(0x0, 0x5) 219.863283ms ago: executing program 6 (id=11447): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x12) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_pressure(r0, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0) write$cgroup_pressure(r1, &(0x7f0000000080)={'some', 0x20, 0x2000000008, 0x20, 0x10000000fffff}, 0x2f) 211.62852ms ago: executing program 2 (id=11448): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mprotect(&(0x7f000004f000/0x800000)=nil, 0x800000, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x20, 0x3) 109.847639ms ago: executing program 6 (id=11449): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13) writev(r0, &(0x7f0000000600)=[{&(0x7f0000000240)="83", 0x1}], 0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000c00)=0x11) 9.095332ms ago: executing program 6 (id=11450): bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e21, 0x8000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, 0x1c) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b04, &(0x7f0000000040)={'virt_wifi0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl(r0, 0x8b27, &(0x7f0000000040)) 1.312118ms ago: executing program 8 (id=11451): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_clone3(&(0x7f00000005c0)={0x280a00300, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) 0s ago: executing program 6 (id=11452): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r1}, 0xc) kernel console output (not intermixed with test programs): mum allowed: 32 [ 315.020769][ T39] usb 13-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 315.025879][ T39] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 315.031097][ T39] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 315.039178][ T39] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 315.040289][T24335] dummy0: entered allmulticast mode [ 315.047494][ T39] usb 13-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 315.051957][ T39] usb 13-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 315.056662][ T39] usb 13-1: Product: syz [ 315.058579][ T39] usb 13-1: Manufacturer: syz [ 315.060666][T24334] dummy0: left allmulticast mode [ 315.069061][ T39] cdc_wdm 13-1:1.0: skipping garbage [ 315.071462][ T39] cdc_wdm 13-1:1.0: skipping garbage [ 315.075745][ T39] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device [ 315.078330][ T39] cdc_wdm 13-1:1.0: Unknown control protocol [ 315.273256][ T50] usb 13-1: USB disconnect, device number 9 [ 316.801152][T12846] kernel read not supported for file /dsp1 (pid: 12846 comm: kworker/0:6) [ 316.983132][T24388] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 316.987347][T24388] block device autoloading is deprecated and will be removed. [ 317.413279][T24402] netlink: 52 bytes leftover after parsing attributes in process `syz.8.8316'. [ 317.511908][T24416] netlink: 27 bytes leftover after parsing attributes in process `syz.6.8322'. [ 317.520516][ T40] audit: type=1326 audit(2000000187.119:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24417 comm="syz.0.8324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 317.530339][ T40] audit: type=1326 audit(2000000187.119:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24417 comm="syz.0.8324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 317.541180][ T40] audit: type=1326 audit(2000000187.129:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24417 comm="syz.0.8324" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 317.551808][ T40] audit: type=1326 audit(2000000187.129:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24417 comm="syz.0.8324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 317.572797][ T40] audit: type=1326 audit(2000000187.129:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24417 comm="syz.0.8324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 317.581565][ T40] audit: type=1326 audit(2000000187.139:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24417 comm="syz.0.8324" exe="/syz-executor" sig=0 arch=40000003 syscall=16 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 317.598252][ T40] audit: type=1326 audit(2000000187.139:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24417 comm="syz.0.8324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 317.610180][ T40] audit: type=1326 audit(2000000187.139:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24417 comm="syz.0.8324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 317.665676][T24432] bridge0: port 4(syz_tun) entered blocking state [ 317.669089][T24432] bridge0: port 4(syz_tun) entered disabled state [ 317.675779][T24432] syz_tun: entered allmulticast mode [ 317.681693][T24432] syz_tun: entered promiscuous mode [ 317.687157][T24432] bridge0: port 4(syz_tun) entered blocking state [ 317.690359][T24432] bridge0: port 4(syz_tun) entered forwarding state [ 318.212529][ T6024] usb 11-1: new high-speed USB device number 10 using dummy_hcd [ 318.369303][ T6024] usb 11-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 318.374155][ T6024] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.377462][ T6024] usb 11-1: Product: syz [ 318.379232][ T6024] usb 11-1: Manufacturer: syz [ 318.381155][ T6024] usb 11-1: SerialNumber: syz [ 318.637551][ T6024] rtl8150 11-1:1.0: couldn't reset the device [ 318.639869][ T6024] rtl8150 11-1:1.0: probe with driver rtl8150 failed with error -5 [ 318.652762][ T6024] usb 11-1: USB disconnect, device number 10 [ 318.982298][T24476] nbd2: detected capacity change from 0 to 128 [ 319.000343][ T62] block nbd2: Receive control failed (result -104) [ 319.000374][ T5952] block nbd2: Receive control failed (result -32) [ 319.485848][T24505] sp0: Synchronizing with TNC [ 319.512344][ T39] usb 11-1: new high-speed USB device number 11 using dummy_hcd [ 319.681906][ T39] usb 11-1: Using ep0 maxpacket: 16 [ 319.686129][ T39] usb 11-1: config 0 has no interfaces? [ 319.688596][ T39] usb 11-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 319.696312][ T39] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 319.702293][ T39] usb 11-1: config 0 descriptor?? [ 319.783800][T24529] cifs: Unknown parameter 'mode' [ 320.067440][ T9] usb 11-1: USB disconnect, device number 11 [ 320.583413][T24557] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8389'. [ 321.122628][ T9] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 321.293809][ T9] usb 5-1: config index 0 descriptor too short (expected 65472, got 45) [ 321.298641][ T9] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 321.302060][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 321.305008][ T9] usb 5-1: Product: syz [ 321.306371][ T9] usb 5-1: Manufacturer: syz [ 321.308062][ T9] usb 5-1: SerialNumber: syz [ 321.329939][T24570] loop9: detected capacity change from 0 to 524287999 [ 321.519335][ T9] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 321.525480][ T9] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 321.529920][ T9] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 321.564414][ T9] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71 [ 321.577092][ T9] usb 5-1: USB disconnect, device number 18 [ 322.237685][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.362548][ T9] usb 5-1: new low-speed USB device number 19 using dummy_hcd [ 322.515009][ T9] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 322.518435][ T9] usb 5-1: config 0 has no interface number 0 [ 322.521136][ T9] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 322.525971][ T9] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 322.530492][ T9] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 322.534376][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.539556][ T9] usb 5-1: config 0 descriptor?? [ 322.542861][T24600] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 322.550059][ T9] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 322.770599][ T50] usb 5-1: USB disconnect, device number 19 [ 322.898488][T24616] netlink: 24 bytes leftover after parsing attributes in process `syz.8.8415'. [ 323.007239][T24620] 9p: Invalid gid '0x00000000ffffffff' [ 323.095086][T24624] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8419'. [ 323.102530][T24624] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8419'. [ 323.245319][T24632] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8423'. [ 323.696293][T24668] sp0: Synchronizing with TNC [ 324.083139][ T39] e1000 0000:00:06.0 eth0: Reset adapter [ 324.212767][ T39] e1000 0000:00:06.0 eth0: Reset adapter [ 324.352856][ T39] e1000 0000:00:06.0 eth0: Reset adapter [ 326.473619][ T39] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 334.735206][T24752] block nbd3: Unsupported socket: should be TCP or UNIX. [ 335.104171][T24789] netlink: 'syz.8.8480': attribute type 1 has an invalid length. [ 335.107794][T24789] netlink: 'syz.8.8480': attribute type 2 has an invalid length. [ 335.111115][T24789] netlink: 'syz.8.8480': attribute type 1 has an invalid length. [ 335.115508][T24789] netlink: 'syz.8.8480': attribute type 3 has an invalid length. [ 335.118826][T24789] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8480'. [ 335.873867][T24830] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 335.912530][T16412] usb 11-1: new full-speed USB device number 12 using dummy_hcd [ 336.084844][T16412] usb 11-1: config 0 has no interfaces? [ 336.087760][T16412] usb 11-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47 [ 336.091788][T16412] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 336.100602][T16412] usb 11-1: config 0 descriptor?? [ 336.191241][T24841] netlink: 'syz.0.8502': attribute type 3 has an invalid length. [ 336.326645][T24845] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 336.332031][T24845] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 336.336848][T24845] overlayfs: failed to set uuid (1484/file0, err=-13); falling back to uuid=null. [ 336.342039][T16412] usb 11-1: USB disconnect, device number 12 [ 337.651391][T24903] tipc: New replicast peer: 255.255.255.255 [ 337.662768][T24903] tipc: Enabled bearer , priority 10 [ 337.891290][ T1152] Bluetooth: hci1: Frame reassembly failed (-84) [ 339.015997][T24959] veth1_to_batadv: entered promiscuous mode [ 339.017997][T24959] macsec2: entered promiscuous mode [ 339.020927][T24961] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8545'. [ 339.081015][T24965] netlink: 'syz.0.8547': attribute type 3 has an invalid length. [ 339.083688][T24965] netlink: 72 bytes leftover after parsing attributes in process `syz.0.8547'. [ 339.912565][ T62] Bluetooth: hci1: command 0x1003 tx timeout [ 339.916490][ T5952] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 340.880124][T25025] pimreg: tun_chr_ioctl cmd 1074025678 [ 340.881914][T25025] pimreg: group set to 768 [ 341.679795][T25071] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8592'. [ 341.685668][T25071] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8592'. [ 342.736013][T16412] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 342.892287][T16412] usb 5-1: Using ep0 maxpacket: 32 [ 342.898371][T16412] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 342.905817][T16412] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 342.915173][T16412] usb 5-1: config 0 descriptor?? [ 342.927879][T16412] as10x_usb: device has been detected [ 342.931335][T16412] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 342.959497][T16412] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 342.982752][T16412] as10x_usb: error during firmware upload part1 [ 342.986033][T16412] Registered device nBox DVB-T Dongle [ 343.142304][T16412] usb 5-1: USB disconnect, device number 20 [ 343.166039][T16412] Unregistered device nBox DVB-T Dongle [ 343.167388][T16412] as10x_usb: device has been disconnected [ 343.704207][T12846] usb 13-1: new high-speed USB device number 10 using dummy_hcd [ 343.883820][T12846] usb 13-1: Using ep0 maxpacket: 32 [ 343.887514][T12846] usb 13-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 343.893551][T12846] usb 13-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 343.897046][T12846] usb 13-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 343.900191][T12846] usb 13-1: Product: syz [ 343.901857][T12846] usb 13-1: Manufacturer: syz [ 343.904265][T12846] usb 13-1: SerialNumber: syz [ 343.912806][T12846] usb 13-1: config 0 descriptor?? [ 343.915501][T25139] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 344.127025][T12846] usb 13-1: USB disconnect, device number 10 [ 344.992330][ T6024] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 345.142273][ T6024] usb 5-1: Using ep0 maxpacket: 8 [ 345.145406][ T6024] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 345.148062][ T6024] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 345.151932][ T6024] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 345.155327][ T6024] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 345.158607][ T6024] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 345.163478][ T6024] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 345.167018][ T6024] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 345.262351][T16412] usb 11-1: new high-speed USB device number 13 using dummy_hcd [ 345.382147][ T6024] usb 5-1: GET_CAPABILITIES returned 0 [ 345.384408][ T6024] usbtmc 5-1:16.0: can't read capabilities [ 345.412355][T16412] usb 11-1: Using ep0 maxpacket: 8 [ 345.416505][T16412] usb 11-1: config 168 descriptor has 1 excess byte, ignoring [ 345.420007][T16412] usb 11-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 345.425862][T16412] usb 11-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 345.431269][T16412] usb 11-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 345.436794][T16412] usb 11-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 345.441596][T16412] usb 11-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 345.447478][T16412] usb 11-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 345.462282][T16412] usb 11-1: config 168 interface 0 has no altsetting 0 [ 345.466416][T16412] usb 11-1: config 168 descriptor has 1 excess byte, ignoring [ 345.469671][T16412] usb 11-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 345.475161][T16412] usb 11-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 345.480030][T16412] usb 11-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 345.485858][T16412] usb 11-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 345.490625][T16412] usb 11-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 345.495906][T16412] usb 11-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 345.501525][T16412] usb 11-1: config 168 interface 0 has no altsetting 0 [ 345.506392][T16412] usb 11-1: config 168 descriptor has 1 excess byte, ignoring [ 345.509674][T16412] usb 11-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 345.515867][T16412] usb 11-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 345.521125][T16412] usb 11-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 345.532299][T16412] usb 11-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 345.537351][T16412] usb 11-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 345.542549][T16412] usb 11-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 345.548086][T16412] usb 11-1: config 168 interface 0 has no altsetting 0 [ 345.564731][T16412] usb 11-1: string descriptor 0 read error: -22 [ 345.567407][T16412] usb 11-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 345.571045][T16412] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.587347][ T6704] usb 5-1: USB disconnect, device number 21 [ 345.602540][T16412] adutux 11-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 346.303380][T25210] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8657'. [ 