last executing test programs: 44.922484071s ago: executing program 3 (id=2180): pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x25a5, 0x4) write$binfmt_script(r1, &(0x7f0000000480)={'#! ', './file0'}, 0xb) 44.500915023s ago: executing program 3 (id=2185): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@ipv4_newrule={0x34, 0x20, 0x1, 0x70bd26, 0x25dfdbfb, {0x2, 0x10, 0x10, 0x0, 0x9, 0x0, 0x0, 0x0, 0x10007}, [@FRA_SRC={0x8, 0x2, @rand_addr=0x64010101}, @FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e21, 0x4e22}}, @FRA_DST={0x8, 0x1, @empty}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x4000804) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00!'], 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 44.228417595s ago: executing program 3 (id=2189): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f00000000c0)="39c394e534ecf02e7e0e9ca20800", 0x22, 0x0, &(0x7f0000000080)={0x11, 0xf8, r2, 0x1, 0x95, 0x6, @random="18605fc4d89d"}, 0x14) 43.920431676s ago: executing program 3 (id=2192): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x40010a1, 0x0) 43.643840017s ago: executing program 3 (id=2195): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000015000100fdffffff00000000021800ff", @ANYRES32=r1, @ANYBLOB="1400030076657468f7"], 0x2c}}, 0x0) 41.793630051s ago: executing program 3 (id=2209): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x180c8, &(0x7f0000000580)=ANY=[@ANYBLOB="6e66732c646f74732c636865636b3d7374726963742c646f74732c6572726f72733d72656d6f756e742d726f2c00fc403bb14281bbfb9b8213bd6284536d64789a24dd73b98b3e33cb47fed8a736464bb62e9e891aa832722dfc28bfa4489b3a127a503e72326b737d0f67c97be6f37ef46154dec39ef8718946ffc8cd4d735a0b101c1722477bbe2f923577ea51f7116f17c3ddf5c497fba2d0bb3272d123b31e9461d4e2d65a42e1174fa269de92e463fc1ca202650fe2628e15341e45dce6c0de2367bdb50cc5b2b462e1d45fc3265f1a88561ab6afb1b73a3b340b5c5fc6e601843a59f3cdeb36991cfa985453287d4c9d2d6e21adddc57a607369c682e821b20dc0efd51d12f386f3f8e53c05e696e50c7c3f79b1b0bd7e5cfaf3f63d8949c8dd2fd94aa0f259a4cb9412c30c45f9d4d63d267d2a43f03a47fa56b3"], 0x1, 0x24e, &(0x7f00000006c0)="$eJzs3bFqFEEYB/DP5JIcaUwtFgs2Voda2R4SQVwQTrbQyoVok4iwaVarfQyfwdfwLXyMVOlWzJ65JJ425jK53d8Pjv3gz3Ezt3BzxTez7+5/PDz4dPyh/fE1xuMsRhFN20bsxUZsRufO/LpxVm/HRU0AAOtmNiunqcfAalXVtNyKiJ0/kuJbkgEBAAAAAAAAAADw35b1/8ep/n8A6DP9//1XVdNyd/7/7TL9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA6p217t/3HK/X4AIDrZ/0HgOGx/gPA8Fj/AWB4Xr95+3Ka5/uzLBtHnDR1URfdtcufv8j3H2Vn9hbvOqnrYvM8f9zl2eV8K3bn+ZOl+XY8fNDlv7Jnr/Ir+U4crH76AAAAAAAAAAAAAAAAAAAAcCtMsnNL9/dPJn/Lu+rC+QBX9u+P4t7oxqYBAAAAAAAAAAAAAAAAAAAAa+3485fD8ujofTXc4ve5Bmk+/fv134J4egu+1ZsvUt3BnhaJf5gAAAAAAAAAAAAAAAAAAGCAFpt+U48EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANJZPP9/dUVENG0n9XQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHvsZAAD//xwql1U=") mount_setattr(0xffffffffffffffff, 0x0, 0x8800, &(0x7f0000000140)={0x10009e, 0x1000f1}, 0x20) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) 7.880083251s ago: executing program 4 (id=2392): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x6, 0x7}}]}}]}, 0x48}}, 0x4c840) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003300)=@newtfilter={0x44, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0xfff3, 0xfff3}, {0x0, 0xfff3}, {0x2, 0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8847}, @TCA_FLOWER_KEY_MPLS_TC={0x5, 0x45, 0x2}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20041090}, 0x0) 5.15442222s ago: executing program 4 (id=2399): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x26, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r1 = socket$kcm(0x11, 0x200000000000002, 0x300) sendmsg$sock(r1, &(0x7f00000000c0)={&(0x7f0000000040)=@phonet={0x23, 0x0, 0x0, 0x27}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x102}}], 0x18}, 0x0) 3.932635812s ago: executing program 4 (id=2407): madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f00000001c0)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f000012b000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x9, &(0x7f0000000000), 0x9, 0x400, 0x0, 0x0, 0x0, 0x70}) 2.797926006s ago: executing program 0 (id=2412): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f000012d000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00005a4000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0}) 2.56877553s ago: executing program 4 (id=2414): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000002fc0)=@newtaction={0x14, 0x30, 0x9, 0x0, 0x25dfdbff}, 0x14}}, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10) sendmmsg(r0, &(0x7f0000001c00), 0x400000000000159, 0x40840) 2.372972122s ago: executing program 0 (id=2415): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000380)={0xfffffff8, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000040)={0x0, 0x7a125, 0x9, {0xfffffffc}}) 2.37281545s ago: executing program 1 (id=2416): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0xa, 0x4, 0x4, 0x5}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f0000000200), &(0x7f0000000340)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x14, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.001893149s ago: executing program 2 (id=2419): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0), r0) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="09020000000000004d00010000000500040002000000060001004e20"], 0x24}}, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000200)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x37, 0x30, 0x0, 0x0, 0x2, 0x11, 0x0, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0xf}}, {0xfd, 0x4e20, 0x1c, 0x0, @gue={{0x2, 0x0, 0x0, 0x2, 0x100}, "030000987e0001a560893ebd"}}}}}}, 0x0) 1.919760369s ago: executing program 1 (id=2420): r0 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3}) mq_timedsend(r0, 0x0, 0x0, 0x3, 0x0) mq_timedsend(r0, 0x0, 0x0, 0x9, &(0x7f00000002c0)={0x77359400}) mq_timedreceive(r0, &(0x7f0000000880)=""/202, 0xca, 0x200000200009, 0x0) 1.881988608s ago: executing program 2 (id=2421): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="c40000001900674c020000000006000000000000000000000000000000000000ff02000000000000000000000000000100010000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000fcffffffffffffff0000000000000000b0ac00000000000000000000040000000000000000000000000400000000000000010000000000000a00100001"], 0xc4}}, 0x4c050) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) 1.692562453s ago: executing program 4 (id=2422): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000600), 0xfec8) 1.471785601s ago: executing program 2 (id=2423): open(&(0x7f0000000180)='./bus\x00', 0x143bc2, 0x1c4) ioprio_set$pid(0x2, 0x0, 0x6000) r0 = open(&(0x7f0000000340)='./bus\x00', 0x18f03e, 0x8) pwritev2(r0, &(0x7f0000000640)=[{&(0x7f0000000100)='\'', 0x1}], 0x1, 0x8, 0x1ff, 0x19) 1.319998629s ago: executing program 4 (id=2424): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x48, r1, 0x1, 0xffffbffe, 0x0, {}, [@NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r2}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r2}}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xfb2e77a8993c1937}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x10001}]}, 0x48}}, 0x20000000) 1.240691489s ago: executing program 1 (id=2425): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000180)="8e", 0x1) setsockopt$inet_opts(r0, 0x0, 0xc, &(0x7f0000000000)="c1", 0x1) getsockopt$inet_opts(r0, 0x0, 0x9, 0x0, &(0x7f00000000c0)) 1.170799134s ago: executing program 0 (id=2426): r0 = socket(0xa, 0x1, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x4f1}}}, 0x108) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000005c0)={0x3, {{0xa, 0x4e23, 0xc, @mcast1, 0xfffffff8}}, 0x0, 0x1, [{{0xa, 0x8001, 0x2, @loopback, 0x30000}}]}, 0x110) setsockopt$inet6_group_source_req(r0, 0x29, 0x2c, &(0x7f0000000180)={0x0, {{0xa, 0x4e22, 0x6ef, @mcast1, 0xfffffffd}}, {{0xa, 0x4e24, 0x21, @loopback, 0xfffffe01}}}, 0x108) 1.157462792s ago: executing program 2 (id=2427): r0 = mq_open(&(0x7f0000000080)='eth0\x00#~\x02\x00\x00\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfd\x05\x00\x00\x00\x00\x00\x80\x00\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94uu_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18A\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x05\x00\x00\x000\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xce\x00\x00\x00\xe8\vq+\xbb\xc7\xaf\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x120, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) mq_timedsend(r0, &(0x7f0000000600)='m', 0x1, 0x6, 0x0) mq_timedreceive(r0, &(0x7f000001a600)=""/102385, 0x18ff1, 0x0, 0x0) 985.989862ms ago: executing program 1 (id=2428): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0x0, 0xfc, "8100e1c8e80b598c36ff000800"}) r1 = syz_open_pts(r0, 0x141601) ioctl$TIOCMBIC(r1, 0x5417, 0x0) 799.690015ms ago: executing program 2 (id=2429): inotify_init() syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x40000000000000, 0x1, 0x9, 0x8, 0x0, 0x4}, 0x0, &(0x7f0000000080)={0x1f, 0x7, 0x1, 0xb1bd, 0xfffffffffffffffe, 0xfffffffffffffffc, 0x9, 0x1}, &(0x7f0000000040), 0x0) 799.294831ms ago: executing program 0 (id=2430): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) add_key(&(0x7f0000000140)='encrypted\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe) r1 = fcntl$dupfd(r0, 0x0, r0) write$FUSE_ATTR(r1, 0x0, 0x0) 676.379297ms ago: executing program 1 (id=2431): r0 = socket(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x2, @loopback, 0x3}, 0x1c) setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000080)={0x1}, 0x8) sendmmsg$inet6(r0, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000002c0)="a6dc628a600b17cbe584d2e73c68fe1865f3fbcf0e16db6e759d420151c6c5750400000000000008", 0x28}], 0x1}}], 0x1, 0x4040880) 423.064879ms ago: executing program 0 (id=2432): openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x183001, 0x0) fanotify_mark(0xffffffffffffffff, 0x41, 0x8000038, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') read$FUSE(r0, &(0x7f00000028c0)={0x2020}, 0x2020) 421.843768ms ago: executing program 2 (id=2433): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x41, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, 0x0) 172.379417ms ago: executing program 1 (id=2434): setuid(0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0) landlock_restrict_self(0xffffffffffffffff, 0xc) 0s ago: executing program 0 (id=2435): sendmsg$RDMA_NLDEV_CMD_DELLINK(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="50000000041400032bbd7000fcdbdf"], 0x50}, 0x1, 0x0, 0x0, 0x4001}, 0x4000000) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000007c0000007c00000003000000010000000500008b9b3e9f7767757c06040000000f000000030000000800000056000000020000000600000009000000"], 0x0, 0x97, 0x0, 0x1, 0x3}, 0x28) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff2000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, 0x0, 0xfffffffffffffe43}, 0x68) kernel console output (not intermixed with test programs): (loop0): Directory bread(block 69) failed [ 234.147043][ T7941] FAT-fs (loop0): Directory bread(block 70) failed [ 234.147068][ T7941] FAT-fs (loop0): Directory bread(block 71) failed [ 234.147175][ T7941] FAT-fs (loop0): Directory bread(block 72) failed [ 234.147200][ T7941] FAT-fs (loop0): Directory bread(block 73) failed [ 234.289002][ T7950] netlink: 20 bytes leftover after parsing attributes in process `syz.1.857'. [ 234.289133][ T7950] netlink: 20 bytes leftover after parsing attributes in process `syz.1.857'. [ 234.413218][ T38] audit: type=1800 audit(1777373668.176:54): pid=7941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.852" name=B4 dev="loop0" ino=1048633 res=0 errno=0 [ 234.460536][ T7953] netlink: 40 bytes leftover after parsing attributes in process `syz.2.858'. [ 234.460665][ T7953] netlink: 40 bytes leftover after parsing attributes in process `syz.2.858'. [ 235.039075][ T7966] ALSA: mixer_oss: invalid OSS volume ' ' [ 235.604628][ T9] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 235.768811][ T9] usb 1-1: config 246 has an invalid interface number: 166 but max is 0 [ 235.768845][ T9] usb 1-1: config 246 has an invalid descriptor of length 0, skipping remainder of the config [ 235.768865][ T9] usb 1-1: config 246 has no interface number 0 [ 235.768932][ T9] usb 1-1: config 246 interface 166 altsetting 118 endpoint 0xB has invalid wMaxPacketSize 0 [ 235.768958][ T9] usb 1-1: config 246 interface 166 altsetting 118 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 235.768988][ T9] usb 1-1: config 246 interface 166 has no altsetting 0 [ 235.772083][ T9] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 9.63 [ 235.772116][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.772138][ T9] usb 1-1: Product: syz [ 235.772154][ T9] usb 1-1: Manufacturer: syz [ 235.772169][ T9] usb 1-1: SerialNumber: syz [ 236.237131][ T7997] loop2: detected capacity change from 0 to 512 [ 236.238261][ T7997] EXT4-fs: Ignoring removed nobh option [ 236.294589][ T7997] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 236.421130][ T5725] vhci_hcd vhci_hcd.0: vhci_device speed not set [ 236.421473][ T7997] EXT4-fs (loop2): 1 truncate cleaned up [ 236.474190][ T7997] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 236.631316][ T9] usb 1-1: Limiting number of CPorts to U8_MAX [ 236.803333][ T9] usb 1-1: Unknown endpoint type found, address 0x0b [ 236.803363][ T9] usb 1-1: Not enough endpoints found in device, aborting! [ 236.960076][ T7997] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.986076][ T9] usb 1-1: USB disconnect, device number 8 [ 237.842842][ T8029] loop3: detected capacity change from 0 to 1024 [ 237.856792][ T8029] EXT4-fs: Ignoring removed bh option [ 237.885791][ T8029] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 237.985905][ T8029] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 238.527070][ T5612] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.166042][ T8023] loop4: detected capacity change from 0 to 32768 [ 239.224770][ T8023] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 239.689255][ T8023] XFS (loop4): Ending clean mount [ 240.183220][ T5611] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 242.103744][ T8108] loop2: detected capacity change from 0 to 256 [ 242.121913][ T8108] FAT-fs (loop2): Directory bread(block 1285) failed [ 242.121954][ T8108] FAT-fs (loop2): Directory bread(block 1286) failed [ 242.121979][ T8108] FAT-fs (loop2): Directory bread(block 1287) failed [ 242.122249][ T8108] FAT-fs (loop2): Directory bread(block 1288) failed [ 242.132478][ T8109] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 242.287012][ T8108] FAT-fs (loop2): FAT read failed (blocknr 1281) [ 242.615314][ T8120] loop2: detected capacity change from 0 to 512 [ 242.743062][ T8120] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.920: bg 0: block 5: invalid block bitmap [ 242.743103][ T8120] loop2: lost filesystem error report for type 5 error -117 [ 242.824354][ C0] EXT4-fs (loop2): initial error at time 1777373676: ext4_validate_block_bitmap:432 [ 242.824404][ C0] EXT4-fs (loop2): last error at time 1777373676: ext4_validate_block_bitmap:432 [ 242.930859][ T8120] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 242.930890][ T8120] loop2: lost filesystem error report for type 5 error -117 [ 243.079533][ T8120] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.920: invalid indirect mapped block 3 (level 2) [ 243.079577][ T8120] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 243.089387][ T8120] EXT4-fs (loop2): 1 orphan inode deleted [ 243.089414][ T8120] EXT4-fs (loop2): 1 truncate cleaned up [ 243.105178][ T8120] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.361485][ T5610] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.623359][ T8141] loop0: detected capacity change from 0 to 256 [ 244.603908][ T8161] netlink: 4 bytes leftover after parsing attributes in process `syz.0.938'. [ 244.603944][ T8161] netlink: 'syz.0.938': attribute type 30 has an invalid length. [ 244.603959][ T8161] netlink: 'syz.0.938': attribute type 1 has an invalid length. [ 244.875388][ T8165] erspan0: entered promiscuous mode [ 245.978630][ T8197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.954'. [ 246.745424][ T8214] IPVS: persistence engine module ip_vs_pe_À not found [ 247.265226][ T8231] netlink: 'syz.4.967': attribute type 6 has an invalid length. [ 247.268593][ T8231] netlink: 'syz.4.967': attribute type 6 has an invalid length. [ 247.508370][ T8233] loop2: detected capacity change from 0 to 8192 [ 247.509735][ T8233] vfat: Unknown parameter 'ÿ01777777777777777777777' [ 247.560370][ T8235] program syz.0.969 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 248.334464][ T9] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 248.497138][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1056, setting to 64 [ 248.497194][ T9] usb 5-1: New USB device found, idVendor=28bd, idProduct=0055, bcdDevice= 0.00 [ 248.497218][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.547291][ T9] usb 5-1: config 0 descriptor?? [ 248.548524][ T8251] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 249.067474][ T9] uclogic 0003:28BD:0055.000A: interface is invalid, ignoring [ 249.233334][ T9] usb 5-1: USB disconnect, device number 5 [ 250.815855][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 251.687504][ T8318] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1003'. [ 252.918943][ T8344] loop0: detected capacity change from 0 to 512 [ 252.972070][ T8344] EXT4-fs: inline encryption not supported [ 253.073176][ T8344] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz.0.1014: bad orphan inode 15 [ 253.073212][ T8344] loop0: lost filesystem error report for type 5 error -117 [ 253.075645][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 253.075669][ C0] EXT4-fs (loop0): initial error at time 1777373942: ext4_orphan_get:1423 [ 253.075693][ C0] EXT4-fs (loop0): last error at time 1777373942: ext4_orphan_get:1423 [ 253.138555][ T8344] ext4_test_bit(bit=14, block=5) = 0 [ 253.154993][ T8344] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 253.200887][ T8344] EXT4-fs (loop0): shut down requested (1) [ 253.338176][ T8351] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.371043][ T5605] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.906187][ T823] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 254.064699][ T823] usb 3-1: Using ep0 maxpacket: 8 [ 254.067298][ T823] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 254.067334][ T823] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 254.067360][ T823] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 254.067384][ T823] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 254.067427][ T823] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 254.067450][ T823] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.360458][ T823] usb 3-1: GET_CAPABILITIES returned 0 [ 254.360518][ T823] usbtmc 3-1:16.0: can't read capabilities [ 254.880399][ T8382] loop4: detected capacity change from 0 to 32768 [ 254.893218][ T8382] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1029 (8382) [ 254.938175][ T8382] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 254.938216][ T8382] BTRFS info (device loop4): using crc32c checksum algorithm [ 254.938339][ T8382] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 255.192337][ T10] usb 3-1: USB disconnect, device number 11 [ 255.305118][ T8382] BTRFS info (device loop4): rebuilding free space tree [ 255.630417][ T8402] tap0: tun_chr_ioctl cmd 35108 [ 255.717855][ T8382] BTRFS info (device loop4): disabling free space tree [ 255.718047][ T8382] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 255.718079][ T8382] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 255.746836][ T8382] BTRFS info (device loop4): enabling ssd optimizations [ 255.746867][ T8382] BTRFS info (device loop4): turning on async discard [ 255.746885][ T8382] BTRFS info (device loop4): enabling disk space caching [ 255.746903][ T8382] BTRFS info (device loop4): force clearing of disk cache [ 255.746923][ T8382] BTRFS info (device loop4): use zstd compression, level 3 [ 255.935788][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.935915][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.845593][ T8424] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1040'. [ 256.845624][ T8424] openvswitch: netlink: Message has 512 unknown bytes. [ 257.597030][ T8437] capability: warning: `syz.0.1046' uses deprecated v2 capabilities in a way that may be insecure [ 257.625910][ T8437] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 257.625941][ T8437] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 257.665652][ T8437] overlayfs: conflicting lowerdir path [ 258.121258][ T8447] tap0: tun_chr_ioctl cmd 1074025677 [ 258.121568][ T8447] tap0: linktype set to 1 [ 258.277672][ T5611] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 258.321071][ T38] audit: type=1326 audit(1777373948.092:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8448 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 258.337151][ T38] audit: type=1326 audit(1777373948.092:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8448 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 258.361419][ T38] audit: type=1326 audit(1777373948.122:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8448 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 258.361477][ T38] audit: type=1326 audit(1777373948.132:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8448 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 258.362851][ T38] audit: type=1326 audit(1777373948.132:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8448 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 258.363373][ T38] audit: type=1326 audit(1777373948.132:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8448 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 258.363708][ T38] audit: type=1326 audit(1777373948.132:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8448 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 258.373616][ T38] audit: type=1326 audit(1777373948.142:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8448 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 258.373669][ T38] audit: type=1326 audit(1777373948.142:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8448 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 258.374052][ T38] audit: type=1326 audit(1777373948.142:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8448 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 258.891073][ T8431] loop3: detected capacity change from 0 to 32768 [ 260.044065][ T8468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1060'. [ 260.469263][ T8472] loop2: detected capacity change from 0 to 512 [ 260.500182][ T8472] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 260.844962][ T8472] EXT4-fs (loop2): 1 truncate cleaned up [ 260.854146][ T8472] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 260.941695][ T8472] EXT4-fs error (device loop2): ext4_generic_delete_entry:2673: inode #2: block 13: comm syz.2.1062: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 261.214734][ T8472] EXT4-fs (loop2): Remounting filesystem read-only [ 261.443937][ T5610] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.957611][ T8502] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1071'. [ 261.983681][ T8505] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1073'. [ 262.237716][ T8510] loop2: detected capacity change from 0 to 512 [ 262.376520][ T8510] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.1074: iget: bad i_size value: 38620345925642 [ 262.376563][ T8510] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 262.377328][ T8510] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1074: couldn't read orphan inode 15 (err -117) [ 262.377362][ T8510] loop2: lost filesystem error report for type 5 error -117 [ 262.385345][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 262.385369][ C1] EXT4-fs (loop2): initial error at time 1777373952: ext4_orphan_get:1397: inode 15 [ 262.385397][ C1] EXT4-fs (loop2): last error at time 1777373952: ext4_orphan_get:1397: inode 15 [ 262.463025][ T8510] EXT4-fs (loop2): mounted filesystem 00000000-0000-00a1-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.948626][ T5610] EXT4-fs (loop2): unmounting filesystem 00000000-0000-00a1-0000-000000000000. [ 263.352780][ T8533] loop0: detected capacity change from 0 to 1024 [ 264.449729][ T8552] netlink: 71 bytes leftover after parsing attributes in process `syz.0.1091'. [ 265.405499][ T8568] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1098'. [ 265.412431][ T8568] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1098'. [ 265.683521][ T8566] loop4: detected capacity change from 0 to 40427 [ 265.685764][ T8566] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 265.685792][ T8566] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 265.723267][ T8566] F2FS-fs (loop4): build fault injection rate: 2 [ 265.723297][ T8566] F2FS-fs (loop4): build fault injection type: 0x1f8 [ 265.729062][ T8566] F2FS-fs (loop4): invalid crc value [ 265.868238][ T8566] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 265.930535][ T8566] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 265.930580][ T8566] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 266.067412][ T8566] F2FS-fs (loop4): inject orphan in f2fs_acquire_orphan_inode of __f2fs_tmpfile+0x28d/0x460 [ 267.760063][ T8582] loop3: detected capacity change from 0 to 32768 [ 267.874843][ T8582] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 268.086564][ T8582] XFS (loop3): Ending clean mount [ 268.469868][ T5612] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 268.625000][ T5594] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 268.819823][ T5594] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12592, setting to 64 [ 268.837526][ T5594] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 268.837560][ T5594] usb 2-1: New USB device strings: Mfr=255, Product=0, SerialNumber=0 [ 268.837582][ T5594] usb 2-1: Manufacturer: syz [ 268.935280][ T5594] usb 2-1: config 0 descriptor?? [ 268.958730][ T8611] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 269.097589][ T8626] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 269.097621][ T8626] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 269.114006][ T8626] vhci_hcd vhci_hcd.0: Device attached [ 269.444842][ T5342] usb 1-1: new low-speed USB device number 9 using dummy_hcd [ 269.477519][ T5594] elan 0003:04F3:0755.000B: unknown main item tag 0x0 [ 269.477545][ T5594] elan 0003:04F3:0755.000B: unknown main item tag 0x0 [ 269.477561][ T5594] elan 0003:04F3:0755.000B: unknown main item tag 0x0 [ 269.477576][ T5594] elan 0003:04F3:0755.000B: unknown main item tag 0x0 [ 269.477591][ T5594] elan 0003:04F3:0755.000B: unknown main item tag 0x0 [ 269.629820][ T5342] usb 1-1: config 0 has no interfaces? [ 269.629860][ T5342] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 269.629886][ T5342] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.674557][ T9] usb 33-1: new low-speed USB device number 3 using vhci_hcd [ 269.789690][ T5342] usb 1-1: config 0 descriptor?? [ 269.968662][ T5594] elan 0003:04F3:0755.000B: hidraw0: USB HID v1.01 Device [syz] on usb-dummy_hcd.1-1/input0 [ 269.983579][ T5594] usb 2-1: USB disconnect, device number 6 [ 270.118138][ T8628] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2 [ 270.131148][ T5738] usb 1-1: USB disconnect, device number 9 [ 270.150854][ T3010] vhci_hcd vhci_hcd.0: stop threads [ 270.150884][ T3010] vhci_hcd vhci_hcd.0: release socket [ 270.150972][ T3010] vhci_hcd vhci_hcd.0: disconnect device [ 270.520142][ T8650] netlink: 'syz.1.1129': attribute type 1 has an invalid length. [ 270.567612][ T8642] fido_id[8642]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 270.577999][ T8649] loop4: detected capacity change from 0 to 1024 [ 270.832513][ T8649] EXT4-fs (loop4): bad geometry: bigalloc file system with non-zero first_data_block [ 270.832513][ T8649] [ 270.941093][ T8649] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1127'. [ 271.566509][ T8665] loop0: detected capacity change from 0 to 256 [ 271.692837][ T8665] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 271.758680][ T8665] exFAT-fs (loop0): start_clu is invalid cluster(0xffffffff) [ 272.064479][ T5594] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 272.218788][ T5594] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 272.218823][ T5594] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 272.218844][ T5594] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 272.218883][ T5594] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 272.218897][ T5594] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 272.218913][ T5594] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 272.218939][ T5594] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 272.218954][ T5594] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 272.233135][ T5594] usb 5-1: config 0 descriptor?? [ 272.245516][ T8669] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 272.737946][ T5594] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 272.964751][ C0] usblp0: nonzero read bulk status received: -71 [ 273.022593][ T5738] usb 5-1: USB disconnect, device number 6 [ 273.111638][ T5738] usblp0: removed [ 273.139762][ T5618] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 273.324445][ T5618] usb 2-1: Using ep0 maxpacket: 32 [ 273.329959][ T5618] usb 2-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0 [ 273.329993][ T5618] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.349905][ T5618] usb 2-1: config 0 descriptor?? [ 273.414553][ T5618] rndis_host 2-1:0.0: probe with driver rndis_host failed with error -22 [ 273.504431][ T823] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 273.614237][ T5342] usb 2-1: USB disconnect, device number 7 [ 273.654428][ T823] usb 3-1: Using ep0 maxpacket: 32 [ 273.739954][ T823] usb 3-1: unable to get BOS descriptor or descriptor too short [ 273.741200][ T823] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 273.741239][ T823] usb 3-1: can't read configurations, error -71 [ 274.677675][ T8725] netlink: 'syz.0.1159': attribute type 4 has an invalid length. [ 274.677700][ T8725] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1159'. [ 274.725772][ T8725] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.1159'. [ 274.876935][ T9] vhci_hcd vhci_hcd.0: vhci_device speed not set [ 274.997224][ T8735] program syz.1.1165 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 275.167194][ T10] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 275.276337][ T8740] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1167'. [ 275.326333][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 275.337521][ T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 275.337578][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 275.337603][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 275.337625][ T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 275.337667][ T10] usb 1-1: New USB device found, idVendor=057e, idProduct=2019, bcdDevice= 0.00 [ 275.337690][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.372770][ T10] usb 1-1: config 0 descriptor?? [ 275.759827][ T3014] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 275.928455][ T3014] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 275.930127][ T149] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 275.930173][ T149] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 275.972624][ T10] nintendo 0003:057E:2019.000C: collection stack underflow [ 275.972661][ T10] nintendo 0003:057E:2019.000C: item 0 2 0 12 parsing failed [ 276.034413][ T10] nintendo 0003:057E:2019.000C: HID parse failed [ 276.055951][ T10] nintendo 0003:057E:2019.000C: probe - fail = -22 [ 276.056115][ T10] nintendo 0003:057E:2019.000C: probe with driver nintendo failed with error -22 [ 276.138438][ T10] usb 1-1: USB disconnect, device number 10 [ 277.087469][ T8778] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1182'. [ 278.847067][ T8820] loop3: detected capacity change from 0 to 256 [ 278.878943][ T8820] exfat: Deprecated parameter 'namecase' [ 278.879112][ T8820] exfat: Deprecated parameter 'namecase' [ 278.944800][ T8820] exFAT-fs (loop3): failed to load upcase table (idx : 0x00000c00, chksum : 0x54b6a122, utbl_chksum : 0xe619d30d) [ 278.956077][ T9] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 279.199265][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 279.212458][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 279.212533][ T9] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 279.212559][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.233096][ T9] usb 1-1: config 0 descriptor?? [ 279.275097][ T9] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 279.711536][ T8834] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 280.079222][ T9] gspca_vc032x: reg_w err -71 [ 280.079328][ T9] vc032x 1-1:0.0: probe with driver vc032x failed with error -71 [ 280.104099][ T9] usb 1-1: USB disconnect, device number 11 [ 280.113694][ T10] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 280.304622][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 280.307434][ T10] usb 4-1: config 5 has an invalid interface number: 211 but max is 0 [ 280.307461][ T10] usb 4-1: config 5 has no interface number 0 [ 280.307499][ T10] usb 4-1: config 5 interface 211 has no altsetting 0 [ 280.312182][ T10] usb 4-1: New USB device found, idVendor=046d, idProduct=0900, bcdDevice= e.aa [ 280.312209][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.312227][ T10] usb 4-1: Product: syz [ 280.312241][ T10] usb 4-1: Manufacturer: syz [ 280.312254][ T10] usb 4-1: SerialNumber: syz [ 280.543623][ T8853] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1215'. [ 280.647896][ T10] gspca_main: spca500-2.14.0 probing 046d:0900 [ 280.657683][ T10] gspca_spca500: reg write: error -71 [ 280.659956][ T10] gspca_spca500: reg write: error -71 [ 280.660351][ T10] gspca_spca500: reg write: error -71 [ 280.662783][ T10] gspca_spca500: reg write: error -71 [ 280.663875][ T10] gspca_spca500: reg write: error -71 [ 280.664642][ T10] gspca_spca500: reg write: error -71 [ 280.665026][ T10] gspca_spca500: reg write: error -71 [ 280.669258][ T10] gspca_spca500: reg write: error -71 [ 280.677798][ T10] gspca_spca500: reg write: error -71 [ 280.678483][ T10] gspca_spca500: reg write: error -71 [ 280.679049][ T10] gspca_spca500: reg write: error -71 [ 280.681074][ T10] gspca_spca500: reg write: error -71 [ 280.682901][ T10] gspca_spca500: reg write: error -71 [ 280.683279][ T10] gspca_spca500: reg write: error -71 [ 280.773750][ T10] usb 4-1: USB disconnect, device number 11 [ 281.691342][ T8870] vlan2: entered promiscuous mode [ 281.691367][ T8870] bond0: entered promiscuous mode [ 281.691383][ T8870] bond_slave_0: entered promiscuous mode [ 281.691666][ T8870] bond_slave_1: entered promiscuous mode [ 282.314418][ T5342] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 282.367548][ T823] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 282.468548][ T5342] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 282.468581][ T5342] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 282.468603][ T5342] usb 2-1: config 0 has no interface number 0 [ 282.468651][ T5342] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 282.468682][ T5342] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 282.468706][ T5342] usb 2-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 282.468752][ T5342] usb 2-1: New USB device found, idVendor=04d9, idProduct=a04a, bcdDevice= 0.00 [ 282.468777][ T5342] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.579163][ T823] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 282.579196][ T823] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 282.579218][ T823] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 282.579251][ T823] usb 4-1: config 220 has no interface number 2 [ 282.579347][ T823] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 282.579379][ T823] usb 4-1: config 220 interface 0 has no altsetting 0 [ 282.579399][ T823] usb 4-1: config 220 interface 76 has no altsetting 0 [ 282.579419][ T823] usb 4-1: config 220 interface 1 has no altsetting 0 [ 282.590261][ T823] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 282.590296][ T823] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 282.590317][ T823] usb 4-1: Product: syz [ 282.590333][ T823] usb 4-1: Manufacturer: syz [ 282.590347][ T823] usb 4-1: SerialNumber: syz [ 282.776101][ T5342] usb 2-1: config 0 descriptor?? [ 283.000694][ T823] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 283.000803][ T823] uvcvideo 4-1:220.0: No valid video chain found. [ 283.003586][ T823] usb 4-1: selecting invalid altsetting 0 [ 283.085121][ T823] usb 4-1: selecting invalid altsetting 0 [ 283.085166][ T823] usbtest 4-1:220.1: probe with driver usbtest failed with error -22 [ 283.116437][ T823] usb 4-1: USB disconnect, device number 12 [ 283.351667][ T8886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 283.352370][ T8886] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 283.368880][ T5342] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0 [ 283.368915][ T5342] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0 [ 283.368940][ T5342] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0 [ 283.368964][ T5342] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0 [ 283.368987][ T5342] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0 [ 283.369011][ T5342] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0 [ 283.369034][ T5342] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0 [ 283.369057][ T5342] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0 [ 283.369081][ T5342] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0 [ 283.369104][ T5342] holtek_mouse 0003:04D9:A04A.000D: unknown main item tag 0x0 [ 283.370621][ T5342] holtek_mouse 0003:04D9:A04A.000D: unbalanced collection at end of report description [ 283.371557][ T5342] holtek_mouse 0003:04D9:A04A.000D: hid parse failed: -22 [ 283.371629][ T5342] holtek_mouse 0003:04D9:A04A.000D: probe with driver holtek_mouse failed with error -22 [ 283.574977][ T9] usb 2-1: USB disconnect, device number 8 [ 283.869957][ T8917] loop2: detected capacity change from 0 to 256 [ 283.871477][ T8917] exfat: Deprecated parameter 'utf8' [ 283.871592][ T8917] exfat: Deprecated parameter 'utf8' [ 284.017821][ T8917] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 284.664798][ T823] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 284.900671][ T823] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 284.900711][ T823] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 284.900754][ T823] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 284.900779][ T823] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.949248][ T823] usb 3-1: config 0 descriptor?? [ 285.118697][ T8943] loop0: detected capacity change from 0 to 512 [ 285.256312][ T8930] loop3: detected capacity change from 0 to 32768 [ 285.300561][ T8930] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1250 (8930) [ 285.345219][ T8943] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.1255: invalid indirect mapped block 4294967295 (level 0) [ 285.345265][ T8943] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 285.354409][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 285.354434][ C0] EXT4-fs (loop0): initial error at time 1777373975: ext4_free_branches:1023: inode 16 [ 285.354459][ C0] EXT4-fs (loop0): last error at time 1777373975: ext4_free_branches:1023: inode 16 [ 285.371424][ T8943] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.1255: invalid indirect mapped block 4294967295 (level 1) [ 285.371468][ T8943] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 285.460235][ T8943] EXT4-fs (loop0): 1 orphan inode deleted [ 285.460263][ T8943] EXT4-fs (loop0): 1 truncate cleaned up [ 285.463196][ T8943] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.492502][ T823] keytouch 0003:0926:3333.000E: fixing up Keytouch IEC report descriptor [ 285.766907][ T5605] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.979594][ T8956] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1260'. [ 286.112465][ T8930] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 286.112492][ T8930] BTRFS info (device loop3): using sha256 checksum algorithm [ 286.203581][ T823] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.000E/input/input10 [ 286.418843][ T8970] loop4: detected capacity change from 0 to 164 [ 287.282018][ T8930] BTRFS info (device loop3): enabling ssd optimizations [ 287.282052][ T8930] BTRFS info (device loop3): turning on async discard [ 287.282070][ T8930] BTRFS info (device loop3): enabling free space tree [ 287.699397][ T5612] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 288.419178][ T9001] pimreg: tun_chr_ioctl cmd 1074025677 [ 288.419465][ T9001] pimreg: linktype set to 6 [ 289.120331][ T9008] loop3: detected capacity change from 0 to 256 [ 289.121463][ T9008] exfat: Deprecated parameter 'utf8' [ 289.121487][ T9008] exfat: Deprecated parameter 'utf8' [ 289.121640][ T9008] exfat: Bad value for 'errors' [ 289.165330][ T823] keytouch 0003:0926:3333.000E: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 289.426155][ T823] usb 3-1: USB disconnect, device number 14 [ 289.837526][ T9] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 289.984577][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 289.997824][ T9] usb 2-1: config 0 has an invalid interface number: 85 but max is 0 [ 289.997853][ T9] usb 2-1: config 0 has no interface number 0 [ 289.997897][ T9] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 289.997924][ T9] usb 2-1: config 0 interface 85 has no altsetting 0 [ 290.001469][ T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 290.001497][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.001525][ T9] usb 2-1: Product: syz [ 290.001538][ T9] usb 2-1: Manufacturer: syz [ 290.001552][ T9] usb 2-1: SerialNumber: syz [ 290.083056][ T9014] fido_id[9014]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 290.094996][ T9] usb 2-1: config 0 descriptor?? [ 290.773283][ T9002] loop4: detected capacity change from 0 to 32768 [ 290.786885][ T9029] loop2: detected capacity change from 0 to 128 [ 290.912387][ T9] appletouch 2-1:0.85: Geyser mode initialized. [ 290.990097][ T9029] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 290.990702][ T9029] ext4 filesystem being mounted at /277/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 291.000619][ T9] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input11 [ 291.187598][ T9002] ERROR: (device loop4): xtSearch: xt_getpage: xtree page corrupt [ 291.187598][ T9002] [ 291.222059][ T9002] ERROR: (device loop4): remounting filesystem as read-only [ 291.222081][ T9002] xtLookup: xtSearch returned -5 [ 291.222094][ T9002] add_index: get/read_metapage failed! [ 291.222106][ T9002] ERROR: (device loop4): xtSearch: xt_getpage: xtree page corrupt [ 291.222106][ T9002] [ 291.222140][ T9002] xtLookup: xtSearch returned -5 [ 291.222150][ T9002] free_index: error reading directory table [ 291.222159][ T9002] ERROR: (device loop4): xtSearch: xt_getpage: xtree page corrupt [ 291.222159][ T9002] [ 291.222188][ T9002] xtLookup: xtSearch returned -5 [ 291.222197][ T9002] free_index: error reading directory table [ 291.222206][ T9002] ERROR: (device loop4): xtSearch: xt_getpage: xtree page corrupt [ 291.222206][ T9002] [ 291.222233][ T9002] xtLookup: xtSearch returned -5 [ 291.222243][ T9002] free_index: error reading directory table [ 291.222251][ T9002] ERROR: (device loop4): xtSearch: xt_getpage: xtree page corrupt [ 291.222251][ T9002] [ 291.222278][ T9002] xtLookup: xtSearch returned -5 [ 291.222287][ T9002] free_index: error reading directory table [ 291.222296][ T9002] ERROR: (device loop4): xtSearch: xt_getpage: xtree page corrupt [ 291.222296][ T9002] [ 291.222322][ T9002] xtLookup: xtSearch returned -5 [ 291.222331][ T9002] free_index: error reading directory table [ 291.236420][ T9002] ERROR: (device loop4): xtSearch: xt_getpage: xtree page corrupt [ 291.236420][ T9002] [ 291.236457][ T9002] xtLookup: xtSearch returned -5 [ 291.236468][ T9002] add_index: get/read_metapage failed! [ 291.245698][ T9033] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1285'. [ 291.581024][ T5610] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 292.213433][ T9] usb 2-1: USB disconnect, device number 9 [ 292.441502][ T9] appletouch 2-1:0.85: input: appletouch disconnected [ 292.625853][ T9049] veth0_to_team: entered promiscuous mode [ 293.623015][ T9061] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1297'. [ 294.547561][ T9079] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1304'. [ 294.934946][ T9088] TCP: tcp_parse_options: Illegal window scaling value 150 > 14 received [ 295.550337][ T9102] loop0: detected capacity change from 0 to 512 [ 295.575908][ T9102] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 295.596057][ T9102] EXT4-fs (loop0): 1 truncate cleaned up [ 295.604619][ T9102] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 295.685488][ T9102] EXT4-fs error (device loop0): ext4_generic_delete_entry:2673: inode #2: block 13: comm syz.0.1314: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 295.837708][ T9102] EXT4-fs (loop0): Remounting filesystem read-only [ 295.837735][ T9102] EXT4-fs warning (device loop0): ext4_rename_delete:3739: inode #2: comm syz.0.1314: Deleting old file: nlink 5, error=-117 [ 296.073459][ T5605] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.534999][ T5966] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 297.687412][ T5966] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 297.687459][ T5966] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 297.687504][ T5966] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 297.687531][ T5966] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 297.755965][ T5966] usb 4-1: config 0 descriptor?? [ 297.798804][ T9141] loop4: detected capacity change from 0 to 512 [ 297.983181][ T5966] ath6kl: Failed to submit usb control message: -71 [ 297.983239][ T5966] ath6kl: unable to send the bmi data to the device: -71 [ 298.002207][ T5966] ath6kl: Unable to send get target info: -71 [ 298.009226][ T9141] EXT4-fs (loop4): 1 truncate cleaned up [ 298.020259][ T5966] ath6kl: Failed to init ath6kl core: -71 [ 298.051425][ T9141] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.061649][ T5966] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 298.099597][ T5966] usb 4-1: USB disconnect, device number 13 [ 298.374774][ T9158] loop2: detected capacity change from 0 to 256 [ 298.381125][ T9158] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 298.478848][ T38] kauditd_printk_skb: 18 callbacks suppressed [ 298.478870][ T38] audit: type=1800 audit(1777373988.252:83): pid=9152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1331" name="file1" dev="loop4" ino=13 res=0 errno=0 [ 298.739191][ T5611] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.934411][ T5966] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 299.079450][ T9178] loop2: detected capacity change from 0 to 256 [ 299.080553][ T9178] exfat: Deprecated parameter 'utf8' [ 299.080573][ T9178] exfat: Deprecated parameter 'utf8' [ 299.080657][ T9178] exfat: Deprecated parameter 'utf8' [ 299.113972][ T5966] usb 2-1: config 0 has too many interfaces: 253, using maximum allowed: 32 [ 299.114006][ T5966] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 253 [ 299.117618][ T5966] usb 2-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac [ 299.117652][ T5966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.117674][ T5966] usb 2-1: Product: syz [ 299.117690][ T5966] usb 2-1: Manufacturer: syz [ 299.117707][ T5966] usb 2-1: SerialNumber: syz [ 299.198521][ T5966] usb 2-1: config 0 descriptor?? [ 299.215370][ T5966] gspca_main: sunplus-2.14.0 probing 055f:c630 [ 299.238040][ T9178] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xc70f51ff, utbl_chksum : 0xe619d30d) [ 299.265639][ T9172] loop4: detected capacity change from 0 to 4096 [ 299.569269][ T9183] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 300.013438][ T9186] loop2: detected capacity change from 0 to 512 [ 300.029878][ T9186] EXT4-fs (loop2): bad geometry: block count 768 exceeds size of device (256 blocks) [ 300.060892][ T5966] gspca_sunplus: reg_r err -71 [ 300.060995][ T5966] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 300.090393][ T5966] usb 2-1: USB disconnect, device number 10 [ 300.914511][ T9197] loop0: detected capacity change from 0 to 32768 [ 301.112284][ T9197] JBD2: Ignoring recovery information on journal [ 301.213540][ T9197] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 301.835316][ T9219] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1362'. [ 301.956272][ T9224] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1365'. [ 301.956411][ T9224] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1365'. [ 302.863399][ T9238] block nbd2: Device being setup by another task [ 302.908854][ T9236] block nbd2: shutting down sockets [ 303.527200][ T5605] ocfs2: Unmounting device (7,0) on (node local) [ 303.978987][ T9260] program syz.1.1380 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 304.251117][ T9244] loop4: detected capacity change from 0 to 32768 [ 304.313520][ T9263] 8021q: adding VLAN 0 to HW filter on device bond1 [ 304.320519][ T9263] bond0: (slave bond1): Enslaving as an active interface with an up link [ 304.373327][ T9244] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 304.473563][ T9244] XFS (loop4): Ending clean mount [ 304.546907][ T9268] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 304.720779][ T9287] loop3: detected capacity change from 0 to 512 [ 304.734783][ T9287] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 304.801155][ T9287] EXT4-fs (loop3): 1 truncate cleaned up [ 304.820902][ T5611] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 304.983420][ T9287] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 305.586199][ T5612] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.810928][ T9308] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1395'. [ 306.140438][ T9315] loop3: detected capacity change from 0 to 256 [ 306.177374][ T9315] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 307.491544][ T9331] program syz.4.1405 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 308.234662][ T5342] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 308.394383][ T5342] usb 5-1: Using ep0 maxpacket: 16 [ 308.410894][ T5342] usb 5-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4 [ 308.410929][ T5342] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 308.410948][ T5342] usb 5-1: Product: syz [ 308.410961][ T5342] usb 5-1: Manufacturer: syz [ 308.410975][ T5342] usb 5-1: SerialNumber: syz [ 308.438773][ T5342] usb 5-1: config 0 descriptor?? [ 308.502408][ T5342] gspca_main: spca508-2.14.0 probing 041e:4018 [ 308.633601][ T9361] No memory to map [ 308.682347][ T5342] gspca_spca508: reg_read err -32 [ 308.683154][ T5342] gspca_spca508: reg_read err -32 [ 308.904884][ T5342] gspca_spca508: reg_read err -71 [ 308.916606][ T5342] gspca_spca508: reg_read err -71 [ 308.917238][ T5342] gspca_spca508: reg write: error -71 [ 308.917343][ T5342] spca508 5-1:0.0: probe with driver spca508 failed with error -71 [ 308.949939][ T5342] usb 5-1: USB disconnect, device number 7 [ 309.070792][ T9367] loop2: detected capacity change from 0 to 512 [ 309.141759][ T9367] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 309.438903][ T5610] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.551311][ T9376] loop3: detected capacity change from 0 to 16 [ 309.630525][ T9376] erofs (device loop3): mounted with root inode @ nid 36. [ 309.684814][ T9376] erofs (device loop3): invalid de[0].nameoff 14 @ nid 36 [ 310.212283][ T9395] loop9: detected capacity change from 0 to 