last executing test programs: 1m53.639057781s ago: executing program 0 (id=5201): iopl(0x3) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 1m53.39245802s ago: executing program 0 (id=5204): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="44000000100039040000000007a4000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800020001010000080003"], 0x44}}, 0x0) 1m53.033346439s ago: executing program 0 (id=5208): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000011c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000640)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, @in={0x2, 0x4e23, @empty}}}, 0x90) 1m52.800177428s ago: executing program 0 (id=5212): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x481, &(0x7f0000000140)=ANY=[@ANYBLOB='decompose,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c747970653d69759d7b2c6e6f6465636f6d706f73652c706172743d3078303030303030303030303030303030352c6e6c733d63703835322c0003cbc07ba0a1136d4473bd2732cc9433380cd22dec53d0a6f1102a4eea5601100a9ad8b17df114bc4794e98d59b6e930d8b8f9647652dc225a077d8726a372a270"], 0x1, 0x6f8, &(0x7f0000002440)="$eJzs3U9sW3cdAPDvc2wn7lDm/ek2EFKjVVSwQpvEjBYJiYIQymFClbjsatp0jeJkVeKhtELUYwyOcEI97FCEwmEntAPSEAfEOCMhcUW9V+JeccDoPT87tpM49po/Xfl8pJf3e+/9/nx/37z3Yj+3cgD/t5bejFIrklg6/8ZWuv1gu9Z4sF1b65YjYjoiChHFziqS9Yjkk4gr0Vni8+nOvLtsfX+PcV5/+PEH5+59WOtsFfMlq1/oaz9Cu2+EYa18ibmImMrXEyru19+1Pfq7O1HXSS/uNGFnu4mDk9bepTVJ8zGuW+BJdzdiqrTH/mrEqYiYyV8HRH53KBxzeIduorscAAAAPJmmDqrw7KN4FFsxezzhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNMh6XxnYJIvhW55LpLu9/+X832pcvmE4x3tqwccf//GMQUCAAAAAAAAAEfio/yD+zOP4lFsxWy+O2kl2Wf+r2ZbL2Y/n4l3YjOWYyMuxFbUoxnN2IiFiNJsX4flrXqzubGwu+VvIm3Zbrfv5i0XI6K6q+XiccwaAAAAAAAAAJ5aP4ulmD3pIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoF8SMdVZZcuL3XI1CsWImImIclqvFfHnbvmz7C8nHQAAAAAcvUq+nk3+2ym0k+w9/0vZ+/6ZeCfWoxkr0YxGLMf17FlA511/4R+tWuPBdm0tXXZ3/J1/TxRH1mNETMW7+4w8n9U43WuxFN+PH8b5mIursREr8eOoRzOWYy4q6SSiHklUK52nF9VunHvHe2Vg6+pwbGeGtl/JIqnEjVjJYrsQ18rReWySzSEd85W+0f5Yjhga8d00O8m3c2Pm6Hrf7+vX+XOZXPvZMfs4GtVs5qVeRubT3OfZeG507ic8T4ZHWohC7xnUizujpJvDI3Vz/qNJcn4qX6e5/sVgzg/bhI/ShjOxGIX87It4aTDnt7507/nBxl/551+v3iysr968sXn+CKd0pErdwnAman2ZeHn02ZdnopFmojV+JkrDO2YeYx6HqJxnI7sVjXm3/F5Wqserfafg23E9luNSzMdCXI75+GYsRm3gDDs9kNdibW0wJ9m1Vth9f6uMCP7sl/sq/fKAyscrzctzfXntv9NVs2P5niu/ivm+LD0/+uyb+K9AOv4X8nI6xnu9vzhPgoFMZPfm9z7XPfbC6Ez8tp3+3Gysr27crN8ac7xz+Tq9bN8fvDf/7hCm8xjS8yW94xazrSwnle75kh57oRftYL7K+ScunXaFXcdO945VYzZW4gf7Xqnl/DXc7p46x17uP/avnTtnOX990z028Con3o5G9ipkyNzxZBWAsZ167VS58rDy98r9ys8rNytvzHx3+vL0F8tR+lvxT1N/KPy+8K3ktbgfP43Zk44UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeBpu376zWG43ljV4hZob3PG6hvO9YowtROLDO9jPjdRjViNFjJXmhfLhzv31ntRiH3OFRFyoxduXud3WN1/NHETGiTvmxg08mPscmLqSzPZQOS/2pa09N0Lw4OuHF2JzZ7zc4vXMVRHW13vhPe6BOJfoumT1M+F2FwBPtYnPt1sXN23e+trJWf2v5reX1xcuXLl+qfWPh6xdvrDSW5zs/TzpK4Chs3r4zddIxAAAAAAAAAAAAAJPJ//V/81P/Z4biAXXKG5t7j3zmuKcKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfEYtvRmlViSxMH9hPt1+sF1rpEu3vFOzGBGFiEh+EpF8EnElOktU+7pL9hvn9Ycff3Du3oe1nb6K3fqFUe3G08qXmIuIqXx9sOk9utnd37W+/lqfKrykN8M0YWe7iYOT9r8AAAD//4739gY=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 1m52.434562328s ago: executing program 0 (id=5218): r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000380)={0x1, @pix_mp={0x0, 0x0, 0x35315241}}) 1m51.855003456s ago: executing program 0 (id=5239): r0 = syz_open_dev$vim2m(&(0x7f0000000300), 0x101, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x11, 0x1, 0x0, "08000054c1078500000000000000000000000000000000000000000000000010", 0x31384142}) 1m51.431214325s ago: executing program 32 (id=5239): r0 = syz_open_dev$vim2m(&(0x7f0000000300), 0x101, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x11, 0x1, 0x0, "08000054c1078500000000000000000000000000000000000000000000000010", 0x31384142}) 2.460783557s ago: executing program 4 (id=6719): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_SUBMITURB(r0, 0x802c550a, &(0x7f0000000b00)=@urb_type_iso={0x0, {0x1, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, [{0x8, 0x8e4, 0x4}]}) 2.209894456s ago: executing program 1 (id=6723): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2c8, 0x110, 0xc8, 0x8, 0x110, 0x5803, 0x1f8, 0x2e8, 0x2e8, 0x1f8, 0x2e8, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @loopback, [], [], 'pim6reg0\x00', 'wg0\x00'}, 0x0, 0xa8, 0x110, 0x0, {0x0, 0x2000000000000}}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0xff, 0x0, "a59d2b2e42adcbb1fac71ce79636ae42b94dfe4d9ca00d4939b50298321b"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x328) 2.198374166s ago: executing program 4 (id=6724): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000003c0)={0x2, @vbi={0x6, 0x1, 0x3631564e, 0x34325241, [0x7, 0x9], [0x1, 0x200], 0x10a}}) 2.112512956s ago: executing program 5 (id=6726): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xb173, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x3c, 0x1, 0x3, "b49ef56105674907002fe4cd2b2e76b2f1cb18000f000000000800000800", 0x39555659}) 1.978093025s ago: executing program 1 (id=6727): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x0, 0x0, 0x42474752}}) 1.933081606s ago: executing program 4 (id=6728): r0 = socket$kcm(0xa, 0x2, 0x73) sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @multicast2}, 0x1b, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3e}}, @ip_tos_u8={{0x38, 0x29, 0x37}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}], 0x50}, 0xff00) 1.840983845s ago: executing program 5 (id=6731): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xc, 0x4, 0x4, 0x10000, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 1.729090735s ago: executing program 1 (id=6732): syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[], 0x1, 0x5b1, &(0x7f0000001000)="$eJzs3MFv29YZAPDHxK4NBwsGFGvSNEDZtIfsEFeSFwdGBywaTdtsJVEg5cI5DcXiZMHsblg2YMmly6VDgQ077bz1utOO+6d62T/ggRLlybIzuWkbZcDvB8TvUfzI9z2C4QcRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEKJks9FoRqGT9Xb34udLNou8e7y0EKbXj/f3rxPNCYsTf0MUQlT9C8vL4eroo6uv/zf2B9WfG+HKaOlKWK6a5fD00hvf/+D1hQvVhotRdCqLl+3xk6e//OTgYP83X2Obo6Ojz6rZfIdpvTTbaS8r86zb3k7jrMzjjfX1xvs7W2W8lXXS8l45SLtxUqTtQV7EN5O7IYSNtThdvZfv9rY32500vpn8MG5ubNy51Wo01uMPV/tpuyjz3vsfrpbJTtbpZL3tYUy1+lbr7XCnOhE/ygbxIG134/jBo4P9tVlJVkHN8wS1ZgW1Gq1Ws9lqNddvb9y+02gs12fr8QcLjSlhepOF+Z+0vHSv1SfKcGF8jXvtW7uIwws6Sv4y7xQAAACA71g0vMceDe/LXx32trJO2jgRcxTNLT0AAADgWzD8an+lvgEQwtUQnf7+DwAAAPx/+/u4c+YzdiGKQtlfisaPqvT33osO21WvfXhx9NHF6T0Otq5Fl+udDJv1hXopSa9Hb46C3hxHf1U3D57/rN8/Q5VHVBSL0bNvlkD4U7g2irl2f9TeH68ZzXZlK+ukq0ne+aAZ2u3LFwbp3uB3nz76fQhFcXTxi173chQePDrYX/35rw7uD3N5Vu3l2WH9C4lTP5Q4mctSmMjlt8fPPdYzvnvyyC8Ob8RUs/6i110ZjduYnP+F0eYXvsb8Pw9vjWLeWhm1Kyfnv1yN2Vw9Y/aTWTT7e+8t1YOdc+ZTWVwfxVy/OTyx3r1Zr1mcyKI1K4vW5PF/oWNxnMW7J7KYPBZrs7JY+4ZZAMzLg+kqdKr+n6q7L3CV+x/VvRqlKuEzq/svZo7yeXhnFPPOtYW6Il0MYeqK3ph1RW+cs66HcHYW/wg3/vbXEHbDjXHw82psNe6fT1TV6PDLaoMvT4/7h1FT/vvhzqWqs3T46/DG4ydPbz06/OTh/sP9T1uttfXGjxqN262wOJxG3ag9AJwhLb6KVgZ/jIoi6/+subHRbA920rjIk4/iItvcTuOsN0iLZKfd207jfpEP8iTvVJ2Ps820jMvdfj+vKklexP28zPaGb36J61e/lGm33RtkSdnvpO0yjZO8N2gng3gzK5O4v/vTTlbupEW8lRdx2U+TbCtL2oMs78Vlvlsk6Wocl2k6EZhtpkefhZBV3V7cL7Juu7gXf5x3drtpvJlW1bI/yKNQ7XA8VtbbyovucLer8z7YAPCKeBzqN9gdv8ru8U/Gq56cWnVmJyzPiJnzFAGAKdNVemneCQEAAAAAAAAAAAAAAKdMPq734/qVPud77O+V7dy9dNaqt+ef2GQnhLDwCqShc87O8quRxmL93/ZF9xOFEGYHf6+KmedVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADO9p8AAAD//0n5kWY=") mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x20c001, 0x0) 1.728842165s ago: executing program 4 (id=6733): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x1c, 0x16, 0x1, 0x0, 0x0, {0xa}, [@typed={0x8, 0x8, 0x0, 0x0, @uid=0xee01}]}, 0x1c}}, 0x0) 1.563184515s ago: executing program 2 (id=6735): r0 = syz_open_dev$video(&(0x7f0000000000), 0x8003, 0x1cb900) ioctl$VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000080)={0x5, 0x30324c4a, 0x3, @discrete={0xf80b, 0x6}}) 1.513184724s ago: executing program 5 (id=6736): r0 = socket(0x23, 0x5, 0x0) bind$llc(r0, &(0x7f0000000680)={0x1a, 0x302, 0x5, 0x6d, 0x85, 0x7, @remote}, 0x10) 1.498943784s ago: executing program 4 (id=6737): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x14, 0x40, 0x9, 0x70bd2c, 0x0, {0x1}}, 0x14}}, 0x0) 1.417982054s ago: executing program 3 (id=6738): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000003c0)={0x0, 0x0, 0x31d}) 1.273142194s ago: executing program 5 (id=6739): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000004980)=ANY=[@ANYBLOB="44010000100001000000000000000000ac1e0101000000000000000000000000ff020000000000000000000000000001000000002000"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8000000000000000000000000000bb000000006c000000ac14141c00000000000000000000000000000000000000000000000000000000000000000000000003000000f8ffffff00000000000000000000000000000000fdffffffffffff0f0000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00010600b79752ac86d07d380003"], 0x144}, 0x1, 0x0, 0x0, 0x4004050}, 0x8000) 1.272919974s ago: executing program 2 (id=6740): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00') read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2100) 1.272552844s ago: executing program 4 (id=6741): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f0000000240)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@inode64}, {@heartbeat_none}, {@inode64}]}, 0x0, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") setxattr$security_ima(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000540), &(0x7f0000000100)=ANY=[], 0xa6, 0x1) 1.272405234s ago: executing program 1 (id=6742): open(&(0x7f0000000180)='./bus\x00', 0x14957e, 0x0) mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000280)='./bus\x00', &(0x7f0000000000)='ocfs2\x00', 0x0, 0x0) 1.141526953s ago: executing program 3 (id=6743): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2002}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0xfe}]}}}]}, 0x3c}}, 0x0) 1.026974913s ago: executing program 5 (id=6744): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000009c0)=@raw={'raw\x00', 0x9, 0x3, 0x2d8, 0x120, 0xffffffff, 0xffffffff, 0x120, 0xffffffff, 0x258, 0xffffffff, 0xffffffff, 0x258, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xa}}, @inet=@rpfilter={{0x28}, {0xf}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x120}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x21}}, @private0, [0x0, 0x0, 0xffffff00, 0xffffff00], [0xff000000, 0xff, 0xffffff00], 'sit0\x00', 'wlan0\x00', {}, {0xff}, 0x3b, 0x6, 0x2, 0x69}, 0x0, 0xa8, 0xe8}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x40, 0x13, "76350d6e49acb10065f4fd49bd07b00ee6a0b772d6ae9bbdaa8656b50d42"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x338) 1.026790383s ago: executing program 2 (id=6745): r0 = socket(0x23, 0x5, 0x0) getsockopt$nfc_llcp(r0, 0x113, 0x0, 0x0, 0x20000024) 913.083423ms ago: executing program 1 (id=6746): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) 831.027013ms ago: executing program 1 (id=6747): prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x50000}]}) 800.133012ms ago: executing program 3 (id=6748): r0 = socket$inet6(0xa, 0x3, 0x88) recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}, 0x7c8}], 0x1, 0x10001, 0x0) 757.138102ms ago: executing program 5 (id=6749): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000140)={0x5, 0x4, 0x9fc9}) 722.161513ms ago: executing program 2 (id=6750): r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0) write$sysctl(r0, &(0x7f00000001c0)='2\x00', 0x3fffff) 588.649922ms ago: executing program 3 (id=6751): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_BULK(r0, 0xc0105502, &(0x7f00000000c0)={{{0xf, 0x1}}, 0x0, 0x7, 0x0}) 401.125311ms ago: executing program 3 (id=6752): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x2, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast, @private}}}}) 288.766831ms ago: executing program 2 (id=6753): r0 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ftruncate(r0, 0x59a23222) 238.490311ms ago: executing program 3 (id=6754): r0 = socket$l2tp6(0xa, 0x2, 0x73) connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x565c, @mcast2, 0x0, 0x1}, 0x20) 0s ago: executing program 2 (id=6755): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x40000) kernel console output (not intermixed with test programs): seconds [ 608.649311][T16522] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 608.720053][T16522] Remounting filesystem read-only [ 608.880799][T16547] loop2: detected capacity change from 0 to 64 [ 609.185170][T16560] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5054'. [ 609.267312][T16563] cgroup: Need name or subsystem set [ 609.287710][ T4256] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 610.139637][T16580] loop2: detected capacity change from 0 to 4096 [ 611.323398][ T4667] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 611.545639][ T4667] usb 4-1: Using ep0 maxpacket: 8 [ 611.553327][ T4667] usb 4-1: unable to get BOS descriptor or descriptor too short [ 611.572955][ T4667] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 611.597013][ T4667] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 611.639410][ T4667] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 611.668653][ T4667] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 611.694358][ T4667] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 611.733775][ T4667] usb 4-1: Product: syz [ 611.745307][ T4667] usb 4-1: SerialNumber: syz [ 611.881773][T16645] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5096'. [ 611.983214][T16647] xt_hashlimit: overflow, try lower: 35184372088832/511 [ 611.996767][ T4667] usb 4-1: 0:2 : does not exist [ 612.034460][T16649] vim2m vim2m.0: Fourcc format (0x42474752) invalid. [ 612.056305][ T4667] usb 4-1: USB disconnect, device number 89 [ 612.325359][T16658] QAT: failed to copy from user cfg_data. [ 612.564674][T16665] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0 [ 612.801176][T16673] netlink: 'syz.1.5109': attribute type 4 has an invalid length. [ 612.830780][T16673] netlink: 'syz.1.5109': attribute type 3 has an invalid length. [ 612.838895][T16673] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5109'. [ 613.564757][T16699] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5122'. [ 613.986167][T16682] loop3: detected capacity change from 0 to 32768 [ 614.014845][T16710] loop4: detected capacity change from 0 to 4096 [ 614.022191][T16682] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.5113 (16682) [ 614.106070][T16682] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 614.144363][T16682] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 614.153134][T16682] BTRFS info (device loop3): setting nodatasum [ 614.207513][T16682] BTRFS info (device loop3): force zlib compression, level 3 [ 614.218677][T16682] BTRFS info (device loop3): metadata ratio 1 [ 614.234449][T16682] BTRFS info (device loop3): enabling ssd optimizations [ 614.284707][T16721] loop2: detected capacity change from 0 to 64 [ 614.293751][T16682] BTRFS info (device loop3): allowing degraded mounts [ 614.312001][T16682] BTRFS info (device loop3): using free space tree [ 614.545472][T16734] No such timeout policy "syz1" [ 614.738524][T16750] netlink: 'syz.4.5138': attribute type 1 has an invalid length. [ 614.798097][T16751] netlink: 'syz.1.5139': attribute type 3 has an invalid length. [ 614.935136][ T4261] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 615.816738][T16787] loop2: detected capacity change from 0 to 512 [ 615.955237][T16787] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 616.072652][ T26] kauditd_printk_skb: 5 callbacks suppressed [ 616.072670][ T26] audit: type=1800 audit(14751650.265:225): pid=16787 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.5156" name="bus" dev="loop2" ino=17 res=0 errno=0 [ 616.281635][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 617.201629][T16839] loop0: detected capacity change from 0 to 512 [ 617.284825][T16839] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 617.374229][T16839] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 617.447615][T16839] EXT4-fs error (device loop0): ext4_acquire_dquot:6795: comm syz.0.5179: Failed to acquire dquot type 1 [ 617.529219][T16839] EXT4-fs (loop0): 1 truncate cleaned up [ 617.543102][T16839] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 617.596401][T16839] EXT4-fs (loop0): unmounting filesystem. [ 617.862086][T16819] loop2: detected capacity change from 0 to 40427 [ 617.907585][T16819] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff [ 617.932269][T16819] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x4 [ 