346.630611][T25227] input: syz1 as /devices/virtual/input/input32 [ 347.039756][T25252] netlink: 24 bytes leftover after parsing attributes in process `syz.8.8676'. [ 347.045860][T25252] netlink: 32 bytes leftover after parsing attributes in process `syz.8.8676'. [ 347.579177][T25287] input: syz1 as /devices/virtual/input/input33 [ 347.582710][T25287] input: failed to attach handler leds to device input33, error: -6 [ 347.848768][T12846] usb 11-1: USB disconnect, device number 13 [ 347.984117][T25321] sp0: Synchronizing with TNC [ 347.993530][T25320] [U] `` [ 348.037167][T25324] CUSE: info not properly terminated [ 348.214123][T25328] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 348.654648][ T6704] kernel read not supported for file /dsp1 (pid: 6704 comm: kworker/1:4) [ 349.012520][ T5992] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 349.152695][ T6071] block nbd2: Connection timed out, retrying (0/2 alive) [ 349.157843][ T6071] block nbd2: Dead connection, failed to find a fallback [ 349.160707][ T6071] block nbd2: shutting down sockets [ 349.164358][ T6071] blk_print_req_error: 27 callbacks suppressed [ 349.164375][ T6071] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 349.169654][ T6071] buffer_io_error: 27 callbacks suppressed [ 349.169664][ T6071] Buffer I/O error on dev nbd2, logical block 0, async page read [ 349.174669][T23933] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 349.178554][T23933] Buffer I/O error on dev nbd2, logical block 0, async page read [ 349.181783][T23933] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 349.186013][T23933] Buffer I/O error on dev nbd2, logical block 0, async page read [ 349.189819][T23933] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 349.195112][ T5992] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 349.195354][T23933] Buffer I/O error on dev nbd2, logical block 0, async page read [ 349.199071][ T5992] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 349.201608][T23933] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 349.208651][T23933] Buffer I/O error on dev nbd2, logical block 0, async page read [ 349.211898][T23933] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 349.216559][T23933] Buffer I/O error on dev nbd2, logical block 0, async page read [ 349.220553][T23933] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 349.225389][T23933] Buffer I/O error on dev nbd2, logical block 0, async page read [ 349.229084][T23933] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 349.233348][T23933] Buffer I/O error on dev nbd2, logical block 0, async page read [ 349.234953][ T5992] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 349.236546][T23933] ldm_validate_partition_table(): Disk read failed. [ 349.244280][T23933] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 349.244442][ T5992] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 349.248088][T23933] Buffer I/O error on dev nbd2, logical block 0, async page read [ 349.248185][T23933] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 349.251886][ T5992] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 349.251912][ T5992] usb 5-1: Product: syz [ 349.254532][T23933] Buffer I/O error on dev nbd2, logical block 0, async page read [ 349.254617][T23933] Dev nbd2: unable to read RDB block 0 [ 349.254747][T23933] nbd2: unable to read partition table [ 349.259385][ T5992] usb 5-1: Manufacturer: syz [ 349.275014][ T5992] usb 5-1: SerialNumber: syz [ 349.275526][T23933] ldm_validate_partition_table(): Disk read failed. [ 349.290701][T25366] genirq: Flags mismatch irq 4. 00200000 (aio_iiro_16) vs. 00200080 (ttyS0) [ 349.293111][T23933] Dev nbd2: unable to read RDB block 0 [ 349.297558][T23933] nbd2: unable to read partition table [ 349.304823][T25368] sctp: [Deprecated]: syz.6.8726 (pid 25368) Use of struct sctp_assoc_value in delayed_ack socket option. [ 349.304823][T25368] Use struct sctp_sack_info instead [ 349.345021][T25372] tmpfs: Cannot change global quota limit on remount [ 349.458512][T25376] Bluetooth: hci1: Frame reassembly failed (-84) [ 349.485963][ T5992] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 349.697782][ T5992] usb 5-1: USB disconnect, device number 22 [ 349.712597][ T5992] usblp0: removed [ 349.985778][T25392] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8738'. [ 350.582905][ T5992] e1000 0000:00:06.0 eth0: Reset adapter [ 350.693727][ T5992] e1000 0000:00:06.0 eth0: Reset adapter [ 351.512496][ T62] Bluetooth: hci1: command 0x1003 tx timeout [ 351.516340][ T5952] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 352.873578][ T5978] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 361.145261][T25466] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8754'. [ 361.170743][T25472] netlink: 'syz.8.8757': attribute type 9 has an invalid length. [ 361.174322][T25472] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8757'. [ 361.186494][T25472] hsr0: entered promiscuous mode [ 361.189381][T25472] macvlan2: entered promiscuous mode [ 361.194186][T25472] macvlan2: entered allmulticast mode [ 361.197010][T25472] hsr0: entered allmulticast mode [ 361.197031][T25472] hsr_slave_0: entered allmulticast mode [ 361.197046][T25472] hsr_slave_1: entered allmulticast mode [ 361.363282][T25486] kvm: kvm [25484]: vcpu128, guest rIP: 0xfff0 Unhandled RDMSR(0x40000076) [ 361.384877][T25491] overlayfs: failed to clone upperpath [ 361.473816][T25493] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 361.476189][T25493] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 361.558134][T25493] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 361.560831][T25493] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 361.633943][T25493] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 361.636595][T25493] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 361.752761][T25492] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 361.795500][ T40] audit: type=1800 audit(2000000237.404:237): pid=25518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.8778" name="file0" dev="9p" ino=74211341 res=0 errno=0 [ 361.859040][ T69] kernel read not supported for file /vcs (pid: 69 comm: kworker/1:1) [ 362.162861][T25537] dummy0: entered promiscuous mode [ 362.205394][T25536] dummy0: left promiscuous mode [ 363.183482][T25579] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8805'. [ 363.513299][T25552] Bluetooth: hci3: command 0x0406 tx timeout [ 363.587385][T25614] blkio.reset_stats is deprecated [ 363.592423][T25552] Bluetooth: hci4: command 0x0c1a tx timeout [ 363.672837][T25552] Bluetooth: hci0: command 0x041b tx timeout [ 363.732922][ T69] usb 13-1: new high-speed USB device number 11 using dummy_hcd [ 363.882597][ T69] usb 13-1: Using ep0 maxpacket: 8 [ 363.886561][ T69] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 363.891306][ T69] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 363.895951][ T69] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 363.900186][ T69] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 363.906380][ T69] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 363.910387][ T69] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.116095][T25638] netlink: 12 bytes leftover after parsing attributes in process `syz.6.8827'. [ 364.134523][ T69] usb 13-1: GET_CAPABILITIES returned 0 [ 364.136983][ T69] usbtmc 13-1:16.0: can't read capabilities [ 364.343029][T13041] usb 13-1: USB disconnect, device number 11 [ 364.380885][T25647] dvmrp1: tun_chr_ioctl cmd 1074025677 [ 364.383531][T25647] dvmrp1: linktype set to 804 [ 364.813740][T25672] kernel read not supported for file /:){{:, (pid: 25672 comm: syz.6.8840) [ 364.823911][ T40] audit: type=1800 audit(2000000240.424:238): pid=25672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.8840" name=":){{:," dev="mqueue" ino=92929 res=0 errno=0 [ 365.144827][T25699] loop8: detected capacity change from 0 to 524287999 [ 365.157027][T25487] buffer_io_error: 27 callbacks suppressed [ 365.157044][T25487] Buffer I/O error on dev loop8, logical block 65535998, async page read [ 365.175964][ T40] audit: type=1804 audit(2000000240.784:239): pid=25701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.8854" name="/newroot/1121/file0/file0" dev="9p" ino=74211341 res=1 errno=0 [ 365.189987][T25703] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8855'. [ 365.247902][ T40] audit: type=1326 audit(2000000240.854:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25694 comm="syz.6.8851" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70cef88 code=0x7ffc0000 [ 365.256389][ T40] audit: type=1326 audit(2000000240.854:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25694 comm="syz.6.8851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 365.266306][ T40] audit: type=1326 audit(2000000240.854:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25694 comm="syz.6.8851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 365.277258][ T40] audit: type=1326 audit(2000000240.854:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25694 comm="syz.6.8851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 365.286004][ T40] audit: type=1326 audit(2000000240.854:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25694 comm="syz.6.8851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 365.295189][ T40] audit: type=1326 audit(2000000240.854:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25694 comm="syz.6.8851" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70cef88 code=0x7ffc0000 [ 365.303486][ T40] audit: type=1326 audit(2000000240.854:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25694 comm="syz.6.8851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 365.603480][ T62] Bluetooth: hci3: command 0x0406 tx timeout [ 365.672857][ T62] Bluetooth: hci4: command 0x0c1a tx timeout [ 365.752511][ T62] Bluetooth: hci0: command 0x041b tx timeout [ 366.025467][T25762] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8880'. [ 366.030894][T25762] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8880'. [ 366.923259][T25831] netlink: 24 bytes leftover after parsing attributes in process `syz.6.8911'. [ 366.975103][T25833] netlink: 24 bytes leftover after parsing attributes in process `syz.6.8911'. [ 367.048421][T25837] netlink: 236 bytes leftover after parsing attributes in process `syz.8.8913'. [ 367.053660][T25837] netlink: 236 bytes leftover after parsing attributes in process `syz.8.8913'. [ 367.245941][T25855] support for the xor transformation has been removed. [ 367.519182][ T39] kernel write not supported for file /amidi2 (pid: 39 comm: kworker/2:1) [ 367.552420][T25875] Invalid logical block size (-1) [ 367.834687][T25552] Bluetooth: hci0: command 0x041b tx timeout [ 367.887514][T25891] tun0: tun_chr_ioctl cmd 1074025675 [ 367.890714][T25891] tun0: persist disabled [ 368.552623][T25922] veth1_to_bond: entered allmulticast mode [ 368.556471][T25922] veth1_to_bond: left allmulticast mode [ 369.222780][T25552] Bluetooth: hci4: unexpected event for opcode 0x040d [ 369.235760][T25958] mkiss: ax0: crc mode is auto. [ 369.553315][T25969] binder: 25968:25969 ioctl c0306201 0 returned -14 [ 369.912581][T25552] Bluetooth: hci0: command 0x041b tx timeout [ 370.787424][T25996] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8983'. [ 370.804936][T25996] netlink: 148 bytes leftover after parsing attributes in process `syz.6.8983'. [ 371.473138][T26035] ref_ctr_offset mismatch. inode: 0x1ee7 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x300000018 [ 371.865545][T26054] overlayfs: upper fs does not support file handles, falling back to index=off. [ 371.869463][T26054] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 372.360520][T26081] binder: 26080:26081 ioctl c0306201 80000080 returned -14 [ 372.488639][T26093] sp0: Synchronizing with TNC [ 373.033506][T26131] netlink: 88 bytes leftover after parsing attributes in process `syz.6.9048'. [ 373.440247][T26158] netlink: 4768 bytes leftover after parsing attributes in process `syz.6.9058'. [ 373.446657][T26158] netlink: 4768 bytes leftover after parsing attributes in process `syz.6.9058'. [ 373.597482][ T6704] hid_parser_main: 2 callbacks suppressed [ 373.597504][ T6704] hid-generic 0002:0008:0000.000B: unknown main item tag 0x0 [ 373.603794][ T6704] hid-generic 0002:0008:0000.000B: unknown main item tag 0x0 [ 373.607147][ T6704] hid-generic 0002:0008:0000.000B: unknown main item tag 0x0 [ 373.610305][ T6704] hid-generic 0002:0008:0000.000B: unknown main item tag 0x0 [ 373.614176][ T6704] hid-generic 0002:0008:0000.000B: unknown main item tag 0x0 [ 373.617464][ T6704] hid-generic 0002:0008:0000.000B: unknown main item tag 0x0 [ 373.620572][ T6704] hid-generic 0002:0008:0000.000B: unknown main item tag 0x0 [ 373.624276][ T6704] hid-generic 0002:0008:0000.000B: unknown main item tag 0x0 [ 373.627367][ T6704] hid-generic 0002:0008:0000.000B: unknown main item tag 0x0 [ 373.630628][ T6704] hid-generic 0002:0008:0000.000B: unknown main item tag 0x0 [ 373.638201][ T6704] hid-generic 0002:0008:0000.000B: hidraw1: HID v0.00 Device [syz0] on syz0 [ 373.668616][ T9] kernel read not supported for file /dsp1 (pid: 9 comm: kworker/0:0) [ 373.771194][T26174] fido_id[26174]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 374.732977][T13041] hid-generic 0002:0008:0000.000C: hidraw1: HID v0.00 Device [syz0] on syz0 [ 374.778601][T26224] fido_id[26224]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 375.478274][T26241] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9091'. [ 377.286306][T26305] overlayfs: missing 'workdir' [ 377.982317][ T9] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 378.142310][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 378.146391][ T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 378.150713][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 378.154823][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 378.158855][ T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 378.164488][ T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 378.168222][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 378.386419][ T9] usb 5-1: GET_CAPABILITIES returned 0 [ 378.389141][ T9] usbtmc 5-1:16.0: can't read capabilities [ 378.472678][ T62] Bluetooth: hci1: command 0x1003 tx timeout [ 378.473306][T25552] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 378.549508][ T40] kauditd_printk_skb: 175 callbacks suppressed [ 378.549525][ T40] audit: type=1326 audit(2000000255.157:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.2.9134" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 378.565812][ T40] audit: type=1326 audit(2000000255.167:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.2.9134" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff6f88 code=0x7ffc0000 [ 378.579801][ T40] audit: type=1326 audit(2000000255.167:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.2.9134" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff6f88 code=0x7ffc0000 [ 378.592124][ T9] usb 5-1: USB disconnect, device number 23 [ 378.597414][ T40] audit: type=1326 audit(2000000255.167:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.2.9134" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 378.606234][ T40] audit: type=1326 audit(2000000255.167:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.2.9134" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 378.613515][ T40] audit: type=1326 audit(2000000255.177:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.2.9134" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff6f88 code=0x7ffc0000 [ 378.622644][ T40] audit: type=1326 audit(2000000255.177:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.2.9134" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff6f88 