524287936 [ 310.343156][ T9399] loop2: detected capacity change from 0 to 256 [ 311.080382][ T9408] loop3: detected capacity change from 0 to 512 [ 311.459700][ T9383] loop4: detected capacity change from 0 to 32768 [ 311.462025][ T9408] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 311.710758][ T9383] find_entry called with index >= next_index [ 311.710777][ T9383] find_entry called with index >= next_index [ 311.710786][ T9383] find_entry called with index >= next_index [ 311.710794][ T9383] find_entry called with index >= next_index [ 311.710803][ T9383] find_entry called with index >= next_index [ 311.710812][ T9383] add_index: next_index = 0. Resetting! [ 311.710828][ T9383] find_entry called with index >= next_index [ 311.710837][ T9383] find_entry called with index >= next_index [ 311.710845][ T9383] find_entry called with index >= next_index [ 311.710853][ T9383] find_entry called with index >= next_index [ 311.985439][ T9383] non-latin1 character 0x3ff found in JFS file name [ 311.985460][ T9383] mount with iocharset=utf8 to access [ 312.023393][ T5612] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.628487][ T9416] loop3: detected capacity change from 0 to 256 [ 312.993541][ T9416] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d) [ 313.319482][ T9429] netlink: 'syz.1.1444': attribute type 12 has an invalid length. [ 313.319506][ T9429] netlink: 'syz.1.1444': attribute type 29 has an invalid length. [ 313.319519][ T9429] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1444'. [ 313.319544][ T9429] netlink: 43 bytes leftover after parsing attributes in process `syz.1.1444'. [ 313.834532][ T9445] random: crng reseeded on system resumption [ 314.061292][ T9446] loop2: detected capacity change from 0 to 512 [ 314.896906][ T9467] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1459'. [ 314.896938][ T9467] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1459'. [ 314.896953][ T9467] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1459'. [ 315.036462][ T9470] sctp: [Deprecated]: syz.1.1458 (pid 9470) Use of int in maxseg socket option. [ 315.036462][ T9470] Use struct sctp_assoc_value instead [ 315.356319][ T9481] loop2: detected capacity change from 0 to 128 [ 315.433500][ T9477] loop3: detected capacity change from 0 to 4096 [ 315.498924][ T9477] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 315.956427][ T9477] ntfs3(loop3): ino=19, mi_enum_attr [ 316.046768][ T9477] ntfs3(loop3): failed to convert "c46c" to iso8859-15 [ 316.047427][ T9477] ntfs3(loop3): ino=20, mi_enum_attr [ 316.827570][ T9496] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 317.242730][ T9509] netlink: 372 bytes leftover after parsing attributes in process `syz.3.1476'. [ 317.379877][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.380003][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.470965][ T9514] macvlan0: entered promiscuous mode [ 317.471949][ T9514] netlink: 'syz.2.1477': attribute type 1 has an invalid length. [ 317.471970][ T9514] netlink: 'syz.2.1477': attribute type 2 has an invalid length. [ 317.602411][ T9517] veth1_macvtap: left promiscuous mode [ 317.748188][ T9518] erspan0: entered promiscuous mode [ 317.924079][ T9526] loop2: detected capacity change from 0 to 256 [ 317.944444][ T9526] exfat: Deprecated parameter 'utf8' [ 318.082450][ T9526] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 318.832825][ T9544] loop0: detected capacity change from 0 to 8192 [ 318.892762][ T9557] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1494'. [ 318.892802][ T9557] netlink: 'syz.2.1494': attribute type 30 has an invalid length. [ 319.587440][ T9564] program syz.0.1499 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 321.739673][ T9595] loop4: detected capacity change from 0 to 32768 [ 322.051807][ T9595] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 322.415127][ T9595] XFS (loop4): Ending clean mount [ 322.729314][ T9633] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1525'. [ 323.294128][ T9649] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1532'. [ 323.294156][ T9649] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1532'. [ 323.377336][ T5611] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 324.136551][ T9666] loop3: detected capacity change from 0 to 64 [ 325.442928][ T38] audit: type=1800 audit(53284606.177:84): pid=9668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1534" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0 [ 325.563296][ T9668] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 325.563346][ T9668] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 325.563369][ T9668] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 325.932323][ T9699] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 325.934562][ T9699] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 326.843816][ T9722] loop2: detected capacity change from 0 to 4096 [ 327.050972][ T9730] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 327.424828][ T5725] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 327.651728][ T5725] usb 4-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 327.651765][ T5725] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 327.651788][ T5725] usb 4-1: Product: syz [ 327.651803][ T5725] usb 4-1: Manufacturer: syz [ 327.651819][ T5725] usb 4-1: SerialNumber: syz [ 327.990024][ T9723] loop4: detected capacity change from 0 to 32768 [ 328.111049][ T5725] rtl8150 4-1:1.0: couldn't reset the device [ 328.112040][ T5725] rtl8150 4-1:1.0: probe with driver rtl8150 failed with error -5 [ 328.128139][ T9723] jfs_readdir called with invalid offset! [ 328.156020][ T5725] usb 4-1: USB disconnect, device number 14 [ 328.944062][ T9751] input: syz0 as /devices/virtual/input/input12 [ 329.822114][ T9767] loop2: detected capacity change from 0 to 256 [ 330.126032][ T5725] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 330.318112][ T5725] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 330.318147][ T5725] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 330.432176][ T5725] usb 2-1: config 0 descriptor?? [ 330.436837][ T5725] cp210x 2-1:0.0: cp210x converter detected [ 330.854506][ T5725] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 330.894187][ T5725] usb 2-1: cp210x converter now attached to ttyUSB0 [ 331.068693][ T5725] usb 2-1: USB disconnect, device number 11 [ 331.136777][ T5725] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 331.350423][ T5725] cp210x 2-1:0.0: device disconnected [ 333.454587][ T5725] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 333.638114][ T5725] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 333.638149][ T5725] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.638173][ T5725] usb 3-1: Product: syz [ 333.638188][ T5725] usb 3-1: Manufacturer: syz [ 333.638204][ T5725] usb 3-1: SerialNumber: syz [ 333.789353][ T9839] sch_tbf: burst 1735 is lower than device lo mtu (65550) ! [ 334.376535][ T9850] loop3: detected capacity change from 0 to 64 [ 334.548620][ T5725] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 334.548690][ T5725] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 334.615686][ T5725] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 334.619222][ T9850] UBIFS error (pid: 9850): cannot open "c:::", error -22 [ 334.659898][ T5725] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71 [ 334.690613][ T5725] usb 3-1: USB disconnect, device number 15 [ 335.377356][ T9858] loop2: detected capacity change from 0 to 2048 [ 335.490182][ T9858] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 335.772629][ T9860] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 336.661014][ T9875] program syz.2.1623 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 336.898823][ T9881] loop2: detected capacity change from 0 to 1024 [ 336.899860][ T9881] EXT4-fs: Ignoring removed orlov option [ 337.034812][ T9881] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 337.161770][ T9881] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.500167][ T9891] netlink: 'syz.3.1631': attribute type 14 has an invalid length. [ 337.561878][ T9892] program syz.0.1630 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 338.625950][ T5725] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 338.754636][ T32] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 338.785990][ T5725] usb 4-1: unable to get BOS descriptor or descriptor too short [ 338.787110][ T5725] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 338.787168][ T5725] usb 4-1: can't read configurations, error -71 [ 338.904509][ T32] usb 3-1: Using ep0 maxpacket: 32 [ 338.907406][ T32] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 338.907435][ T32] usb 3-1: config 0 has no interface number 0 [ 338.911096][ T32] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8 [ 338.911123][ T32] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 338.911141][ T32] usb 3-1: Product: syz [ 338.911154][ T32] usb 3-1: Manufacturer: syz [ 338.911167][ T32] usb 3-1: SerialNumber: syz [ 338.976459][ T32] usb 3-1: config 0 descriptor?? [ 338.996639][ T32] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 338.996669][ T32] usb 3-1: selecting invalid altsetting 1 [ 338.996687][ T32] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 339.079882][ T32] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 339.081942][ T32] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 339.082037][ T32] usb 3-1: media controller created [ 339.143752][ T32] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 339.288381][ T32] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 339.288469][ T32] zl10353_read_register: readreg error (reg=127, ret==-32) [ 339.324079][ T9934] netem: incorrect ge model size [ 339.325975][ T9934] netem: change failed [ 340.583383][ T9917] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 340.845388][ T32] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 340.964177][ T9948] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1657'. [ 341.053175][ T9952] loop4: detected capacity change from 0 to 64 [ 341.184072][ T9952] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing [ 341.383990][ T32] usb 3-1: USB disconnect, device number 16 [ 341.530956][ T9963] loop3: detected capacity change from 0 to 512 [ 341.594989][ T9963] EXT4-fs: Ignoring removed bh option [ 341.595065][ T9963] EXT4-fs: Ignoring removed mblk_io_submit option [ 341.629908][ T9963] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.1664: corrupted in-inode xattr: e_value size too large [ 341.629953][ T9963] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 341.644290][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 341.644316][ C1] EXT4-fs (loop3): initial error at time 53350164: ext4_iget_extra_inode:5128: inode 15 [ 341.644349][ C1] EXT4-fs (loop3): last error at time 53350164: ext4_iget_extra_inode:5128: inode 15 [ 341.705811][ T9963] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.1664: couldn't read orphan inode 15 (err -117) [ 341.705852][ T9963] loop3: lost filesystem error report for type 5 error -117 [ 341.735518][ T9963] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 342.411082][ T5612] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.582606][T10012] loop2: detected capacity change from 0 to 1024 [ 343.954050][T10018] program syz.0.1687 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 344.347894][T10026] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1690'. [ 344.560389][T10030] program syz.4.1694 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 345.330442][T10049] loop3: detected capacity change from 0 to 2048 [ 345.550725][T10049] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 345.893153][T10024] loop2: detected capacity change from 0 to 32768 [ 346.011928][T10024] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 346.209862][T10024] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 346.259763][T10024] XFS (loop2): Starting recovery (logdev: internal) [ 346.468083][T10024] XFS (loop2): Ending recovery (logdev: internal) [ 346.696733][ T38] audit: type=1800 audit(53350169.474:85): pid=10024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1686" name="file1" dev="loop2" ino=4422 res=0 errno=0 [ 346.908511][ T5610] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 346.952102][T10086] loop4: detected capacity change from 0 to 8 [ 349.357111][ T5966] usb 2-1: new full-speed USB device number 12 using dummy_hcd [ 349.513321][ T5966] usb 2-1: config 2 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 349.513362][ T5966] usb 2-1: config 2 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 349.513388][ T5966] usb 2-1: config 2 interface 0 has no altsetting 0 [ 349.513426][ T5966] usb 2-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00 [ 349.513453][ T5966] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.144035][ T5966] elo 0003:04E7:0009.000F: hidraw0: USB HID vff.ff Device [HID 04e7:0009] on usb-dummy_hcd.1-1/input0 [ 350.278540][ T5966] usb 2-1: USB disconnect, device number 12 [ 350.613814][T10155] input: syz0 as /devices/virtual/input/input13 [ 350.630863][ T32] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 350.632656][T10157] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 350.801147][ T32] usb 1-1: Using ep0 maxpacket: 8 [ 350.803931][ T32] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 350.803955][ T32] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 350.803973][ T32] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 350.803988][ T32] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 350.804015][ T32] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 350.804030][ T32] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.088904][ T32] usb 1-1: GET_CAPABILITIES returned 0 [ 351.088961][ T32] usbtmc 1-1:16.0: can't read capabilities [ 351.335490][ T10] usb 1-1: USB disconnect, device number 12 [ 351.378368][ T32] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 351.533487][ T32] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 351.533525][ T32] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 351.533568][ T32] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 351.533592][ T32] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.619650][T10171] loop2: detected capacity change from 0 to 512 [ 351.677666][T10171] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.1750: inode has both inline data and extents flags [ 351.677702][T10171] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 351.678035][T10171] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1750: couldn't read orphan inode 15 (err -117) [ 351.678064][T10171] loop2: lost filesystem error report for type 5 error -117 [ 351.683429][ T32] usb 2-1: config 0 descriptor?? [ 351.873541][T10171] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.685258][ T32] hid_parser_main: 137 callbacks suppressed [ 352.685286][ T32] playstation 0003:054C:0DF2.0010: unknown main item tag 0x0 [ 352.685317][ T32] playstation 0003:054C:0DF2.0010: unknown main item tag 0x0 [ 352.685344][ T32] playstation 0003:054C:0DF2.0010: unknown main item tag 0x0 [ 352.685369][ T32] playstation 0003:054C:0DF2.0010: unknown main item tag 0x0 [ 352.685395][ T32] playstation 0003:054C:0DF2.0010: unknown main item tag 0x0 [ 352.732265][ T32] playstation 0003:054C:0DF2.0010: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.1-1/input0 [ 352.767276][T10161] loop4: detected capacity change from 0 to 32768 [ 352.878499][ T32] playstation 0003:054C:0DF2.0010: Invalid reportID received, expected 9 got 0 [ 352.878522][ T32] playstation 0003:054C:0DF2.0010: Failed to retrieve DualSense pairing info: -22 [ 352.878556][ T32] playstation 0003:054C:0DF2.0010: Failed to get MAC address from DualSense [ 352.878565][ T32] playstation 0003:054C:0DF2.0010: Failed to create dualsense. [ 352.953866][T10161] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 353.030377][ T5610] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.225199][ T32] playstation 0003:054C:0DF2.0010: probe with driver playstation failed with error -22 [ 353.252983][ T32] usb 2-1: USB disconnect, device number 13 [ 353.415090][T10161] XFS (loop4): Ending clean mount [ 354.645074][ T5611] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 355.755469][T10242] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1778'. [ 355.911893][ T10] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 356.161550][ T10] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 356.161586][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 356.182201][ T10] usb 1-1: config 0 descriptor?? [ 356.299155][ T10] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 356.649628][ T10] cpia1 1-1:0.0: unexpected state after lo power cmd: 00 [ 356.966664][ T5738] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 357.061211][ T10] gspca_cpia1: usb_control_msg 02, error -71 [ 357.063097][ T10] gspca_cpia1: usb_control_msg 05, error -71 [ 357.063119][ T10] cpia1 1-1:0.0: unexpected systemstate: 00 [ 357.096883][ T10] usb 1-1: USB disconnect, device number 13 [ 357.114575][ T5738] usb 2-1: Using ep0 maxpacket: 16 [ 357.116969][ T5738] usb 2-1: config index 0 descriptor too short (expected 52, got 36) [ 357.116995][ T5738] usb 2-1: config 0 has an invalid interface number: 251 but max is 0 [ 357.117016][ T5738] usb 2-1: config 0 has no interface number 0 [ 357.117060][ T5738] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 357.117085][ T5738] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 357.126214][ T5738] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 357.126248][ T5738] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 357.126270][ T5738] usb 2-1: Product: syz [ 357.126284][ T5738] usb 2-1: Manufacturer: syz [ 357.126300][ T5738] usb 2-1: SerialNumber: syz [ 357.239892][ T5738] usb 2-1: config 0 descriptor?? [ 357.241304][T10252] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 357.241450][T10252] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 357.475004][T10266] loop2: detected capacity change from 0 to 512 [ 357.494700][T10252] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 357.495256][T10252] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 357.521058][T10266] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.1789: iget: bad i_size value: 38620345925642 [ 357.521097][T10266] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 357.521863][T10266] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1789: couldn't read orphan inode 15 (err -117) [ 357.521894][T10266] loop2: lost filesystem error report for type 5 error -117 [ 357.529406][T10266] EXT4-fs (loop2): mounted filesystem 00000000-0000-00a1-0000-000000000000 r/w without journal. Quota mode: writeback. [ 358.124849][T10277] vivid-007: disconnect [ 358.125258][T10276] loop4: detected capacity change from 0 to 256 [ 358.170999][ T5738] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 358.171036][ T5738] asix 2-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 358.171379][ T5738] asix 2-1:0.251: probe with driver asix failed with error -71 [ 358.213448][ T5738] usb 2-1: USB disconnect, device number 14 [ 358.237358][T10275] vivid-007: reconnect [ 358.302422][ T5610] EXT4-fs (loop2): unmounting filesystem 00000000-0000-00a1-0000-000000000000. [ 358.358991][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 358.894377][ T5738] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 359.177998][ T5738] usb 5-1: Using ep0 maxpacket: 16 [ 359.211196][ T5738] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 359.211269][ T5738] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 359.211302][ T5738] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 359.211326][ T5738] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 359.211353][ T5738] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 359.215981][ T5738] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 359.216014][ T5738] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 359.216035][ T5738] usb 5-1: Manufacturer: syz [ 359.300680][ T5738] usb 5-1: config 0 descriptor?? [ 359.894767][T10299] block nbd1: server does not support multiple connections per device. [ 360.024354][ T5738] rc_core: IR keymap rc-hauppauge not found [ 360.024377][ T5738] Registered IR keymap rc-empty [ 360.024597][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.042383][T10299] block nbd1: shutting down sockets [ 360.044750][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.073190][ T5738] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 360.118913][ T5738] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input14 [ 360.207855][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.226542][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.247250][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.264752][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.284539][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.306065][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.324641][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.344538][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.364541][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.384765][ T5738] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 360.407453][T10308] loop3: detected capacity change from 0 to 256 [ 360.445754][ T32] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 360.497437][ T5738] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 360.497466][ T5738] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 360.531696][ T5738] usb 5-1: USB disconnect, device number 8 [ 360.607827][ T32] usb 3-1: Using ep0 maxpacket: 16 [ 360.638951][ T32] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 360.639000][ T32] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 360.639048][ T32] usb 3-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00 [ 360.639073][ T32] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.782095][ T32] usb 3-1: config 0 descriptor?? [ 361.226396][ T32] samsung 0003:0419:0600.0011: unknown main item tag 0x0 [ 361.226436][ T32] samsung 0003:0419:0600.0011: unknown main item tag 0x0 [ 361.229793][ T32] samsung 0003:0419:0600.0011: unknown main item tag 0x0 [ 361.229828][ T32] samsung 0003:0419:0600.0011: unknown main item tag 0x0 [ 361.229854][ T32] samsung 0003:0419:0600.0011: unknown main item tag 0x0 [ 361.229880][ T32] samsung 0003:0419:0600.0011: unknown main item tag 0x0 [ 361.229905][ T32] samsung 0003:0419:0600.0011: unexpected long global item [ 361.230699][ T32] samsung 0003:0419:0600.0011: parse failed [ 361.230767][ T32] samsung 0003:0419:0600.0011: probe with driver samsung failed with error -22 [ 361.440787][ T10] usb 3-1: USB disconnect, device number 17 [ 361.743636][T10332] loop3: detected capacity change from 0 to 512 [ 361.746880][T10332] EXT4-fs: Ignoring removed nomblk_io_submit option [ 361.758279][T10332] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 361.758301][T10332] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002] [ 361.758651][T10332] EXT4-fs (loop3): orphan cleanup on readonly fs [ 361.758756][T10332] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 361.758859][T10332] EXT4-fs warning (device loop3): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 361.758885][T10332] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 361.934018][T10332] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1815: bg 0: block 40: padding at end of block bitmap is not set [ 361.934062][T10332] loop3: lost filesystem error report for type 5 error -117 [ 361.934920][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 361.934941][ C1] EXT4-fs (loop3): initial error at time 53350184: ext4_validate_block_bitmap:441 [ 361.934962][ C1] EXT4-fs (loop3): last error at time 53350184: ext4_validate_block_bitmap:441 [ 362.017997][T10332] EXT4-fs (loop3): Remounting filesystem read-only [ 362.018116][T10332] EXT4-fs (loop3): 1 truncate cleaned up [ 362.036011][T10332] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 362.125824][T10332] EXT4-fs (loop3): shut down requested (2) [ 362.146436][T10335] netlink: 136 bytes leftover after parsing attributes in process `syz.4.1817'. [ 362.146463][T10335] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 362.424988][ T5612] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.198314][T10360] kAFS: unable to lookup cell '(' [ 363.241176][T10361] kAFS: unable to lookup cell '(,c¾ûL' [ 364.262840][T10370] loop0: detected capacity change from 0 to 1024 [ 364.263931][T10370] EXT4-fs: Ignoring removed i_version option [ 364.274121][T10370] EXT4-fs: inline encryption not supported [ 364.276574][T10370] EXT4-fs (loop0): Test dummy encryption mode enabled [ 364.400620][T10370] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 364.793071][ T5605] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.484480][ T9] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 365.652315][ T9] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 365.652363][ T9] usb 3-1: config 2 interface 0 has no altsetting 0 [ 365.661144][ T9] usb 3-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 365.661180][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 365.661203][ T9] usb 3-1: Product: syz [ 365.661218][ T9] usb 3-1: Manufacturer: syz [ 365.661233][ T9] usb 3-1: SerialNumber: syz [ 365.755634][ T9] usb 3-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 365.755665][ T9] usb 3-1: selecting invalid altsetting 0 [ 365.781660][ T9] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 365.782186][ T9] dvbdev: DVB: registering new adapter (774 Friio White ISDB-T USB2.0) [ 365.782255][ T9] usb 3-1: media controller created [ 365.897024][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 366.130287][ T9] usb 3-1: USB disconnect, device number 18 [ 366.308704][T10399] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1842'. [ 366.742655][T10404] loop4: detected capacity change from 0 to 2048 [ 366.902861][T10404] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 366.902897][T10404] NILFS (loop4): mounting unchecked fs [ 367.252814][T10404] NILFS (loop4): recovery complete [ 367.294068][T10408] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 368.095022][ T9] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 368.256539][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 368.256575][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 368.256612][ T9] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 368.256636][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 368.317599][ T9] usb 1-1: config 0 descriptor?? [ 368.468976][T10426] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1853'. [ 368.751258][ T9] cp2112 0003:10C4:EA90.0012: unknown main item tag 0x0 [ 368.751297][ T9] cp2112 0003:10C4:EA90.0012: unknown main item tag 0x0 [ 368.751324][ T9] cp2112 0003:10C4:EA90.0012: unknown main item tag 0x0 [ 368.751350][ T9] cp2112 0003:10C4:EA90.0012: unknown main item tag 0x0 [ 368.751377][ T9] cp2112 0003:10C4:EA90.0012: unknown main item tag 0x0 [ 368.751402][ T9] cp2112 0003:10C4:EA90.0012: unknown main item tag 0x0 [ 368.751428][ T9] cp2112 0003:10C4:EA90.0012: unknown main item tag 0x0 [ 368.862665][ T9] cp2112 0003:10C4:EA90.0012: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0 [ 368.947905][ T9] cp2112 0003:10C4:EA90.0012: Part Number: 0x00 Device Version: 0x00 [ 368.997534][T10432] input: syz1 as /devices/virtual/input/input15 [ 369.169933][ T9] cp2112 0003:10C4:EA90.0012: error requesting SMBus config [ 369.208845][ T9] cp2112 0003:10C4:EA90.0012: probe with driver cp2112 failed with error -71 [ 369.328170][ T9] usb 1-1: USB disconnect, device number 14 [ 369.765960][ T5594] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 369.909197][T10441] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1858'. [ 369.913539][T10441] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1858'. [ 369.935179][ T5594] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 369.935226][ T5594] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 369.935266][ T5594] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 369.935289][ T5594] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.996693][ T5594] usb 2-1: config 0 descriptor?? [ 370.648603][ T5594] hid-led 0003:1D34:000A.0013: probe with driver hid-led failed with error -71 [ 370.705414][ T5594] usb 2-1: USB disconnect, device number 15 [ 371.343582][T10466] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1870'. [ 372.068447][T10491] loop2: detected capacity change from 0 to 256 [ 372.752330][T10515] program syz.0.1891 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 373.403352][T10532] program syz.0.1899 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 374.148336][T10552] loop0: detected capacity change from 0 to 512 [ 374.195062][T10552] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e040e018, mo2=0002] [ 374.195228][T10552] System zones: 1-12 [ 374.240777][T10552] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #12: comm syz.0.1908: missing EA_INODE flag [ 374.240814][T10552] loop0: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 374.258298][ C0] EXT4-fs (loop0): initial error at time 53350197: ext4_xattr_inode_iget:441: inode 12 [ 374.258341][ C0] EXT4-fs (loop0): last error at time 53350197: ext4_xattr_inode_iget:441: inode 12 [ 374.364059][T10552] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.1908: error while reading EA inode 12 err=-117 [ 374.364109][T10552] loop0: lost filesystem error report for type 5 error -117 [ 374.542271][T10552] EXT4-fs (loop0): 1 orphan inode deleted [ 374.578047][T10552] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 374.693800][T10566] loop3: detected capacity change from 0 to 512 [ 375.180275][ T5605] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 375.450049][T10574] loop0: detected capacity change from 0 to 1024 [ 377.403583][T10600] loop0: detected capacity change from 0 to 1024 [ 377.406623][T10600] ext4: Unknown parameter 'seclabel' [ 378.312988][T10620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1933'. [ 378.437421][T10591] loop3: detected capacity change from 0 to 32768 [ 378.483472][T10591] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 378.843757][T10591] XFS (loop3): Ending clean mount [ 378.851426][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.851677][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.434675][ T5612] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 379.688603][T10652] block nbd1: NBD_DISCONNECT [ 379.756355][T10654] loop0: detected capacity change from 0 to 512 [ 379.899030][T10652] block nbd1: Send disconnect failed -32 [ 379.901766][T10651] block nbd1: Disconnected due to user request. [ 379.901789][T10651] block nbd1: shutting down sockets [ 380.061832][T10657] vxcan1: tx address claim with dest, not broadcast [ 380.641366][ T5594] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 380.803642][ T5594] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 380.803677][ T5594] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.803696][ T5594] usb 5-1: Product: syz [ 380.803709][ T5594] usb 5-1: Manufacturer: syz [ 380.803723][ T5594] usb 5-1: SerialNumber: syz [ 381.442168][ T5594] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE [ 381.442242][ T5594] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE [ 381.644078][ T5594] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -EPROTO [ 381.644148][ T5594] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 381.681728][ T5594] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 381.720332][ T5594] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71 [ 381.774406][ T5594] usb 5-1: USB disconnect, device number 9 [ 381.944413][ T10] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 382.114350][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 382.116451][ T10] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 382.116479][ T10] usb 4-1: config 0 has no interface number 0 [ 382.137677][ T10] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8 [ 382.137708][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 382.137728][ T10] usb 4-1: Product: syz [ 382.137742][ T10] usb 4-1: Manufacturer: syz [ 382.137756][ T10] usb 4-1: SerialNumber: syz [ 382.191280][ T10] usb 4-1: config 0 descriptor?? [ 382.214033][ T10] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 382.214064][ T10] usb 4-1: selecting invalid altsetting 1 [ 382.214081][ T10] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 382.280164][ T10] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 382.280548][ T10] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 382.280598][ T10] usb 4-1: media controller created [ 382.314410][ T9] usb 3-1: new full-speed USB device number 19 using dummy_hcd [ 382.480015][ T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 382.683624][T10703] loop4: detected capacity change from 0 to 512 [ 382.719679][ T9] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 382.719708][ T9] usb 3-1: can't read configurations, error -71 [ 383.039848][T10703] EXT4-fs (loop4): 1 truncate cleaned up [ 383.083093][T10703] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 383.141871][T10703] EXT4-fs (loop4): shut down requested (2) [ 383.318119][ T5611] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 383.565511][T10715] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) ! [ 383.684869][T10691] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 383.709978][ T10] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 383.710046][ T10] zl10353_read_register: readreg error (reg=127, ret==-71) [ 383.712386][ T10] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 383.841633][T10716] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 383.841666][T10716] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 384.126318][ T10] usb 4-1: USB disconnect, device number 17 [ 384.540218][T10739] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1979'. [ 385.695386][ T10] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 385.899593][ T10] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 385.899632][ T10] usb 5-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 385.899661][ T10] usb 5-1: config 0 interface 0 has no altsetting 0 [ 385.899699][ T10] usb 5-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00 [ 385.899725][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 385.968457][ T10] usb 5-1: config 0 descriptor?? [ 385.986990][T10761] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 386.062803][T10778] loop2: detected capacity change from 0 to 128 [ 386.289495][T10778] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 386.422021][ T10] logitech-hidpp-device 