617.978846][T16819] F2FS-fs (loop2): invalid crc value [ 618.033998][T16819] F2FS-fs (loop2): Found nat_bits in checkpoint [ 618.173694][ T4667] usb 5-1: new full-speed USB device number 90 using dummy_hcd [ 618.184338][T16819] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 618.228962][T16869] loop3: detected capacity change from 0 to 128 [ 618.244759][T16838] loop1: detected capacity change from 0 to 32768 [ 618.272825][T16838] jfs_strtoUCS: char2uni returned -22. [ 618.297835][T16838] charset = cp950, char = 0xd4 [ 618.377144][ T4258] syz-executor: attempt to access beyond end of device [ 618.377144][ T4258] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 618.394577][ T4667] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 618.408413][ T4667] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 618.429340][ T4667] usb 5-1: config 0 descriptor?? [ 618.471064][ T4261] sysv_free_block: flc_count > flc_size [ 618.489880][ T4261] sysv_free_block: flc_count > flc_size [ 618.506336][ T4261] sysv_free_block: flc_count > flc_size [ 618.533751][ T4261] sysv_free_block: flc_count > flc_size [ 618.544554][ T4261] sysv_free_block: flc_count > flc_size [ 618.558406][ T4261] sysv_free_block: flc_count > flc_size [ 618.564077][ T4261] sysv_free_block: flc_count > flc_size [ 618.590433][ T4261] sysv_free_block: flc_count > flc_size [ 618.601394][ T4261] sysv_free_block: flc_count > flc_size [ 618.614737][ T4261] sysv_free_block: flc_count > flc_size [ 618.646517][ T4261] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 618.910475][ T4667] [drm:udl_init] *ERROR* Selecting channel failed [ 618.969713][ T4667] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2 [ 619.017397][ T4667] [drm] Initialized udl on minor 2 [ 619.054201][ T4667] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 619.077578][ T4667] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 619.129437][ T4667] usb 5-1: USB disconnect, device number 90 [ 619.130519][T16884] loop3: detected capacity change from 0 to 2048 [ 619.198542][T16884] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 619.243089][T16884] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 619.561701][T16893] loop1: detected capacity change from 0 to 4096 [ 619.649198][T16893] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 619.851155][ T26] audit: type=1107 audit(14751653.792:226): pid=16904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='L<5' [ 619.910316][T16907] loop0: detected capacity change from 0 to 1024 [ 620.121956][ T4256] hfsplus: bad catalog entry type [ 620.361925][T16925] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5222'. [ 620.915424][T14634] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.085234][T14634] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.249308][T14634] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.478323][T14634] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.538009][T16950] tc_dump_action: action bad kind [ 621.619358][T16939] loop2: detected capacity change from 0 to 32768 [ 621.654289][T16939] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.5227 (16939) [ 621.720749][T16939] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 621.776143][T16939] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 621.818764][T16939] BTRFS info (device loop2): setting nodatasum [ 621.825015][T16939] BTRFS info (device loop2): force zlib compression, level 3 [ 621.907590][T16939] BTRFS info (device loop2): metadata ratio 1 [ 621.913794][T16939] BTRFS info (device loop2): enabling ssd optimizations [ 621.982062][T16939] BTRFS info (device loop2): allowing degraded mounts [ 622.024052][T16939] BTRFS info (device loop2): using free space tree [ 622.355041][T16971] loop1: detected capacity change from 0 to 2048 [ 622.435484][ T26] audit: type=1400 audit(14751656.215:227): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=16979 comm="syz.3.5244" [ 622.501919][ T4255] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 622.512564][ T4255] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 622.521938][ T4255] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 622.530076][T16991] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 622.538159][T16991] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 622.545482][T16991] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 622.558410][ T4262] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 622.566306][ T4262] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 622.576165][ T4262] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 622.585718][ T4262] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 622.593470][ T4262] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 622.604202][ T4262] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 622.641072][T16971] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 622.706096][T16971] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 622.848559][ T4258] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 622.998323][T16957] loop4: detected capacity change from 0 to 32768 [ 623.212897][T16957] XFS (loop4): Mounting V5 Filesystem [ 623.236022][ T4247] EXT4-fs (loop1): unmounting filesystem. [ 623.477004][T16957] XFS (loop4): Ending clean mount [ 623.530769][T16957] XFS (loop4): Quotacheck needed: Please wait. [ 623.672063][T17023] loop2: detected capacity change from 0 to 256 [ 623.718149][T16957] XFS (loop4): Quotacheck: Done. [ 623.998552][ T4252] XFS (loop4): Unmounting Filesystem [ 624.039223][T16981] chnl_net:caif_netlink_parms(): no params data found [ 624.400752][T17045] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=on. [ 624.470062][T17045] overlayfs: overlapping lowerdir path [ 624.471739][T17051] loop2: detected capacity change from 0 to 64 [ 624.769924][ T4262] Bluetooth: hci2: command 0x0409 tx timeout [ 624.993903][T17067] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5265'. [ 625.168682][T16981] bridge0: port 1(bridge_slave_0) entered blocking state [ 625.228240][T16981] bridge0: port 1(bridge_slave_0) entered disabled state [ 625.278511][T16981] device bridge_slave_0 entered promiscuous mode [ 625.389228][T16981] bridge0: port 2(bridge_slave_1) entered blocking state [ 625.397096][T16981] bridge0: port 2(bridge_slave_1) entered disabled state [ 625.446953][T17083] loop4: detected capacity change from 0 to 512 [ 625.457903][T16981] device bridge_slave_1 entered promiscuous mode [ 625.570660][T17083] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 625.617293][T17095] loop1: detected capacity change from 0 to 64 [ 625.754581][T17083] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 625.807950][T17083] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 625.888783][T17083] EXT4-fs error (device loop4): ext4_acquire_dquot:6795: comm syz.4.5272: Failed to acquire dquot type 0 [ 625.899328][T16981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 626.082341][T16981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 626.115693][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 626.269772][T14634] device hsr_slave_0 left promiscuous mode [ 626.315962][T14634] device hsr_slave_1 left promiscuous mode [ 626.352205][T14634] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 626.373930][T14634] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 626.422292][T14634] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 626.447722][T14634] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 626.455135][T17115] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5285'. [ 626.472700][T17115] netlink: get zone limit has 8 unknown bytes [ 626.504873][T14634] device bridge_slave_1 left promiscuous mode [ 626.514324][T14634] bridge0: port 2(bridge_slave_1) entered disabled state [ 626.553372][T14634] device bridge_slave_0 left promiscuous mode [ 626.567812][T14634] bridge0: port 1(bridge_slave_0) entered disabled state [ 626.682726][T17121] loop4: detected capacity change from 0 to 64 [ 626.722868][T14634] device veth1_macvtap left promiscuous mode [ 626.751822][T17112] loop1: detected capacity change from 0 to 8192 [ 626.754951][T14634] device veth1_vlan left promiscuous mode [ 626.787259][T14634] device veth0_vlan left promiscuous mode [ 626.803057][T17112] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 626.851328][T17126] loop3: detected capacity change from 0 to 256 [ 626.882041][T17128] loop4: detected capacity change from 0 to 64 [ 626.889619][T17112] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 626.899037][T17112] REISERFS (device loop1): using ordered data mode [ 626.906123][T17112] reiserfs: using flush barriers [ 626.940386][T17112] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 626.969578][T17112] REISERFS (device loop1): checking transaction log (loop1) [ 626.992909][ T4262] Bluetooth: hci2: command 0x041b tx timeout [ 627.054563][T17126] FAT-fs (loop3): Directory bread(block 64) failed [ 627.099411][T17126] FAT-fs (loop3): Directory bread(block 65) failed [ 627.154369][T17126] FAT-fs (loop3): Directory bread(block 66) failed [ 627.161327][T17126] FAT-fs (loop3): Directory bread(block 67) failed [ 627.182845][T17126] FAT-fs (loop3): Directory bread(block 68) failed [ 627.220840][T17126] FAT-fs (loop3): Directory bread(block 69) failed [ 627.238724][T17126] FAT-fs (loop3): Directory bread(block 70) failed [ 627.246631][T17126] FAT-fs (loop3): Directory bread(block 71) failed [ 627.271332][T17126] FAT-fs (loop3): Directory bread(block 72) failed [ 627.286383][T17126] FAT-fs (loop3): Directory bread(block 73) failed [ 627.320900][T17112] REISERFS (device loop1): Using tea hash to sort names [ 627.367289][T17112] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 627.503905][ T26] audit: type=1800 audit(14751660.958:228): pid=17126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5290" name="file1" dev="loop3" ino=1048624 res=0 errno=0 [ 627.965513][T17148] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5301'. [ 628.587988][T17152] loop3: detected capacity change from 0 to 32768 [ 628.728482][T17166] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5308'. [ 628.736735][T17152] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 628.830886][T17152] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 628.883072][T17152] (syz.3.5302,17152,1):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options [ 628.915023][T17170] loop2: detected capacity change from 0 to 1024 [ 628.922798][T17170] EXT4-fs: Ignoring removed orlov option [ 628.933990][T17172] loop1: detected capacity change from 0 to 764 [ 629.045821][T17170] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 629.124840][ T4261] ocfs2: Unmounting device (7,3) on (node local) [ 629.222950][ T4262] Bluetooth: hci2: command 0x040f tx timeout [ 629.236360][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 629.334782][T14634] team0 (unregistering): Port device team_slave_1 removed [ 629.553475][T14634] team0 (unregistering): Port device team_slave_0 removed [ 629.635898][T14634] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 629.662361][T17189] loop2: detected capacity change from 0 to 64 [ 629.737706][T14634] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 630.056513][T17195] loop2: detected capacity change from 0 to 1024 [ 630.222945][T17197] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 630.243252][T17197] overlayfs: missing 'lowerdir' [ 630.681055][T14634] bond0 (unregistering): Released all slaves [ 630.797181][T17144] device syz_tun left promiscuous mode [ 630.802956][T17144] bridge0: port 3(syz_tun) entered disabled state [ 630.817309][T17144] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 630.827552][T17144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 630.839615][T17144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 630.850022][T17144] device bridge_slave_0 left promiscuous mode [ 630.857429][T17144] bridge0: port 1(bridge_slave_0) entered disabled state [ 630.866541][T17144] device bridge_slave_1 left promiscuous mode [ 630.874596][T17144] bridge0: port 2(bridge_slave_1) entered disabled state [ 630.884323][T17144] bond0: (slave bond_slave_0): Releasing backup interface [ 630.904755][T17144] bond0: (slave bond_slave_1): Releasing backup interface [ 630.970256][T17144] team0: Port device team_slave_0 removed [ 630.999361][T17144] team0: Port device team_slave_1 removed [ 631.006504][T17144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 631.014393][T17144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 631.023030][T17144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 631.030570][T17144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 631.048745][T17144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge1: link becomes ready [ 631.089969][T16981] team0: Port device team_slave_0 added [ 631.186428][T16981] team0: Port device team_slave_1 added [ 631.302481][T16981] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 631.309883][T16981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 631.429168][T16981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 631.440551][ T4262] Bluetooth: hci2: command 0x0419 tx timeout [ 631.485827][T16981] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 631.492842][T16981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 631.630393][T16981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 631.881927][T16981] device hsr_slave_0 entered promiscuous mode [ 631.928257][T16981] device hsr_slave_1 entered promiscuous mode [ 631.943657][T17225] loop2: detected capacity change from 0 to 512 [ 632.069257][T17225] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 632.105283][T17233] loop1: detected capacity change from 0 to 256 [ 632.198155][T17233] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 632.293573][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 632.746039][T16981] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 632.807484][T16981] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 632.838562][T16981] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 632.857779][T17256] xt_l2tp: v2 doesn't support IP mode [ 632.883819][T16981] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 633.225613][T16981] 8021q: adding VLAN 0 to HW filter on device bond0 [ 633.242082][T17269] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5351'. [ 633.268439][T17269] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5351'. [ 633.293900][T17269] netlink: 5 bytes leftover after parsing attributes in process `syz.3.5351'. [ 633.377741][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 633.418127][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 633.472585][T16981] 8021q: adding VLAN 0 to HW filter on device team0 [ 633.536734][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 633.567901][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 633.606957][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 633.616074][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 633.642787][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 633.657677][T17282] loop3: detected capacity change from 0 to 1024 [ 633.684755][T14624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 633.702796][T14624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 633.736155][T14624] bridge0: port 2(bridge_slave_1) entered blocking state [ 633.743377][T14624] bridge0: port 2(bridge_slave_1) entered forwarding state [ 633.849417][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 633.872704][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 633.894624][ T11] hfsplus: b-tree write err: -5, ino 4 [ 633.929369][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 633.992158][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 634.026483][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 634.075274][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 634.093824][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 634.127451][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 634.188153][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 634.214704][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 634.263405][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 634.291535][T16981] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 634.890139][T17321] loop4: detected capacity change from 0 to 2048 [ 634.943584][T17321] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 635.021002][ T4296] usb 2-1: new full-speed USB device number 97 using dummy_hcd [ 635.116090][T16981] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 