last executing test programs: 2m7.999591908s ago: executing program 2 (id=302): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='signal_generate\x00', r1}, 0x18) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 2m7.85540125s ago: executing program 2 (id=304): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r0, &(0x7f0000003040)={&(0x7f0000002d40), 0x6e, 0x0}, 0x0) syz_clone(0x280, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000800) 2m7.673385643s ago: executing program 2 (id=309): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1) sendmsg$NLBL_MGMT_C_REMOVEDEF(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r2, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0) 2m7.514953806s ago: executing program 2 (id=312): syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000080)='./file2\x00', 0x402, &(0x7f0000001280)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRESOCT, @ANYBLOB="ec1a3881369fae6987d7a6922db874bcb0563edbf212875f142a04bbe14fd11ed31543677ddfbd12a760f13dd2fd476b0d7e088b2ac5eaebe64ab225975b882e26ccc04ae1e56422927a5de974cf1bc2873d781e837bdea83a1a8ff1fc5670132de294b6b2ae840099cb4d037cc46b3980928a506f800befa5037ecc4c128dc83d62f8d7ede6c05d595ab96a009e378894d776a0e83d4c1bbd9cfe6dbf29c3c5", @ANYRESOCT, @ANYBLOB="650dff969a08ff9e724d5d7c4ef89e23d56dda29c31665f63ec8a6f772a525c5b7212d46fcdce41a1775bdc7ae8d824d46ff9c67feac09d995afa0aed98ce5381701ee97a11793808dbb0a95927953efd647f04a4d25be7c929451bd4f6a217f6976fe903f0542222969f6d90184c98b67298ed804d7b1b0e667a2c734bec13f27287182ddd1e4f5ecf7"], 0x1, 0x242, &(0x7f0000000e40)="$eJzsmL+LE0EUx7+zu5kkIqLNFTYKHhjRSy57KNeE8wTBysYTtdLgrceZvYskK5iA4mFjo52FYGPhP2BxxdV2/gOCFioIFqawEEQOVt7O7GbiJpdltfN9iuE7M2/m/ZjNKwKGYf5bPn/68fHJucWVUwD2YxZFvf7VBoRQ2jLsPzy/e/JZ4/yL1+9fvdk8cH/nz/voSBjuhuZCaQ//DoDKso0g8RTGZ3+RmNWTFRQTfRkWTmh9BQJVrW/AKsT3evgZKoDbELim19tkX63eWve96s22v0pinoY6DS4NI/lSfIMtgVU9pxuFsd/t9VtN3/c6hnD03pitXCJx1ppJ1a8AicGyhYaOluKj+K8+frRFK3Ft5mEl9avDQl0nsbCblAmLKMa1USUx8j/sDPO3i4l7etpW0x+brb4V05Is+b5nd3uN7/+kWKY4NJfveIXSOatXHgDQWweRJwwMTy3B6xQw3LLpSx0xPpr55jKADJ9OJBzjdTDeeEm/aI4EL6aymCCeZor570WuLGIxM9h5m976op9SMeZ4KKa7ECPfj9zLuJQ15jik/BUro9+yclZMTv51A++2Vf8IXwocB2TcPxyjf9WCjTu1bq8/t77RXPPWvE3XXTgjgIen3VrUiNSY6nvD/lyO+tM+oz8XJthKS+JeMwg6dTVKIVFGEHTcaO4aP5tL2+1v1/WxABcAHFMTapsyudFO+RBS2ViRLalK2ohhGIZhGIZhGIZhGIZhGCYrI394HoFAOB1XWf8OAAD//5X0aKk=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000380)='./file0\x00') chdir(&(0x7f0000000080)='./file0\x00') 2m7.28269203s ago: executing program 2 (id=318): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000001840)=""/102390, 0x18ff6}], 0x31, 0x0, 0x2) 2m6.788977997s ago: executing program 2 (id=325): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000008007105"]) 2m6.434428834s ago: executing program 32 (id=325): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000008007105"]) 