0003:046D:C086.0014: unknown main item tag 0x0 [ 386.422062][ T10] logitech-hidpp-device 0003:046D:C086.0014: unknown main item tag 0x0 [ 386.422099][ T10] logitech-hidpp-device 0003:046D:C086.0014: unknown main item tag 0x0 [ 386.422125][ T10] logitech-hidpp-device 0003:046D:C086.0014: unknown main item tag 0x0 [ 386.422153][ T10] logitech-hidpp-device 0003:046D:C086.0014: unknown main item tag 0x0 [ 386.422178][ T10] logitech-hidpp-device 0003:046D:C086.0014: unknown main item tag 0x0 [ 386.422204][ T10] logitech-hidpp-device 0003:046D:C086.0014: unknown main item tag 0x0 [ 386.422231][ T10] logitech-hidpp-device 0003:046D:C086.0014: unknown main item tag 0x0 [ 386.422257][ T10] logitech-hidpp-device 0003:046D:C086.0014: unknown main item tag 0x0 [ 386.422303][ T10] logitech-hidpp-device 0003:046D:C086.0014: unknown main item tag 0x0 [ 386.514473][ T10] logitech-hidpp-device 0003:046D:C086.0014: hidraw0: USB HID v0.05 Device [HID 046d:c086] on usb-dummy_hcd.4-1/input0 [ 386.633898][T10790] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2002'. [ 386.694995][ T823] usb 5-1: USB disconnect, device number 10 [ 386.971996][T10785] bridge0: port 2(bridge_slave_1) entered disabled state [ 387.336333][T10803] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2009'. [ 387.351940][ T5610] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 387.996320][T10814] netlink: 136 bytes leftover after parsing attributes in process `syz.0.2012'. [ 388.130346][T10819] netlink: 'syz.3.2015': attribute type 1 has an invalid length. [ 388.130373][T10819] netlink: 'syz.3.2015': attribute type 7 has an invalid length. [ 388.130386][T10819] netlink: 'syz.3.2015': attribute type 8 has an invalid length. [ 388.130400][T10819] netlink: 208 bytes leftover after parsing attributes in process `syz.3.2015'. [ 388.130417][T10819] NCSI netlink: No device for ifindex 48 [ 388.761639][T10832] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2021'. [ 389.112354][T10839] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2025'. [ 389.484520][ T5725] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 389.596108][T10852] loop0: detected capacity change from 0 to 64 [ 389.684753][ T5725] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 389.684789][ T5725] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 389.684810][ T5725] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 389.684876][ T5725] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 389.684905][ T5725] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 389.687423][ T5725] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 389.687455][ T5725] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 389.687477][ T5725] usb 2-1: Product: syz [ 389.687492][ T5725] usb 2-1: Manufacturer: syz [ 389.749397][ T5725] cdc_wdm 2-1:1.0: skipping garbage [ 389.749419][ T5725] cdc_wdm 2-1:1.0: skipping garbage [ 390.065211][T10860] program syz.4.2034 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 390.222809][ T5725] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 390.222847][ T5725] cdc_wdm 2-1:1.0: Unknown control protocol [ 391.360390][T10880] loop3: detected capacity change from 0 to 64 [ 392.309456][ T5738] usb 2-1: USB disconnect, device number 16 [ 392.476728][ T5342] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 392.653254][ T5342] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 392.653290][ T5342] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 392.670976][ T5342] usb 5-1: config 0 descriptor?? [ 392.698779][ T5342] cp210x 5-1:0.0: cp210x converter detected [ 392.927981][T10898] loop2: detected capacity change from 0 to 128 [ 393.044119][ T5738] kernel read not supported for file /dsp1 (pid: 5738 comm: kworker/0:5) [ 393.357239][T10898] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 393.357280][T10898] hpfs: filesystem error: improperly stopped [ 393.357296][T10898] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 393.357312][T10898] hpfs: You really don't want any checks? You are crazy... [ 393.357325][T10898] hpfs: Code page index out of array [ 393.357333][T10898] hpfs: code page support is disabled [ 393.422438][T10898] hpfs: hpfs_map_4sectors(): unaligned read [ 393.436823][T10898] hpfs: hpfs_map_4sectors(): unaligned read [ 393.436842][T10898] hpfs: filesystem error: unable to find root dir [ 393.968178][ T5342] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 394.003834][T10900] loop3: detected capacity change from 0 to 131072 [ 394.020645][T10898] hpfs: hpfs_map_4sectors(): unaligned read [ 394.072107][T10900] F2FS-fs (loop3): Test dummy encryption mode enabled [ 394.095685][T10900] F2FS-fs (loop3): invalid crc value [ 394.322350][T10900] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 394.350395][ T5342] usb 5-1: cp210x converter now attached to ttyUSB0 [ 394.392970][T10900] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 394.435333][ T5342] usb 5-1: USB disconnect, device number 11 [ 394.555590][T10898] hpfs: hpfs_map_sector(): read error [ 394.602914][ T5342] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 395.198563][ T5342] cp210x 5-1:0.0: device disconnected [ 395.540862][T10919] loop4: detected capacity change from 0 to 1024 [ 396.154074][T10928] loop0: detected capacity change from 0 to 1024 [ 396.290563][T10932] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2066'. [ 396.864182][T10938] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2070'. [ 396.872701][T10940] loop4: detected capacity change from 0 to 256 [ 396.873102][T10938] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2070'. [ 396.932930][T10938] bridge0: port 1(bridge_slave_0) entered disabled state [ 397.063974][T10938] bridge0: entered allmulticast mode [ 397.188593][T10946] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2072'. [ 397.188620][T10946] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2072'. [ 397.234509][ T5342] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 397.249260][T10947] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2072'. [ 397.249284][T10947] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2072'. [ 397.362607][T10938] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2070'. [ 397.426336][ T5342] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 397.426373][ T5342] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.441235][ T5342] usb 3-1: config 0 descriptor?? [ 397.479357][ T5342] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 398.437100][ T5342] usb 3-1: USB disconnect, device number 21 [ 398.473725][T10964] program syz.1.2079 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 399.305517][T10974] loop4: detected capacity change from 0 to 32768 [ 399.350535][T10974] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2083 (10974) [ 399.394537][T10974] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 399.394577][T10974] BTRFS info (device loop4): using sha256 checksum algorithm [ 399.394665][T10974] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 399.763405][T10974] BTRFS info (device loop4): rebuilding free space tree [ 400.279543][T10974] BTRFS info (device loop4): disabling free space tree [ 400.279640][T10974] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 400.279669][T10974] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 400.340394][T10974] BTRFS info (device loop4): enabling ssd optimizations [ 400.340424][T10974] BTRFS info (device loop4): enabling disk space caching [ 400.340442][T10974] BTRFS info (device loop4): force clearing of disk cache [ 400.340459][T10974] BTRFS info (device loop4): enabling auto defrag [ 400.340476][T10974] BTRFS info (device loop4): max_inline set to 0 [ 400.646386][ T5611] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 400.848489][T11014] loop2: detected capacity change from 0 to 64 [ 400.911340][T11016] pimreg: tun_chr_ioctl cmd 1074025677 [ 400.911482][T11016] pimreg: linktype set to 773 [ 400.959055][T11014] MINIX-fs: mounting file system with errors, running fsck is recommended [ 401.144156][T11019] MINIX-fs warning: remounting fs with errors, running fsck is recommended [ 402.791621][T11055] hsr0: entered promiscuous mode [ 402.852657][T11054] hsr0: left promiscuous mode [ 403.515771][T11069] faux_driver vgem: [drm] Unknown color mode 7; guessing buffer size. [ 403.876142][T11077] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2122'. [ 404.285116][ T5342] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 404.445155][ T5738] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 404.494344][ T5342] usb 1-1: Using ep0 maxpacket: 32 [ 404.496542][ T5342] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 404.496574][ T5342] usb 1-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 404.496599][ T5342] usb 1-1: config 0 interface 0 has no altsetting 0 [ 404.498937][ T5342] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 404.498968][ T5342] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 404.498990][ T5342] usb 1-1: Product: syz [ 404.499005][ T5342] usb 1-1: Manufacturer: syz [ 404.499020][ T5342] usb 1-1: SerialNumber: syz [ 404.507958][ T5342] usb 1-1: config 0 descriptor?? [ 404.565679][T11070] loop4: detected capacity change from 0 to 32768 [ 404.649208][ T5738] usb 3-1: Using ep0 maxpacket: 16 [ 404.660692][ T5738] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 404.660752][ T5738] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 404.669018][ T5738] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 404.669059][ T5738] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 404.669081][ T5738] usb 3-1: Product: syz [ 404.669096][ T5738] usb 3-1: Manufacturer: syz [ 404.669110][ T5738] usb 3-1: SerialNumber: syz [ 404.740924][ T5738] usb 3-1: config 0 descriptor?? [ 404.753374][ T5738] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 404.753411][ T5738] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 405.019464][ T5342] gs_usb 1-1:0.0: Configuring for 40 interfaces [ 405.380292][ T5738] em28xx 3-1:0.0: chip ID is em2874 [ 405.429100][T11096] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2130'. [ 405.479426][ T5342] gs_usb 1-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 405.481524][ T5342] gs_usb 1-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO) [ 405.482017][ T5342] gs_usb 1-1:0.0: probe with driver gs_usb failed with error -71 [ 405.596267][ T5738] usb 3-1: USB disconnect, device number 22 [ 405.654091][ T5738] em28xx 3-1:0.0: Disconnecting em28xx [ 405.691627][ T5342] usb 1-1: USB disconnect, device number 15 [ 405.776700][ T5738] em28xx 3-1:0.0: Freeing device [ 406.396274][T11110] loop3: detected capacity change from 0 to 1024 [ 406.478850][T11110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 406.656355][ T5612] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 407.695469][T11108] loop0: detected capacity change from 0 to 32768 [ 407.771457][T11108] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 408.082344][T11108] XFS (loop0): Ending clean mount [ 408.576533][ T32] kernel read not supported for file /binder/stats (pid: 32 comm: kworker/1:0) [ 408.732363][T11175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2162'. [ 408.903140][ T5605] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 408.963130][T11182] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2163'. [ 408.963161][T11182] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2163'. [ 409.144436][ T5738] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 409.295545][ T5738] usb 4-1: Using ep0 maxpacket: 32 [ 409.315360][ T5738] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 409.315392][ T5738] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.356577][T11190] loop2: detected capacity change from 0 to 256 [ 409.592019][ T5738] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 409.607148][T11190] FAT-fs (loop2): unable to read block(103987194760) for building NFS inode [ 409.838063][ T32] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 409.979858][ T5738] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 409.981517][ T5738] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 409.981582][ T5738] usb 4-1: media controller created [ 410.083688][ T32] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 410.083721][ T32] usb 5-1: config 0 has no interface number 0 [ 410.083772][ T32] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 410.083799][ T32] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 410.083841][ T32] usb 5-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00 [ 410.083866][ T32] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.143867][ T32] usb 5-1: config 0 descriptor?? [ 410.249016][ T5738] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 410.651725][ T32] hid_parser_main: 29 callbacks suppressed [ 410.651762][ T32] prodikeys 0003:041E:2801.0015: unknown main item tag 0x0 [ 410.651793][ T32] prodikeys 0003:041E:2801.0015: item fetching failed at offset 5/7 [ 410.652645][ T32] prodikeys 0003:041E:2801.0015: hid parse failed [ 410.685411][ T32] prodikeys 0003:041E:2801.0015: probe with driver prodikeys failed with error -22 [ 410.714647][ T5738] az6027: usb out operation failed. (-71) [ 410.715148][ T5738] az6027: usb out operation failed. (-71) [ 410.715162][ T5738] stb0899_attach: Driver disabled by Kconfig [ 410.715173][ T5738] az6027: no front-end attached [ 410.715173][ T5738] [ 410.715641][ T5738] az6027: usb out operation failed. (-71) [ 410.715656][ T5738] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 410.857868][ T10] usb 5-1: USB disconnect, device number 12 [ 411.035557][ T5738] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input16 [ 411.169805][ T5738] dvb-usb: schedule remote query interval to 400 msecs. [ 411.169833][ T5738] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 411.182020][ T5738] usb 4-1: USB disconnect, device number 18 [ 411.682011][T11221] program syz.1.2181 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 411.741685][ T5738] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 412.067677][T11232] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2185'. [ 412.470622][T11243] loop0: detected capacity change from 0 to 4096 [ 412.823978][T11243] ntfs3(loop0): Failed to initialize $Secure (-22). [ 412.988909][T11239] pim6reg9: entered allmulticast mode [ 413.098152][T11258] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2197'. [ 413.339434][T11263] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 413.339469][T11263] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 413.830930][T11275] loop0: detected capacity change from 0 to 1024 [ 413.840230][T11275] hfsplus: Unknown parameter 'nodrrier' [ 414.832412][T11285] loop9: detected capacity change from 0 to 524287936 [ 416.400827][T11305] loop0: detected capacity change from 0 to 2048 [ 416.678140][ T5608] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 416.797394][ T5608] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 416.838639][T11305] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d [ 416.865261][ T5608] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 416.871448][T11305] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 416.876945][ T5608] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 416.877793][ T5608] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 417.357803][ T42] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 417.741741][T11300] loop4: detected capacity change from 0 to 32768 [ 417.830729][T11300] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 418.032998][T11300] XFS (loop4): Ending clean mount [ 418.503262][T11333] netlink: 844 bytes leftover after parsing attributes in process `syz.0.2222'. [ 419.002107][ T5611] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 419.047934][ T5608] Bluetooth: hci4: command tx timeout [ 420.707065][T11362] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 420.707540][T11362] block nbd0: NBD_DISCONNECT [ 420.707567][T11362] block nbd0: Send disconnect failed -32 [ 420.897708][ T42] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 421.024776][ T823] usb 5-1: new full-speed USB device number 13 using dummy_hcd [ 421.129602][ T5608] Bluetooth: hci4: command tx timeout [ 421.234173][ T823] usb 5-1: New USB device found, idVendor=0403, idProduct=bca4, bcdDevice=d7.23 [ 421.234336][ T823] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 421.234361][ T823] usb 5-1: Product: syz [ 421.234376][ T823] usb 5-1: Manufacturer: syz [ 421.234391][ T823] usb 5-1: SerialNumber: syz [ 421.255978][ T823] usb 5-1: config 0 descriptor?? [ 421.504138][ T10] usb 5-1: USB disconnect, device number 13 [ 422.068261][T11369] loop0: detected capacity change from 0 to 32768 [ 422.147126][T11369] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2247 (11369) [ 422.267818][ T42] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 422.322442][T11369] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 422.322479][T11369] BTRFS info (device loop0): using crc32c checksum algorithm [ 422.535549][ T10] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 422.720426][T11404] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2244'. [ 422.738602][ T10] usb 5-1: unable to get BOS descriptor or descriptor too short [ 422.740258][ T10] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 422.740286][ T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 