635.130308][T14624] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 635.150489][T14624] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 635.242386][ T4296] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 635.269809][ T4296] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 635.326901][ T4296] usb 2-1: config 0 descriptor?? [ 635.400490][T17339] cgroup: Bad value for 'name' [ 635.718740][T17347] loop3: detected capacity change from 0 to 1764 [ 635.797738][ T4296] [drm:udl_init] *ERROR* Selecting channel failed [ 635.856891][ T4296] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2 [ 635.875107][ T4296] [drm] Initialized udl on minor 2 [ 635.904760][ T4296] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 635.945272][T17355] loop4: detected capacity change from 0 to 256 [ 635.955458][ T4296] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 635.988462][ T4296] usb 2-1: USB disconnect, device number 97 [ 636.016425][T17355] MINIX-fs: mounting file system with errors, running fsck is recommended [ 636.061781][T17355] MINIX-fs warning: remounting fs with errors, running fsck is recommended [ 636.370729][T17366] netlink: 'syz.3.5384': attribute type 2 has an invalid length. [ 636.390828][T17366] netlink: 'syz.3.5384': attribute type 8 has an invalid length. [ 636.454322][T17366] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5384'. [ 636.534755][T14614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 636.586068][T14614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 636.675594][T16981] device veth0_vlan entered promiscuous mode [ 636.718031][T14624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 636.743243][T14624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 636.788880][T17377] netlink: 'syz.3.5389': attribute type 10 has an invalid length. [ 636.835858][T17377] team0: Port device dummy0 added [ 636.865254][T16981] device veth1_vlan entered promiscuous mode [ 636.872936][T14624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 636.906116][T14624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 636.908265][T17384] netlink: 'syz.1.5392': attribute type 1 has an invalid length. [ 636.915868][T14624] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 636.955117][T17384] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5392'. [ 637.047132][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 637.110952][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 637.132366][T14634] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 637.157443][T16981] device veth0_macvtap entered promiscuous mode [ 637.230113][T16981] device veth1_macvtap entered promiscuous mode [ 637.300715][T16981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 637.319762][T16981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 637.386731][T16981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 637.420256][T16981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 637.480522][T16981] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 637.488465][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 637.502686][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 637.534245][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 637.555552][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 637.595833][T16981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 637.629124][T16981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 637.669177][T16981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 637.716468][T16981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 637.745382][T16981] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 637.770276][T14614] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 637.806612][T14614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 637.858069][T16981] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 637.891226][T16981] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 637.934436][T16981] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 637.960695][T16981] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 638.193453][T17396] loop4: detected capacity change from 0 to 32768 [ 638.205173][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 638.211699][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 638.243014][T17396] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.5397 (17396) [ 638.280693][T17396] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 638.302571][T17396] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 638.342173][T17396] BTRFS info (device loop4): force zlib compression, level 3 [ 638.372036][T17396] BTRFS info (device loop4): force clearing of disk cache [ 638.390281][T14614] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 638.398854][T14614] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 638.452530][T17396] BTRFS info (device loop4): setting nodatasum [ 638.458791][T17396] BTRFS info (device loop4): enabling disk space caching [ 638.495768][T14621] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 638.506078][ T4295] usb 2-1: new high-speed USB device number 98 using dummy_hcd [ 638.510544][T17396] BTRFS info (device loop4): disk space caching is enabled [ 638.529954][T14621] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 638.562466][T14621] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 638.632841][T14624] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 638.722902][ T4295] usb 2-1: config 0 has too many interfaces: 202, using maximum allowed: 32 [ 638.784120][ T4295] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 202 [ 638.829611][ T4295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 638.839903][ T26] audit: type=1326 audit(14751671.556:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17445 comm="syz.3.5407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3058cde9 code=0x7ffc0000 [ 638.870824][T17396] BTRFS info (device loop4): enabling ssd optimizations [ 638.878975][T17396] BTRFS info (device loop4): rebuilding free space tree [ 638.914265][ T4295] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 638.937205][T17396] BTRFS info (device loop4): disabling free space tree [ 638.945918][ T26] audit: type=1326 audit(14751671.556:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17445 comm="syz.3.5407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3058cde9 code=0x7ffc0000 [ 638.976481][T17396] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 638.983538][ T4295] usb 2-1: New USB device strings: Mfr=33, Product=2, SerialNumber=3 [ 639.017346][ T4295] usb 2-1: Product: syz [ 639.025722][T17396] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 639.040615][ T4295] usb 2-1: Manufacturer: syz [ 639.045283][ T4295] usb 2-1: SerialNumber: syz [ 639.055800][ T26] audit: type=1326 audit(14751671.566:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17445 comm="syz.3.5407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7fcb3058cde9 code=0x7ffc0000 [ 639.100777][ T4295] usb 2-1: config 0 descriptor?? [ 639.193439][ T26] audit: type=1326 audit(14751671.566:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17445 comm="syz.3.5407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3058cde9 code=0x7ffc0000 [ 639.225227][T17396] BTRFS error (device loop4): balance: mixed groups data and metadata options must be the same [ 639.331692][ T26] audit: type=1326 audit(14751671.566:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17445 comm="syz.3.5407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3058cde9 code=0x7ffc0000 [ 639.380886][ T4295] snd-usb-audio: probe of 2-1:0.0 failed with error -2 [ 639.389368][ T4252] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 639.446810][ T4297] usb 4-1: new full-speed USB device number 90 using dummy_hcd [ 639.497535][ T4420] udevd[4420]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 639.635693][ T4295] usb 2-1: USB disconnect, device number 98 [ 639.701070][ T4297] usb 4-1: not running at top speed; connect to a high speed hub [ 639.741768][ T4297] usb 4-1: config 95 has an invalid interface number: 1 but max is 0 [ 639.778056][ T4297] usb 4-1: config 95 has no interface number 0 [ 639.784303][ T4297] usb 4-1: config 95 interface 1 has no altsetting 0 [ 639.816651][ T4297] usb 4-1: string descriptor 0 read error: -22 [ 639.831521][ T4297] usb 4-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79 [ 639.862754][ T4297] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 640.096114][T17480] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5417'. [ 640.389943][ T4293] usb 4-1: USB disconnect, device number 90 [ 640.495943][T17482] loop4: detected capacity change from 0 to 4096 [ 640.500211][T17491] loop5: detected capacity change from 0 to 256 [ 640.554882][T17482] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 640.610319][T17491] FAT-fs (loop5): Directory bread(block 64) failed [ 640.640475][T17491] FAT-fs (loop5): Directory bread(block 65) failed [ 640.661740][T17491] FAT-fs (loop5): Directory bread(block 66) failed [ 640.669732][T17491] FAT-fs (loop5): Directory bread(block 67) failed [ 640.708538][T17491] FAT-fs (loop5): Directory bread(block 68) failed [ 640.715173][T17491] FAT-fs (loop5): Directory bread(block 69) failed [ 640.750960][T17491] FAT-fs (loop5): Directory bread(block 70) failed [ 640.786458][T17491] FAT-fs (loop5): Directory bread(block 71) failed [ 640.804809][T17491] FAT-fs (loop5): Directory bread(block 72) failed [ 640.811412][T17491] FAT-fs (loop5): Directory bread(block 73) failed [ 641.066894][T17503] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5425'. [ 641.126874][T17506] IPv6: NLM_F_CREATE should be specified when creating new route [ 641.138914][T17506] IPv6: NLM_F_REPLACE set, but no existing node found! [ 641.219071][T17509] netlink: 'syz.3.5427': attribute type 4 has an invalid length. [ 641.939412][T17540] loop5: detected capacity change from 0 to 22 [ 641.946478][T17540] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 641.990152][T17535] loop2: detected capacity change from 0 to 4096 [ 641.991984][ T26] audit: type=1326 audit(14751674.503:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17543 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x7ffc0000 [ 642.037287][T17540] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 642.093566][T17535] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 642.102354][ T26] audit: type=1326 audit(14751674.540:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17543 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f102198cde9 code=0x7ffc0000 [ 642.193263][T17535] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 642.210531][ T26] audit: type=1326 audit(14751674.540:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17543 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x7ffc0000 [ 642.244527][T17535] ntfs3: loop2: mft corrupted [ 642.249661][T17535] ntfs3: loop2: Failed to load $Extend. [ 642.307614][T17551] xt_TCPMSS: Only works on TCP SYN packets [ 642.343856][ T26] audit: type=1326 audit(14751674.540:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17543 comm="syz.1.5440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x7ffc0000 [ 642.384128][T17535] ntfs3: loop2: ino=1b, "file0" attr_set_size [ 643.373911][ T4296] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 643.605175][ T4296] usb 4-1: Using ep0 maxpacket: 8 [ 643.612293][ T4296] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 643.642612][T17606] usb usb9: usbfs: interface 0 claimed by hub while 'syz.5.5463' sets config #0 [ 643.651847][ T4296] usb 4-1: config 179 has no interface number 0 [ 643.702558][ T4296] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 643.739340][ T4296] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 643.819556][ T4296] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 643.876377][ T4296] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 643.942233][ T4296] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 644.019709][ T4296] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 644.049738][ T4296] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 644.117187][T17621] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5472'. [ 644.121726][T17579] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 644.159198][T17621] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5472'. [ 644.529375][T17635] loop5: detected capacity change from 0 to 1024 [ 644.558946][T17579] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 644.566310][T17579] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 644.632066][T17635] EXT4-fs: Ignoring removed orlov option [ 644.659866][T17579] vhci_hcd vhci_hcd.0: Device attached [ 644.757893][ T4293] usb 4-1: USB disconnect, device number 91 [ 644.757900][T17636] vhci_hcd: connection closed [ 644.757960][ C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 644.758000][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 644.787540][T17635] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 644.833412][T17646] xt_ecn: cannot match TCP bits for non-tcp packets [ 644.878244][T16981] EXT4-fs (loop5): unmounting filesystem. [ 644.884046][T14634] vhci_hcd: stop threads [ 644.884889][T14634] vhci_hcd: release socket [ 644.896782][T14634] vhci_hcd: disconnect device [ 644.930813][T13822] usb 39-1: new low-speed USB device number 2 using vhci_hcd [ 644.938668][T13822] usb 39-1: enqueue for inactive port 0 [ 645.048187][T13822] vhci_hcd: vhci_device speed not set [ 645.732691][T17680] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5494'. [ 645.741716][T17680] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5494'. [ 645.777998][T17680] netlink: 2 bytes leftover after parsing attributes in process `syz.1.5494'. [ 646.116731][T17694] loop1: detected capacity change from 0 to 1024 [ 646.216997][T17694] syz.1.5500: attempt to access beyond end of device [ 646.216997][T17694] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 646.381383][T17705] libceph: resolve '400' (ret=-3): failed [ 646.617201][T17714] loop1: detected capacity change from 0 to 2048 [ 646.681084][T17720] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 646.737629][T17714] NILFS error (device loop1): nilfs_lookup: deleted inode referenced: 12 [ 646.765108][T17714] Remounting filesystem read-only [ 647.243899][T17745] loop5: detected capacity change from 0 to 16 [ 647.276318][T17745] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 647.305695][T17743] loop3: detected capacity change from 0 to 2048 [ 647.351375][T17743] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 647.669992][T17756] netlink: 19 bytes leftover after parsing attributes in process `syz.5.5524'. [ 647.778878][T17760] loop1: detected capacity change from 0 to 2048 [ 647.834864][T17760] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 648.307050][T17782] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5535'. [ 648.313511][ T4293] usb 3-1: new high-speed USB device number 89 using dummy_hcd [ 648.453521][T17785] ieee802154 phy0 wpan0: encryption failed: -22 [ 648.515524][T17790] trusted_key: encrypted_key: keylen parameter is missing [ 648.541440][ T4293] usb 3-1: config 0 has no interfaces? [ 648.559487][ T4293] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 648.596961][ T4293] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 648.617247][ T4293] usb 3-1: Product: syz [ 648.633735][ T4293] usb 3-1: Manufacturer: syz [ 648.638393][ T4293] usb 3-1: SerialNumber: syz [ 648.669006][ T4293] r8152-cfgselector 3-1: config 0 descriptor?? [ 648.926536][ T4293] usbip-host 3-1: 3-1 is not in match_busid table... skip! [ 649.181808][ T954] usb 3-1: USB disconnect, device number 89 [ 649.301070][T17814] xt_hashlimit: max too large, truncated to 1048576 [ 649.334936][T17814] xt_hashlimit: overflow, try lower: 0/0 [ 649.532206][T17823] tmpfs: Bad value for 'mpol' [ 649.542004][T17821] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5556'. [ 649.591510][T17821] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5556'. [ 649.608569][T17821] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5556'. [ 649.820616][ T4523] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 650.029754][ T4523] usb 6-1: Using ep0 maxpacket: 8 [ 650.039351][ T4523] usb 6-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 650.098655][ T4523] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 650.135174][ T4523] usb 6-1: Product: syz [ 650.139405][T17835] libceph: resolve '0.' (ret=-3): failed [ 650.152671][ T4523] usb 6-1: Manufacturer: syz [ 650.173014][ T4523] usb 6-1: SerialNumber: syz [ 650.189851][ T4523] usb 6-1: config 0 descriptor?? [ 650.219815][ T4523] gspca_main: sq930x-2.14.0 probing 2770:930c [ 650.431523][T17844] loop1: detected capacity change from 0 to 128 [ 650.489832][T17844] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 650.531637][T17844] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 650.656230][ T26] audit: type=1326 audit(14751682.613:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17849 comm="syz.3.5569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3058cde9 code=0x7ffc0000 [ 650.679201][ T4523] gspca_sq930x: ucbus_write failed -71 [ 650.707706][ T4523] sq930x: probe of 6-1:0.0 failed with error -71 [ 650.738385][ T26] audit: type=1326 audit(14751682.613:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17849 comm="syz.3.5569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3058cde9 code=0x7ffc0000 [ 650.767200][ T4523] usb 6-1: USB disconnect, device number 2 [ 650.842811][ T26] audit: type=1326 audit(14751682.651:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17849 comm="syz.3.5569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7fcb3058cde9 code=0x7ffc0000 [ 650.925733][ T26] audit: type=1326 audit(14751682.651:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17849 comm="syz.3.5569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3058cde9 code=0x7ffc0000 [ 651.006883][T17859] loop1: detected capacity change from 0 to 64 [ 651.034446][ T26] audit: type=1326 audit(14751682.651:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17849 comm="syz.3.5569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb3058cde9 code=0x7ffc0000 [ 651.056930][ C0] vkms_vblank_simulate: vblank timer overrun [ 651.121832][T17859] hfs: request for non-existent node 16777216 in B*Tree [ 651.129428][T17859] hfs: request for non-existent node 16777216 in B*Tree [ 651.188489][T17859] hfs: request for non-existent node 16777216 in B*Tree [ 651.226299][T17859] hfs: request for non-existent node 16777216 in B*Tree [ 651.500516][T17875] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5581'. [ 651.551387][T17875] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5581'. [ 651.680749][T17885] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5585'. [ 652.925655][T17931] loop3: detected capacity change from 0 to 16 [ 652.948216][T17931] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 653.121896][T17935] netlink: 332 bytes leftover after parsing attributes in process `syz.5.5608'. [ 653.508364][T17951] loop3: detected capacity change from 0 to 256 [ 653.553198][T17945] loop1: detected capacity change from 0 to 4096 [ 653.578469][T17945] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512) [ 653.601032][T17951] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 653.710024][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 653.758065][T17951] FAT-fs (loop3): Filesystem has been set read-only [ 653.803486][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 653.812081][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 653.874088][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 653.899085][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 653.911847][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 653.942698][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 653.989530][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.016072][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.052816][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.086983][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.111093][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.121902][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.138814][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.151078][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.165213][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.171374][T17963] loop2: detected capacity change from 0 to 4096 [ 654.179319][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.272158][T17963] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match. Run ntfsfix or chkdsk. [ 654.284189][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.310101][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.323536][T17963] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 654.344124][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.388058][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.397094][T17963] ntfs: (device loop2): ntfs_is_extended_system_file(): Inode hard link count doesn't match number of name attributes. You should run chkdsk. [ 654.439145][T17963] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing. [ 654.448272][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.476958][T17963] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 654.490374][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.519899][T17951] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 654.537350][T17963] ntfs: volume version 3.1. [ 654.623070][T17951] syz.3.5614 (17951) used greatest stack depth: 19072 bytes left [ 655.538235][T18011] SET target dimension over the limit! [ 655.778332][T18015] loop5: detected capacity change from 0 to 4096 [ 655.806917][T18015] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 655.882361][T18016] loop3: detected capacity change from 0 to 4096 [ 655.930447][T18016] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 655.961983][T18015] ntfs3: loop5: failed to convert "c46c" to iso8859-7 [ 655.972506][T18025] device batadv_slave_0 entered promiscuous mode [ 656.047899][T18028] netlink: 'syz.2.5652': attribute type 10 has an invalid length. [ 656.454848][T18039] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5657'. [ 656.464198][T18039] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5657'. [ 656.815833][T18058] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5663'. [ 657.107288][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 657.107305][ T26] audit: type=1326 audit(14751688.656:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18067 comm="syz.4.5670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9beb8cde9 code=0x7ffc0000 [ 657.135467][ C0] vkms_vblank_simulate: vblank timer overrun [ 657.148111][T18071] loop2: detected capacity change from 0 to 128 [ 657.175997][T18062] loop1: detected capacity change from 0 to 4096 [ 657.238168][T18062] NILFS (loop1): invalid segment: Checksum error in segment payload [ 657.267632][ T26] audit: type=1326 audit(14751688.684:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18067 comm="syz.4.5670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fe9beb8cde9 code=0x7ffc0000 [ 657.304771][T18062] NILFS (loop1): trying rollback from an earlier position [ 657.361503][T18062] NILFS (loop1): norecovery option specified, skipping roll-forward recovery [ 657.384485][ T26] audit: type=1326 audit(14751688.684:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18067 comm="syz.4.5670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9beb8cde9 code=0x7ffc0000 [ 657.424975][T18080] loop5: detected capacity change from 0 to 1024 [ 657.462983][ T26] audit: type=1326 audit(14751688.684:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18067 comm="syz.4.5670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9beb8cde9 code=0x7ffc0000 [ 657.496933][T18080] EXT4-fs: Ignoring removed bh option [ 657.523760][T18080] EXT4-fs: inline encryption not supported [ 657.595317][T18080] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 657.641900][T18080] EXT4-fs error (device loop5): ext4_map_blocks:634: inode #3: block 2: comm syz.5.5671: lblock 2 mapped to illegal pblock 2 (length 1) [ 657.715850][ T4293] usb 5-1: new high-speed USB device number 91 using dummy_hcd [ 657.773973][T18080] Quota error (device loop5): qtree_write_dquot: dquota write failed [ 657.804397][T18080] EXT4-fs error (device loop5): ext4_map_blocks:634: inode #3: block 48: comm syz.5.5671: lblock 0 mapped to illegal pblock 48 (length 1) [ 657.840861][T18080] Quota error (device loop5): v2_write_file_info: Can't write info structure [ 657.860435][T18080] EXT4-fs error (device loop5): ext4_acquire_dquot:6795: comm syz.5.5671: Failed to acquire dquot type 0 [ 657.863707][T18091] loop1: detected capacity change from 0 to 128 [ 657.883396][T18080] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 657.910463][T18080] EXT4-fs error (device loop5): ext4_evict_inode:279: inode #11: comm syz.5.5671: mark_inode_dirty error [ 657.932315][T18091] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 657.941555][T18080] EXT4-fs warning (device loop5): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 657.952277][ T4293] usb 5-1: Using ep0 maxpacket: 8 [ 657.960397][ T4293] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 657.962046][ T4296] usb 4-1: new high-speed USB device number 92 using dummy_hcd [ 657.969560][ T4293] usb 5-1: config 179 has no interface number 0 [ 657.976495][T18080] EXT4-fs (loop5): 1 orphan inode deleted [ 657.983194][ T4293] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 658.010495][ T4293] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 658.022930][T18080] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 658.033189][ T4293] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 658.058345][ T4293] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 658.084515][ T4293] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 658.108959][ T4293] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 658.128475][ T4293] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 658.152944][T14621] EXT4-fs error (device loop5): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:12: lblock 1 mapped to illegal pblock 1 (length 1) [ 658.153335][T18081] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 658.196588][T14621] Quota error (device loop5): remove_tree: Can't read quota data block 1 [ 658.226397][T14621] EXT4-fs error (device loop5): ext4_release_dquot:6818: comm kworker/u4:12: Failed to release dquot type 0 [ 658.277064][ T4296] usb 4-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 658.306292][ T4296] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 658.315543][T18080] EXT4-fs (loop5): unmounting filesystem. [ 658.321486][T18080] EXT4-fs error (device loop5): __ext4_get_inode_loc:4506: comm syz.5.5671: Invalid inode table block 1 in block_group 0 [ 658.353991][ T4296] usb 4-1: Product: syz [ 658.357590][T18080] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 658.372003][ T4296] usb 4-1: Manufacturer: syz [ 658.379319][T18080] EXT4-fs error (device loop5): ext4_quota_off:7084: inode #3: comm syz.5.5671: mark_inode_dirty error [ 658.387210][ T4296] usb 4-1: SerialNumber: syz [ 658.410900][ T4523] usb 2-1: new high-speed USB device number 99 using dummy_hcd [ 658.422474][ T4296] usb 4-1: config 0 descriptor?? [ 658.593768][T18081] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 658.600363][T18081] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 658.611187][T18081] vhci_hcd vhci_hcd.0: Device attached [ 658.626700][ T4523] usb 2-1: config 0 has an invalid interface number: 106 but max is 0 [ 658.634003][T18100] vhci_hcd: connection closed [ 658.640706][ T51] vhci_hcd: stop threads [ 658.642321][ T4293] usb 5-1: USB disconnect, device number 91 [ 658.645547][ T51] vhci_hcd: release socket [ 658.652006][ C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 658.668593][ C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 658.682523][ T4296] usb 4-1: ignoring: probably an ADSL modem [ 658.700362][ T4523] usb 2-1: config 0 has an invalid descriptor of length 138, skipping remainder of the config [ 658.713266][ T51] vhci_hcd: disconnect device [ 658.754504][ T4523] usb 2-1: config 0 has no interface number 0 [ 658.760706][ T4523] usb 2-1: config 0 interface 106 altsetting 0 endpoint 0x1 has an invalid bInterval 218, changing to 7 [ 658.831204][ T4523] usb 2-1: config 0 interface 106 altsetting 0 endpoint 0x1 has invalid maxpacket 41584, setting to 1024 [ 658.868455][ T4523] usb 2-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 658.907632][ T4296] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19! [ 658.928998][ T4523] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb [ 658.945251][ T4296] usb 4-1: USB disconnect, device number 92 [ 658.988249][ T4523] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 659.030345][ T4523] usb 2-1: config 0 descriptor?? [ 659.105113][ T4523] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 659.308821][T14624] usb 2-1: Failed to submit usb control message: -71 [ 659.316672][ T4523] usb 2-1: USB disconnect, device number 99 [ 659.341820][T14624] usb 2-1: unable to send the bmi data to the device: -71 [ 659.365290][T14624] usb 2-1: unable to get target info from device [ 659.371691][T14624] usb 2-1: could not get target info (-71) [ 659.383578][T14624] usb 2-1: could not probe fw (-71) [ 659.926000][T18136] loop4: detected capacity change from 0 to 16 [ 659.933832][T18136] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 660.003664][ T4295] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 660.058869][ T4247] EXT4-fs (loop1): unmounting filesystem. [ 660.127832][T18134] loop3: detected capacity change from 0 to 8192 [ 660.206856][ T4295] usb 6-1: Using ep0 maxpacket: 32 [ 660.218486][ T4295] usb 6-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 660.240076][T18143] loop1: detected capacity change from 0 to 256 [ 660.246533][T18134] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001) [ 660.272166][ T4295] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 660.291168][T18134] FAT-fs (loop3): Filesystem has been set read-only [ 660.304958][ T4295] usb 6-1: Product: syz [ 660.314127][T18143] FAT-fs (loop1): Directory bread(block 64) failed [ 660.322232][T18134] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001) [ 660.332904][ T4295] usb 6-1: Manufacturer: syz [ 660.341332][T18143] FAT-fs (loop1): Directory bread(block 65) failed [ 660.352124][ T4295] usb 6-1: SerialNumber: syz [ 660.357572][T18134] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001) [ 660.374542][T18143] FAT-fs (loop1): Directory bread(block 66) failed [ 660.385491][ T4295] usb 6-1: config 0 descriptor?? [ 660.390838][T18143] FAT-fs (loop1): Directory bread(block 67) failed [ 660.431295][T18143] FAT-fs (loop1): Directory bread(block 68) failed [ 660.437905][T18143] FAT-fs (loop1): Directory bread(block 69) failed [ 660.538198][T18143] FAT-fs (loop1): Directory bread(block 70) failed [ 660.546111][T18143] FAT-fs (loop1): Directory bread(block 71) failed [ 660.599064][T18143] FAT-fs (loop1): Directory bread(block 72) failed [ 660.617225][T18143] FAT-fs (loop1): Directory bread(block 73) failed [ 660.853945][ T4295] airspy 6-1:0.0: usb_control_msg() failed -71 request 0a [ 660.872203][ T4295] airspy 6-1:0.0: Could not detect board [ 660.878093][ T4295] airspy: probe of 6-1:0.0 failed with error -71 [ 660.933422][ T4295] usb 6-1: USB disconnect, device number 3 [ 661.940395][T18197] loop5: detected capacity change from 0 to 256 [ 662.040460][T18197] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 662.519655][T18217] loop3: detected capacity change from 0 to 1024 [ 662.711680][ T4318] hfsplus: b-tree write err: -5, ino 4 [ 663.314138][T18251] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5730'. [ 663.344176][T18251] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 663.644847][T18264] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5734'. [ 663.683723][T18264] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5734'. [ 663.739101][T18264] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5734'. [ 664.739448][ T4523] usb 2-1: new high-speed USB device number 100 using dummy_hcd [ 664.955002][ T4523] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 665.006503][ T4523] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 665.054574][ T4523] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 665.089792][ T4523] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 665.136259][T18299] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 665.158213][T18325] netlink: 'syz.4.5758': attribute type 1 has an invalid length. [ 665.166004][T18325] netlink: 308 bytes leftover after parsing attributes in process `syz.4.5758'. [ 665.426335][ T4523] usb 2-1: USB disconnect, device number 100 [ 665.500782][T18337] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5761'. [ 666.444451][T18374] loop1: detected capacity