3.586143942s ago: executing program 4 (id=1815): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x8}, 0x9) write(r0, &(0x7f00000000c0)="240000001e005f0214f6fffffffffff8070000000000000000000000080009000d000000", 0x24) bind$can_j1939(r0, 0x0, 0x0) 3.533344762s ago: executing program 4 (id=1809): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x94) r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000240)="03", 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r0}, &(0x7f00000005c0)=""/66, 0x42, &(0x7f0000000340)={&(0x7f0000000280)={'crc32c-generic\x00'}, &(0x7f00000002c0)="da84f3a200881eda1bdb", 0xa}) 3.435350004s ago: executing program 4 (id=1810): io_uring_setup(0x63a0, &(0x7f00000001c0)={0x0, 0x0, 0x800}) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0) sendmsg$NFC_CMD_DEV_UP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="01ff22010000bfa90d2c0826364f080001"], 0x1c}}, 0x0) 3.418931484s ago: executing program 4 (id=1811): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100)={[{@discard}]}, 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") r0 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0) write$UHID_INPUT(r0, &(0x7f00000017c0)={0x8, {"aba2e739caf79cbcbd4b1c4670eb6f78f67331bf7acafa29cec3fcc77f455b41992626086d746ab40bbc55062ffba66f07b1a7d062b078d3c1289541678528a33222d263f15a33c71d2bbf00184c0ae378c38fb4f1f2ef6265d58f3f6b11a7bd4b8ac1b8ef6cd62d4e6dacd79826566d3048e73a49efed36e32550b81c9ce0afca64f8d3b26e0bb652953db354252fc4df48c3f19291c03a36b0d8a52bc2fd2e0b25f61e3d746d47d2596a34099cd7cbc668067f8acc553f6f97b785ac58395fedff5b89ca1083266ae5d44fd0c78e3e2b2a5647e27989b4025c551b864d1af4835e53a05c148325350992f1b2c9662e34a5a12d141a36b30eb69ea8c1c095a881fc8d4398aa216c47ec0f120505b047ecbaab2eacb9c856270d0e628c447fb4490cb8b5feec9fdd132ceed90cd58cecd8853fbfc6e5cd2db3d1d6bf5d82ccf2ae8d9c5b20984500e16372f098d9b451cc9d0d3ed3289cfd2b26e1560055d21170a51de502c65f1f9fe95eb993ee74ef66b6fd5c41acdb5abb62da3d14beacbf11d7ac3d07ef6222f5fe3b99ff35681a754425c105c5fb4620aa745c360d087345178f1e2494e7096d459cf0aa0c88dc10ba6d8ad6db5daf1e0b874f7fd3f2840db83e433902a244a3084a9826855214864291c9d351c092d1a27620a8faac563fa20ba484e05d386b17fe1e4371e57eb3dbd9f56811949cb3fa72442e429feef1b7875e0a7fae2bd2172bb7d53ee54fea007ded6e1798aac129764d022f06bf27335faba7876fd6eb23797b5691e3364c77a8ebccdf4f2e9328e25cd5feb2bd8bcab402bc860984ebbf825626358ce9f70c235e80d927ae9cbba13b73746e60f3b4d6d8366fe55a48476c51426fcdc985a26598b0fdf02de29bb1ddfeef2f0d158cbf6bd0ac60e61711690938bb2db470b9a80eed7fc2234a8a40a21e27d89b3d47a7161c398c1972dfab8da941f18136d5cc801113f64cdefc85080252c9d466d1725df6ad09ac1ccae22076d64123cdf4f288322638866af4c0673407341c797f164337de0713270e56ca46d8bf8c9f03949d35451a94e944bc2ae1419ff1a3aafa166ad55867f51e2f7ce1060e6556f837122a60bf1ec28a9dd70f0