code=0x7ffc0000 [ 378.630722][ T40] audit: type=1326 audit(2000000255.177:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.2.9134" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 378.638525][ T40] audit: type=1326 audit(2000000255.187:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.2.9134" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 378.646178][ T40] audit: type=1326 audit(2000000255.187:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26334 comm="syz.2.9134" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff6f88 code=0x7ffc0000 [ 380.858678][T26440] overlayfs: failed to clone upperpath [ 381.030476][T26456] loop8: detected capacity change from 0 to 524287999 [ 381.041130][T25487] Buffer I/O error on dev loop8, logical block 65535998, async page read [ 383.676298][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.683219][ C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 384.452376][T26565] nbd3: detected capacity change from 0 to 63 [ 384.456353][T25552] block nbd3: Receive control failed (result -104) [ 384.516039][T26571] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 384.592739][T26576] loop4: detected capacity change from 0 to 524287936 [ 385.146684][ T24] kernel read not supported for file /3404/net/arp (pid: 24 comm: kworker/2:0) [ 385.700656][T26622] misc userio: Begin command sent, but we're already running [ 386.116832][T26639] netlink: 56 bytes leftover after parsing attributes in process `syz.2.9270'. [ 386.170281][T26643] overlayfs: invalid origin (0000) [ 386.772390][T13041] usb 13-1: new high-speed USB device number 12 using dummy_hcd [ 386.944826][T13041] usb 13-1: config index 0 descriptor too short (expected 39, got 27) [ 386.948282][T13041] usb 13-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 386.952366][T13041] usb 13-1: config 0 interface 0 has no altsetting 0 [ 386.957029][T13041] usb 13-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 386.960471][T13041] usb 13-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 386.964099][T13041] usb 13-1: Product: syz [ 386.965872][T13041] usb 13-1: Manufacturer: syz [ 386.967506][T13041] usb 13-1: SerialNumber: syz [ 386.977764][T13041] usb 13-1: config 0 descriptor?? [ 386.980986][T13041] hub 13-1:0.0: bad descriptor, ignoring hub [ 386.984567][T13041] hub 13-1:0.0: probe with driver hub failed with error -5 [ 386.990586][T13041] usb 13-1: selecting invalid altsetting 0 [ 387.605202][T26659] usb 13-1: reset high-speed USB device number 12 using dummy_hcd [ 387.786224][T26659] usb 13-1: device firmware changed [ 387.790095][T13041] usb 13-1: USB disconnect, device number 12 [ 387.942360][T13041] usb 13-1: new high-speed USB device number 13 using dummy_hcd [ 388.072520][ T62] Bluetooth: hci3: command 0x0406 tx timeout [ 388.115484][T13041] usb 13-1: config index 0 descriptor too short (expected 39, got 27) [ 388.119064][T13041] usb 13-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 388.126391][T13041] usb 13-1: config 0 interface 0 has no altsetting 0 [ 388.133399][T13041] usb 13-1: string descriptor 0 read error: -22 [ 388.136552][T13041] usb 13-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 388.140710][T13041] usb 13-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 388.151549][T13041] usb 13-1: config 0 descriptor?? [ 388.159478][T13041] hub 13-1:0.0: bad descriptor, ignoring hub [ 388.163754][T13041] hub 13-1:0.0: probe with driver hub failed with error -5 [ 388.170309][T13041] usb 13-1: selecting invalid altsetting 0 [ 388.475718][ T24] usb 13-1: USB disconnect, device number 13 [ 388.721860][T26733] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9315'. [ 388.881891][T26754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9326'. [ 389.064926][T26767] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9332'. [ 389.092444][T26769] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 389.283997][ T24] kernel read not supported for file /dsp1 (pid: 24 comm: kworker/2:0) [ 389.338634][T26783] loop9: detected capacity change from 0 to 8 [ 389.341883][T26783] Dev loop9: unable to read RDB block 8 [ 389.344060][T26783] loop9: unable to read partition table [ 389.346178][T26783] loop9: partition table beyond EOD, truncated [ 389.352527][T26783] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 390.152382][ T62] Bluetooth: hci3: command 0x0406 tx timeout [ 390.602461][T13041] kernel read not supported for file /video37 (pid: 13041 comm: kworker/3:5) [ 391.542926][T26850] binder: 26849:26850 ioctl c0306201 80000640 returned -22 [ 391.582686][ T24] e1000 0000:00:06.0 eth0: Reset adapter [ 393.032725][ T62] Bluetooth: hci0: command 0x041b tx timeout [ 393.753572][ T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 401.631492][T26902] No such timeout policy "syz0" [ 401.748150][T26911] netlink: 'syz.2.9385': attribute type 9 has an invalid length. [ 401.751519][T26911] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.9385'. [ 403.596200][T26991] bridge0: port 2(bridge_slave_1) entered disabled state [ 403.599426][T26991] bridge0: port 1(bridge_slave_0) entered disabled state [ 403.645117][T27000] binder: 26999:27000 ioctl c0306201 0 returned -14 [ 403.733190][T26991] bond0: (slave batadv0): Releasing backup interface [ 403.775967][T26991] tipc: Resetting bearer [ 404.048088][ T62] block nbd6: Receive control failed (result -32) [ 404.049026][T26989] block nbd6: shutting down sockets [ 404.068330][T12846] hid_parser_main: 58 callbacks suppressed [ 404.068349][T12846] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 404.075104][T12846] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 404.081882][T12846] hid-generic 0000:0000:0000.000D: hidraw1: HID v0.00 Device [syz0] on syz1 [ 404.236306][T27008] fido_id[27008]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 404.287143][T26991] bridge_slave_0: left allmulticast mode [ 404.289831][T26991] bridge_slave_0: left promiscuous mode [ 404.295889][T26991] bridge0: port 1(bridge_slave_0) entered disabled state [ 404.387696][T26991] bridge0: port 2(bridge_slave_1) entered disabled state [ 404.503008][T26991] bond0: (slave bond_slave_0): Releasing backup interface [ 404.573831][T26991] bond0: (slave bond_slave_1): Releasing backup interface [ 404.617038][T26991] team_slave_0: left allmulticast mode [ 404.664421][T26991] team0: Port device team_slave_0 removed [ 404.675875][T26991] team_slave_1: left allmulticast mode [ 404.702906][T26991] team0: Port device team_slave_1 removed [ 404.708960][T26991] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 404.746786][T26991] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 404.785006][T26991] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 404.816991][T26991] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 404.856215][T26991] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 405.281859][T27049] netlink: 5668 bytes leftover after parsing attributes in process `syz.0.9449'. [ 405.285921][T27049] netlink: 5668 bytes leftover after parsing attributes in process `syz.0.9449'. [ 405.304076][T27051] sp0: Synchronizing with TNC [ 405.311998][T27051] [U] [ 405.602955][ T39] usb 11-1: new high-speed USB device number 14 using dummy_hcd [ 405.753968][ T39] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 405.758620][ T39] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 405.762909][ T39] usb 11-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 405.766540][ T39] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.781962][ T39] usb 11-1: config 0 descriptor?? [ 405.992617][ T39] usbhid 11-1:0.0: can't add hid device: -71 [ 405.995365][ T39] usbhid 11-1:0.0: probe with driver usbhid failed with error -71 [ 406.001649][ T39] usb 11-1: USB disconnect, device number 14 [ 406.432618][ T29] usb 11-1: new high-speed USB device number 15 using dummy_hcd [ 406.592336][ T29] usb 11-1: Using ep0 maxpacket: 32 [ 406.595981][ T29] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 406.600260][ T29] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 406.604833][ T29] usb 11-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40 [ 406.608346][ T29] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.614171][ T29] usb 11-1: config 0 descriptor?? [ 406.623197][ T29] ldusb 11-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 406.633633][ T29] ldusb 11-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 406.677110][T27105] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9475'. [ 406.822668][T27053] ldusb 11-1:0.0: Couldn't submit interrupt_in_urb -90 [ 406.828481][ T29] usb 11-1: USB disconnect, device number 15 [ 406.834026][ T29] ldusb 11-1:0.0: LD USB Device #0 now disconnected [ 408.259170][T27171] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9505'. [ 408.263384][T27171] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9505'. [ 408.266301][T27171] netlink: 'syz.6.9505': attribute type 20 has an invalid length. [ 408.573900][T27182] sctp: [Deprecated]: syz.0.9509 (pid 27182) Use of int in maxseg socket option. [ 408.573900][T27182] Use struct sctp_assoc_value instead [ 409.011796][ T5978] kernel write not supported for file /uinput (pid: 5978 comm: kworker/1:3) [ 409.043372][ T50] kernel write not supported for file /snd/seq (pid: 50 comm: kworker/3:1) [ 409.497612][T27237] tipc: Started in network mode [ 409.499808][T27237] tipc: Node identity ac14140f, cluster identity 4711 [ 409.503333][T27237] tipc: New replicast peer: 255.255.255.255 [ 409.506783][T27237] tipc: Enabled bearer , priority 10 [ 409.631150][ T40] kauditd_printk_skb: 170 callbacks suppressed [ 409.631168][ T40] audit: type=1326 audit(2000000286.237:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27249 comm="syz.0.9540" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 409.645648][ T40] audit: type=1326 audit(2000000286.237:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27249 comm="syz.0.9540" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 409.656104][ T40] audit: type=1326 audit(2000000286.237:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27249 comm="syz.0.9540" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 409.659640][T27253] : renamed from vlan0 (while UP) [ 409.665686][ T40] audit: type=1326 audit(2000000286.237:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27249 comm="syz.0.9540" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 409.678130][ T40] audit: type=1326 audit(2000000286.237:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27249 comm="syz.0.9540" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 409.689898][ T40] audit: type=1326 audit(2000000286.237:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27249 comm="syz.0.9540" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f82f88 code=0x7ffc0000 [ 409.698855][ T40] audit: type=1326 audit(2000000286.237:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27249 comm="syz.0.9540" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f82f88 code=0x7ffc0000 [ 409.708602][ T40] audit: type=1326 audit(2000000286.237:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27249 comm="syz.0.9540" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f82f88 code=0x7ffc0000 [ 409.717902][ T40] audit: type=1326 audit(2000000286.237:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27249 comm="syz.0.9540" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f82f88 code=0x7ffc0000 [ 409.726793][ T40] audit: type=1326 audit(2000000286.237:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27249 comm="syz.0.9540" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f82f88 code=0x7ffc0000 [ 409.920758][T27266] netlink: 'syz.6.9549': attribute type 21 has an invalid length. [ 409.925149][T27266] netlink: 128 bytes leftover after parsing attributes in process `syz.6.9549'. [ 409.929110][T27266] netlink: 3 bytes leftover after parsing attributes in process `syz.6.9549'. [ 409.935458][T27268] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9550'. [ 409.939241][T27268] netlink: 'syz.2.9550': attribute type 18 has an invalid length. [ 409.942981][T27268] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9550'. [ 409.995859][T27274] binder: Binderfs stats mode cannot be changed during a remount [ 410.603993][T27318] netlink: 72 bytes leftover after parsing attributes in process `syz.6.9572'. [ 410.625021][ T50] tipc: Node number set to 2886997007 [ 410.977784][T27358] netlink: 224 bytes leftover after parsing attributes in process `syz.2.9589'. [ 410.980824][T27358] netlink: 220 bytes leftover after parsing attributes in process `syz.2.9589'. [ 411.049412][T27369] loop6: detected capacity change from 0 to 8 [ 411.112447][T27369] loop6: detected capacity change from 8 to 7 [ 411.119392][ C2] blk_print_req_error: 27 callbacks suppressed [ 411.119405][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 411.124358][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.127967][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 411.131268][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.136389][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 411.139361][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.144429][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 411.148480][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.152100][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 411.155591][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.158592][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 411.161711][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.164526][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 411.167819][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.170618][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 411.174028][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.177128][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 411.181353][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.185163][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 411.189301][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.193709][T27369] ldm_validate_partition_table(): Disk read failed. [ 411.198010][T27369] Dev loop6: unable to read RDB block 0 [ 411.201106][T27369] loop6: unable to read partition table [ 411.203396][T27369] loop6: partition table beyond EOD, truncated [ 411.208147][T27369] loop_reread_partitions: partition scan of loop6 ([{BѷMܾ`*Z5]z(Ť4+hGpXgm [ 411.208147][T27369] .BL_se) failed (rc=-5) [ 413.753485][ T39] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 415.072390][ T2201] block nbd3: Possible stuck request ffff888027598000: control (read@0,1024B). Runtime 30 seconds [ 415.077091][ T2201] block nbd3: Possible stuck request ffff888027598200: control (read@1024,1024B). Runtime 30 seconds [ 415.080590][ T2201] block nbd3: Possible stuck request ffff888027598400: control (read@2048,1024B). Runtime 30 seconds [ 415.085312][ T2201] block nbd3: Possible stuck request ffff888027598600: control (read@3072,1024B). Runtime 30 seconds [ 422.146138][T27452] netlink: 'syz.0.9617': attribute type 9 has an invalid length. [ 422.259736][T27462] debugfs: 'ttyS3' already exists in 'caif_serial' [ 422.531191][T27477] netlink: 27 bytes leftover after parsing attributes in process `syz.0.9627'. [ 422.889209][T27502] netlink: 200 bytes leftover after parsing attributes in process `syz.2.9636'. [ 423.094952][ T40] kauditd_printk_skb: 207 callbacks suppressed [ 423.094969][ T40] audit: type=1326 audit(2000000299.707:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27508 comm="syz.6.9640" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 423.106205][ T40] audit: type=1326 