change from 0 to 512 [ 666.520820][T18374] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 666.647302][ T26] audit: type=1326 audit(14751697.571:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18375 comm="syz.4.5779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9beb8cde9 code=0x7ffc0000 [ 666.673330][T18374] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 666.742264][ T26] audit: type=1326 audit(14751697.618:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18375 comm="syz.4.5779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7fe9beb8cde9 code=0x7ffc0000 [ 666.771138][ T26] audit: type=1326 audit(14751697.618:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18375 comm="syz.4.5779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9beb8cde9 code=0x7ffc0000 [ 666.794822][ T26] audit: type=1326 audit(14751697.618:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18375 comm="syz.4.5779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9beb8cde9 code=0x7ffc0000 [ 666.996340][ T4247] EXT4-fs (loop1): unmounting filesystem. [ 667.169616][T18402] x_tables: duplicate entry at hook 1 [ 667.318785][T18411] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 667.326081][T18411] IPv6: NLM_F_CREATE should be set when creating new route [ 667.333452][T18411] IPv6: NLM_F_CREATE should be set when creating new route [ 667.743996][T18425] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (31) [ 667.998523][T18434] loop2: detected capacity change from 0 to 256 [ 668.048364][T18434] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 668.136693][T18443] netlink: 76 bytes leftover after parsing attributes in process `syz.3.5803'. [ 670.124585][T18527] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.5835'. [ 670.146134][T18528] Mount JFS Failure: -22 [ 670.164414][T18528] jfs_mount failed w/return code = -22 [ 670.386071][T18536] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5839'. [ 670.498521][T18533] loop5: detected capacity change from 0 to 4096 [ 670.537120][T18533] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 670.681177][T18546] loop4: detected capacity change from 0 to 1024 [ 671.456347][T18577] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5859'. [ 671.588800][T18581] loop3: detected capacity change from 0 to 8 [ 671.734905][T18585] loop4: detected capacity change from 0 to 256 [ 671.824272][T18585] FAT-fs (loop4): Directory bread(block 64) failed [ 671.853975][T18585] FAT-fs (loop4): Directory bread(block 65) failed [ 671.876554][T18585] FAT-fs (loop4): Directory bread(block 66) failed [ 671.923020][T18585] FAT-fs (loop4): Directory bread(block 67) failed [ 671.929707][T18585] FAT-fs (loop4): Directory bread(block 68) failed [ 671.955232][T18585] FAT-fs (loop4): Directory bread(block 69) failed [ 671.961916][T18585] FAT-fs (loop4): Directory bread(block 70) failed [ 671.963706][T18593] netlink: 464 bytes leftover after parsing attributes in process `syz.2.5867'. [ 671.982635][T18585] FAT-fs (loop4): Directory bread(block 71) failed [ 672.000195][T18585] FAT-fs (loop4): Directory bread(block 72) failed [ 672.027326][T18585] FAT-fs (loop4): Directory bread(block 73) failed [ 672.040334][T18595] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5868'. [ 672.904398][T18627] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5882'. [ 672.940001][T18627] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5882'. [ 672.961498][ T26] audit: type=1800 audit(14751703.474:252): pid=18612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.4.5876" name="/newroot/1238/file0" dev="tmpfs" ino=6459 res=0 errno=0 [ 673.595172][T18654] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5895'. [ 674.378186][T18684] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5910'. [ 674.622680][T18695] [U] v3f"S/4:XTzWtlW= [ 674.674710][T18695] [U] J"e:" [ 674.969792][ T4295] usb 3-1: new high-speed USB device number 90 using dummy_hcd [ 675.172796][ T4295] usb 3-1: Using ep0 maxpacket: 8 [ 675.181905][ T4295] usb 3-1: unable to get BOS descriptor or descriptor too short [ 675.244618][ T4295] usb 3-1: config 8 interface 0 altsetting 7 bulk endpoint 0x3 has invalid maxpacket 8 [ 675.263173][ T4295] usb 3-1: config 8 interface 0 has no altsetting 0 [ 675.298531][T18716] loop1: detected capacity change from 0 to 4096 [ 675.311315][ T4295] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5 [ 675.313891][T18716] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 675.346780][ T4295] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 675.375517][ T4295] usb 3-1: Product: syz [ 675.380959][ T4295] usb 3-1: Manufacturer: syz [ 675.385598][ T4295] usb 3-1: SerialNumber: syz [ 675.409183][T18697] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 675.578970][T13822] usb 5-1: new full-speed USB device number 92 using dummy_hcd [ 675.657952][ T4295] usb 3-1: selecting invalid altsetting 0 [ 675.740134][ T4295] usb 3-1: USB disconnect, device number 90 [ 675.754797][T18732] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5935'. [ 675.817872][T13822] usb 5-1: unable to get BOS descriptor or descriptor too short [ 675.842102][ T4421] udevd[4421]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:8.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 675.844565][T13822] usb 5-1: not running at top speed; connect to a high speed hub [ 675.904930][T18734] loop1: detected capacity change from 0 to 2048 [ 675.910820][T13822] usb 5-1: config index 0 descriptor too short (expected 52914, got 147) [ 675.919877][T13822] usb 5-1: config 213 has too many interfaces: 150, using maximum allowed: 32 [ 675.941794][T13822] usb 5-1: config 213 has an invalid descriptor of length 0, skipping remainder of the config [ 675.963501][T13822] usb 5-1: config 213 has 0 interfaces, different from the descriptor's value: 150 [ 675.985610][T18734] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 676.009167][T13822] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 676.037825][T13822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 676.057140][T13822] usb 5-1: Product: syz [ 676.061734][T13822] usb 5-1: Manufacturer: syz [ 676.066366][T13822] usb 5-1: SerialNumber: syz [ 676.230854][T18742] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5939'. [ 676.340767][T13822] usb 5-1: USB disconnect, device number 92 [ 676.454342][T18748] tipc: Can't bind to reserved service type 0 [ 677.159494][T18778] loop5: detected capacity change from 0 to 256 [ 677.216148][T18778] exFAT-fs (loop5): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 677.320268][T18778] fuse: Bad value for 'fd' [ 677.511239][T18787] loop3: detected capacity change from 0 to 764 [ 677.577740][T18787] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 677.617447][T18787] Symlink component flag not implemented [ 677.685170][T18787] Symlink component flag not implemented [ 677.691016][T18787] Symlink component flag not implemented (128) [ 677.736040][T18787] Symlink component flag not implemented (122) [ 677.861334][ T26] audit: type=1326 audit(14751708.067:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18796 comm="syz.2.5967" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2d0cd8cde9 code=0x0 [ 678.138075][T18804] loop4: detected capacity change from 0 to 2048 [ 678.189475][T18804] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 678.514567][T18780] loop1: detected capacity change from 0 to 40427 [ 678.567572][T18780] F2FS-fs (loop1): invalid crc value [ 678.588432][T18780] F2FS-fs (loop1): Found nat_bits in checkpoint [ 678.700137][T18824] netlink: 'syz.4.5980': attribute type 1 has an invalid length. [ 678.765005][T18780] F2FS-fs (loop1): Start checkpoint disabled! [ 678.818500][T18828] loop5: detected capacity change from 0 to 164 [ 678.841065][T18780] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 678.931961][T18832] netlink: 92 bytes leftover after parsing attributes in process `syz.4.5983'. [ 678.967971][T18832] netlink: 92 bytes leftover after parsing attributes in process `syz.4.5983'. [ 679.093320][T18836] loop2: detected capacity change from 0 to 764 [ 679.166543][T18836] rock: directory entry would overflow storage [ 679.175944][T18836] rock: sig=0x4654, size=5, remaining=4 [ 679.192271][T18838] Zero length message leads to an empty skb [ 679.913818][T18857] usb usb8: usbfs: process 18857 (syz.3.5996) did not claim interface 0 before use [ 680.229977][T18872] loop3: detected capacity change from 0 to 256 [ 680.290279][T18872] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 680.422179][T18872] fuse: Bad value for 'fd' [ 680.522343][T18884] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6009'. [ 680.550021][T18884] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6009'. [ 680.844455][T18896] loop2: detected capacity change from 0 to 512 [ 680.927576][T18896] EXT4-fs: Ignoring removed oldalloc option [ 680.997825][T18896] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b802e02d, mo2=0002] [ 681.034782][T18905] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6019'. [ 681.044544][T18905] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6019'. [ 681.060427][T18896] System zones: 1-12 [ 681.124776][T18896] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.6014: invalid indirect mapped block 1 (level 1) [ 681.159243][T18896] EXT4-fs (loop2): Remounting filesystem read-only [ 681.166720][T18896] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.6014: invalid indirect mapped block 7 (level 2) [ 681.192220][T18912] cgroup: name respecified [ 681.203544][T18896] EXT4-fs (loop2): Remounting filesystem read-only [ 681.210237][T18896] EXT4-fs (loop2): 1 truncate cleaned up [ 681.244715][T18896] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 681.322562][T18916] SET target dimension over the limit! [ 681.445441][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 681.580515][T18925] loop4: detected capacity change from 0 to 164 [ 682.036712][T18944] device geneve3 entered promiscuous mode [ 682.074404][ T4262] Bluetooth: hci2: command 0x0406 tx timeout [ 682.110529][ T6373] usb 3-1: new high-speed USB device number 91 using dummy_hcd [ 682.326620][ T6373] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7 [ 682.355797][ T6373] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 682.370099][ T6373] usb 3-1: New USB device found, idVendor=468c, idProduct=90ea, bcdDevice=99.6d [ 682.379862][ T6373] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 682.389503][T18957] loop4: detected capacity change from 0 to 2048 [ 682.396484][ T6373] usb 3-1: Product: syz [ 682.402203][ T6373] usb 3-1: Manufacturer: syz [ 682.407002][ T6373] usb 3-1: SerialNumber: syz [ 682.434816][ T6373] usb 3-1: config 0 descriptor?? [ 682.448850][ T6373] usb 3-1: Found UVC 0.00 device syz (468c:90ea) [ 682.457273][ T6373] usb 3-1: No valid video chain found. [ 682.482115][T18957] Alternate GPT is invalid, using primary GPT. [ 682.484814][ T4295] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 682.509771][T18957] loop4: p2 p3 p7 [ 682.686177][ T4332] udevd[4332]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 682.705459][ T4295] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 682.731856][ T4295] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 682.750874][ T4420] udevd[4420]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 682.782968][ T4295] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10 [ 682.824181][ T4295] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64 [ 682.838911][ T4295] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 682.841681][ T4332] udevd[4332]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory [ 682.853204][ T4295] usb 6-1: config 0 interface 0 has no altsetting 0 [ 682.883790][ T4523] usb 3-1: USB disconnect, device number 91 [ 682.899086][ T4295] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 682.930468][ T4295] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 682.945877][ T4295] usb 6-1: Product: syz [ 682.950101][ T4295] usb 6-1: Manufacturer: syz [ 682.960574][ T4295] usb 6-1: SerialNumber: syz [ 682.989701][ T4295] usb 6-1: config 0 descriptor?? [ 682.998292][T18949] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 683.015801][ T4295] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 683.040773][ T4295] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 683.050674][T18972] netlink: 1033 bytes leftover after parsing attributes in process `syz.4.6051'. [ 683.115336][ T954] usb 2-1: new high-speed USB device number 101 using dummy_hcd [ 683.317067][T13822] usb 6-1: USB disconnect, device number 4 [ 683.330717][T13822] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 683.339943][ T954] usb 2-1: Using ep0 maxpacket: 8 [ 683.347412][ T954] usb 2-1: unable to get BOS descriptor or descriptor too short [ 683.382086][ T954] usb 2-1: config 6 has an invalid interface number: 90 but max is 0 [ 683.406251][ T954] usb 2-1: config 6 has no interface number 0 [ 683.434535][ T954] usb 2-1: config 6 interface 90 altsetting 7 endpoint 0x3 has an invalid bInterval 255, changing to 7 [ 683.463633][ T954] usb 2-1: config 6 interface 90 altsetting 7 endpoint 0xF has invalid maxpacket 512, setting to 64 [ 683.482442][ T954] usb 2-1: config 6 interface 90 has no altsetting 0 [ 683.504305][ T954] usb 2-1: New USB device found, idVendor=0bb4, idProduct=0a71, bcdDevice=c1.96 [ 683.524700][ T954] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 683.541211][ T954] usb 2-1: Product: syz [ 683.553426][ T954] usb 2-1: Manufacturer: syz [ 683.567595][ T954] usb 2-1: SerialNumber: syz [ 683.757863][T18993] loop3: detected capacity change from 0 to 512 [ 683.787270][T18993] EXT4-fs: Ignoring removed bh option [ 683.804428][ T954] hub 2-1:6.90: bad descriptor, ignoring hub [ 683.817894][T18993] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 683.821510][ T954] hub: probe of 2-1:6.90 failed with error -5 [ 683.858193][T18993] EXT4-fs (loop3): 1 truncate cleaned up [ 683.874496][T18993] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 683.960319][ T954] usb 2-1: USB disconnect, device number 101 [ 684.161524][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 684.323031][T19012] loop4: detected capacity change from 0 to 64 [ 684.597109][T19022] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6076'. [ 684.807696][T19029] netlink: 'syz.4.6079': attribute type 10 has an invalid length. [ 684.850827][T19029] team0: Device veth1_macvtap failed to register rx_handler [ 685.081319][T19037] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6083'. [ 685.859593][T19043] loop4: detected capacity change from 0 to 32768 [ 685.973662][T19063] netlink: 'syz.5.6096': attribute type 4 has an invalid length. [ 686.281720][T19073] netlink: 'syz.1.6102': attribute type 10 has an invalid length. [ 686.330176][T19073] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6102'. [ 686.383128][T19073] bond0: (slave dummy0): Releasing backup interface [ 686.418294][T19073] bridge0: port 1(dummy0) entered blocking state [ 686.430640][T19073] bridge0: port 1(dummy0) entered disabled state [ 686.470829][T19073] device dummy0 entered promiscuous mode [ 686.578595][T19083] netlink: 'syz.4.6100': attribute type 2 has an invalid length. [ 686.611041][ T4295] usb 4-1: new high-speed USB device number 93 using dummy_hcd [ 686.805903][ T4295] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 686.846295][ T4295] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 686.869008][T19091] loop4: detected capacity change from 0 to 128 [ 686.901917][T19091] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 686.906249][ T4295] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 686.986180][ T4295] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 687.020449][ T4295] usb 4-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 687.081489][ T4295] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 687.089548][ T4295] usb 4-1: Product: syz [ 687.145625][ T4295] usb 4-1: Manufacturer: syz [ 687.150393][ T4295] usb 4-1: SerialNumber: syz [ 687.185982][ T4295] usb 4-1: config 0 descriptor?? [ 687.382626][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 687.442337][ T4295] adutux 4-1:0.0: Could not retrieve serial number [ 687.456481][ T4295] adutux: probe of 4-1:0.0 failed with error -5 [ 687.543202][T19109] loop2: detected capacity change from 0 to 16 [ 687.564606][T19109] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 687.603871][T19111] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6113'. [ 687.616136][T19109] erofs: (device