f9dd34f468947fef13e029096784714916e31e97e7a4124313c7233413effc9708567959f18050050048438251a95253c2ce7632df7c81df33a173a8a674416bbdd0de5844fbb09a1456e9baccea74124bc5b1b9fe28291fec50c6756a9f995c22316d53e58648550da035ad175beb38adb0793554c85509ed914b8edd0c68c05addc420d14c9a6337fa386bd7ad87cd279a5384b867a3fb937b73f5336abe27b53622754bacf47703295363db518f776412f8a642db40ad107c40ff707f7de239553fb7a31fa7795482e84a58dbf9c9d21aa619e411b09332527bd9c6a8dd84e4b05a42e22b8311c4e88da86346736691dafab1134d1f2c78577727d6daf50d38a1b1d953c7014cda463270d22c35c62232416e00f5d99bf840fa506b62142c1e7aed4f422ff22826aa789315f8270afef38426e95811695ecb77fab6949d8c42a1e9fea8b0248cc1e0d2f66413c82fc0bc80d6272bed3a24c079711fad0d647e3e48e7a4b8a0a00d5b02fe1d2008a78f96f8e7e292443d47f6e2c3d2d4abc664766d24758080c5a22c5d33a44f6fb19eea4e8666c95a2cde11c5f28f9ee4deb326d590e23bce924137fffaba4791aaf45d8048cec6bcc379e1531e71bb408268457bc49cffe606bb81fd5780140b20cd7050ca3881f7939b893b9c548abe775385ff208b45d55964c9707682913cec9cf82da70af33cc28692d84608f36b9ff3d84801e6e2b7efc74a241559de48591f7580f101d6f974d540e57e87457ca917f9ca42c24473ba0d2ab1dfcd0fcf9014e87b2689257443d1753eb465c41c310a092e33d85ff576ffce2d5ae284b4fe6298117d6fdb66208ebe197cc3e514b20cf5a0e96aa71af11a4dc9d10590e624578cc6209bc70bb467208f26ee09b700fdf8e0fa7832a754759b89346d35286e94daa94c90f76fb47725d4f3b7e5ab1d926d42938227537e83c7cc92dd03a1309464e0c3c91b5baaf317bd6a9a43a3b3dc61a165cf071bba73bf8e6a6a6ce3ee32e17ac09cf1f9c3980700ca53f8e4560e91a13216d2f52f9dd3f50339dc57d611a70aa7883f4168c4d8beb3e130b8f212bf6d6953ff6a3febe9f6a3a7986adfa2fc8e9aed278fc86c18399494d7c071ae4f2d2410a9504df7bd9b4e4a811f4ec3ce03be6472d7a61c88f478889a84b4506f2b5d421c47492c5f2d920ad92aae1bf4ca3170e78c6dde66f5f435d781eda01461753471184076b12efba8f9ab46f45e63a1ef3433033204ae353319bd04af34dc18408def325edfb3a51f0514a5f4822fca4289abf61ffd963fd90ab16b108ed9520cb58421a54a1c391770057bda233379cf7f51783efd48ec3fea781f6eed5c858c69bb59060605ca8a92fb335ad5499408134463b15673613f16234864a005f0511dc7abefe54aa509c3aa73405d2807fb610fd34163c684922ebb0b0ce747fce356d192a0c4d3690b72ebad4fa3083c3000c2d4113ef8785ee81ad3252ec12b8ad32e4b5a596fb9b89ff89de20f1965b6083cebd73349efd8f8f862d4b2ee9f0439dc3c6f9cff8719c57721bc7e1626407ededddc04a5269576692e865406a12428c743b7f27c4fd27e3091633105734c3de5ed816c2fa64115a2c330ce9125e652fe302df3e46b4502b9d1ed1a6b654dc4d1c0b78d8419692b461ebf22b5f82a47f09bc44d5888b48df913f331fc492d62d602efcec6e01e3c3202717b0cae10da607bc608ce4e8d260ecfac350de85c881e1289952ce3d441a3e93c3bdfb1d6af67ba0f3a9ae0965784b8231deca6f7b0d24ec1b4e8f28ab4e14cd092e0aa2f4edf939b1df6a388435f5f7ffdab01083f01c4aa5e2f6dbcaf36b80ef118d7335bcb4683afa962d542d64dc4afef5e2d84a6c6425b23c3a29cf5f72f93312038ab37dabfdc3683bc20df0a19ef6a76de45a291151e40d0c7c2b799d119d76a25babecab7d2a84cbef0461c2b14fef3c8b3f1335be197111792efdee08065261