audit(2000000299.707:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27508 comm="syz.6.9640" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 423.114548][ T40] audit: type=1326 audit(2000000299.707:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27508 comm="syz.6.9640" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 423.125030][ T40] audit: type=1326 audit(2000000299.707:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27508 comm="syz.6.9640" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 423.134714][ T40] audit: type=1326 audit(2000000299.707:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27508 comm="syz.6.9640" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 423.143528][ T40] audit: type=1326 audit(2000000299.707:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27508 comm="syz.6.9640" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 423.151984][ T40] audit: type=1326 audit(2000000299.707:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27508 comm="syz.6.9640" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000 [ 423.431013][T27536] netlink: 211856 bytes leftover after parsing attributes in process `syz.6.9650'. [ 423.619899][T27554] binder: 27553:27554 ioctl c0306201 80000640 returned -22 [ 424.159626][T12846] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 424.166526][T12846] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 424.169657][T12846] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 424.173357][T12846] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 424.176396][T12846] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 424.179613][T12846] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 424.183984][T12846] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 424.187067][T12846] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 424.190340][T12846] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 424.194228][T12846] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 424.198531][T12846] hid-generic 0000:0000:0000.000E: hidraw1: HID v0.00 Device [Zw[ba|\rn)A#6oү?aIs5hV3(; [ 424.198531][T12846] ѝP$zɷX$w[SRezxuSrl[5l'ZCz2] on tDKY縣Ϫ򞿹,UOp{"ixA[ewÒ}ZXA [ 424.245223][T27597] fido_id[27597]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 424.391549][T27609] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 424.394336][T27609] IPv6: NLM_F_CREATE should be set when creating new route [ 424.396713][T27609] IPv6: NLM_F_CREATE should be set when creating new route [ 424.398990][T27609] IPv6: NLM_F_CREATE should be set when creating new route [ 424.438815][T27611] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9685'. [ 424.478990][T27615] netlink: 32 bytes leftover after parsing attributes in process `syz.6.9687'. [ 424.482939][T27615] netlink: 32 bytes leftover after parsing attributes in process `syz.6.9687'. [ 424.873256][ T62] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 426.170335][T27688] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9720'. [ 426.303315][T27700] netlink: 4768 bytes leftover after parsing attributes in process `syz.8.9726'. [ 426.732387][ T829] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 426.882624][ T829] usb 5-1: Using ep0 maxpacket: 8 [ 426.893589][ T829] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 426.896821][ T829] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 426.899855][ T829] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 426.903511][ T829] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 426.907076][ T829] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 426.911213][ T829] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 426.914312][ T829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 427.126195][ T829] usb 5-1: GET_CAPABILITIES returned 0 [ 427.128037][ T829] usbtmc 5-1:16.0: can't read capabilities [ 427.329186][ T829] usb 5-1: USB disconnect, device number 24 [ 427.742500][ T24] usb 13-1: new high-speed USB device number 14 using dummy_hcd [ 427.834277][T27754] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 427.837280][T27754] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 427.841379][T27754] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 427.895358][ T24] usb 13-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 427.898852][ T24] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 427.901997][ T24] usb 13-1: Product: syz [ 427.911169][ T24] usb 13-1: Manufacturer: syz [ 427.917781][ T24] usb 13-1: SerialNumber: syz [ 427.924366][T27754] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 428.038392][T27753] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 428.151387][T27782] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9765'. [ 428.155319][T27782] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9765'. [ 428.158160][T27782] netlink: 'syz.6.9765': attribute type 13 has an invalid length. [ 428.160641][T27782] netlink: 'syz.6.9765': attribute type 14 has an invalid length. [ 428.163044][ T24] rtl8150 13-1:1.0: couldn't reset the device [ 428.166504][ T24] rtl8150 13-1:1.0: probe with driver rtl8150 failed with error -5 [ 428.173760][ T24] usb 13-1: USB disconnect, device number 14 [ 428.205587][T27784] netlink: 'syz.6.9766': attribute type 1 has an invalid length. [ 428.545406][ T829] kernel write not supported for file /uinput (pid: 829 comm: kworker/3:2) [ 428.992333][ T24] usb 11-1: new high-speed USB device number 16 using dummy_hcd [ 429.154325][ T24] usb 11-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 429.157884][ T24] usb 11-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 429.163760][ T24] usb 11-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 429.166977][ T24] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.175049][T27820] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 429.179613][ T24] usb 11-1: Quirk or no altset; falling back to MIDI 1.0 [ 429.390361][ T829] usb 11-1: USB disconnect, device number 16 [ 429.622809][T27879] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 429.628602][ T12] Bluetooth: hci1: Frame reassembly failed (-84) [ 429.922621][T25552] Bluetooth: hci4: command 0x0c1a tx timeout [ 429.925193][T25552] Bluetooth: hci3: command 0x0406 tx timeout [ 430.340051][T27896] batman_adv: batadv0: Adding interface: ipvlan2 [ 430.342272][T27896] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 430.349983][T27896] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 430.354623][T27896] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 430.358312][T27896] batman_adv: batadv0: Not using interface ipvlan2 (retrying later): interface not active [ 430.458197][T27905] dummy0: entered promiscuous mode [ 430.461420][T27905] macvlan3: entered promiscuous mode [ 430.464020][T27905] macvlan3: entered allmulticast mode [ 430.466454][T27905] dummy0: entered allmulticast mode [ 430.739415][T27926] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 431.628627][T27951] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration [ 431.658126][T27953] syz_tun: entered allmulticast mode [ 431.661712][T27952] syz_tun: left allmulticast mode [ 431.672522][ T5952] Bluetooth: hci1: command 0x1003 tx timeout [ 431.673066][ T62] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 431.992303][ T62] Bluetooth: hci4: command 0x0c1a tx timeout [ 433.431900][T28018] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9866'. [ 433.438242][T28018] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 433.672307][T12846] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 433.847457][T12846] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 433.850894][T12846] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 433.855199][T12846] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 433.860973][T12846] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 433.865144][T12846] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 433.867843][T12846] usb 5-1: Product: syz [ 433.869178][T12846] usb 5-1: Manufacturer: syz [ 433.870756][T12846] usb 5-1: SerialNumber: syz [ 434.085361][T12846] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 25 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 434.102373][T16514] usb 11-1: new high-speed USB device number 17 using dummy_hcd [ 434.252613][T16514] usb 11-1: Using ep0 maxpacket: 8 [ 434.255761][T16514] usb 11-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 434.258686][T16514] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 434.267449][T16514] pvrusb2: Hardware description: Terratec Grabster AV400 [ 434.270389][T16514] pvrusb2: ********** [ 434.271861][T16514] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 434.275515][T16514] pvrusb2: Important functionality might not be entirely working. [ 434.278044][T16514] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 434.282641][T16514] pvrusb2: ********** [ 434.287223][ T29] usb 5-1: USB disconnect, device number 25 [ 434.292864][T16412] usb 13-1: new high-speed USB device number 15 using dummy_hcd [ 434.293359][ T29] usblp0: removed [ 434.444048][T16412] usb 13-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 434.448341][T16412] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 434.452529][T16412] usb 13-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 434.459604][T16412] usb 13-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 434.463568][T16412] usb 13-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 434.466846][T16412] usb 13-1: Product: syz [ 434.468665][T16412] usb 13-1: SerialNumber: syz [ 434.473298][ T2487] pvrusb2: Invalid write control endpoint [ 434.476203][T16412] cdc_ncm 13-1:1.0: CDC Union missing and no IAD found [ 434.476239][T16412] cdc_ncm 13-1:1.0: bind() failure [ 434.520716][ T2487] pvrusb2: Invalid write control endpoint [ 434.524285][ T2487] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 434.527500][ T2487] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 434.530010][ T2487] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 434.534886][ T2487] pvrusb2: Device being rendered inoperable [ 434.538918][ T2487] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 434.541572][ T2487] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 434.548880][ T2487] pvrusb2: Attached sub-driver cx25840 [ 434.551024][ T2487] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 434.554558][ T2487] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 434.672094][T28034] pvrusb2: Killing an I2C write to 5 that is too large (desired=62 limit=61) [ 434.678083][ T24] usb 11-1: USB disconnect, device number 17 [ 434.679755][T16412] usb 13-1: USB disconnect, device number 15 [ 434.927995][ T40] audit: type=1800 audit(2000000311.537:826): pid=28041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.9878" name="SYSV00000000" dev="hugetlbfs" ino=4 res=0 errno=0 [ 435.133221][T28048] gretap0: entered promiscuous mode [ 435.172610][T28048] gretap0: left promiscuous mode [ 435.231504][T28050] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9882'. [ 435.477894][T28050] team0 (unregistering): Port device team_slave_0 removed [ 435.536035][T28050] team0 (unregistering): Port device team_slave_1 removed [ 435.625747][T28050] team0 (unregistering): Port device bond0 removed [ 435.817843][T28075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9893'. [ 435.883040][T28077] netlink: 68 bytes leftover after parsing attributes in process `syz.8.9895'. [ 436.261671][T28116] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9914'. [ 436.322494][T12846] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 436.483453][T12846] usb 5-1: Using ep0 maxpacket: 8 [ 436.493627][T12846] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 436.498079][T12846] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 436.502010][T12846] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 436.506684][T12846] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 436.518185][T12846] usb 5-1: config 0 descriptor?? [ 436.667694][T28146] binder: 28145:28146 ioctl 4018620d 0 returned -22 [ 436.878334][T12846] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 436.902577][T12846] usb 5-1: USB disconnect, device number 26 [ 437.194813][T28174] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9941'. [ 437.662041][T12846] kernel write not supported for file /uinput (pid: 12846 comm: kworker/0:6) [ 438.219540][T28240] : renamed from vlan0 (while UP) [ 438.628753][T28265] netlink: 72 bytes leftover after parsing attributes in process `syz.8.9981'. [ 439.227722][T28322] netlink: 224 bytes leftover after parsing attributes in process `syz.0.10006'. [ 439.231275][T28322] netlink: 220 bytes leftover after parsing attributes in process `syz.0.10006'. [ 439.459219][T28340] : renamed from vlan0 (while UP) [ 439.716758][T28350] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 440.293514][T28378] loop6: detected capacity change from 0 to 8 [ 440.362639][T28378] loop6: detected capacity change from 8 to 7 [ 440.368033][ C3] blk_print_req_error: 15 callbacks suppressed [ 440.368051][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 440.374742][ C3] buffer_io_error: 15 callbacks suppressed [ 440.374760][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 440.380760][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 440.384769][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 440.388445][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 440.392351][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 440.403059][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 440.406964][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 440.410423][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 440.414215][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 440.418092][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 440.422265][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 440.425822][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 440.430313][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 440.435348][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 440.439743][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 440.443789][T28378] ldm_validate_partition_table(): Disk read failed. [ 440.447272][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 440.451456][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 440.455402][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 440.459173][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 440.475544][T28378] Dev loop6: unable to read RDB block 0 [ 440.478334][T28378] loop6: unable to read partition table [ 440.480929][T28378] loop6: partition table beyond EOD, truncated [ 440.483763][T28378] loop_reread_partitions: partition scan of loop6 ([{BѷMܾ`*Z5]z(Ť4+hGpXgm [ 440.483763][T28378] .BL_se) failed (rc=-5) [ 440.903757][T28399] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10040'. [ 441.614539][T28439] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 442.096388][T28468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10073'. [ 443.110756][T28526] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration [ 444.372469][ T24] usb 11-1: new high-speed USB device number 18 using dummy_hcd [ 444.523775][ T24] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 444.527057][ T24] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 444.535070][ T24] usb 11-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 444.540436][ T24] usb 11-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 444.543795][ T24] usb 11-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 444.546471][ T24] usb 11-1: Product: syz [ 444.547833][ T24] usb 11-1: SerialNumber: syz [ 444.556052][ T24] cdc_ncm 11-1:1.0: CDC Union missing and no