loop2): mounted with root inode @ nid 36. [ 687.643833][T19113] loop5: detected capacity change from 0 to 16 [ 687.687062][T19113] erofs: (device loop5): mounted with root inode @ nid 36. [ 687.699789][ T4295] usb 4-1: USB disconnect, device number 93 [ 688.109399][T19127] loop1: detected capacity change from 0 to 256 [ 688.150692][T19127] FAT-fs (loop1): Directory bread(block 1285) failed [ 688.157543][T19127] FAT-fs (loop1): Directory bread(block 1286) failed [ 688.193385][T19127] FAT-fs (loop1): Directory bread(block 1287) failed [ 688.210945][T19127] FAT-fs (loop1): Directory bread(block 1288) failed [ 688.237279][T19127] FAT-fs (loop1): Directory bread(block 1289) failed [ 688.244258][T19127] FAT-fs (loop1): Directory bread(block 1290) failed [ 688.287692][T19127] FAT-fs (loop1): Directory bread(block 1291) failed [ 688.304096][T19127] FAT-fs (loop1): Directory bread(block 1292) failed [ 688.349595][T19127] FAT-fs (loop1): Directory bread(block 1293) failed [ 688.385652][T19127] FAT-fs (loop1): Directory bread(block 1294) failed [ 688.965301][T19157] autofs4:pid:19157:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e) [ 689.787242][T19189] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6158'. [ 689.834047][T19194] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6160'. [ 689.861480][T19194] netlink: 'syz.4.6160': attribute type 3 has an invalid length. [ 689.999016][T19197] netlink: 'syz.3.6161': attribute type 9 has an invalid length. [ 690.020703][T19197] netlink: 'syz.3.6161': attribute type 7 has an invalid length. [ 690.040112][T19197] netlink: 'syz.3.6161': attribute type 8 has an invalid length. [ 690.078759][T19198] device geneve3 entered promiscuous mode [ 690.590453][T19217] loop4: detected capacity change from 0 to 256 [ 690.609065][ T4296] usb 2-1: new high-speed USB device number 102 using dummy_hcd [ 690.618124][T19220] netlink: 32 bytes leftover after parsing attributes in process `syz.5.6172'. [ 690.639300][T19220] netlink: 9 bytes leftover after parsing attributes in process `syz.5.6172'. [ 690.659497][T19217] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xef46d3da, utbl_chksum : 0xe619d30d) [ 690.671273][T19220] netlink: 9 bytes leftover after parsing attributes in process `syz.5.6172'. [ 690.697930][T19220] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 690.823037][ T4296] usb 2-1: Using ep0 maxpacket: 32 [ 690.834797][ T4296] usb 2-1: unable to get BOS descriptor or descriptor too short [ 690.865611][ T4296] usb 2-1: config 7 has an invalid interface number: 187 but max is 0 [ 690.906468][ T4296] usb 2-1: config 7 has no interface number 0 [ 690.928136][ T4296] usb 2-1: config 7 interface 187 altsetting 6 bulk endpoint 0x4 has invalid maxpacket 947 [ 690.972767][ T4296] usb 2-1: config 7 interface 187 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 16 [ 690.991137][ T4296] usb 2-1: config 7 interface 187 has no altsetting 0 [ 691.007708][ T4296] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 691.025952][ T4296] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 691.034209][ T4296] usb 2-1: Product: syz [ 691.038940][ T4296] usb 2-1: Manufacturer: syz [ 691.058102][ T4296] usb 2-1: SerialNumber: syz [ 691.071946][T19209] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 691.108749][T19209] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 691.349824][ T4296] usb 2-1: Limiting number of CPorts to U8_MAX [ 691.368534][T19210] loop3: detected capacity change from 0 to 32768 [ 691.370428][ T4296] usb 2-1: Unused bulk OUT endpoint found: 0x03 [ 691.412692][ T4332] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by udevd (4332) [ 691.414943][ T4296] usb 2-1: Not enough endpoints found in device, aborting! [ 691.510521][T19210] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 691.582051][T19210] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 691.591591][T19210] BTRFS info (device loop3): turning off barriers [ 691.602299][ T6373] usb 2-1: USB disconnect, device number 102 [ 691.642336][T19210] BTRFS info (device loop3): enabling auto defrag [ 691.678257][T19210] BTRFS info (device loop3): ignoring data csums [ 691.699525][T19210] BTRFS info (device loop3): force zlib compression, level 3 [ 691.732085][T19210] BTRFS info (device loop3): setting nodatacow [ 691.738410][T19210] BTRFS info (device loop3): using free space tree [ 691.782513][T19210] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 512 [ 691.837625][T19210] workqueue: max_active 2097158 requested for btrfs-worker-high is out of range, clamping between 1 and 512 [ 691.909423][T19210] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 512 [ 691.985514][T19245] loop4: detected capacity change from 0 to 2048 [ 692.003223][T19210] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 512 [ 692.031149][T19210] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 512 [ 692.040621][T19245] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 692.069828][T19210] workqueue: max_active 2097158 requested for btrfs-endio-raid56 is out of range, clamping between 1 and 512 [ 692.148616][T19210] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 512 [ 692.254544][T19210] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 512 [ 692.301033][T19210] workqueue: max_active 2097158 requested for btrfs-compressed-write is out of range, clamping between 1 and 512 [ 692.603433][T19271] loop4: detected capacity change from 0 to 512 [ 692.714215][T19271] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 692.797636][ T4261] BTRFS info (device loop3: state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 692.821636][T19271] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 692.899546][T19281] netlink: 'syz.5.6192': attribute type 10 has an invalid length. [ 692.946920][T19281] netlink: 'syz.5.6192': attribute type 10 has an invalid length. [ 693.266023][T19285] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6194'. [ 693.423142][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 693.450113][T19287] loop5: detected capacity change from 0 to 4096 [ 693.496515][T19287] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 693.591708][T19287] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 693.672122][T19287] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 693.729500][T19287] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 693.782878][T19287] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 693.847971][T19287] ntfs: volume version 3.1. [ 693.856100][T19287] ntfs: (device loop5): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 693.876350][T19287] ntfs: (device loop5): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 693.908829][T19287] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 693.983584][T19287] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 694.017824][T19287] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 694.061051][T19305] loop1: detected capacity change from 0 to 256 [ 694.633030][T19321] netlink: 'syz.1.6213': attribute type 6 has an invalid length. [ 694.674986][T19321] netlink: 168 bytes leftover after parsing attributes in process `syz.1.6213'. [ 694.742400][T19327] loop5: detected capacity change from 0 to 64 [ 694.765481][T19326] loop2: detected capacity change from 0 to 1024 [ 695.369829][T19337] loop1: detected capacity change from 0 to 4096 [ 695.405725][T19337] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 695.564938][T19337] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 695.596536][T19337] ntfs3: loop1: ino=1b, "file0" attr_set_size [ 695.622429][T19319] loop3: detected capacity change from 0 to 32768 [ 695.714569][T19319] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 695.835970][ T4247] ntfs3: loop1: ntfs_sync_fs r=1a failed, -22. [ 695.870529][ T4247] ntfs3: loop1: ntfs_evict_inode r=1a failed, -22. [ 696.079635][ T4261] ocfs2: Unmounting device (7,3) on (node local) [ 697.247864][ T4295] usb 4-1: new full-speed USB device number 94 using dummy_hcd [ 697.467956][ T4295] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 697.501415][T19381] loop4: detected capacity change from 0 to 32768 [ 697.523529][ T4295] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 697.542512][T19381] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.6240 (19381) [ 697.569587][ T4295] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 697.606668][ T4295] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 697.634002][ T4295] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 697.671286][T19397] netlink: 'syz.2.6248': attribute type 10 has an invalid length. [ 697.686735][T19381] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 697.707430][T19381] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 697.728868][T19397] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6248'. [ 697.736987][ T4295] snd-usb-audio: probe of 4-1:27.0 failed with error -2 [ 697.757799][T19381] BTRFS info (device loop4): force clearing of disk cache [ 697.777721][T19397] bridge0: port 4(macvlan1) entered blocking state [ 697.783233][ T4332] udevd[4332]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 697.792794][T19381] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 697.830805][T19397] bridge0: port 4(macvlan1) entered disabled state [ 697.849142][T19381] BTRFS info (device loop4): force zstd compression, level 3 [ 697.873403][T19381] BTRFS info (device loop4): enabling auto defrag [ 697.891778][T19397] device macvlan1 entered promiscuous mode [ 697.904061][ T4295] usb 4-1: USB disconnect, device number 94 [ 697.909164][T19381] BTRFS info (device loop4): max_inline at 0 [ 697.912405][T19397] bridge0: port 4(macvlan1) entered blocking state [ 697.922777][T19397] bridge0: port 4(macvlan1) entered forwarding state [ 697.925651][T19381] BTRFS info (device loop4): use zlib compression, level 3 [ 697.993056][T19381] BTRFS info (device loop4): using free space tree [ 698.219858][T19393] loop5: detected capacity change from 0 to 40427 [ 698.250550][T19393] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504) [ 698.271331][T19381] BTRFS info (device loop4): enabling ssd optimizations [ 698.312884][T19381] BTRFS info (device loop4): rebuilding free space tree [ 698.334097][T19393] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 698.373869][T19393] F2FS-fs (loop5): invalid crc value [ 698.427465][T19393] F2FS-fs (loop5): Found nat_bits in checkpoint [ 698.484942][ T4252] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 698.689178][T19393] F2FS-fs (loop5): Start checkpoint disabled! [ 698.751911][T19428] loop3: detected capacity change from 0 to 512 [ 698.762633][T19393] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 698.778776][T19393] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 698.824983][T19428] EXT4-fs: Ignoring removed mblk_io_submit option [ 698.919155][T19428] EXT4-fs (loop3): orphan cleanup on readonly fs [ 698.925699][T19428] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 699.038657][T19428] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 699.137713][T19428] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.6254: attempt to clear invalid blocks 2 len 1 [ 699.169796][T19428] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.6254: invalid indirect mapped block 1819239214 (level 0) [ 699.210602][T19428] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.6254: invalid indirect mapped block 1819239214 (level 1) [ 699.265091][T19428] EXT4-fs (loop3): 1 truncate cleaned up [ 699.286336][T19428] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 699.358394][T19428] EXT4-fs error (device loop3): ext4_lookup:1855: inode #2: comm syz.3.6254: 'file1' linked to parent dir [ 699.462246][T19416] loop1: detected capacity change from 0 to 32768 [ 699.482732][T19443] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 699.669763][T19416] XFS (loop1): Mounting V5 Filesystem [ 699.708118][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 699.847906][T19416] XFS (loop1): Ending clean mount [ 699.986618][ T4248] usb 5-1: new high-speed USB device number 93 using dummy_hcd [ 700.037124][ T4247] XFS (loop1): Unmounting Filesystem [ 700.220252][ T4248] usb 5-1: Using ep0 maxpacket: 16 [ 700.244332][ T4248] usb 5-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25 [ 700.266246][ T4248] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 700.283693][ T4248] usb 5-1: Product: syz [ 700.296316][ T4248] usb 5-1: Manufacturer: syz [ 700.301069][ T4248] usb 5-1: SerialNumber: syz [ 700.329217][ T4248] usb 5-1: config 0 descriptor?? [ 700.353515][ T4248] usb 5-1: Found UVC 0.00 device syz (046d:0721) [ 700.360195][ T4248] usb 5-1: No valid video chain found. [ 700.586633][T19456] loop3: detected capacity change from 0 to 32768 [ 700.605084][ T4248] usb 5-1: USB disconnect, device number 93 [ 700.614094][T19456] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.6261 (19456) [ 700.668154][T19456] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 700.697650][T19456] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 700.760884][T19456] BTRFS info (device loop3): force zlib compression, level 3 [ 700.786370][T19456] BTRFS info (device loop3): force clearing of disk cache [ 700.793586][T19456] BTRFS info (device loop3): setting nodatasum [ 700.828839][T19456] BTRFS info (device loop3): allowing degraded mounts [ 700.861323][T19456] BTRFS info (device loop3): enabling disk space caching [ 700.868472][T19456] BTRFS info (device loop3): disk space caching is enabled [ 701.054582][T19492] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 701.334855][T19456] BTRFS info (device loop3): rebuilding free space tree [ 701.385041][T19506] loop1: detected capacity change from 0 to 512 [ 701.396419][T19456] BTRFS info (device loop3): disabling free space tree [ 701.403385][T19456] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 701.429424][T19506] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.6279: attempt to clear invalid blocks 1 len 1 [ 701.451016][T19456] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 701.471057][T19506] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.6279: bg 0: block 343: padding at end of block bitmap is not set [ 701.578048][T19506] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 701.641601][ T4261] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 701.641953][T19506] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.6279: invalid indirect mapped block 1819239214 (level 0) [ 701.767797][T19506] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.6279: invalid indirect mapped block 1819239214 (level 1) [ 701.833177][T19506] EXT4-fs (loop1): 1 truncate cleaned up [ 701.842981][T19506] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 701.857872][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 701.857889][ T26] audit: type=1326 audit(14751730.518:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19526 comm="syz.5.6287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bc8b8cde9 code=0x7ffc0000 [ 701.983326][ T26] audit: type=1326 audit(14751730.546:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19526 comm="syz.5.6287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f0bc8b8cde9 code=0x7ffc0000 [ 702.058260][ T4248] usb 5-1: new high-speed USB device number 94 using dummy_hcd [ 702.080328][ T26] audit: type=1326 audit(14751730.546:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19526 comm="syz.5.6287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bc8b8cde9 code=0x7ffc0000 [ 702.171981][ T26] audit: type=1326 audit(14751730.546:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19526 comm="syz.5.6287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bc8b8cde9 code=0x7ffc0000 [ 702.274408][ T4248] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 702.285994][ T4247] EXT4-fs (loop1): unmounting filesystem. [ 702.312475][ T4248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 702.359594][ T4248] usb 5-1: config 0 descriptor?? [ 702.386406][ T4248] cp210x 5-1:0.0: cp210x converter detected [ 702.587871][ T4248] usb 5-1: cp210x converter now attached to ttyUSB0 [ 702.808916][ T4248] usb 5-1: USB disconnect, device number 94 [ 702.828189][ T4248] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 702.890548][ T4248] cp210x 5-1:0.0: device disconnected [ 703.184764][T19563] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 703.887504][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 703.893876][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 704.178180][T19600] dlm: no locking on