422.777069][ T10] usb 5-1: string descriptor 0 read error: -22 [ 422.777232][ T10] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 1.40 [ 422.777259][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.206246][ T5608] Bluetooth: hci4: command tx timeout [ 423.541487][T11369] BTRFS info (device loop0): setting nodatasum [ 423.541520][T11369] BTRFS info (device loop0): enabling ssd optimizations [ 423.541541][T11369] BTRFS info (device loop0): disabling tree log [ 423.541560][T11369] BTRFS info (device loop0): turning on async discard [ 423.541578][T11369] BTRFS info (device loop0): enabling free space tree [ 423.541596][T11369] BTRFS info (device loop0): enabling auto defrag [ 423.687215][ T10] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 423.785464][ T10] usb 5-1: USB disconnect, device number 14 [ 424.042734][ T42] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 424.073526][ T5605] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 424.202692][T11418] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 424.638425][T11426] netlink: 204 bytes leftover after parsing attributes in process `syz.1.2255'. [ 425.284694][ T5608] Bluetooth: hci4: command tx timeout [ 426.842491][T11468] loop0: detected capacity change from 0 to 16 [ 426.866830][T11468] erofs (device loop0): invalid ishare xattr prefix id 0 [ 427.122899][T11479] loop4: detected capacity change from 0 to 256 [ 427.138641][T11479] exfat: Deprecated parameter 'namecase' [ 427.138718][T11479] exfat: Deprecated parameter 'namecase' [ 427.138768][T11479] exfat: Deprecated parameter 'namecase' [ 427.247330][T11479] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001fe89, chksum : 0x5174a95f, utbl_chksum : 0xe619d30d) [ 427.472211][ T5738] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 427.656172][T11488] loop4: detected capacity change from 0 to 764 [ 427.678566][ T5738] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 427.678599][ T5738] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 427.678624][ T5738] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 427.681186][ T5738] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 427.681211][ T5738] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 427.681230][ T5738] usb 1-1: Product: syz [ 427.681245][ T5738] usb 1-1: Manufacturer: syz [ 427.681259][ T5738] usb 1-1: SerialNumber: syz [ 427.709159][ T5738] usb 1-1: config 0 descriptor?? [ 427.710289][T11482] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 427.710470][T11482] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 427.719620][ T5738] usb 1-1: ucan: probing device on interface #0 [ 427.976319][T11488] rock: directory entry would overflow storage [ 427.976328][T11488] rock: sig=0x4654, size=5, remaining=4 [ 428.388244][ T5738] ucan 1-1:0.0: probe with driver ucan failed with error -22 [ 428.600282][ T5738] usb 1-1: USB disconnect, device number 16 [ 429.098079][T11306] bridge0: port 1(bridge_slave_0) entered blocking state [ 429.098713][T11306] bridge0: port 1(bridge_slave_0) entered disabled state [ 429.099099][T11306] bridge_slave_0: entered allmulticast mode [ 429.103908][T11306] bridge_slave_0: entered promiscuous mode [ 429.162875][T11306] bridge0: port 2(bridge_slave_1) entered blocking state [ 429.163363][T11306] bridge0: port 2(bridge_slave_1) entered disabled state [ 429.163683][T11306] bridge_slave_1: entered allmulticast mode [ 429.188987][T11306] bridge_slave_1: entered promiscuous mode [ 430.003206][ T42] bridge_slave_1: left promiscuous mode [ 430.066758][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.212566][ T42] bridge_slave_0: left allmulticast mode [ 430.212607][ T42] bridge_slave_0: left promiscuous mode [ 430.212958][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 430.716722][T11516] loop2: detected capacity change from 0 to 32768 [ 431.622796][T11536] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2299'. [ 431.809463][T11540] loop4: detected capacity change from 0 to 512 [ 432.008816][T11540] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 432.224724][ T5611] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 433.574479][ T10] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 433.724912][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 433.726703][ T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 433.726743][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 433.726759][ T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 433.726774][ T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 433.726801][ T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 433.726815][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.741337][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 433.905374][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 433.965065][ T42] bond0 (unregistering): (slave bond1): Releasing backup interface [ 433.985893][ T10] usb 5-1: GET_CAPABILITIES returned 0 [ 433.985926][ T10] usbtmc 5-1:16.0: can't read capabilities [ 434.011336][ T42] bond0 (unregistering): Released all slaves [ 434.055752][ T42] bond1 (unregistering): Released all slaves [ 434.206575][ T10] usb 5-1: USB disconnect, device number 15 [ 434.587355][T11306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 434.677558][T11306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 435.088204][T11306] team0: Port device team_slave_0 added [ 435.157938][T11306] team0: Port device team_slave_1 added [ 435.519358][T11306] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 435.519377][T11306] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 435.519407][T11306] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 435.524112][T11306] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 435.524128][T11306] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 435.524158][T11306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 436.367380][ T38] audit: type=1326 audit(53350259.134:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11588 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d08e1cdd9 code=0x7ffc0000 [ 436.401081][ T38] audit: type=1326 audit(53350259.174:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11588 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d08e1cdd9 code=0x7ffc0000 [ 436.437714][ T38] audit: type=1326 audit(53350259.214:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11588 comm="syz.4.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1d08e1cdd9 code=0x7ffc0000 [ 436.466462][ T38] audit: type=1326 audit(53350259.214:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11588 comm="syz.4.2318" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d08e1cdd9 code=0x0 [ 436.542457][T11306] hsr_slave_0: entered promiscuous mode [ 436.565133][T11306] hsr_slave_1: entered promiscuous mode [ 436.580696][T11306] debugfs: 'hsr0' already exists in 'hsr' [ 436.580725][T11306] Cannot create hsr debugfs directory [ 437.210038][T11591] loop0: detected capacity change from 0 to 2048 [ 437.423356][T11587] block nbd1: shutting down sockets [ 437.433245][T11591] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 438.157165][ T32] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 438.318182][ T32] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 438.318218][ T32] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 438.318241][ T32] usb 3-1: Product: syz [ 438.318256][ T32] usb 3-1: Manufacturer: syz [ 438.318272][ T32] usb 3-1: SerialNumber: syz [ 438.379597][T11615] loop0: detected capacity change from 0 to 2048 [ 438.517845][T11615] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 438.568979][T11615] EXT4-fs (loop0): shut down requested (2) [ 438.850760][ T32] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE [ 438.850831][ T32] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE [ 438.996783][ T5605] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 439.091348][ T32] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -EPROTO [ 439.091411][ T32] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 439.216285][T11631] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2330'. [ 439.217345][ T32] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 439.247125][ T32] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71 [ 439.269012][T11632] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2330'. [ 439.284564][ T32] usb 3-1: USB disconnect, device number 23 [ 440.262564][ T1336] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.262687][ T1336] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.389291][ T5271] 8021q: adding VLAN 0 to HW filter on device eth1 [ 440.441817][ T38] audit: type=1326 audit(53350263.214:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.1.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 440.443698][ T38] audit: type=1326 audit(53350263.214:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.1.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 440.444108][ T38] audit: type=1326 audit(53350263.214:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.1.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 440.475881][ T38] audit: type=1326 audit(53350263.244:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.1.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 440.475938][ T38] audit: type=1326 audit(53350263.244:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.1.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 440.475985][ T38] audit: type=1326 audit(53350263.244:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11658 comm="syz.1.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f9a6c0ecdd9 code=0x7ffc0000 [ 441.114797][ T823] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 441.115075][T11669] loop2: detected capacity change from 0 to 512 [ 441.117410][T11669] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 441.238313][T11669] EXT4-fs (loop2): 1 truncate cleaned up [ 441.241990][T11669] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 441.300622][ T823] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 441.300667][ T823] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 441.300690][ T823] usb 1-1: Product: syz [ 441.300706][ T823] usb 1-1: Manufacturer: syz [ 441.300721][ T823] usb 1-1: SerialNumber: syz [ 441.632693][ T5610] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.737048][T11683] netlink: 220 bytes leftover after parsing attributes in process `syz.1.2350'. [ 441.737105][T11683] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2350'. [ 442.561846][ T823] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE [ 442.561920][ T823] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE [ 442.821097][ T823] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -EPROTO [ 442.821186][ T823] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 442.822168][ T823] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 442.960585][ T823] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71 [ 442.999326][ T823] usb 1-1: USB disconnect, device number 17 [ 443.723083][T11713] loop0: detected capacity change from 0 to 256 [ 444.816601][ T10] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 444.864625][ T5271] 8021q: adding VLAN 0 to HW filter on device eth2 [ 445.069524][ T10] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 445.069558][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 445.069578][ T10] usb 2-1: Product: syz [ 445.069592][ T10] usb 2-1: Manufacturer: syz [ 445.069606][ T10] usb 2-1: SerialNumber: syz [ 445.564812][T11747] serio: Serial port ptm0 [ 445.631778][ T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE [ 445.631843][ T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE [ 445.884407][ T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -EPROTO [ 445.884468][ T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 445.885328][ T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 445.941464][ T10] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71 [ 446.201058][ T10] usb 2-1: USB disconnect, device number 17 [ 446.332226][T11756] loop4: detected capacity change from 0 to 1024 [ 446.615951][ T42] hsr_slave_0: left promiscuous mode [ 446.794819][ T42] hsr_slave_1: left promiscuous mode [ 446.823987][ T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 446.924403][ T42] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 447.169327][ T42] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 447.169358][ T42] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 447.215822][ T42] batman_adv: batadv0: Interface deactivated: dummy0 [ 447.215853][ T42] batman_adv: batadv0: Removing interface: dummy0 [ 447.830591][ T42] veth1_vlan: left promiscuous mode [ 447.832760][ T42] veth0_vlan: left promiscuous mode [ 448.728292][T11798] loop2: detected capacity change from 0 to 1024 [ 449.587237][ T32] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 449.756102][ T32] usb 1-1: Using ep0 maxpacket: 16 [ 449.758102][ T32] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 449.758158][ T32] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 449.758177][ T32] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 449.758191][ T32] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 449.758206][ T32] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 449.759486][ T32] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 449.759517][ T32] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 449.759539][ T32] usb 1-1: Manufacturer: syz [ 449.849632][ T32] usb 1-1: config 0 descriptor?? [ 449.993941][T11810] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2396'. [ 450.055390][ T42] team0 (unregistering): Port device team_slave_1 removed [ 450.155153][ T42] team0 (unregistering): Port device team_slave_0 removed [ 450.174449][ T32] rc_core: IR keymap rc-hauppauge not found [ 450.174475][ T32] Registered IR keymap rc-empty [ 450.174648][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.194526][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.251523][ T32] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 450.276786][ T32] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input17 [ 450.293600][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.314597][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.344547][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.355453][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.384620][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.404700][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.424772][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.445347][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.475537][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.508193][ T32] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 450.538514][ T32] mceusb 1-1:0.0: Registered with mce emulator interface version 1 [ 450.538542][ T32] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 450.582923][ T32] usb 1-1: USB disconnect, device number 18 [ 453.135169][T11860] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2409'. [ 453.275422][T11860] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2409'. [ 453.275789][T11860] bridge0: port 1(bridge_slave_0) entered disabled state [ 453.288665][T11860] bridge0: entered allmulticast mode [ 453.464811][T11860] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2409'. [ 455.924427][T11914] sg_write: process 1154 (syz.0.2430) changed security contexts after opening file descriptor, this is not allowed. [ 457.199642][ T42] IPVS: stop unused estimator thread 0... [ 457.537912][ T5608] block nbd1: Receive control failed (result -32) [ 457.551669][ T5608] block nbd1: Receive control failed (result -32) [ 457.611744][T11898] nbd1: detected capacity change from 0 to 128 [ 457.638151][T11306] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 457.691310][ T5777] [ 457.691324][ T5777] ====================================================== [ 457.691334][ T5777] WARNING: possible circular locking dependency detected [ 457.691346][ T5777] syzkaller #0 Tainted: G L [ 457.691359][ T5777] ------------------------------------------------------ [ 457.691367][ T5777] udevd/5777 is trying to acquire lock: [ 457.691379][ T5777] ffff888030ea7e60 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_queue_rq+0x37b/0x1100 [ 457.691441][ T5777] [ 457.691441][ T5777] but task is already holding lock: [ 457.691447][ T5777] ffff88806643e170 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc6/0x1100 [ 457.691506][ T5777] [ 457.691506][ T5777] which lock already depends on the new lock. [ 457.691506][ T5777] [ 457.691514][ T5777] [ 457.691514][ T5777] the existing dependency chain (in reverse order) is: [ 457.691522][ T5777] [ 457.691522][ T5777] -> #6 (&cmd->lock){+.+.