IAD found [ 444.558356][ T24] cdc_ncm 11-1:1.0: bind() failure [ 444.673426][T28601] overlayfs: failed to clone upperpath [ 444.756377][ T24] usb 11-1: USB disconnect, device number 18 [ 444.988736][T28623] dummy0: entered promiscuous mode [ 444.990829][T28623] macvlan3: entered promiscuous mode [ 444.992937][T28623] macvlan3: entered allmulticast mode [ 444.994702][T28623] dummy0: entered allmulticast mode [ 445.119472][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.152851][ T2201] block nbd3: Possible stuck request ffff888027598000: control (read@0,1024B). Runtime 60 seconds [ 445.157160][ T2201] block nbd3: Possible stuck request ffff888027598200: control (read@1024,1024B). Runtime 60 seconds [ 445.161585][ T2201] block nbd3: Possible stuck request ffff888027598400: control (read@2048,1024B). Runtime 60 seconds [ 445.166033][ T2201] block nbd3: Possible stuck request ffff888027598600: control (read@3072,1024B). Runtime 60 seconds [ 445.463887][T28639] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 447.522409][ T62] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 447.522457][ T5952] Bluetooth: hci1: command 0x1003 tx timeout [ 447.616213][T28650] debugfs: 'ttyS3' already exists in 'caif_serial' [ 447.873106][ T24] usb 13-1: new high-speed USB device number 16 using dummy_hcd [ 448.004197][T28674] netlink: 'syz.6.10154': attribute type 9 has an invalid length. [ 448.034849][ T24] usb 13-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 448.038171][ T24] usb 13-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 448.041893][ T24] usb 13-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 448.046394][ T24] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.052114][T28648] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 448.063509][ T24] usb 13-1: Quirk or no altset; falling back to MIDI 1.0 [ 448.261706][ T24] usb 13-1: USB disconnect, device number 16 [ 448.376089][T28687] netlink: 200 bytes leftover after parsing attributes in process `syz.0.10160'. [ 448.544203][T28694] netlink: 211856 bytes leftover after parsing attributes in process `syz.0.10164'. [ 449.359888][T28746] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10192'. [ 449.559681][T28760] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 449.561973][T28760] IPv6: NLM_F_CREATE should be set when creating new route [ 449.564496][T28760] IPv6: NLM_F_CREATE should be set when creating new route [ 449.567018][T28760] IPv6: NLM_F_CREATE should be set when creating new route [ 450.220361][ T69] hid_parser_main: 6 callbacks suppressed [ 450.220409][ T69] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 450.227208][ T69] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 450.230414][ T69] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 450.235708][ T69] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 450.238863][ T69] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 450.242105][ T69] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 450.248283][ T69] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 450.251434][ T69] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 450.257577][ T69] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 450.260677][ T69] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 450.276687][ T69] hid-generic 0000:0000:0000.000F: hidraw1: HID v0.00 Device [Zw[ba|\rn)A#6oү?aIs5hV3(; [ 450.276687][ T69] ѝP$zɷX$w[SRezxuSrl[5l'ZCz2] on tDKY縣Ϫ򞿹,UOp{"ixA[ewÒ}ZXA [ 450.320482][T28805] fido_id[28805]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 452.312642][ T5952] Bluetooth: hci1: command 0x1003 tx timeout [ 452.315761][ T62] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 452.384461][T28822] netlink: 'syz.0.10227': attribute type 1 has an invalid length. [ 453.282697][ T29] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 453.442355][ T29] usb 5-1: Using ep0 maxpacket: 8 [ 453.446204][ T29] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 453.450048][ T29] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 453.462596][ T29] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 453.466661][ T29] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 453.471739][ T29] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 453.476436][ T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 453.492979][T28866] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10248'. [ 453.690000][ T29] usb 5-1: GET_CAPABILITIES returned 0 [ 453.691819][ T29] usbtmc 5-1:16.0: can't read capabilities [ 453.896571][ T29] usb 5-1: USB disconnect, device number 27 [ 454.583295][T28892] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.10251'. [ 454.662819][ T39] usb 11-1: new high-speed USB device number 19 using dummy_hcd [ 454.826511][ T39] usb 11-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 454.842298][ T39] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 454.850049][ T39] usb 11-1: Product: syz [ 454.851878][ T39] usb 11-1: Manufacturer: syz [ 454.854150][ T39] usb 11-1: SerialNumber: syz [ 454.882433][ T5952] Bluetooth: hci1: command 0x1003 tx timeout [ 454.882530][ T62] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 455.093718][T28912] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 455.096477][T28912] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 455.117338][ T39] rtl8150 11-1:1.0: couldn't reset the device [ 455.120549][ T39] rtl8150 11-1:1.0: probe with driver rtl8150 failed with error -5 [ 455.135376][ T39] usb 11-1: USB disconnect, device number 19 [ 456.094302][T28976] batman_adv: batadv0: Adding interface: ipvlan4 [ 456.096474][T28976] batman_adv: batadv0: The MTU of interface ipvlan4 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 456.106215][T28976] batman_adv: batadv0: Not using interface ipvlan4 (retrying later): interface not active [ 456.938863][T28994] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10297'. [ 456.941973][T28994] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 457.112396][ T62] Bluetooth: hci3: command 0x0406 tx timeout [ 457.115633][ T5952] Bluetooth: hci4: command 0x0c1a tx timeout [ 457.372331][ T69] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 457.522381][ T69] usb 5-1: Using ep0 maxpacket: 8 [ 457.526445][ T69] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 457.530272][ T69] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.539771][ T69] pvrusb2: Hardware description: Terratec Grabster AV400 [ 457.543235][ T69] pvrusb2: ********** [ 457.544901][ T69] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 457.549053][ T69] pvrusb2: Important functionality might not be entirely working. [ 457.552384][ T69] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 457.557062][ T69] pvrusb2: ********** [ 457.749722][ T2487] pvrusb2: Invalid write control endpoint [ 457.789185][ T2487] pvrusb2: Invalid write control endpoint [ 457.792285][ T2487] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 457.795878][ T2487] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 457.798830][ T2487] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 457.803220][ T2487] pvrusb2: Device being rendered inoperable [ 457.805651][ T2487] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 457.810007][ T2487] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b) [ 457.815730][ T2487] pvrusb2: Attached sub-driver cx25840 [ 457.818797][ T2487] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 457.823053][ T2487] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 457.951664][T29008] pvrusb2: Killing an I2C write to 5 that is too large (desired=62 limit=61) [ 457.956258][ T9] usb 5-1: USB disconnect, device number 28 [ 458.107797][T29025] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10310'. [ 458.206724][T29025] team0 (unregistering): Port device team_slave_0 removed [ 458.244725][T29025] team0 (unregistering): Port device team_slave_1 removed [ 460.074234][T29057] binder: 29056:29057 ioctl 4018620d 0 returned -22 [ 460.241279][T29067] binder: 29065:29067 ioctl 4018620d 0 returned -22 [ 462.080698][T16514] usb 13-1: new high-speed USB device number 17 using dummy_hcd [ 462.123471][T29136] can0: slcan on ttyS3. [ 462.232595][T16514] usb 13-1: Using ep0 maxpacket: 16 [ 462.238340][T16514] usb 13-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 462.242580][T16514] usb 13-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 462.246031][T16514] usb 13-1: Product: syz [ 462.247867][T16514] usb 13-1: Manufacturer: syz [ 462.249910][T16514] usb 13-1: SerialNumber: syz [ 462.254163][T16514] usb 13-1: config 0 descriptor?? [ 462.284454][T29136] can0 (unregistered): slcan off ttyS3. [ 462.379223][T16514] kernel write not supported for file bpf-map (pid: 16514 comm: kworker/3:6) [ 462.466358][T16514] usb 13-1: USB disconnect, device number 17 [ 462.632356][ T24] usb 11-1: new high-speed USB device number 20 using dummy_hcd [ 462.784743][ T24] usb 11-1: Using ep0 maxpacket: 16 [ 462.791445][ T24] usb 11-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22 [ 462.796927][ T24] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 462.800334][ T24] usb 11-1: Product: syz [ 462.802386][ T24] usb 11-1: Manufacturer: syz [ 462.804485][ T24] usb 11-1: SerialNumber: syz [ 462.862356][ T50] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 463.014491][ T50] usb 5-1: unable to get BOS descriptor or descriptor too short [ 463.019480][ T50] usb 5-1: config 129 has an invalid interface number: 135 but max is 0 [ 463.020484][ T24] usb 11-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state [ 463.038784][ T50] usb 5-1: config 129 has an invalid interface number: 5 but max is 0 [ 463.039264][ T24] usb 11-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 463.042967][ T50] usb 5-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 463.048498][ T24] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0) [ 463.050818][ T50] usb 5-1: config 129 has no interface number 0 [ 463.054974][ T24] usb 11-1: media controller created [ 463.058360][ T50] usb 5-1: config 129 has no interface number 1 [ 463.058407][ T50] usb 5-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 463.058431][ T50] usb 5-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 463.058462][ T50] usb 5-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 463.058484][ T50] usb 5-1: config 129 interface 135 has no altsetting 0 [ 463.058499][ T50] usb 5-1: config 129 interface 5 has no altsetting 0 [ 463.061302][ T50] usb 5-1: string descriptor 0 read error: -22 [ 463.072492][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 463.075711][ T50] usb 5-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 463.095604][ T50] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 463.112064][ T50] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 463.115271][ T50] usb 5-1: MIDIStreaming interface descriptor not found [ 463.293830][ T24] zl10353_read_register: readreg error (reg=127, ret==-110) [ 463.331834][ T24] dvb_usb_gl861 11-1:157.0: probe with driver dvb_usb_gl861 failed with error -5 [ 463.341414][ T24] usb 11-1: USB disconnect, device number 20 [ 463.366633][ T50] usb 5-1: USB disconnect, device number 29 [ 464.102314][ T50] usb 11-1: new high-speed USB device number 21 using dummy_hcd [ 464.262378][ T50] usb 11-1: Using ep0 maxpacket: 16 [ 464.271878][ T50] usb 11-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 464.277498][ T50] usb 11-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 464.280989][ T50] usb 11-1: Product: syz [ 464.283025][ T50] usb 11-1: Manufacturer: syz [ 464.284963][ T50] usb 11-1: SerialNumber: syz [ 464.292980][ T50] usb 11-1: config 0 descriptor?? [ 464.308408][T29205] netlink: 71 bytes leftover after parsing attributes in process `syz.0.10390'. [ 464.505708][ T24] usb 11-1: USB disconnect, device number 21 [ 465.094577][ T29] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 465.245718][ T29] usb 5-1: Using ep0 maxpacket: 8 [ 465.250095][ T29] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 465.255438][ T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 465.266715][ T29] pvrusb2: Hardware description: Terratec Grabster AV400 [ 465.269694][ T29] pvrusb2: ********** [ 465.271330][ T29] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 465.280649][ T29] pvrusb2: Important functionality might not be entirely working. [ 465.284767][ T29] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 465.289689][ T29] pvrusb2: ********** [ 465.313764][T29250] netlink: 'syz.6.10410': attribute type 8 has an invalid length. [ 465.480513][ T2487] pvrusb2: Invalid write control endpoint [ 465.508949][ T2487] pvrusb2: Invalid write control endpoint [ 465.511395][ T2487] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 465.517503][ T2487] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 465.520701][ T2487] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 465.526503][ T2487] pvrusb2: Device being rendered inoperable [ 465.529102][ T2487] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 465.532060][ T2487] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_c) [ 465.536473][ T2487] pvrusb2: Attached sub-driver cx25840 [ 465.538784][ T2487] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 465.546471][ T2487] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 465.674551][T29263] batadv_slave_1: entered promiscuous mode [ 465.677442][T29264] batadv_slave_1: left promiscuous mode [ 465.686059][ T39] usb 5-1: USB disconnect, device number 30 [ 466.525201][T29309] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10436'. [ 466.689066][ T40] audit: type=1326 audit(2000000343.297:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29320 comm="syz.8.10441" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 466.699421][ T40] audit: type=1326 audit(2000000343.297:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29320 comm="syz.8.10441" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 466.709728][ T40] audit: type=1326 audit(2000000343.307:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29320 comm="syz.8.10441" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 466.720102][ T40] audit: type=1326 audit(2000000343.307:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29320 comm="syz.8.10441" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 466.729370][ T40] audit: type=1326 audit(2000000343.307:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29320 comm="syz.8.10441" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 466.738607][ T40] audit: type=1326 audit(2000000343.307:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29320 comm="syz.8.10441" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 466.748758][ T40] audit: type=1326 audit(2000000343.307:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29320 comm="syz.8.10441" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef88 code=0x7ffc0000 [ 466.758020][ T40] audit: type=1326 audit(2000000343.307:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29320 comm="syz.8.10441" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef88 code=0x7ffc0000 [ 466.767203][ T40] audit: type=1326 audit(2000000343.307:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29320 comm="syz.8.10441" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef88 code=0x7ffc0000 [ 466.776645][ T40] audit: type=1326 audit(2000000343.307:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29320 comm="syz.8.10441" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef88 code=0x7ffc0000 [ 466.992031][T29325] overlayfs: failed to clone upperpath [ 467.314797][T29349] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 467.318904][T29349] overlayfs: NFS export requires an index dir, falling