control device [ 704.600071][T19612] loop3: detected capacity change from 0 to 4096 [ 704.642578][T19612] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 704.773500][T13825] usb 3-1: new high-speed USB device number 92 using dummy_hcd [ 704.976612][T19627] loop5: detected capacity change from 0 to 4096 [ 704.998459][T13825] usb 3-1: Using ep0 maxpacket: 8 [ 705.005912][T19627] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 705.014075][T13825] usb 3-1: unable to get BOS descriptor or descriptor too short [ 705.015250][T13825] usb 3-1: config 8 has an invalid interface number: 255 but max is 0 [ 705.062755][T13825] usb 3-1: config 8 has no interface number 0 [ 705.075320][T19627] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 705.083837][T13825] usb 3-1: config 8 interface 255 has no altsetting 0 [ 705.113666][T19627] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 705.121337][T13825] usb 3-1: string descriptor 0 read error: -22 [ 705.136280][T19627] ntfs3: loop5: try to read out of volume at offset 0x3fffffc0c00 [ 705.136920][T13825] usb 3-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf [ 705.176173][T19627] ntfs3: loop5: try to read out of volume at offset 0x3fffffc1c00 [ 705.191695][T13825] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 705.198276][T19627] ntfs3: loop5: try to read out of volume at offset 0x3fffffc2c00 [ 705.242552][T19627] ntfs3: loop5: try to read out of volume at offset 0x3fffffc4c00 [ 705.308627][T19627] ntfs3: loop5: try to read out of volume at offset 0x3fffffc8c00 [ 705.316546][T19627] ntfs3: loop5: try to read out of volume at offset 0x3fffffd0c00 [ 705.354545][T19639] loop1: detected capacity change from 0 to 256 [ 705.366600][T19627] ntfs3: loop5: try to read out of volume at offset 0x3fffffe0c00 [ 705.392345][T19639] FAT-fs (loop1): Directory bread(block 64) failed [ 705.445462][T19639] FAT-fs (loop1): Directory bread(block 65) failed [ 705.469319][T19639] FAT-fs (loop1): Directory bread(block 66) failed [ 705.475910][T19639] FAT-fs (loop1): Directory bread(block 67) failed [ 705.490424][T19639] FAT-fs (loop1): Directory bread(block 68) failed [ 705.503423][T19639] FAT-fs (loop1): Directory bread(block 69) failed [ 705.528153][T19639] FAT-fs (loop1): Directory bread(block 70) failed [ 705.550416][T19639] FAT-fs (loop1): Directory bread(block 71) failed [ 705.603239][T19639] FAT-fs (loop1): Directory bread(block 72) failed [ 705.611475][T19639] FAT-fs (loop1): Directory bread(block 73) failed [ 705.708515][T13825] eth%d: CATC EL1210A NetMate USB Ethernet at usb-dummy_hcd.2-1, 00:00:00:00:00:00. [ 705.708833][T19647] netlink: 'syz.3.6346': attribute type 3 has an invalid length. [ 705.795114][T13825] usb 3-1: USB disconnect, device number 92 [ 705.964678][T19652] x_tables: duplicate entry at hook 2 [ 706.304770][T19665] loop1: detected capacity change from 0 to 64 [ 706.675808][T19682] netlink: 'syz.4.6360': attribute type 1 has an invalid length. [ 707.175379][T19699] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6372'. [ 707.988785][T19724] xt_CT: You must specify a L4 protocol and not use inversions on it [ 708.083932][T19729] loop4: detected capacity change from 0 to 1024 [ 708.193297][T19729] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 708.276633][T19729] EXT4-fs error (device loop4): __ext4_remount:6611: comm syz.4.6387: Abort forced by user [ 708.324968][T19729] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 708.342621][T19740] xt_TPROXY: Can be used only with -p tcp or -p udp [ 708.453688][T19702] loop2: detected capacity change from 0 to 32768 [ 708.484819][T19702] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.6373 (19702) [ 708.508366][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 708.517584][T19744] x_tables: (null)_tables: cgroup match: used from hooks PREROUTING, but only valid from INPUT/OUTPUT/POSTROUTING [ 708.601571][T19702] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 708.637820][T19702] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 708.700886][T19702] BTRFS info (device loop2): using free space tree [ 708.824053][T19757] loop5: detected capacity change from 0 to 512 [ 708.844006][T19757] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 708.888954][T19756] x_tables: ip_tables: osf match: only valid for protocol 6 [ 708.922714][T19757] EXT4-fs (loop5): orphan cleanup on readonly fs [ 708.929314][T19757] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:511: comm syz.5.6398: Block bitmap for bg 0 marked uninitialized [ 709.010875][T19757] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 709.035314][T19757] EXT4-fs (loop5): 1 orphan inode deleted [ 709.063794][T19757] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 709.126464][T19772] loop4: detected capacity change from 0 to 1024 [ 709.224255][T19702] BTRFS info (device loop2): enabling ssd optimizations [ 709.239999][T16981] EXT4-fs (loop5): unmounting filesystem. [ 709.343847][T19772] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 709.363668][T19789] loop5: detected capacity change from 0 to 128 [ 709.394724][ T4258] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 709.405940][T19789] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002] [ 709.423692][T19789] System zones: 1-3, 19-19, 35-36 [ 709.426385][T19772] EXT4-fs error (device loop4): ext4_xattr_block_find:1828: inode #15: comm syz.4.6400: corrupted xattr block 128 [ 709.429928][T19789] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 709.453662][T19792] xt_CT: You must specify a L4 protocol and not use inversions on it [ 709.504658][ T4252] EXT4-fs (loop4): unmounting filesystem. [ 709.889586][T16981] EXT4-fs (loop5): unmounting filesystem. [ 709.905455][ T4420] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by udevd (4420) [ 710.311900][T19813] ecryptfs_parse_options: eCryptfs: unrecognized option [l] [ 710.343006][T19813] ecryptfs_parse_options: eCryptfs: unrecognized option [io%bfq.io_serviced_recursiƋ}ʼ(zmbE1Ƭqd1 K/dev/nullb0] [ 710.396720][T19813] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 710.428972][T19813] Error parsing options; rc = [-22] [ 710.789294][T19826] netlink: 'syz.5.6424': attribute type 1 has an invalid length. [ 711.600972][T19863] xt_NFQUEUE: number of total queues is 0 [ 711.790941][ T26] audit: type=1326 audit(14751739.807:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19870 comm="syz.1.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x7ffc0000 [ 711.881313][ T26] audit: type=1326 audit(14751739.807:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19870 comm="syz.1.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x7ffc0000 [ 711.956032][ T26] audit: type=1326 audit(14751739.863:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19870 comm="syz.1.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f102198cde9 code=0x7ffc0000 [ 711.983142][ T26] audit: type=1326 audit(14751739.863:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19870 comm="syz.1.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x7ffc0000 [ 712.005357][ C1] vkms_vblank_simulate: vblank timer overrun [ 712.104471][ T26] audit: type=1326 audit(14751739.863:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19870 comm="syz.1.6440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x7ffc0000 [ 712.852388][ T26] audit: type=1326 audit(14751740.798:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19904 comm="syz.2.6458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d0cd8cde9 code=0x7ffc0000 [ 712.892613][T19882] loop1: detected capacity change from 0 to 32768 [ 712.940588][ T26] audit: type=1326 audit(14751740.827:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19904 comm="syz.2.6458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f2d0cd8cde9 code=0x7ffc0000 [ 712.991925][T19882] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.6446 (19882) [ 713.015550][ T26] audit: type=1326 audit(14751740.827:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19904 comm="syz.2.6458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d0cd8cde9 code=0x7ffc0000 [ 713.037725][ C1] vkms_vblank_simulate: vblank timer overrun [ 713.046214][T19882] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 713.078534][T19882] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 713.106098][ T26] audit: type=1326 audit(14751740.827:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19904 comm="syz.2.6458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d0cd8cde9 code=0x7ffc0000 [ 713.128396][ C1] vkms_vblank_simulate: vblank timer overrun [ 713.153347][T19882] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 713.207767][T19882] BTRFS info (device loop1): force zstd compression, level 3 [ 713.215246][T19882] BTRFS info (device loop1): turning on sync discard [ 713.251493][T19882] BTRFS info (device loop1): enabling ssd optimizations [ 713.316403][T19882] BTRFS info (device loop1): using spread ssd allocation scheme [ 713.324523][T19882] BTRFS info (device loop1): max_inline at 0 [ 713.375439][T19882] BTRFS info (device loop1): force clearing of disk cache [ 713.401632][T19922] loop4: detected capacity change from 0 to 256 [ 713.417613][T19882] BTRFS info (device loop1): setting nodatacow [ 713.443262][T19882] BTRFS info (device loop1): using free space tree [ 713.604672][T19927] loop3: detected capacity change from 0 to 256 [ 713.836600][T19882] BTRFS info (device loop1): rebuilding free space tree [ 714.063429][T19914] loop2: detected capacity change from 0 to 32768 [ 714.126117][T19914] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by syz.2.6462 (19914) [ 714.180973][ T4247] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 714.212946][ T4420] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by udevd (4420) [ 714.230332][T19958] loop5: detected capacity change from 0 to 256 [ 714.428502][T19958] FAT-fs (loop5): Directory bread(block 64) failed [ 714.457689][T19958] FAT-fs (loop5): Directory bread(block 65) failed [ 714.482200][T19958] FAT-fs (loop5): Directory bread(block 66) failed [ 714.488810][T19958] FAT-fs (loop5): Directory bread(block 67) failed [ 714.551384][T19958] FAT-fs (loop5): Directory bread(block 68) failed [ 714.583789][T19958] FAT-fs (loop5): Directory bread(block 69) failed [ 714.614700][T19958] FAT-fs (loop5): Directory bread(block 70) failed [ 714.640639][T19958] FAT-fs (loop5): Directory bread(block 71) failed [ 714.668599][T19958] FAT-fs (loop5): Directory bread(block 72) failed [ 714.675625][T19966] xt_hashlimit: size too large, truncated to 1048576 [ 714.682350][T19966] xt_hashlimit: overflow, try lower: 0/0 [ 714.701515][T19958] FAT-fs (loop5): Directory bread(block 73) failed [ 715.110658][ T4517] usb 4-1: new high-speed USB device number 95 using dummy_hcd [ 715.193047][T19974] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6480'. [ 715.246500][T19974] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6480'. [ 715.286083][T19974] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6480'. [ 715.324496][ T4517] usb 4-1: Using ep0 maxpacket: 16 [ 715.358556][ T4517] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7 [ 715.402231][ T4517] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 715.445699][ T4517] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 715.470377][ T4517] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 715.486512][ T4517] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 715.527241][ T4517] usb 4-1: Product: syz [ 715.554689][ T4517] usb 4-1: Manufacturer: syz [ 715.559367][ T4517] usb 4-1: SerialNumber: syz [ 715.804237][ T4517] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 715.864630][ T4517] usb 4-1: USB disconnect, device number 95 [ 716.085832][T19997] loop2: detected capacity change from 0 to 164 [ 716.160282][ T4420] udevd[4420]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 716.312368][T19987] could not allocate digest TFM handle sha256-arm64-neon [ 716.489384][T20006] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6494'. [ 716.498707][T13825] usb 2-1: new high-speed USB device number 103 using dummy_hcd [ 716.617417][T20011] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 716.719357][T13825] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 716.749578][T13825] usb 2-1: config 0 has no interfaces? [ 716.786272][T13825] usb 2-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 716.816268][T13825] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 716.847029][T13825] usb 2-1: SerialNumber: syz [ 716.879884][T13825] usb 2-1: config 0 descriptor?? [ 716.995824][T20024] xt_cluster: you have exceeded the maximum number of cluster nodes (16128 > 32) [ 717.109047][T13825] usb 2-1: USB disconnect, device number 103 [ 717.232411][T20032] tmpfs: Bad value for 'mpol' [ 717.324683][T20038] loop4: detected capacity change from 0 to 256 [ 717.378393][T20038] FAT-fs (loop4): Directory bread(block 64) failed [ 717.399268][T20038] FAT-fs (loop4): Directory bread(block 65) failed [ 717.412195][T20038] FAT-fs (loop4): Directory bread(block 66) failed [ 717.419234][T20038] FAT-fs (loop4): Directory bread(block 67) failed [ 717.450384][T20038] FAT-fs (loop4): Directory bread(block 68) failed [ 717.472823][T20038] FAT-fs (loop4): Directory bread(block 69) failed [ 717.486752][T20038] FAT-fs (loop4): Directory bread(block 70) failed [ 717.504710][T20038] FAT-fs (loop4): Directory bread(block 71) failed [ 717.544769][T20038] FAT-fs (loop4): Directory bread(block 72) failed [ 717.555076][T20038] FAT-fs (loop4): Directory bread(block 73) failed [ 718.566632][T20078] netlink: 'syz.4.6530': attribute type 11 has an invalid length. [ 718.612181][T20078] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6530'. [ 718.744777][T20086] loop1: detected capacity change from 0 to 64 [ 719.855238][T20131] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6554'. [ 720.176762][T20144] loop4: detected capacity change from 0 to 64 [ 720.206124][T20139] loop3: detected capacity change from 0 to 4096 [ 720.293087][T20146] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 720.362166][T20139] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 720.445049][T20139] Remounting filesystem read-only [ 720.568945][T20155] loop4: detected capacity change from 0 to 1764 [ 720.668117][ T4261] NILFS (loop3): discard dirty page: offset=0, ino=6 [ 720.697084][T20158] loop2: detected capacity change from 0 to 4096 [ 720.708405][ T4261] NILFS (loop3): discard dirty block: blocknr=23, size=4096 [ 720.729846][ T4261] NILFS (loop3): discard dirty page: offset=4096, ino=6 [ 720.735358][T20158] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 720.753896][ T4261] NILFS (loop3): discard dirty block: blocknr=24, size=4096 [ 720.777008][ T4261] NILFS (loop3): discard dirty page: offset=8192, ino=6 [ 720.801011][ T4261] NILFS (loop3): discard dirty block: blocknr=25, size=4096 [ 721.046436][T20169] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6570'. [ 721.051720][ T4258] ntfs3: loop2: ntfs_sync_fs r=1a failed, -22. [ 721.073379][T20169] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6570'. [ 721.083144][ T4258] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 721.134980][ T4258] ntfs3: loop2: ntfs_evict_inode r=1a failed, -22. [ 722.260525][T20220] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6598'. [ 722.790750][T20237] netlink: 13840 bytes leftover after parsing attributes in process `syz.2.6606'. [ 723.176964][T20218] loop3: detected capacity change from 0 to 32768 [ 723.244459][T20254] loop2: detected capacity change from 0 to 512 [ 723.291236][T20218] ERROR: (device loop3): dbAlloc: unable to allocate blocks [ 723.291236][T20218] [ 723.327974][T20254] fscrypt (loop2, inode 2): Error -61 getting encryption context [ 723.348745][T20218] ERROR: (device loop3): remounting filesystem as read-only [ 723.374428][T20254] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -61 [ 723.391203][T20254] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 723.432951][T20254] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 723.465497][T20254] EXT4-fs (loop2): 1 truncate cleaned up [ 723.519208][T20254] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 723.697020][ T4258] EXT4-fs (loop2): unmounting filesystem. [ 723.938924][T20268] loop2: detected capacity change from 0 to 1764 [ 724.039768][T20268] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 724.094861][T20275] xt_HMARK: spi-set and port-set can't be combined [ 724.126822][T20276] netlink: 208 bytes leftover after parsing attributes in process `syz.4.6625'. [ 