c9c8bedab1caa6a2750646681347cf5a8ce091ac9227c6d05d9c70a411867ad71950e0e1fd52f9ef293d95213796436dfa6a5cef2ba318e60467b992864a730ba45b34cc40eba6fd9c9733660d51cfbe243dda280744e01683a3aae04785d5e764bca7cf24d3a4bf8f8f7a87b5c06124b72a587b7957a73eb47c2a5470c6fe96c7be28788ddfdf0629020bb60140cb01980c71e80e40a269df052be3ccc83377ac38807dab028ba00a7d2919d589510ea77bf8c9d0710d889088b3afdda90407bf52096ab8d003d975d004654479b2c91488e793e8660d8a2672bebf151ec4dcdafe85365f8875c53a360074ce946177af88ed009b05b0734d9c37b3afc4079c6f6ff5b9ccbab4fa11030d1ee09e61b2e59886310f4fc73632fc349297fc3713f750a78a7b8a986228cfb7378573eb81c5062ea02b50bb5056bc26fb61a2a886fa6ea6dc17f0a13fc90e7deda3dd7f36ea03344a8e3b50b858c9ca3f4f1fb035ed0840ba664ef8314121c17c86fed9b23480c720a7666a3773f07a6cb3154206a3c1e69c5001e3ef1e45bc5d733459d5c328ed2465fbe0c3ca4a292267cb21d8a8a0c8d275f32875cacc00ef33ab4dfbf88d6119cf793fcfba4910ecd6d1a6bc05231ceb737e7a7300dc0be58da7188014e33e24b847f9ae278a9e0d934f1ca7b60dc19972539f91c01b6abd99c62e47ccf7482a1855643fb9a6b7f0855b08963463f128fa323204a0b17981b2a4a6e0e7dbd31b6b09f5ddca71750651f2a2ec66624483f5778b8a44239dd2883e6a1c6e2162f86f8997158ea16dc9d5fc16462db1b2accbb01cab55b87ed84a51df33c60ea464f688021b6ec7fc86f3f53f49fea8dde61535dec5be9f32de871f793d157eb4d2e22d1e55cdb1c5d20300d6f3031461c573a15594740912b202f7833c7100b0124068e7e757d8d842a8e63ffd31f8f42d100bf97d5afeb036743689461683c8cf165609ac1875ac47740992b1b8a05d85ed7339ce5f34d0c6ac38f55ee75e9e95421abd2fef2b307bac8c3de03e3d5ccc04984e22b132419f4d5e51b5b328f6d0da15bc7e97ecff3685cd3ddb804c74f32da4f56ebde2bf8d7ad669b0122c2dc19907bac38d5461562ab7ac6532f0458ceb6ee26baeced6ba8004bbb7744df52cea0202b2fc02e2b3f04d1b441af457c181e44fd24b8f163b5d3673c6cf1ab14eb17b2369488c6c2d9c52ee4ea2bbc7701faa83131e7be5dc2554a824e184daec36dd6c10c1f331c9dbbf33718dbc09305d7b8f462484e94a46ee829bfa31b58d152ef1ab509b047455aa7d7eab17ddc802e2a8b0f5d5c57c20271d29016543836960c45246253e0055246b774e563e2f1d0e874bcdd9f132464ebbc7317fc005eb58aaacbfdaa184dbef3e991fcefbee97250adb75ab88a3af056201082b61c1c8e55b196dda55a86b6f37fa557bfa6bc3028a874a97db32e1d3c93669e266446d6c74b0b8cecf965e20936fd32e17a03f147bbb9f9839effe4337c1497114fed4e51d09f54cdc6a099cac72c536e768808994c2ce67c07c791f95e73c631f7016e524097803809b9666cda729c042ac81e37fc41bc10e1ed24232d52976d6327914884d85948237cfc8410e862508cf64c167b0345fc5ba0845dba292efb578baf4901ee8924dbf465d35af4caddd803d32da4663ce734fc534de448c4f7bd35104fd1678f25bb87160711cd2de4c59b9472683f17803c520cf6281f60328205c3b6355fd92acf4331c42bedc934433a640ec1fb5d18ca37b5f2baf9ad0e03b577f0d61b34eee318aef0393fafc5972cdc262b6171d11c9dff5b54d7e1d4b10c2cdafa2fcf7df503b748481d6c66754b7a63bd3e488947ccf547f7acd72c45abafc436ae6cf14e57b3b2376fea53e19972207ce3c36eb29c95b515f9abb06c17e3d072caecd9d4649b7fb1634b1564c140c54e1ec3890fa710016e0d45781dbb43ca60c187c1739d67ea865c56f02c2a