back to nfs_export=off. [ 467.551595][T29356] netlink: 36 bytes leftover after parsing attributes in process `syz.8.10454'. [ 467.925469][T29377] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.10463'. [ 469.739157][T29464] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 469.986254][T29478] binder: BINDER_SET_CONTEXT_MGR bad uid 0 != 60928 [ 469.989172][T29478] binder: 29477:29478 ioctl 4018620d 80000040 returned -1 [ 471.723123][T29575] geneve2: entered promiscuous mode [ 472.712825][T29617] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10572'. [ 472.717424][T29617] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10572'. [ 473.208090][ T40] kauditd_printk_skb: 684 callbacks suppressed [ 473.208105][ T40] audit: type=1326 audit(2000000349.817:1521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29653 comm="syz.8.10592" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef88 code=0x7ffc0000 [ 473.223833][ T40] audit: type=1326 audit(2000000349.827:1522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29653 comm="syz.8.10592" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 473.242829][ T40] audit: type=1326 audit(2000000349.827:1523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29653 comm="syz.8.10592" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef88 code=0x7ffc0000 [ 473.255153][ T40] audit: type=1326 audit(2000000349.827:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29653 comm="syz.8.10592" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef88 code=0x7ffc0000 [ 473.264554][ T40] audit: type=1326 audit(2000000349.827:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29653 comm="syz.8.10592" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef88 code=0x7ffc0000 [ 473.274031][ T40] audit: type=1326 audit(2000000349.827:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29653 comm="syz.8.10592" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 473.283409][ T40] audit: type=1326 audit(2000000349.827:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29653 comm="syz.8.10592" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef88 code=0x7ffc0000 [ 473.292946][ T40] audit: type=1326 audit(2000000349.827:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29653 comm="syz.8.10592" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6ffef88 code=0x7ffc0000 [ 473.302041][ T40] audit: type=1326 audit(2000000349.827:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29653 comm="syz.8.10592" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 473.314062][ T40] audit: type=1326 audit(2000000349.827:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29653 comm="syz.8.10592" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 474.113271][T29700] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10610'. [ 474.133312][T29701] netlink: 'syz.6.10611': attribute type 3 has an invalid length. [ 474.693035][T29744] geneve2: entered promiscuous mode [ 475.232434][ T2201] block nbd3: Possible stuck request ffff888027598000: control (read@0,1024B). Runtime 90 seconds [ 475.237098][ T2201] block nbd3: Possible stuck request ffff888027598200: control (read@1024,1024B). Runtime 90 seconds [ 475.241602][ T2201] block nbd3: Possible stuck request ffff888027598400: control (read@2048,1024B). Runtime 90 seconds [ 475.246635][ T2201] block nbd3: Possible stuck request ffff888027598600: control (read@3072,1024B). Runtime 90 seconds [ 475.944005][T29814] netlink: 'syz.8.10661': attribute type 3 has an invalid length. [ 476.005719][T29818] netlink: 'syz.8.10663': attribute type 8 has an invalid length. [ 476.173320][T29832] netlink: 36 bytes leftover after parsing attributes in process `syz.6.10672'. [ 476.794667][ T39] hid_parser_main: 6 callbacks suppressed [ 476.794688][ T39] hid-generic 0000:0000:0002.0010: unknown main item tag 0x0 [ 476.800307][ T39] hid-generic 0000:0000:0002.0010: unknown main item tag 0x0 [ 476.813161][ T39] hid-generic 0000:0000:0002.0010: hidraw1: HID v0.00 Device [syz1] on syz0 qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x8f000) [ 476.953921][ T1112] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 476.956855][ T1112] ata1: failed to read log page 10h (errno=-5) [ 476.959475][ T1112] ata1.00: NCQ disabled due to excessive errors [ 476.962567][ T1112] ata1.00: exception Emask 0x1 SAct 0x4000 SErr 0x0 action 0x0 [ 476.965693][ T1112] ata1.00: irq_stat 0x41000008 [ 476.967732][ T1112] ata1.00: failed command: READ FPDMA QUEUED [ 476.970283][ T1112] ata1.00: cmd 60/78:70:de:84:03/04:00:00:00:00/40 tag 14 ncq dma 585728 in [ 476.970283][ T1112] res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 476.977361][ T1112] ata1.00: status: { DRDY } [ 476.979224][ T1112] ata1.00: error: { ABRT } [ 476.982327][ T1112] ata1.00: configured for UDMA/100 [ 476.984938][ T1112] sd 0:0:0:0: [sda] tag#14 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 476.989044][ T1112] sd 0:0:0:0: [sda] tag#14 Sense Key : Aborted Command [current] [ 476.992121][ T1112] sd 0:0:0:0: [sda] tag#14 Add. Sense: No additional sense information [ 476.995956][ T1112] sd 0:0:0:0: [sda] tag#14 CDB: Read(10) 28 00 00 03 84 de 00 04 78 00 [ 476.999379][ T1112] blk_print_req_error: 10 callbacks suppressed [ 476.999396][ T1112] I/O error, dev sda, sector 230622 op 0x0:(READ) flags 0x80700 phys_seg 143 prio class 2 [ 477.006779][ T1112] ata1: EH complete [ 477.101516][T29873] fido_id[29873]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 477.702390][ T29] usb 13-1: new high-speed USB device number 18 using dummy_hcd [ 477.862278][ T29] usb 13-1: Using ep0 maxpacket: 8 [ 477.866513][ T29] usb 13-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 477.870351][ T29] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 477.885094][ T29] pvrusb2: Hardware description: Terratec Grabster AV400 [ 477.890561][ T29] pvrusb2: ********** [ 477.892756][ T29] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 477.896920][ T29] pvrusb2: Important functionality might not be entirely working. [ 477.900155][ T29] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 477.904836][ T29] pvrusb2: ********** [ 478.097713][ T2487] pvrusb2: Invalid write control endpoint [ 478.129363][ T2487] pvrusb2: Invalid write control endpoint [ 478.131397][ T2487] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 478.136102][ T2487] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 478.138601][ T2487] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 478.142120][ T2487] pvrusb2: Device being rendered inoperable [ 478.145203][ T2487] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 478.148177][ T2487] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_c) [ 478.155633][ T2487] pvrusb2: Attached sub-driver cx25840 [ 478.158083][ T2487] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 478.162065][ T2487] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 478.300805][ T29] usb 13-1: USB disconnect, device number 18 [ 478.319824][T29907] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10704'. [ 478.704844][T16514] kernel write not supported for file bpf-map (pid: 16514 comm: kworker/3:6) [ 479.230136][T29951] bridge0: port 2(bridge_slave_1) entered disabled state [ 479.235191][T29951] bridge0: port 1(bridge_slave_0) entered disabled state [ 479.342593][T29958] netlink: 'syz.0.10725': attribute type 30 has an invalid length. [ 479.403113][ T12] batman_adv: batadv0: IGMP Querier appeared [ 479.405995][ T12] batman_adv: batadv0: MLD Querier appeared [ 479.964510][T29985] loop5: detected capacity change from 0 to 7 [ 480.142551][ T39] usb 11-1: new high-speed USB device number 22 using dummy_hcd [ 480.145883][T25656] Dev loop5: unable to read RDB block 7 [ 480.145921][T25656] loop5: unable to read partition table [ 480.146092][T25656] loop5: partition table beyond EOD, truncated [ 480.310462][ T39] usb 11-1: unable to get BOS descriptor or descriptor too short [ 480.315866][ T39] usb 11-1: config 129 has an invalid interface number: 135 but max is 0 [ 480.320170][ T39] usb 11-1: config 129 has an invalid interface number: 5 but max is 0 [ 480.324051][ T39] usb 11-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 480.329422][ T39] usb 11-1: config 129 has no interface number 0 [ 480.332542][ T39] usb 11-1: config 129 has no interface number 1 [ 480.335389][ T39] usb 11-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 480.341292][ T39] usb 11-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 480.350674][ T39] usb 11-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 480.354451][T29985] Dev loop5: unable to read RDB block 7 [ 480.356902][ T39] usb 11-1: config 129 interface 135 has no altsetting 0 [ 480.358688][T29985] loop5: unable to read partition table [ 480.358888][T29985] loop5: partition table beyond EOD, [ 480.361764][ T39] usb 11-1: config 129 interface 5 has no altsetting 0 [ 480.370265][T29985] truncated [ 480.371760][T29985] loop_reread_partitions: partition scan of loop5 (Wý* %4FLQk݊5) failed (rc=-5) [ 480.375019][ T39] usb 11-1: string descriptor 0 read error: -22 [ 480.379353][ T39] usb 11-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 480.389037][ T39] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 480.412900][ T39] usb 11-1: Quirk or no altset; falling back to MIDI 1.0 [ 480.416707][ T39] usb 11-1: MIDIStreaming interface descriptor not found [ 480.540055][ T9] hid-generic 0000:0000:0002.0011: unknown main item tag 0x0 [ 480.548204][ T9] hid-generic 0000:0000:0002.0011: unknown main item tag 0x0 [ 480.562526][ T9] hid-generic 0000:0000:0002.0011: hidraw1: HID v0.00 Device [syz1] on syz0 [ 480.607107][T30019] fido_id[30019]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 480.668726][ T29] usb 11-1: USB disconnect, device number 22 [ 481.515471][T30051] skbuff: bad partial csum: csum=65535/2 headroom=4 headlen=65543 [ 483.532423][T16514] usb 13-1: new high-speed USB device number 19 using dummy_hcd [ 483.692393][T16514] usb 13-1: Using ep0 maxpacket: 8 [ 483.696202][T16514] usb 13-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 483.699977][T16514] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.712859][T16514] pvrusb2: Hardware description: Terratec Grabster AV400 [ 483.715227][T16514] pvrusb2: ********** [ 483.716630][T16514] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 483.719925][T16514] pvrusb2: Important functionality might not be entirely working. [ 483.722117][T16514] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 483.725476][T16514] pvrusb2: ********** [ 483.913269][ T2487] pvrusb2: Invalid write control endpoint [ 483.942578][ T2487] pvrusb2: Invalid write control endpoint [ 483.944532][ T2487] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 483.947491][ T2487] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 483.950596][ T2487] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 483.956203][ T2487] pvrusb2: Device being rendered inoperable [ 483.958927][ T2487] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 483.961915][ T2487] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_c) [ 483.967418][ T2487] pvrusb2: Attached sub-driver cx25840 [ 483.969829][ T2487] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 483.974297][T30151] skbuff: bad partial csum: csum=65535/2 headroom=4 headlen=65543 [ 483.983848][ T2487] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 484.005226][T30155] vlan0: entered allmulticast mode [ 484.007183][T30155] veth0_to_bond: entered allmulticast mode [ 484.115842][T30146] pvrusb2: Attempted to execute control transfer when device not ok [ 484.129283][ T9] usb 13-1: USB disconnect, device number 19 [ 484.739683][T30194] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10828'. [ 485.116108][T30211] bond0: entered promiscuous mode [ 485.118368][T30211] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode [ 485.127897][T30211] batadv0: entered promiscuous mode [ 485.131131][T30211] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 485.136530][T30211] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network [ 485.141412][T30211] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 485.192882][T30211] bond0: left promiscuous mode [ 485.195081][T30211] mac80211_hwsim hwsim8 wlan1: left promiscuous mode [ 485.253325][T30211] batadv0: left promiscuous mode [ 485.791480][T30236] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10844'. [ 485.792928][T30237] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10848'. [ 485.799991][T30237] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10848'. [ 485.852861][T30242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10850'. [ 485.960064][T30255] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.10853'. [ 486.589029][ T40] kauditd_printk_skb: 137 callbacks suppressed [ 486.589046][ T40] audit: type=1326 audit(2000000363.197:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30298 comm="syz.2.10877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 486.601939][ T40] audit: type=1326 audit(2000000363.207:1669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30298 comm="syz.2.10877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 486.612759][ T40] audit: type=1326 audit(2000000363.207:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30298 comm="syz.2.10877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 486.622340][ T40] audit: type=1326 audit(2000000363.207:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30298 comm="syz.2.10877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 486.631285][ T40] audit: type=1326 audit(2000000363.207:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30298 comm="syz.2.10877" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 486.640527][ T40] audit: type=1326 audit(2000000363.207:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30298 comm="syz.2.10877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 486.649641][ T40] audit: type=1326 audit(2000000363.207:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30298 comm="syz.2.10877" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 486.658539][ T40] audit: type=1326 audit(2000000363.207:1675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30298 comm="syz.2.10877" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7ff6f6c code=0x7ffc0000 [ 486.684483][T30304] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 487.091674][T30323] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10888'. [ 487.346552][ T40] audit: type=1326 audit(2000000363.957:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30341 comm="syz.0.10898" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 487.356458][ T40] audit: type=1326 audit(2000000363.957:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30341 comm="syz.0.10898" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 487.637721][T30365] program syz.2.10908 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 487.758865][T30379] kvm: user requested TSC rate below hardware speed [ 488.055507][T30403] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10925'. [ 488.078056][T30403] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10925'. [ 488.652331][T16412] usb 13-1: new high-speed USB device number 20 using dummy_hcd [ 488.802302][T16412] usb 13-1: Using ep0 maxpacket: 16 [ 488.806242][T16412] usb 13-1: config 0 has no interfaces? [ 488.814364][T16412] usb 13-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 488.818204][T16412] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 488.821753][T16412] usb 13-1: Product: syz [ 488.826444][T16412] usb 13-1: Manufacturer: syz [ 488.828462][T16412] usb 13-1: SerialNumber: syz [ 488.836189][T16412] usb 13-1: config 0 descriptor?? [ 