}-{4:4}: [ 457.691548][ T5777] mutex_lock_nested+0x5a/0x1d0 [ 457.691574][ T5777] nbd_queue_rq+0xc6/0x1100 [ 457.691598][ T5777] blk_mq_dispatch_rq_list+0xa77/0x1910 [ 457.691621][ T5777] __blk_mq_sched_dispatch_requests+0xddb/0x1610 [ 457.691646][ T5777] blk_mq_sched_dispatch_requests+0xda/0x1a0 [ 457.691671][ T5777] blk_mq_run_hw_queue+0x368/0x520 [ 457.691691][ T5777] blk_mq_dispatch_list+0xd1f/0xe20 [ 457.691713][ T5777] blk_mq_flush_plug_list+0x48d/0x570 [ 457.691736][ T5777] __blk_flush_plug+0x3ed/0x4d0 [ 457.691757][ T5777] __submit_bio+0x28d/0x580 [ 457.691779][ T5777] submit_bio_noacct_nocheck+0x2f4/0xa40 [ 457.691801][ T5777] block_read_full_folio+0x7b7/0x830 [ 457.691836][ T5777] filemap_read_folio+0x137/0x3b0 [ 457.691859][ T5777] do_read_cache_folio+0x2bf/0x560 [ 457.691884][ T5777] read_part_sector+0xb8/0x2b0 [ 457.691905][ T5777] adfspart_check_ICS+0xb1/0x960 [ 457.691928][ T5777] bdev_disk_changed+0x817/0x1770 [ 457.691947][ T5777] blkdev_get_whole+0x2e5/0x480 [ 457.691970][ T5777] bdev_open+0x31e/0xcc0 [ 457.691991][ T5777] blkdev_open+0x485/0x620 [ 457.692014][ T5777] do_dentry_open+0x83d/0x13e0 [ 457.692039][ T5777] vfs_open+0x3b/0x350 [ 457.692062][ T5777] path_openat+0x2e43/0x38a0 [ 457.692081][ T5777] do_file_open+0x23e/0x4a0 [ 457.692099][ T5777] do_sys_openat2+0x113/0x200 [ 457.692123][ T5777] __x64_sys_openat+0x138/0x170 [ 457.692150][ T5777] do_syscall_64+0x15f/0xf80 [ 457.692168][ T5777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.692189][ T5777] [ 457.692189][ T5777] -> #5 (set->srcu){.+.+}-{0:0}: [ 457.692217][ T5777] __synchronize_srcu+0xca/0x300 [ 457.692245][ T5777] elevator_switch+0x1e8/0x7a0 [ 457.692265][ T5777] elevator_change+0x2cc/0x450 [ 457.692286][ T5777] elevator_set_default+0x36c/0x430 [ 457.692307][ T5777] blk_register_queue+0x3e9/0x4e0 [ 457.692331][ T5777] __add_disk+0x677/0xd50 [ 457.692357][ T5777] add_disk_fwnode+0xfb/0x480 [ 457.692382][ T5777] nbd_dev_add+0x72c/0xb50 [ 457.692407][ T5777] nbd_init+0x168/0x1f0 [ 457.692432][ T5777] do_one_initcall+0x250/0x870 [ 457.692458][ T5777] do_initcall_level+0x104/0x190 [ 457.692484][ T5777] do_initcalls+0x59/0xa0 [ 457.692507][ T5777] kernel_init_freeable+0x2a6/0x3e0 [ 457.692532][ T5777] kernel_init+0x1d/0x1d0 [ 457.692573][ T5777] ret_from_fork+0x514/0xb70 [ 457.692597][ T5777] ret_from_fork_asm+0x1a/0x30 [ 457.692623][ T5777] [ 457.692623][ T5777] -> #4 (&q->elevator_lock){+.+.}-{4:4}: [ 457.692652][ T5777] mutex_lock_nested+0x5a/0x1d0 [ 457.692675][ T5777] elevator_change+0x1b3/0x450 [ 457.692696][ T5777] elevator_set_none+0xb5/0x140 [ 457.692717][ T5777] blk_mq_update_nr_hw_queues+0x607/0x1a80 [ 457.692744][ T5777] nbd_start_device+0x17f/0xb20 [ 457.692770][ T5777] nbd_genl_connect+0x1651/0x1c80 [ 457.692795][ T5777] genl_family_rcv_msg_doit+0x22a/0x330 [ 457.692827][ T5777] genl_rcv_msg+0x61c/0x7a0 [ 457.692847][ T5777] netlink_rcv_skb+0x232/0x4b0 [ 457.692874][ T5777] genl_rcv+0x28/0x40 [ 457.692892][ T5777] netlink_unicast+0x780/0x920 [ 457.692916][ T5777] netlink_sendmsg+0x813/0xb40 [ 457.692944][ T5777] sock_sendmsg_nosec+0x112/0x150 [ 457.692967][ T5777] ____sys_sendmsg+0x55c/0x870 [ 457.692985][ T5777] ___sys_sendmsg+0x2a5/0x360 [ 457.693001][ T5777] __x64_sys_sendmsg+0x1c3/0x2a0 [ 457.693019][ T5777] do_syscall_64+0x15f/0xf80 [ 457.693037][ T5777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.693056][ T5777] [ 457.693056][ T5777] -> #3 (&q->q_usage_counter(io)#50){++++}-{0:0}: [ 457.693090][ T5777] blk_alloc_queue+0x54e/0x690 [ 457.693108][ T5777] __blk_mq_alloc_disk+0x197/0x390 [ 457.693132][ T5777] nbd_dev_add+0x499/0xb50 [ 457.693156][ T5777] nbd_init+0x168/0x1f0 [ 457.693178][ T5777] do_one_initcall+0x250/0x870 [ 457.693202][ T5777] do_initcall_level+0x104/0x190 [ 457.693226][ T5777] do_initcalls+0x59/0xa0 [ 457.693249][ T5777] kernel_init_freeable+0x2a6/0x3e0 [ 457.693273][ T5777] kernel_init+0x1d/0x1d0 [ 457.693294][ T5777] ret_from_fork+0x514/0xb70 [ 457.693316][ T5777] ret_from_fork_asm+0x1a/0x30 [ 457.693342][ T5777] [ 457.693342][ T5777] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 457.693367][ T5777] fs_reclaim_acquire+0x71/0x100 [ 457.693387][ T5777] kmem_cache_alloc_node_noprof+0x4b/0x6e0 [ 457.693417][ T5777] __alloc_skb+0x1d0/0x7d0 [ 457.693443][ T5777] tcp_stream_alloc_skb+0x3f/0x5c0 [ 457.693464][ T5777] tcp_sendmsg_locked+0x134b/0x5370 [ 457.693485][ T5777] tcp_sendmsg+0x2f/0x50 [ 457.693505][ T5777] sock_sendmsg_nosec+0xf9/0x150 [ 457.693527][ T5777] sock_write_iter+0x308/0x410 [ 457.693547][ T5777] vfs_write+0x629/0xba0 [ 457.693564][ T5777] ksys_write+0x156/0x270 [ 457.693580][ T5777] do_syscall_64+0x15f/0xf80 [ 457.693598][ T5777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.693618][ T5777] [ 457.693618][ T5777] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 457.693646][ T5777] lock_sock_nested+0x41/0x130 [ 457.693668][ T5777] tcp_sendmsg+0x21/0x50 [ 457.693689][ T5777] sock_sendmsg_nosec+0xf9/0x150 [ 457.693712][ T5777] sock_sendmsg+0x1ca/0x2d0 [ 457.693734][ T5777] __sock_xmit+0x251/0x510 [ 457.693761][ T5777] nbd_disconnect+0x3b9/0x560 [ 457.693788][ T5777] nbd_ioctl+0xc80/0xe40 [ 457.693814][ T5777] blkdev_ioctl+0x5e6/0x750 [ 457.693848][ T5777] __se_sys_ioctl+0xff/0x170 [ 457.693869][ T5777] do_syscall_64+0x15f/0xf80 [ 457.693886][ T5777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.693905][ T5777] [ 457.693905][ T5777] -> #0 (&nsock->tx_lock){+.+.}-{4:4}: [ 457.693933][ T5777] __lock_acquire+0x15a5/0x2cf0 [ 457.693962][ T5777] lock_acquire+0x106/0x350 [ 457.693988][ T5777] mutex_lock_nested+0x5a/0x1d0 [ 457.694012][ T5777] nbd_queue_rq+0x37b/0x1100 [ 457.694038][ T5777] blk_mq_dispatch_rq_list+0xa77/0x1910 [ 457.694059][ T5777] __blk_mq_sched_dispatch_requests+0xddb/0x1610 [ 457.694085][ T5777] blk_mq_sched_dispatch_requests+0xda/0x1a0 [ 457.694108][ T5777] blk_mq_run_hw_queue+0x368/0x520 [ 457.694128][ T5777] blk_mq_dispatch_list+0xd1f/0xe20 [ 457.694151][ T5777] blk_mq_flush_plug_list+0x48d/0x570 [ 457.694172][ T5777] __blk_flush_plug+0x3ed/0x4d0 [ 457.694192][ T5777] __submit_bio+0x28d/0x580 [ 457.694212][ T5777] submit_bio_noacct_nocheck+0x2f4/0xa40 [ 457.694233][ T5777] block_read_full_folio+0x7b7/0x830 [ 457.694257][ T5777] filemap_read_folio+0x137/0x3b0 [ 457.694281][ T5777] do_read_cache_folio+0x2bf/0x560 [ 457.694305][ T5777] read_part_sector+0xb8/0x2b0 [ 457.694327][ T5777] adfspart_check_ICS+0xb1/0x960 [ 457.694349][ T5777] bdev_disk_changed+0x817/0x1770 [ 457.694370][ T5777] blkdev_get_whole+0x2e5/0x480 [ 457.694392][ T5777] bdev_open+0x31e/0xcc0 [ 457.694413][ T5777] blkdev_open+0x485/0x620 [ 457.694437][ T5777] do_dentry_open+0x83d/0x13e0 [ 457.694461][ T5777] vfs_open+0x3b/0x350 [ 457.694484][ T5777] path_openat+0x2e43/0x38a0 [ 457.694503][ T5777] do_file_open+0x23e/0x4a0 [ 457.694521][ T5777] do_sys_openat2+0x113/0x200 [ 457.694546][ T5777] __x64_sys_openat+0x138/0x170 [ 457.694572][ T5777] do_syscall_64+0x15f/0xf80 [ 457.694589][ T5777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.694608][ T5777] [ 457.694608][ T5777] other info that might help us debug this: [ 457.694608][ T5777] [ 457.694615][ T5777] Chain exists of: [ 457.694615][ T5777] &nsock->tx_lock --> set->srcu --> &cmd->lock [ 457.694615][ T5777] [ 457.694647][ T5777] Possible unsafe locking scenario: [ 457.694647][ T5777] [ 457.694654][ T5777] CPU0 CPU1 [ 457.694660][ T5777] ---- ---- [ 457.694666][ T5777] lock(&cmd->lock); [ 457.694680][ T5777] lock(set->srcu); [ 457.694694][ T5777] lock(&cmd->lock); [ 457.694709][ T5777] lock(&nsock->tx_lock); [ 457.694722][ T5777] [ 457.694722][ T5777] *** DEADLOCK *** [ 457.694722][ T5777] [ 457.694727][ T5777] 3 locks held by udevd/5777: [ 457.694739][ T5777] #0: ffff888026a904c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xcc0 [ 457.694792][ T5777] #1: ffff88802665f218 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x33e/0x520 [ 457.694851][ T5777] #2: ffff88806643e170 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc6/0x1100 [ 457.694905][ T5777] [ 457.694905][ T5777] stack backtrace: [ 457.694920][ T5777] CPU: 0 UID: 0 PID: 5777 Comm: udevd Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 457.694949][ T5777] Tainted: [L]=SOFTLOCKUP [ 457.694956][ T5777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 457.694968][ T5777] Call Trace: [ 457.694976][ T5777] [ 457.694984][ T5777] dump_stack_lvl+0xe8/0x150 [ 457.695010][ T5777] print_circular_bug+0x2e1/0x300 [ 457.695034][ T5777] check_noncircular+0x12e/0x150 [ 457.695060][ T5777] __lock_acquire+0x15a5/0x2cf0 [ 457.695100][ T5777] ? nbd_queue_rq+0x37b/0x1100 [ 457.695128][ T5777] lock_acquire+0x106/0x350 [ 457.695157][ T5777] ? nbd_queue_rq+0x37b/0x1100 [ 457.695188][ T5777] ? nbd_queue_rq+0x37b/0x1100 [ 457.695217][ T5777] ? nbd_queue_rq+0x37b/0x1100 [ 457.695244][ T5777] mutex_lock_nested+0x5a/0x1d0 [ 457.695267][ T5777] ? nbd_queue_rq+0x37b/0x1100 [ 457.695296][ T5777] nbd_queue_rq+0x37b/0x1100 [ 457.695330][ T5777] ? __pfx_nbd_queue_rq+0x10/0x10 [ 457.695358][ T5777] ? preempt_schedule_common+0x82/0xd0 [ 457.695388][ T5777] ? preempt_schedule_thunk+0x16/0x30 [ 457.695413][ T5777] blk_mq_dispatch_rq_list+0xa77/0x1910 [ 457.695444][ T5777] ? sbitmap_get+0x229/0x390 [ 457.695463][ T5777] ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10 [ 457.695510][ T5777] ? __blk_mq_alloc_driver_tag+0x2e7/0x6e0 [ 457.695538][ T5777] __blk_mq_sched_dispatch_requests+0xddb/0x1610 [ 457.695572][ T5777] ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10 [ 457.695600][ T5777] ? blk_mq_hw_queue_need_run+0x13c/0x690 [ 457.695627][ T5777] ? blk_mq_run_hw_queue+0x33e/0x520 [ 457.695650][ T5777] ? blk_mq_run_hw_queue+0x33e/0x520 [ 457.695673][ T5777] blk_mq_sched_dispatch_requests+0xda/0x1a0 [ 457.695700][ T5777] ? blk_mq_run_hw_queue+0x33e/0x520 [ 457.695721][ T5777] blk_mq_run_hw_queue+0x368/0x520 [ 457.695744][ T5777] blk_mq_dispatch_list+0xd1f/0xe20 [ 457.695768][ T5777] ? bdev_count_inflight+0x1cf/0x210 [ 457.695797][ T5777] ? blk_mq_dispatch_list+0x1d0/0xe20 [ 457.695831][ T5777] ? __pfx_blk_mq_dispatch_list+0x10/0x10 [ 457.695859][ T5777] ? rcu_is_watching+0x15/0xb0 [ 457.695880][ T5777] blk_mq_flush_plug_list+0x48d/0x570 [ 457.695905][ T5777] ? blk_add_rq_to_plug+0x300/0x450 [ 457.695929][ T5777] ? blk_mq_submit_bio+0x1b66/0x29d0 [ 457.695954][ T5777] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 457.695984][ T5777] __blk_flush_plug+0x3ed/0x4d0 [ 457.696013][ T5777] ? __pfx___blk_flush_plug+0x10/0x10 [ 457.696037][ T5777] ? blkg_get+0x20/0x1d0 [ 457.696063][ T5777] __submit_bio+0x28d/0x580 [ 457.696090][ T5777] ? __pfx___submit_bio+0x10/0x10 [ 457.696118][ T5777] ? bio_associate_blkg+0x6d/0x230 [ 457.696147][ T5777] submit_bio_noacct_nocheck+0x2f4/0xa40 [ 457.696172][ T5777] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 457.696202][ T5777] block_read_full_folio+0x7b7/0x830 [ 457.696230][ T5777] ? __pfx_blkdev_get_block+0x10/0x10 [ 457.696257][ T5777] filemap_read_folio+0x137/0x3b0 [ 457.696283][ T5777] ? __pfx_blkdev_read_folio+0x10/0x10 [ 457.696309][ T5777] ? __pfx_filemap_read_folio+0x10/0x10 [ 457.696336][ T5777] ? filemap_add_folio+0x3d9/0x610 [ 457.696360][ T5777] do_read_cache_folio+0x2bf/0x560 [ 457.696386][ T5777] ? __pfx_blkdev_read_folio+0x10/0x10 [ 457.696412][ T5777] read_part_sector+0xb8/0x2b0 [ 457.696437][ T5777] adfspart_check_ICS+0xb1/0x960 [ 457.696462][ T5777] ? seq_buf_printf+0x212/0x2d0 [ 457.696495][ T5777] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 457.696531][ T5777] ? __pfx_adfspart_check_ICS+0x10/0x10 [ 457.696559][ T5777] bdev_disk_changed+0x817/0x1770 [ 457.696592][ T5777] ? __pfx_bdev_disk_changed+0x10/0x10 [ 457.696619][ T5777] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 457.696653][ T5777] blkdev_get_whole+0x2e5/0x480 [ 457.696680][ T5777] bdev_open+0x31e/0xcc0 [ 457.696707][ T5777] blkdev_open+0x485/0x620 [ 457.696735][ T5777] ? __pfx_blkdev_open+0x10/0x10 [ 457.696762][ T5777] do_dentry_open+0x83d/0x13e0 [ 457.696795][ T5777] vfs_open+0x3b/0x350 [ 457.696828][ T5777] ? path_openat+0x2e2b/0x38a0 [ 457.696850][ T5777] path_openat+0x2e43/0x38a0 [ 457.696885][ T5777] ? __pfx_path_openat+0x10/0x10 [ 457.696908][ T5777] ? kasan_save_track+0x4f/0x80 [ 457.696938][ T5777] ? kasan_save_track+0x3e/0x80 [ 457.696967][ T5777] ? __kasan_slab_alloc+0x6c/0x80 [ 457.696985][ T5777] ? kmem_cache_alloc_noprof+0x33b/0x680 [ 457.697019][ T5777] ? do_raw_spin_lock+0x12b/0x2f0 [ 457.697050][ T5777] do_file_open+0x23e/0x4a0 [ 457.697070][ T5777] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 457.697103][ T5777] ? __pfx_do_file_open+0x10/0x10 [ 457.697120][ T5777] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 457.697155][ T5777] ? alloc_fd+0x64e/0x6c0 [ 457.697186][ T5777] do_sys_openat2+0x113/0x200 [ 457.697213][ T5777] ? __pfx___x64_sys_recvmsg+0x10/0x10 [ 457.697236][ T5777] ? __pfx_do_sys_openat2+0x10/0x10 [ 457.697266][ T5777] ? rcu_is_watching+0x15/0xb0 [ 457.697289][ T5777] __x64_sys_openat+0x138/0x170 [ 457.697319][ T5777] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.697341][ T5777] do_syscall_64+0x15f/0xf80 [ 457.697362][ T5777] ? clear_bhb_loop+0x40/0x90 [ 457.697384][ T5777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.697405][ T5777] RIP: 0033:0x7f90b6040407 [ 457.697424][ T5777] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 457.697444][ T5777] RSP: 002b:00007fff56a9eb90 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 457.697467][ T5777] RAX: ffffffffffffffda RBX: 00007f90b5f52880 RCX: 00007f90b6040407 [ 457.697482][ T5777] RDX: 00000000000a0800 RSI: 0000557afa35e4a0 RDI: ffffffffffffff9c [ 457.697498][ T5777] RBP: 0000557afa351910 R08: 0000000000000000 R09: 0000000000000000 [ 457.697512][ T5777] R10: 0000000000000000 R11: 0000000000000202 R12: 0000557afa3786d0 [ 457.697526][ T5777] R13: 0000557afa35f190 R14: 0000000000000000 R15: 0000557afa3786d0 [ 457.697548][ T5777] [ 457.730274][ T5777] block nbd1: Dead connection, failed to find a fallback [ 457.730302][ T5777] block nbd1: shutting down sockets [ 457.730317][ T5777] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 457.730346][ T5777] Buffer I/O error on dev nbd1, logical block 0, async page read [ 457.730509][ T5777] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 457.730536][ T5777] Buffer I/O error on dev nbd1, logical block 0, async page read [ 457.730644][ T5777] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 457.730671][ T5777] Buffer I/O error on dev nbd1, logical block 0, async page read [ 457.730777][ T5777] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 457.730979][ T5777] Buffer I/O error on dev nbd1, logical block 0, async page read [ 457.731114][ T5777] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 457.731142][ T5777] Buffer I/O error on dev nbd1, logical block 0, async page read [ 457.731267][ T5777] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 457.731294][ T5777] Buffer I/O error on dev nbd1, logical block 0, async page read [ 457.731475][ T5777] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 457.731498][ T5777] Buffer I/O error on dev nbd1, logical block 0, async page read [ 457.731594][ T5777] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 457.731617][ T5777] Buffer I/O error on dev nbd1, logical block 0, async page read [ 457.731674][ T5777] ldm_validate_partition_table(): Disk read failed. [ 457.731721][ T5777] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 457.731744][ T5777] Buffer I/O error on dev nbd1, logical block 0, async page read [ 457.735223][ T5777] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 457.738771][ T5777] Buffer I/O error on dev nbd1, logical block 0, async page read [ 457.739097][ T5777] Dev nbd1: unable to read RDB block 0 [ 457.739532][ T5777] nbd1: unable to read partition table [ 457.766973][ T5777] ldm_validate_partition_table(): Disk read failed. [ 457.767301][ T5777] Dev nbd1: unable to read RDB block 0 [ 457.771089][ T5777] nbd1: unable to read partition table [ 457.771843][T11306] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 457.780669][T11306] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 457.820774][T11306] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 457.822191][T11306] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 457.849688][T11306] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 457.850966][T11306] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 457.888411][T11306] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 458.003831][T11306] 8021q: adding VLAN 0 to HW filter on device bond0 [ 458.029479][T11306] 8021q: adding VLAN 0 to HW filter on device team0 [ 458.040814][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 458.040943][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 458.051393][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 458.051613][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 458.510743][T11306] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 458.590855][T11306] veth0_vlan: entered promiscuous mode [ 458.602594][T11306] veth1_vlan: entered promiscuous mode [ 458.652800][T11306] veth0_macvtap: entered promiscuous mode [ 458.660493][T11306] veth1_macvtap: entered promiscuous mode [ 458.691385][T11306] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 458.705067][T11306] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 458.715745][ T42] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.715891][ T42] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.715924][ T42] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.715956][ T42] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 458.887486][T11306] ieee80211 phy14: Selected rate control algorithm 'minstrel_ht' [ 458.934885][ T3188] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 458.934906][ T3188] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 458.940971][T11306] ieee80211 phy15: Selected rate control algorithm 'minstrel_ht' [ 458.974927][ T3188] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 458.974948][ T3188] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50