15c7f361b5b4e023c8b7fb65c7c52f2d2667464b31712b608238af696eab0365d0ac6dcaefeceabf6ba2304c9fefc8efb609b22d3cffc0fa2b383800053c09a7dd4181b925dcf810d198452a1adcb82362558e8762342df845440f03dff34859bec8288dae7ddf3e3b5b73cef91205a6297ec3cbaba46e24ef8ddd7c67798e31eff30023778ca0f59a71804f93e80c3d39114a8db551e67ee4a6c04a3bc4d691e49197d7ced2a259ef73bb60096cb53ac6253fbad850d706b0dee9e48c8615c80c5d8b9156f73c4ebde3d2ba2606607fef23c75a992df56990055a7db9427cac408c452c389007f1912ed64f89af6c4b988bc0cafbbceee1b0570ea0eebf7c1ef2ff746a5526b157c0d3ff1d6da6ed7a7bf667583f8c6579fe8fd44ec43e5d27b662842cb74938cd69d0ac759b55ac71c81143fdf2e996412c3624dc50caa7d727b25b7e3e1eece52d488acf7d6863aaf06219daf15949e494e280b78a97c2f439ed68d473bde4a2460f6d3dff378ef7a2c0a6a1b28a62450196504eacd115e8d3cde500b2e0a0b162c3d6927424ae9e81b16a8f493313b6fcac3ebe34597390bf9140621df1b3e3651cb6308ccdda9a5829f161029e25d41e1b5174945ca7194998209cd3a2988cf97bd886f2904b8db8d278b0704a1fdb3ef", 0x1000}}, 0x1006) sendfile(r0, r0, &(0x7f00000002c0)=0x402, 0x7f03) 2.799253994s ago: executing program 4 (id=1817): r0 = syz_usb_connect(0x2, 0x2d, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x5a, 0xe4, 0xc4, 0x10, 0x596, 0x1, 0x5f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xd6, 0x0, 0x1, 0xb5, 0xe1, 0x45, 0x0, [], [{{0x9, 0x5, 0x83, 0x0, 0x3ff, 0x3, 0x7, 0x4}}]}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000640)={0x34, &(0x7f0000000400)={0x40, 0x16, 0x10, "a191a131cb863711825f3bfd17315622"}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) 891.308975ms ago: executing program 0 (id=1841): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @empty}, 0x10) setsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f00000000c0)='v', 0x1) accept4$inet(r0, 0x0, 0x0, 0x0) 890.649695ms ago: executing program 3 (id=1842): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x44, r2, 0x1, 0x0, 0x0, {0x4, 0x74, 0x609}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x2, @loopback}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bond0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}]}, 0x44}, 0x1, 0xffffffff00000003}, 0x0) 874.759385ms ago: executing program 1 (id=1843): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="580000005400e501000000000000000007000000", @ANYRES32=r2, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="01000400ff"], 0x58}}, 0x20044050) 809.664366ms ago: executing program 3 (id=1844): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cgroup.max.depth\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f00000001c0)=0x800000000000009, 0x12) 734.923338ms ago: executing program 4 (id=1845): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000380)={[{@acl}, {@heartbeat_none}, {@err_ro}, {@coherency_full}, {@coherency_full}, {@localflocks}, {@intr}, {@noacl}]}, 