489.046408][T16412] usb 13-1: USB disconnect, device number 20 [ 489.122956][T30462] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 489.177751][T30465] vlan0: entered allmulticast mode [ 489.180132][T30465] veth0_to_bond: entered allmulticast mode [ 489.639094][T30484] netlink: 'syz.0.10969': attribute type 4 has an invalid length. [ 489.644268][T30484] netlink: 'syz.0.10969': attribute type 8 has an invalid length. [ 489.647700][T30484] netlink: 212 bytes leftover after parsing attributes in process `syz.0.10969'. [ 489.815893][T30498] netlink: 'syz.2.10968': attribute type 4 has an invalid length. [ 489.845697][T30503] tmpfs: Too few inodes for current use [ 490.229951][T30541] program syz.0.10990 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 490.246115][T30543] kvm: kvm [30542]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x1 [ 490.273085][T30546] bridge_slave_0: invalid flags given to default FDB implementation [ 490.611024][T30574] macvlan5: entered promiscuous mode [ 491.552024][T30631] tmpfs: Too few inodes for current use [ 491.622460][ T39] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 491.792469][ T39] usb 5-1: Using ep0 maxpacket: 32 [ 491.804170][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 12336, setting to 1024 [ 491.808818][ T39] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 491.824908][ T39] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 491.828733][ T39] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 491.832479][ T39] usb 5-1: Product: syz [ 491.834411][ T39] usb 5-1: Manufacturer: syz [ 491.836423][ T39] usb 5-1: SerialNumber: syz [ 491.853259][ T39] usb 5-1: config 0 descriptor?? [ 491.856786][T30616] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 492.073380][T16412] usb 5-1: USB disconnect, device number 31 [ 493.363620][T30682] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11053'. [ 493.374534][T30682] netlink: 72 bytes leftover after parsing attributes in process `syz.8.11053'. [ 493.406962][T30686] batman_adv: batadv0: Adding interface: gretap1 [ 493.409268][T30686] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 493.420732][T30686] batman_adv: batadv0: Interface activated: gretap1 [ 493.515672][T30695] netlink: 28 bytes leftover after parsing attributes in process `syz.2.11061'. [ 493.518610][T30695] netem: change failed [ 494.257101][T30216] Bluetooth: hci1: Frame reassembly failed (-84) [ 494.259402][T30727] Bluetooth: hci1: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 494.263476][ T87] Bluetooth: hci1: Frame reassembly failed (-84) [ 494.782887][ T39] usb 13-1: new high-speed USB device number 21 using dummy_hcd [ 494.959866][ T39] usb 13-1: unable to get BOS descriptor or descriptor too short [ 494.963935][ T39] usb 13-1: unable to read config index 0 descriptor/start: -71 [ 494.967003][ T39] usb 13-1: can't read configurations, error -71 [ 495.723762][T30745] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 495.726639][T30745] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 496.312485][ T62] Bluetooth: hci1: command 0x1003 tx timeout [ 496.313135][ T5952] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 496.602746][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 496.602762][ T40] audit: type=1326 audit(2000000629.208:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30751 comm="syz.8.11086" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7fc00000 [ 497.682332][ T5952] Bluetooth: hci3: command 0x0406 tx timeout [ 497.762423][ T5952] Bluetooth: hci4: command 0x0c1a tx timeout [ 498.313952][T30858] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11135'. [ 498.926909][ T39] usb 13-1: new high-speed USB device number 23 using dummy_hcd [ 499.085796][ T39] usb 13-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 499.089857][ T39] usb 13-1: config 0 interface 0 has no altsetting 0 [ 499.095597][ T39] usb 13-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 499.104473][ T39] usb 13-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 499.107720][ T39] usb 13-1: Product: syz [ 499.109430][ T39] usb 13-1: Manufacturer: syz [ 499.111323][ T39] usb 13-1: SerialNumber: syz [ 499.114077][T30882] block nbd4: server does not support multiple connections per device. [ 499.122638][ T39] usb 13-1: config 0 descriptor?? [ 499.128957][T30882] block nbd4: shutting down sockets [ 499.132435][ T39] usb 13-1: selecting invalid altsetting 0 [ 499.360839][ T39] usb 13-1: USB disconnect, device number 23 [ 499.557861][T30906] netlink: 190972 bytes leftover after parsing attributes in process `syz.2.11157'. [ 499.687321][T30917] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11161'. [ 499.834372][T30924] Invalid source name [ 499.983937][T16412] usb 11-1: new high-speed USB device number 23 using dummy_hcd [ 500.142534][T16412] usb 11-1: Using ep0 maxpacket: 8 [ 500.147465][T16412] usb 11-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 500.151688][T16412] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 500.168047][T16412] pvrusb2: Hardware description: Terratec Grabster AV400 [ 500.170934][T16412] pvrusb2: ********** [ 500.173670][T16412] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 500.177981][T16412] pvrusb2: Important functionality might not be entirely working. [ 500.181375][T16412] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 500.189487][T16412] pvrusb2: ********** [ 500.289376][T30945] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11175'. [ 500.377843][ T2487] pvrusb2: Invalid write control endpoint [ 500.421547][ T2487] pvrusb2: Invalid write control endpoint [ 500.425226][ T2487] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 500.429169][ T2487] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 500.432337][ T2487] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 500.436478][ T2487] pvrusb2: Device being rendered inoperable [ 500.439019][ T2487] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 500.442101][ T2487] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_c) [ 500.446310][ T2487] pvrusb2: Attached sub-driver cx25840 [ 500.448616][ T2487] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 500.452872][ T2487] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 500.569031][T30959] overlayfs: failed to clone upperpath [ 500.581702][ T69] usb 11-1: USB disconnect, device number 23 [ 500.763292][T30967] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11186'. [ 500.820247][T30971] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11188'. [ 501.385421][ T39] usb 11-1: new high-speed USB device number 24 using dummy_hcd [ 501.413485][T30997] overlayfs: failed to clone upperpath [ 501.542287][ T39] usb 11-1: Using ep0 maxpacket: 16 [ 501.548677][ T39] usb 11-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22 [ 501.561739][ T39] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 501.570085][ T39] usb 11-1: Product: syz [ 501.578237][ T39] usb 11-1: Manufacturer: syz [ 501.580728][ T39] usb 11-1: SerialNumber: syz [ 501.604916][T31009] bond1: invalid ARP target 0.0.0.0 specified for addition [ 501.608051][T31009] bond1: option arp_ip_target: invalid value (0) [ 501.635378][T31009] bond1 (unregistering): Released all slaves [ 501.796911][T31017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11208'. [ 501.801431][T31017] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11208'. [ 501.807392][T31017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11208'. [ 501.811443][T31017] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11208'. [ 501.829071][ T39] usb 11-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state [ 501.833517][T31021] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11210'. [ 501.836032][ T39] usb 11-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 501.842531][ T39] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0) [ 501.861678][ T39] usb 11-1: media controller created [ 501.875065][ T39] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 501.891843][T31028] openvswitch: netlink: IP tunnel dst address not specified [ 502.025504][T31036] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) ! [ 502.100712][ T39] zl10353_read_register: readreg error (reg=127, ret==-110) [ 502.135716][ T39] dvb_usb_gl861 11-1:157.0: probe with driver dvb_usb_gl861 failed with error -5 [ 502.141645][ T39] usb 11-1: USB disconnect, device number 24 [ 502.459776][T31069] comedi comedi3: comedi_test: 10 microvolt, 2046 microsecond waveform attached [ 502.934766][T31086] o2cb: This node has not been configured. [ 502.937787][T31086] o2cb: Cluster check failed. Fix errors before retrying. [ 502.940593][T31086] (syz.8.11240,31086,2):user_dlm_register:674 ERROR: status = -22 [ 502.945618][T31086] (syz.8.11240,31086,2):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0" [ 503.242448][ T69] kernel read not supported for file /dsp1 (pid: 69 comm: kworker/1:1) [ 503.630184][T31132] bridge0: port 3(syz_tun) entered blocking state [ 503.632937][T31132] bridge0: port 3(syz_tun) entered disabled state [ 503.637410][T31132] bridge0: port 3(syz_tun) entered blocking state [ 503.639886][T31132] bridge0: port 3(syz_tun) entered forwarding state [ 504.699600][T31190] __nla_validate_parse: 1 callbacks suppressed [ 504.699621][T31190] netlink: 36 bytes leftover after parsing attributes in process `syz.8.11284'. [ 505.313048][ T2201] block nbd3: Possible stuck request ffff888027598000: control (read@0,1024B). Runtime 120 seconds [ 505.317607][ T2201] block nbd3: Possible stuck request ffff888027598200: control (read@1024,1024B). Runtime 120 seconds [ 505.322392][ T2201] block nbd3: Possible stuck request ffff888027598400: control (read@2048,1024B). Runtime 120 seconds [ 505.327045][ T2201] block nbd3: Possible stuck request ffff888027598600: control (read@3072,1024B). Runtime 120 seconds [ 505.406050][T31229] input: syz0 as /devices/virtual/input/input40 [ 505.464182][T31221] Falling back ldisc for ttyS3. [ 505.539936][T31236] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 505.894976][T31268] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11314'. [ 505.904463][T31268] netlink: 44 bytes leftover after parsing attributes in process `syz.6.11314'. [ 505.908061][T31268] netlink: 44 bytes leftover after parsing attributes in process `syz.6.11314'. [ 506.217801][T31284] usb usb9: usbfs: process 31284 (syz.0.11321) did not claim interface 37 before use [ 506.268180][ T40] audit: type=1326 audit(2000000638.868:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31285 comm="syz.0.11322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 506.277546][ T40] audit: type=1326 audit(2000000638.868:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31285 comm="syz.0.11322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 506.290873][ T40] audit: type=1326 audit(2000000638.878:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31285 comm="syz.0.11322" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 506.299863][ T40] audit: type=1326 audit(2000000638.878:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31285 comm="syz.0.11322" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 506.308829][ T40] audit: type=1326 audit(2000000638.878:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31285 comm="syz.0.11322" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 506.318028][ T40] audit: type=1326 audit(2000000638.878:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31285 comm="syz.0.11322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 506.327007][ T40] audit: type=1326 audit(2000000638.878:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31285 comm="syz.0.11322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 506.337209][ T40] audit: type=1326 audit(2000000638.888:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31285 comm="syz.0.11322" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7185cab code=0x7ffc0000 [ 506.346282][ T40] audit: type=1326 audit(2000000638.888:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31285 comm="syz.0.11322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 506.366606][ T40] audit: type=1326 audit(2000000638.888:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31285 comm="syz.0.11322" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82f6c code=0x7ffc0000 [ 506.557262][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.992560][T16514] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 507.096902][T31317] bridge0: port 4(syz_tun) entered blocking state [ 507.099653][T31317] bridge0: port 4(syz_tun) entered disabled state [ 507.102532][T31317] syz_tun: entered allmulticast mode [ 507.106037][T31317] syz_tun: entered promiscuous mode [ 507.152272][T16514] usb 5-1: Using ep0 maxpacket: 16 [ 507.159382][T16514] usb 5-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22 [ 507.164964][T16514] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 507.168477][T16514] usb 5-1: Product: syz [ 507.170148][T16514] usb 5-1: Manufacturer: syz [ 507.171903][T16514] usb 5-1: SerialNumber: syz [ 507.261695][T31326] loop5: detected capacity change from 0 to 7 [ 507.408232][T16514] usb 5-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state [ 507.416671][T16514] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 507.421825][T16514] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0) [ 507.426608][T16514] usb 5-1: media controller created [ 507.440621][T16514] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 507.471642][T31326] Dev loop5: unable to read RDB block 7 [ 507.474271][T31326] loop5: unable to read partition table [ 507.476698][T31326] loop5: partition table beyond EOD, truncated [ 507.479245][T31326] loop_reread_partitions: partition scan of loop5 (Wý* ܽ4FLQk݊5) failed (rc=-5) [ 507.664181][T16514] zl10353_read_register: readreg error (reg=127, ret==-110) [ 507.695723][T16514] dvb_usb_gl861 5-1:157.0: probe with driver dvb_usb_gl861 failed with error -5 [ 507.701875][T16514] usb 5-1: USB disconnect, device number 32 [ 509.174241][T31420] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11379'. [ 509.392288][T16412] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 509.564305][T16412] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 14129, setting to 64 [ 509.574672][T16412] usb 5-1: config 0 interface 0 has no altsetting 0 [ 509.582433][T16412] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 509.586264][T16412] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 509.589561][T16412] usb 5-1: Product: syz [ 509.601764][T16412] usb 5-1: Manufacturer: syz [ 509.604215][T16412] usb 5-1: SerialNumber: syz [ 509.613770][T16412] usb 5-1: config 0 descriptor?? [ 509.624586][T16412] usb 5-1: selecting invalid altsetting 0 [ 509.842670][ T39] usb 5-1: USB disconnect, device number 33 [ 509.949146][T31439] bridge0: port 4(veth0_to_bridge) entered blocking state [ 509.952491][T31439] bridge0: port 4(veth0_to_bridge) entered disabled state [ 509.955661][T31439] veth0_to_bridge: entered allmulticast mode [ 509.961288][T31439] veth0_to_bridge: entered promiscuous mode [ 509.966315][T31439] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 509.973208][T31439] bridge0: port 4(veth0_to_bridge) entered blocking state [ 509.976451][T31439] bridge0: port 4(veth0_to_bridge) entered forwarding state [ 510.003783][ T69] usb 11-1: new high-speed USB device number 25 using dummy_hcd [ 510.031148][T31441] kernel read not supported for file /!selinuxselinux (pid: 31441 comm: syz.2.11390) [ 510.042610][T31438] block nbd4: server does not support multiple connections per device. [ 510.047318][T31438] block nbd4: shutting down sockets [ 510.174375][ T69] usb 11-1: config index 0 descriptor too