724.323726][T20280] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 724.602256][T20290] netlink: 'syz.5.6631': attribute type 10 has an invalid length. [ 724.755929][T20266] loop1: detected capacity change from 0 to 32768 [ 724.803872][T20266] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.6620 (20266) [ 724.851854][T20266] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 724.892443][T20266] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 724.934321][T20266] BTRFS info (device loop1): using free space tree [ 725.092180][T20300] loop4: detected capacity change from 0 to 4096 [ 725.151284][T20300] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 725.222321][T20300] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 725.327628][T20300] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 725.417219][T20331] netlink: 'syz.2.6643': attribute type 8 has an invalid length. [ 725.429944][T20266] BTRFS info (device loop1): enabling ssd optimizations [ 725.441089][T20332] overlayfs: missing 'lowerdir' [ 725.446411][T20300] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 725.467774][T20300] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 725.541609][T20300] ntfs: volume version 3.1. [ 725.567710][T20300] ntfs: (device loop4): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 725.654803][T20300] ntfs: (device loop4): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 725.660431][ T26] audit: type=1400 audit(14751752.772:267): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA5153386EED838C49D3A pid=20335 comm="syz.2.6646" [ 725.693388][T20300] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 725.715546][ T4247] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 725.722221][T20300] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 726.607431][ T4518] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 726.820931][ T4518] usb 6-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 726.836482][ T4518] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 726.886446][ T4518] usb 6-1: Product: syz [ 726.896519][ T4518] usb 6-1: Manufacturer: syz [ 726.906678][ T4518] usb 6-1: SerialNumber: syz [ 726.924975][ T4518] r8152-cfgselector 6-1: config 0 descriptor?? [ 727.371057][ T4518] r8152-cfgselector 6-1: Unknown version 0x0000 [ 727.390989][ T4518] r8152-cfgselector 6-1: USB disconnect, device number 5 [ 727.558892][T20396] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6675'. [ 727.607785][T20396] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6675'. [ 727.624532][T20396] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 727.667756][T20396] 8021q: adding VLAN 0 to HW filter on device bond2 [ 727.957621][T20412] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6683'. [ 727.980602][T20413] loop4: detected capacity change from 0 to 256 [ 727.994729][T20412] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for erspan1 [ 728.035741][T20412] device erspan1 entered promiscuous mode [ 728.056962][T20413] FAT-fs (loop4): Directory bread(block 64) failed [ 728.063732][T20413] FAT-fs (loop4): Directory bread(block 65) failed [ 728.083119][T20413] FAT-fs (loop4): Directory bread(block 66) failed [ 728.083270][T20408] loop2: detected capacity change from 0 to 4096 [ 728.095101][T20413] FAT-fs (loop4): Directory bread(block 67) failed [ 728.131291][T20413] FAT-fs (loop4): Directory bread(block 68) failed [ 728.137893][T20413] FAT-fs (loop4): Directory bread(block 69) failed [ 728.151776][T20408] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 728.181875][T20413] FAT-fs (loop4): Directory bread(block 70) failed [ 728.206108][T20413] FAT-fs (loop4): Directory bread(block 71) failed [ 728.216767][T20413] FAT-fs (loop4): Directory bread(block 72) failed [ 728.227539][T20413] FAT-fs (loop4): Directory bread(block 73) failed [ 728.322100][T20413] FAT-fs (loop4): error, invalid access to FAT (entry 0x00006c61) [ 728.804920][T20433] binder: 20432:20433 ioctl c00c6211 0 returned -14 [ 728.946980][T20436] loop1: detected capacity change from 0 to 4096 [ 729.045881][T20444] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 729.082941][T20436] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=0, inode=18158232222581129218, rec_len=65535, name_len=1 [ 729.124739][T20436] Remounting filesystem read-only [ 729.603994][T20466] QAT: failed to copy from user. [ 729.610378][T20464] device netdevsim0 entered promiscuous mode [ 729.659850][T20464] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 729.913958][T20474] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6713'. [ 730.003950][T20482] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6717'. [ 730.146543][T20480] loop5: detected capacity change from 0 to 4096 [ 730.182067][T20485] usb usb8: usbfs: process 20485 (syz.4.6719) did not claim interface 0 before use [ 730.726713][T20506] netlink: 'syz.3.6729': attribute type 2 has an invalid length. [ 730.912342][T20514] loop1: detected capacity change from 0 to 736 [ 730.921705][T20513] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6733'. [ 731.042900][T20514] rock: directory entry would overflow storage [ 731.049281][T20514] rock: sig=0x3b10, size=4, remaining=3 [ 731.267523][T20524] program syz.3.6738 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 731.472673][ T52] block nbd1: Attempted send on invalid socket [ 731.480764][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 731.494979][T20532] (syz.1.6742,20532,1):ocfs2_get_sector:1771 ERROR: status = -5 [ 731.503231][T20532] (syz.1.6742,20532,1):ocfs2_sb_probe:749 ERROR: status = -5 [ 731.511144][T20532] (syz.1.6742,20532,1):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 731.520285][T20532] (syz.1.6742,20532,1):ocfs2_fill_super:1176 ERROR: status = -5 [ 731.546657][T20534] (unnamed net_device) (uninitialized): option mode: invalid value (254) [ 731.881803][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 731.881823][ T26] audit: type=1326 audit(14751758.591:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20541 comm="syz.1.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x50000 [ 731.945811][ T26] audit: type=1326 audit(14751758.628:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20541 comm="syz.1.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x50000 [ 731.945858][ T26] audit: type=1326 audit(14751758.628:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20541 comm="syz.1.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x50000 [ 731.945895][ T26] audit: type=1326 audit(14751758.628:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20541 comm="syz.1.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x50000 [ 731.945932][ T26] audit: type=1326 audit(14751758.628:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20541 comm="syz.1.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x50000 [ 731.945969][ T26] audit: type=1326 audit(14751758.628:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20541 comm="syz.1.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x50000 [ 731.946004][ T26] audit: type=1326 audit(14751758.628:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20541 comm="syz.1.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x50000 [ 731.946041][ T26] audit: type=1326 audit(14751758.628:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20541 comm="syz.1.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x50000 [ 731.946077][ T26] audit: type=1326 audit(14751758.628:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20541 comm="syz.1.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x50000 [ 731.946113][ T26] audit: type=1326 audit(14751758.628:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20541 comm="syz.1.6747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102198cde9 code=0x50000 [ 732.097755][ C1] vkms_vblank_simulate: vblank timer overrun [ 732.326722][T20530] loop4: detected capacity change from 0 to 32768 [ 732.352719][T20530] (syz.4.6741,20530,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 732.352945][T20530] (syz.4.6741,20530,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 732.384071][T20530] JBD2: Ignoring recovery information on journal [ 732.533737][T20530] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 732.590463][T20530] [ 732.702152][T20530] ====================================================== [ 732.709171][T20530] WARNING: possible circular locking dependency detected [ 732.716184][T20530] 6.1.128-syzkaller #0 Not tainted [ 732.721291][T20530] ------------------------------------------------------ [ 732.728302][T20530] syz.4.6741/20530 is trying to acquire lock: [ 732.734361][T20530] ffff888056f72648 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}, at: ocfs2_xattr_set+0xe96/0x1930 [ 732.746563][T20530] [ 732.746563][T20530] but task is already holding lock: [ 732.753925][T20530] ffff8880724ea378 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x62f/0x1930 [ 732.763439][T20530] [ 732.763439][T20530] which lock already depends on the new lock. [ 732.763439][T20530] [ 732.773839][T20530] [ 732.773839][T20530] the existing dependency chain (in reverse order) is: [ 732.782847][T20530] [ 732.782847][T20530] -> #2 (&oi->ip_xattr_sem){++++}-{3:3}: [ 732.790669][T20530] lock_acquire+0x1f8/0x5a0 [ 732.795709][T20530] down_read+0xad/0xa30 [ 732.800393][T20530] ocfs2_init_acl+0x398/0x930 [ 732.805594][T20530] ocfs2_mknod+0x1f75/0x2e20 [ 732.810713][T20530] ocfs2_create+0x1c0/0x4e0 [ 732.815746][T20530] path_openat+0x12f1/0x2e60 [ 732.820863][T20530] do_filp_open+0x230/0x480 [ 732.825904][T20530] do_sys_openat2+0x13b/0x4f0 [ 732.831115][T20530] __x64_sys_open+0x221/0x270 [ 732.836327][T20530] do_syscall_64+0x3b/0xb0 [ 732.841274][T20530] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 732.847698][T20530] [ 732.847698][T20530] -> #1 (jbd2_handle){++++}-{0:0}: [ 732.855003][T20530] lock_acquire+0x1f8/0x5a0 [ 732.860046][T20530] jbd2_journal_lock_updates+0xa6/0x380 [ 732.866122][T20530] __ocfs2_flush_truncate_log+0x2ef/0x12a0 [ 732.872453][T20530] ocfs2_truncate_log_shutdown+0x142/0x2e0 [ 732.878784][T20530] ocfs2_dismount_volume+0x203/0x960 [ 732.884600][T20530] generic_shutdown_super+0x130/0x340 [ 732.890500][T20530] kill_block_super+0x7a/0xe0 [ 732.895793][T20530] deactivate_locked_super+0xa0/0x110 [ 732.901696][T20530] cleanup_mnt+0x490/0x520 [ 732.906642][T20530] task_work_run+0x246/0x300 [ 732.911759][T20530] exit_to_user_mode_loop+0xde/0x100 [ 732.917569][T20530] exit_to_user_mode_prepare+0xb1/0x140 [ 732.923634][T20530] syscall_exit_to_user_mode+0x60/0x270 [ 732.929705][T20530] do_syscall_64+0x47/0xb0 [ 732.934642][T20530] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 732.941071][T20530] [ 732.941071][T20530] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}: [ 732.951596][T20530] validate_chain+0x1661/0x5950 [ 732.956984][T20530] __lock_acquire+0x125b/0x1f80 [ 732.962372][T20530] lock_acquire+0x1f8/0x5a0 [ 732.967408][T20530] down_write+0x36/0x60 [ 732.972109][T20530] ocfs2_xattr_set+0xe96/0x1930 [ 732.977490][T20530] __vfs_setxattr+0x3e7/0x420 [ 732.982709][T20530] __vfs_setxattr_noperm+0x12a/0x5e0 [ 732.988517][T20530] vfs_setxattr+0x21d/0x420 [ 732.993542][T20530] setxattr+0x250/0x2b0 [ 732.998222][T20530] path_setxattr+0x1bc/0x2a0 [ 733.003337][T20530] __x64_sys_setxattr+0xb7/0xd0 [ 733.008709][T20530] do_syscall_64+0x3b/0xb0 [ 733.013650][T20530] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 733.020105][T20530] [ 733.020105][T20530] other info that might help us debug this: [ 733.020105][T20530] [ 733.030333][T20530] Chain exists of: [ 733.030333][T20530] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2 --> jbd2_handle --> &oi->ip_xattr_sem [ 733.030333][T20530] [ 733.046101][T20530] Possible unsafe locking scenario: [ 733.046101][T20530] [ 733.053547][T20530] CPU0 CPU1 [ 733.058909][T20530] ---- ---- [ 733.064361][T20530] lock(&oi->ip_xattr_sem); [ 733.068955][T20530] lock(jbd2_handle); [ 733.075549][T20530] lock(&oi->ip_xattr_sem); [ 733.082661][T20530] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2); [ 733.089954][T20530] [ 733.089954][T20530] *** DEADLOCK *** [ 733.089954][T20530] [ 733.098097][T20530] 3 locks held by syz.4.6741/20530: [ 733.103304][T20530] #0: ffff888053c82460 (sb_writers#28){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 733.112556][T20530] #1: ffff8880724ea648 (&type->i_mutex_dir_key#23){+.+.}-{3:3}, at: vfs_setxattr+0x1dd/0x420 [ 733.122864][T20530] #2: ffff8880724ea378 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x62f/0x1930 [ 733.132802][T20530] [ 733.132802][T20530] stack backtrace: [ 733.138688][T20530] CPU: 0 PID: 20530 Comm: syz.4.6741 Not tainted 6.1.128-syzkaller #0 [ 733.146857][T20530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 733.156952][T20530] Call Trace: [ 733.160240][T20530] [ 733.163184][T20530] dump_stack_lvl+0x1e3/0x2cb [ 733.167883][T20530] ? nf_tcp_handle_invalid+0x642/0x642 [ 733.173359][T20530] ? print_circular_bug+0x12b/0x1a0 [ 733.178562][T20530] check_noncircular+0x2fa/0x3b0 [ 733.183501][T20530] ? add_chain_block+0x850/0x850 [ 733.188441][T20530] ? lockdep_lock+0x11f/0x2a0 [ 733.193130][T20530] ? _find_first_zero_bit+0xd0/0x100 [ 733.198424][T20530] validate_chain+0x1661/0x5950 [ 733.203281][T20530] ? kernel_text_address+0x9f/0xd0 [ 733.208409][T20530] ? stack_trace_save+0x113/0x1c0 [ 733.213446][T20530] ? reacquire_held_locks+0x660/0x660 [ 733.218821][T20530] ? stack_trace_snprint+0xe0/0xe0 [ 733.223949][T20530] ? look_up_lock_class+0x77/0x140 [ 733.229069][T20530] ? register_lock_class+0x100/0x990 [ 733.234386][T20530] ? is_dynamic_key+0x260/0x260 [ 733.239253][T20530] ? mark_lock+0x9a/0x340 [ 733.243625][T20530] __lock_acquire+0x125b/0x1f80 [ 733.248495][T20530] lock_acquire+0x1f8/0x5a0 [ 733.253017][T20530] ? ocfs2_xattr_set+0xe96/0x1930 [ 733.258055][T20530] ? read_lock_is_recursive+0x10/0x10 [ 733.263441][T20530] ? __might_sleep+0xb0/0xb0 [ 733.268029][T20530] ? rwsem_write_trylock+0x166/0x210 [ 733.273323][T20530] ? ocfs2_inode_lock_atime+0x5a0/0x5a0 [ 733.278879][T20530] ? ocfs2_xattr_ibody_find+0x7c0/0x7c0 [ 733.284434][T20530] ? ocfs2_xattr_ibody_find+0xc6/0x7c0 [ 733.289904][T20530] down_write+0x36/0x60 [ 733.294065][T20530] ? ocfs2_xattr_set+0xe96/0x1930 [ 733.299099][T20530] ocfs2_xattr_set+0xe96/0x1930 [ 733.303967][T20530] ? __ocfs2_xattr_set_handle+0x1060/0x1060 [ 733.309871][T20530] ? validate_chain+0x112/0x5950 [ 733.314809][T20530] ? preempt_count_add+0x8f/0x180 [ 733.319849][T20530] ? kernel_text_address+0x9f/0xd0 [ 733.324968][T20530] ? register_lock_class+0x100/0x990 [ 733.330267][T20530] ? is_dynamic_key+0x260/0x260 [ 733.335371][T20530] ? aa_get_newest_label+0xfb/0x6e0 [ 733.340592][T20530] ? end_current_label_crit_section+0x170/0x170 [ 733.346851][T20530] ? evm_protected_xattr_common+0x181/0x1a0 [ 733.352759][T20530] ? evm_protect_xattr+0x8b1/0xb10 [ 733.357882][T20530] ? ocfs2_xattr_security_get+0x40/0x40 [ 733.363438][T20530] __vfs_setxattr+0x3e7/0x420 [ 733.368125][T20530] __vfs_setxattr_noperm+0x12a/0x5e0 [ 733.373415][T20530] vfs_setxattr+0x21d/0x420 [ 733.377921][T20530] ? __lock_acquire+0x1f80/0x1f80 [ 733.382961][T20530] ? xattr_permission+0x4f0/0x4f0 [ 733.387989][T20530] ? __might_fault+0xbd/0x110 [ 733.392675][T20530] ? _copy_from_user+0x109/0x170 [ 733.397712][T20530] setxattr+0x250/0x2b0 [ 733.401874][T20530] ? path_setxattr+0x2a0/0x2a0 [ 733.406652][T20530] ? __mnt_want_write+0x222/0x2a0 [ 733.411690][T20530] path_setxattr+0x1bc/0x2a0 [ 733.416292][T20530] ? simple_xattr_list_add+0xf0/0xf0 [ 733.421584][T20530] ? syscall_enter_from_user_mode+0x2e/0x230 [ 733.427575][T20530] __x64_sys_setxattr+0xb7/0xd0 [ 733.432432][T20530] do_syscall_64+0x3b/0xb0 [ 733.436853][T20530] ? clear_bhb_loop+0x45/0xa0 [ 733.441540][T20530] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 733.447452][T20530] RIP: 0033:0x7fe9beb8cde9 [ 733.451870][T20530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 733.471484][T20530] RSP: 002b:00007fe9bfa4b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 733.479905][T20530] RAX: ffffffffffffffda RBX: 00007fe9beda5fa0 RCX: 00007fe9beb8cde9 [ 733.487880][T20530] RDX: 0000200000000100 RSI: 0000200000000540 RDI: 00002000000003c0 [ 733.495877][T20530] RBP: 00007fe9bec0e2a0 R08: 0000000000000001 R09: 0000000000000000 [ 733.503872][T20530] R10: 00000000000000a6 R11: 0000000000000246 R12: 0000000000000000 [ 733.511847][T20530] R13: 0000000000000000 R14: 00007fe9beda5fa0 R15: 00007ffcadb4e9d8 [ 733.519847][T20530] [ 734.193979][ T4252] ocfs2: Unmounting device (7,4) on (node local)