short (expected 39, got 27) [ 510.177967][ T69] usb 11-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 510.181853][ T69] usb 11-1: config 0 interface 0 has no altsetting 0 [ 510.191868][ T69] usb 11-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 510.196820][ T69] usb 11-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 510.215628][ T69] usb 11-1: Product: syz [ 510.217722][ T69] usb 11-1: Manufacturer: syz [ 510.219794][ T69] usb 11-1: SerialNumber: syz [ 510.228161][ T69] usb 11-1: config 0 descriptor?? [ 510.245611][ T69] hub 11-1:0.0: bad descriptor, ignoring hub [ 510.248470][ T69] hub 11-1:0.0: probe with driver hub failed with error -5 [ 510.254638][ T69] usb 11-1: selecting invalid altsetting 0 [ 511.161497][T31481] netlink: 320 bytes leftover after parsing attributes in process `syz.8.11405'. [ 511.167155][T31433] usb 11-1: reset high-speed USB device number 25 using dummy_hcd [ 511.224227][T31486] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11408'. [ 511.343332][T31433] usb 11-1: device firmware changed [ 511.349636][T16412] usb 11-1: USB disconnect, device number 25 [ 511.386072][T31495] team0: No ports can be present during mode change [ 511.523783][T16412] usb 11-1: new high-speed USB device number 26 using dummy_hcd [ 511.680209][T31520] vivid-000: disconnect [ 511.683081][T31519] vivid-000: reconnect [ 511.694232][T16412] usb 11-1: config index 0 descriptor too short (expected 39, got 27) [ 511.697920][T16412] usb 11-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 511.703039][T16412] usb 11-1: config 0 interface 0 has no altsetting 0 [ 511.708722][T16412] usb 11-1: string descriptor 0 read error: -22 [ 511.711474][T16412] usb 11-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 511.716617][T16412] usb 11-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 511.722807][T16412] usb 11-1: config 0 descriptor?? [ 511.727906][T16412] hub 11-1:0.0: bad descriptor, ignoring hub [ 511.733193][T16412] hub 11-1:0.0: probe with driver hub failed with error -5 [ 511.738945][T16412] usb 11-1: selecting invalid altsetting 0 [ 512.052594][T16514] usb 11-1: USB disconnect, device number 26 [ 512.807457][T31580] [ 512.808888][T31580] ====================================================== [ 512.811772][T31580] WARNING: possible circular locking dependency detected [ 512.814398][T31580] syzkaller #0 Tainted: G L [ 512.817099][T31580] ------------------------------------------------------ [ 512.820583][T31580] syz.8.11451/31580 is trying to acquire lock: [ 512.823070][T31580] ffffffff8e9aa720 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc_lru_noprof+0x51/0x6e0 [ 512.827073][T31580] [ 512.827073][T31580] but task is already holding lock: [ 512.829852][T31580] ffffffff8e84a350 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: copy_process+0x4632/0x7a40 [ 512.833800][T31580] [ 512.833800][T31580] which lock already depends on the new lock. [ 512.833800][T31580] [ 512.839082][T31580] [ 512.839082][T31580] the existing dependency chain (in reverse order) is: [ 512.842813][T31580] [ 512.842813][T31580] -> #8 (cgroup_threadgroup_rwsem){++++}-{0:0}: [ 512.846262][T31580] percpu_down_write+0x53/0x3e0 [ 512.848830][T31580] cgroup_procs_write_start+0x568/0x890 [ 512.852407][T31580] __cgroup_procs_write+0xd7/0x730 [ 512.855585][T31580] cgroup_procs_write+0x26/0x60 [ 512.858349][T31580] cgroup_file_write+0x1e9/0x790 [ 512.861436][T31580] kernfs_fop_write_iter+0x3e0/0x5f0 [ 512.864766][T31580] vfs_write+0x6ac/0x1070 [ 512.866882][T31580] ksys_write+0x12a/0x250 [ 512.869058][T31580] do_int80_emulation+0x141/0x6b0 [ 512.871413][T31580] asm_int80_emulation+0x1a/0x20 [ 512.873917][T31580] [ 512.873917][T31580] -> #7 (cpu_hotplug_lock){++++}-{0:0}: [ 512.877590][T31580] cpus_read_lock+0x42/0x170 [ 512.880113][T31580] static_key_slow_inc+0x12/0x30 [ 512.884409][T31580] tcp_md5_do_add+0x296/0x430 [ 512.887756][T31580] tcp_v6_parse_md5_keys+0x264/0x860 [ 512.892104][T31580] do_tcp_setsockopt+0x1a2d/0x2ac0 [ 512.895779][T31580] tcp_setsockopt+0xe2/0x100 [ 512.898827][T31580] do_sock_setsockopt+0xf3/0x1d0 [ 512.901944][T31580] __sys_setsockopt+0x119/0x190 [ 512.905079][T31580] __ia32_sys_setsockopt+0xbc/0x160 [ 512.908392][T31580] __do_fast_syscall_32+0xe3/0x8c0 [ 512.911602][T31580] do_fast_syscall_32+0x32/0x70 [ 512.914952][T31580] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 512.918339][T31580] [ 512.918339][T31580] -> #6 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 512.921797][T31580] lock_sock_nested+0x41/0xf0 [ 512.924241][T31580] inet_shutdown+0x67/0x410 [ 512.926519][T31580] nbd_mark_nsock_dead+0xae/0x5c0 [ 512.929187][T31580] sock_shutdown+0x16b/0x200 [ 512.931379][T31580] nbd_config_put+0x1eb/0x750 [ 512.933800][T31580] nbd_genl_connect+0xaf8/0x1a40 [ 512.936720][T31580] genl_family_rcv_msg_doit+0x214/0x300 [ 512.939641][T31580] genl_rcv_msg+0x560/0x800 [ 512.941866][T31580] netlink_rcv_skb+0x159/0x420 [ 512.944179][T31580] genl_rcv+0x28/0x40 [ 512.946153][T31580] netlink_unicast+0x5aa/0x870 [ 512.948444][T31580] netlink_sendmsg+0x8b0/0xda0 [ 512.950694][T31580] ____sys_sendmsg+0x9e1/0xb70 [ 512.952993][T31580] ___sys_sendmsg+0x190/0x1e0 [ 512.955333][T31580] __sys_sendmsg+0x170/0x220 [ 512.957530][T31580] __do_fast_syscall_32+0xe3/0x8c0 [ 512.959952][T31580] do_fast_syscall_32+0x32/0x70 [ 512.962329][T31580] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 512.965242][T31580] [ 512.965242][T31580] -> #5 (&nsock->tx_lock){+.+.}-{4:4}: [ 512.968521][T31580] __mutex_lock+0x1a2/0x1b90 [ 512.971413][T31580] nbd_queue_rq+0x428/0x1080 [ 512.973532][T31580] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 512.976615][T31580] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 512.979578][T31580] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 512.982447][T31580] blk_mq_run_hw_queue+0x23c/0x670 [ 512.984874][T31580] blk_mq_dispatch_list+0x51d/0x1360 [ 512.987459][T31580] blk_mq_flush_plug_list+0x130/0x600 [ 512.990012][T31580] __blk_flush_plug+0x2c4/0x4b0 [ 512.992327][T31580] __submit_bio+0x584/0x6c0 [ 512.994537][T31580] submit_bio_noacct_nocheck+0x562/0xc10 [ 512.997180][T31580] submit_bio_noacct+0xd17/0x2010 [ 513.000023][T31580] submit_bh_wbc+0x59c/0x770 [ 513.002351][T31580] block_read_full_folio+0x4c8/0x8e0 [ 513.004867][T31580] filemap_read_folio+0xfc/0x3b0 [ 513.007588][T31580] do_read_cache_folio+0x2d7/0x6b0 [ 513.010737][T31580] read_part_sector+0xd1/0x370 [ 513.013756][T31580] adfspart_check_ICS+0x93/0x910 [ 513.016699][T31580] bdev_disk_changed+0x7f8/0xc80 [ 513.019013][T31580] blkdev_get_whole+0x187/0x290 [ 513.021503][T31580] bdev_open+0x2c7/0xe40 [ 513.023594][T31580] blkdev_open+0x34e/0x4f0 [ 513.025856][T31580] do_dentry_open+0x6d8/0x1660 [ 513.028280][T31580] vfs_open+0x82/0x3f0 [ 513.030285][T31580] path_openat+0x208c/0x31a0 [ 513.032488][T31580] do_file_open+0x20e/0x430 [ 513.035376][T31580] do_sys_openat2+0x10d/0x1e0 [ 513.038109][T31580] __x64_sys_openat+0x12d/0x210 [ 513.040420][T31580] do_syscall_64+0x106/0xf80 [ 513.043566][T31580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.046371][T31580] [ 513.046371][T31580] -> #4 (&cmd->lock){+.+.}-{4:4}: [ 513.049731][T31580] __mutex_lock+0x1a2/0x1b90 [ 513.051973][T31580] nbd_queue_rq+0xba/0x1080 [ 513.054074][T31580] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 513.056714][T31580] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 513.059613][T31580] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 513.062610][T31580] blk_mq_run_hw_queue+0x23c/0x670 [ 513.065889][T31580] blk_mq_dispatch_list+0x51d/0x1360 [ 513.068844][T31580] blk_mq_flush_plug_list+0x130/0x600 [ 513.071558][T31580] __blk_flush_plug+0x2c4/0x4b0 [ 513.075476][T31580] __submit_bio+0x584/0x6c0 [ 513.078330][T31580] submit_bio_noacct_nocheck+0x562/0xc10 [ 513.081796][T31580] submit_bio_noacct+0xd17/0x2010 [ 513.085475][T31580] submit_bh_wbc+0x59c/0x770 [ 513.087781][T31580] block_read_full_folio+0x4c8/0x8e0 [ 513.090711][T31580] filemap_read_folio+0xfc/0x3b0 [ 513.093562][T31580] do_read_cache_folio+0x2d7/0x6b0 [ 513.095973][T31580] read_part_sector+0xd1/0x370 [ 513.099268][T31580] adfspart_check_ICS+0x93/0x910 [ 513.102387][T31580] bdev_disk_changed+0x7f8/0xc80 [ 513.105561][T31580] blkdev_get_whole+0x187/0x290 [ 513.108646][T31580] bdev_open+0x2c7/0xe40 [ 513.111193][T31580] blkdev_open+0x34e/0x4f0 [ 513.114978][T31580] do_dentry_open+0x6d8/0x1660 [ 513.117455][T31580] vfs_open+0x82/0x3f0 [ 513.119443][T31580] path_openat+0x208c/0x31a0 [ 513.123921][T31580] do_file_open+0x20e/0x430 [ 513.126506][T31580] do_sys_openat2+0x10d/0x1e0 [ 513.129604][T31580] __x64_sys_openat+0x12d/0x210 [ 513.133545][T31580] do_syscall_64+0x106/0xf80 [ 513.135706][T31580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.138488][T31580] [ 513.138488][T31580] -> #3 (set->srcu){.+.+}-{0:0}: [ 513.141446][T31580] __synchronize_srcu+0xa2/0x300 [ 513.144649][T31580] blk_mq_quiesce_queue+0x149/0x1c0 [ 513.147778][T31580] elevator_switch+0x17b/0x7e0 [ 513.150371][T31580] elevator_change+0x352/0x530 [ 513.152760][T31580] elevator_set_default+0x29e/0x360 [ 513.155179][T31580] blk_register_queue+0x412/0x590 [ 513.158260][T31580] __add_disk+0x73f/0xe40 [ 513.160383][T31580] add_disk_fwnode+0x118/0x5c0 [ 513.162635][T31580] nbd_dev_add+0x77a/0xb10 [ 513.164958][T31580] nbd_init+0x291/0x2b0 [ 513.167221][T31580] do_one_initcall+0x11d/0x760 [ 513.169582][T31580] kernel_init_freeable+0x6e5/0x7a0 [ 513.172045][T31580] kernel_init+0x1f/0x1e0 [ 513.174339][T31580] ret_from_fork+0x754/0xd80 [ 513.176548][T31580] ret_from_fork_asm+0x1a/0x30 [ 513.178722][T31580] [ 513.178722][T31580] -> #2 (&q->elevator_lock){+.+.}-{4:4}: [ 513.182411][T31580] __mutex_lock+0x1a2/0x1b90 [ 513.184981][T31580] elevator_change+0x1bc/0x530 [ 513.187351][T31580] elevator_set_none+0x92/0xf0 [ 513.189528][T31580] blk_mq_update_nr_hw_queues+0x4c1/0x15f0 [ 513.192495][T31580] nbd_start_device+0x1a6/0xbd0 [ 513.195338][T31580] nbd_genl_connect+0xff2/0x1a40 [ 513.198355][T31580] genl_family_rcv_msg_doit+0x214/0x300 [ 513.201695][T31580] genl_rcv_msg+0x560/0x800 [ 513.205212][T31580] netlink_rcv_skb+0x159/0x420 [ 513.207859][T31580] genl_rcv+0x28/0x40 [ 513.210670][T31580] netlink_unicast+0x5aa/0x870 [ 513.213128][T31580] netlink_sendmsg+0x8b0/0xda0 [ 513.215109][T31580] ____sys_sendmsg+0x9e1/0xb70 [ 513.217329][T31580] ___sys_sendmsg+0x190/0x1e0 [ 513.219977][T31580] __sys_sendmsg+0x170/0x220 [ 513.222278][T31580] __do_fast_syscall_32+0xe3/0x8c0 [ 513.224956][T31580] do_fast_syscall_32+0x32/0x70 [ 513.227470][T31580] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 513.230470][T31580] [ 513.230470][T31580] -> #1 (&q->q_usage_counter(io)#50){++++}-{0:0}: [ 513.234691][T31580] blk_alloc_queue+0x610/0x790 [ 513.237017][T31580] blk_mq_alloc_queue+0x174/0x290 [ 513.239530][T31580] __blk_mq_alloc_disk+0x29/0x120 [ 513.242123][T31580] nbd_dev_add+0x492/0xb10 [ 513.244253][T31580] nbd_init+0x291/0x2b0 [ 513.246200][T31580] do_one_initcall+0x11d/0x760 [ 513.248985][T31580] kernel_init_freeable+0x6e5/0x7a0 [ 513.251321][T31580] kernel_init+0x1f/0x1e0 [ 513.253549][T31580] ret_from_fork+0x754/0xd80 [ 513.256219][T31580] ret_from_fork_asm+0x1a/0x30 [ 513.258964][T31580] [ 513.258964][T31580] -> #0 (fs_reclaim){+.+.}-{0:0}: [ 513.262738][T31580] __lock_acquire+0x14b8/0x2630 [ 513.265565][T31580] lock_acquire+0x1cf/0x380 [ 513.267701][T31580] fs_reclaim_acquire+0xc4/0x100 [ 513.270843][T31580] kmem_cache_alloc_lru_noprof+0x51/0x6e0 [ 513.273905][T31580] alloc_inode+0x183/0x250 [ 513.276041][T31580] iget_locked+0x1d9/0x6d0 [ 513.278514][T31580] kernfs_get_inode+0x46/0x470 [ 513.281269][T31580] cgroup_may_write+0x89/0x120 [ 513.283601][T31580] cgroup_can_fork+0xb89/0x1390 [ 513.285861][T31580] copy_process+0x4632/0x7a40 [ 513.288061][T31580] kernel_clone+0xfc/0x9a0 [ 513.290356][T31580] __do_sys_clone3+0x214/0x290 [ 513.292612][T31580] __do_fast_syscall_32+0xe3/0x8c0 [ 513.295107][T31580] do_fast_syscall_32+0x32/0x70 [ 513.297335][T31580] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 513.300543][T31580] [ 513.300543][T31580] other info that might help us debug this: [ 513.300543][T31580] [ 513.305096][T31580] Chain exists of: [ 513.305096][T31580] fs_reclaim --> cpu_hotplug_lock --> cgroup_threadgroup_rwsem [ 513.305096][T31580] [ 513.311807][T31580] Possible unsafe locking scenario: [ 513.311807][T31580] [ 513.315446][T31580] CPU0 CPU1 [ 513.318050][T31580] ---- ---- [ 513.320332][T31580] rlock(cgroup_threadgroup_rwsem); [ 513.323217][T31580] lock(cpu_hotplug_lock); [ 513.326805][T31580] lock(cgroup_threadgroup_rwsem); [ 513.329978][T31580] lock(fs_reclaim); [ 513.331689][T31580] [ 513.331689][T31580] *** DEADLOCK *** [ 513.331689][T31580] [ 513.335348][T31580] 2 locks held by syz.8.11451/31580: [ 513.337548][T31580] #0: ffffffff8e84a648 (cgroup_mutex){+.+.}-{4:4}, at: cgroup_can_fork+0x88f/0x1390 [ 513.341932][T31580] #1: ffffffff8e84a350 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: copy_process+0x4632/0x7a40 [ 513.346202][T31580] [ 513.346202][T31580] stack backtrace: [ 513.348717][T31580] CPU: 1 UID: 0 PID: 31580 Comm: syz.8.11451 Tainted: G L syzkaller #0 PREEMPT(full) [ 513.348747][T31580] Tainted: [L]=SOFTLOCKUP [ 513.348753][T31580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 513.348764][T31580] Call Trace: [ 513.348904][T31580] [ 513.348912][T31580] dump_stack_lvl+0x100/0x190 [ 513.348945][T31580] print_circular_bug.cold+0x178/0x1c7 [ 513.348974][T31580] check_noncircular+0x146/0x160 [ 513.348998][T31580] __lock_acquire+0x14b8/0x2630 [ 513.349024][T31580] lock_acquire+0x1cf/0x380 [ 513.349044][T31580] ? kmem_cache_alloc_lru_noprof+0x51/0x6e0 [ 513.349074][T31580] fs_reclaim_acquire+0xc4/0x100 [ 513.349091][T31580] ? kmem_cache_alloc_lru_noprof+0x51/0x6e0 [ 513.349112][T31580] kmem_cache_alloc_lru_noprof+0x51/0x6e0 [ 513.349134][T31580] ? alloc_inode+0x183/0x250 [ 513.349155][T31580] ? find_inode_fast+0x1fa/0x910 [ 513.349176][T31580] alloc_inode+0x183/0x250 [ 513.349195][T31580] iget_locked+0x1d9/0x6d0 [ 513.349217][T31580] ? __pfx_iget_locked+0x10/0x10 [ 513.349237][T31580] ? find_held_lock+0x2b/0x80 [ 513.349252][T31580] ? css_tryget_online_from_dir+0x22a/0x7c0 [ 513.349271][T31580] ? css_tryget_online_from_dir+0x22a/0x7c0 [ 513.349289][T31580] kernfs_get_inode+0x46/0x470 [ 513.349314][T31580] cgroup_may_write+0x89/0x120 [ 513.349336][T31580] cgroup_can_fork+0xb89/0x1390 [ 513.349355][T31580] copy_process+0x4632/0x7a40 [ 513.349375][T31580] ? futex_unqueue+0x133/0x2c0 [ 513.349401][T31580] ? __pfx_copy_process+0x10/0x10 [ 513.349421][T31580] ? _copy_from_user+0x59/0xd0 [ 513.349443][T31580] kernel_clone+0xfc/0x9a0 [ 513.349462][T31580] ? __pfx_kernel_clone+0x10/0x10 [ 513.349483][T31580] ? __pfx_futex_wait+0x10/0x10 [ 513.349509][T31580] __do_sys_clone3+0x214/0x290 [ 513.349528][T31580] ? __pfx___do_sys_clone3+0x10/0x10 [ 513.349560][T31580] __do_fast_syscall_32+0xe3/0x8c0 [ 513.349583][T31580] do_fast_syscall_32+0x32/0x70 [ 513.349599][T31580] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 513.349619][T31580] RIP: 0023:0xf6ffef6c [ 513.349634][T31580] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 513.349650][T31580] RSP: 002b:00000000f53ed3dc EFLAGS: 00000286 ORIG_RAX: 00000000000001b3 [ 513.349735][T31580] RAX: ffffffffffffffda RBX: 00000000f53ed410 RCX: 0000000000000058 [ 513.349745][T31580] RDX: 0000000000000000 RSI: 0000000080a00200 RDI: 0000000000000002 [ 513.349756][T31580] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 513.349766][T31580] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 513.349776][T31580] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 513.349792][T31580] [ 516.518490][ T5348] udevd[5348]: worker [25487] /devices/virtual/block/nbd3 is taking a long time