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x841, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000200)={0x0, 0xfb, 0x2d, 0x9, 0x6, "d6a5f6f0b0000004000c00", "57122f863cea65cfc3c71068965a87667890866ff52f9bbe"}, 0x2d, 0x0) 733.907528ms ago: executing program 1 (id=1846): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x4c, &(0x7f000002eff0)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x20}]}, 0x10) connect$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e21}, 0x6e) 722.078898ms ago: executing program 0 (id=1847): socket$netlink(0x10, 0x3, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x5b, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000440)={{0x2, 0x0, 0x9, 0x8, '\x00', 0x4}, 0x1, [0x6, 0x8000, 0x7, 0x3ff, 0xe, 0x40, 0x9d68, 0x400, 0x6302, 0xffffffff, 0x2000000000000, 0x339, 0x4, 0x9, 0x7, 0x2, 0x52, 0x7fffffff, 0x9, 0x9, 0x9, 0x1, 0x35, 0x3, 0x2, 0x9, 0x5, 0x3, 0xfffffffffffffffa, 0x8, 0x4, 0x1, 0x9, 0x1, 0xfffffffffffffffd, 0x5, 0x3, 0x3, 0x6, 0x6, 0x300000000000, 0x2, 0x1, 0x8000000000000000, 0xffffffff, 0x482, 0x3, 0x8000000000000001, 0xb, 0x3, 0x6, 0x40, 0x8000000000000001, 0x3, 0xcb, 0x2, 0x6, 0xa, 0x0, 0x0, 0x9, 0x8, 0x4, 0x69, 0x7fff, 0x3, 0x22e, 0x0, 0x36, 0x1, 0x1, 0x1ff, 0x9366, 0x7, 0x5, 0x2, 0x800, 0x0, 0x401, 0x81, 0xffffffff00000000, 0x4, 0x6, 0x48a, 0x3, 0x6, 0x6e, 0x8e, 0x800, 0x0, 0x1, 0x6fda, 0xdce, 0x5, 0x100000000, 0xff, 0x0, 0x36, 0xffffffffffff4401, 0x4092, 0x5, 0x7, 0x8320, 0x0, 0x9, 0x6e42000000000000, 0x400, 0x7f, 0xa6, 0x1, 0x0, 0xfff, 0x6, 0x9, 0xf7, 0x6, 0xedc, 0x4, 0x9, 0x0, 0xf, 0x1619, 0xe, 0x3, 0x9, 0x4, 0xca2e, 0x8]}) 631.525059ms ago: executing program 1 (id=1848): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x200010, &(0x7f00000002c0)={[{@data_err_ignore}, {@errors_remount}]}, 0xfe, 0x591, &(0x7f0000000440)="$eJzs3c9rHFUcAPDvbJL+SrUplKIeJNCDldpNk/ijgod6FC0G9F5Dsg0lm27JbkoTC7YHe/EiRRCxIP4B3j0W/wEvQv+CghaKllAPXlZmM5tusrvZNN022+7nA9O+N/N237yZ+b68l7dhA+hbo+k/uYhXI+LbJOJQw7HByA6OrpVbfXB1Jt2SqFY/+zuJJNtXL59k/w9nmVci4revI07kmustL6/MTxeLhcUsP1ZZuDRWXl45eWFheq4wV7g4MTl5+p3Jifffe7f5xXtbt6XN7nVvTv37w6e3Pzr9zbHV73+5d/hmEmfiYHassR1P4FpjZjRGs2syFGc2FRzvQmW9JNntE2BHBrI4H4q0DzgUA1nUAy++ryKiurWpzkWA51MiuKFP1ccB9bn9lvPg6os3y7v/4doEqLn9ydrvRmJfbW50YDXZMDNKr8RIF+pP6/j1r1s30y2693sIgI6uXY+IU4ODG/q/l6Oh/9u5U9sos7kO/R88O7fT8c9be1uMf3Lr459oMf4ZbhG7O9E5/nP3ulBNW+n474OW49/1RauRgSz3Um3MN5Scv1AspH1b2k0ej6G9aX6r9ZzTq3erDdmBxmON4790S+uvjwWz87g3uGlha3a6Mv2k7a67fz3itQ7j36TF/U+vx9SW7/xo0e9o4dbr7UptbH/yT3P7n67qzxFvtLz/j+Y6SeP6ZNqsjeuTY7XnYaz+VDR7eOPo7+3q73z/n670/h/Yuv0jSeN6bfnx6/hp33+FdsdGk2zR9DGf/z3J57X0nmzflelKZXE8Yk/ySfP+iUevrefr5dP2Hz/WOv6bn/+H6++zPyK+2Gb7bxy50bZoL9z/2ce6/60TI9Wk3aHi3Y+//LFd/dvr/96upY5ne7bT/7U/042JJ7l2AAAAAAAA0GtyEXEwklx+PZ3L5fNrn+84EgdyxVK5cuJ8aenibNT+VnYkhnL1le7hhs9DjGefh63nJzblJyPicER8N7C/ls/PlIqzu914AAAAAAAAAAAAAAAAAAAA6BHDbf7+P/XnwG6fHfDU+cpv6F8d478b3/QE9CQ//6F/iX/oX+If+pf4h/4l/qF/iX/oX+If+pf4BwAAAAAAAAAAAAAAAAAAAAAAAAAAgK6aOns23aqrD67OpPnZy8tL86XLJ2cL5fn8wtJMfqa0eCk/VyrNFQv5mdJCp/crlkqXxidi6cpYpZBUxsrLK+cWSksXK+cuLEzPFc4Vhp5JqwAAAAAAAAAAAAAAAAAAAOD5Ul5emZ8uFguLEjtI3Mmu4uU7f8QOXp5ERA+0Yj2xbyfnM9gjJy/R3cQud0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OD/AAAA///ScyxD") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='freezer.self_freezing\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f00000016c0)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd52a44fec4f6f1a6f65158bb6911c295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2971f29d9364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7d9f455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b80d8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e807df4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48610ee39fb4171103df2e09d7cfdb0c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681a03007e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fb9bbcd92d47098ae27a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee4c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22f3bb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7c5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7f87030000000000008992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cf8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46070039116694765658bae64b312715a8216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a1626dffe49d0c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d5807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c949ca930e7a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4bc700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) 579.16197ms ago: executing program 3 (id=1849): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0xb, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c) listen(r0, 0x5) syz_emit_ethernet(0x52, &(0x7f00000001c0)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x2, 0x3d, 0x44, 0x64, 0x0, 0x1, 0x6, 0x0, @remote, @remote, {[@timestamp_addr={0x44, 0x1c, 0x12, 0x1, 0x2, [{@empty, 0xc}, {@dev={0xac, 0x14, 0x14, 0x38}, 0xdc}, {@broadcast, 0x40}]}]}}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x6, 0x0, 0x2}}}}}}, 0x0) 578.59167ms ago: executing program 0 (id=1850): r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) unshare(0x60600) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) ioctl$FICLONE(r0, 0x40049409, r1) 469.527312ms ago: executing program 0 (id=1851): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x1, 0x0, @pic={0x8, 0x7, 0x8, 0x14, 0x2, 0x1, 0xc5, 0x9, 0x28, 0x2, 0x1, 0x95, 0xb, 0x8, 0x8e, 0x4}}) 468.754642ms ago: executing program 3 (id=1852): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000000000001000080000000008d"]) 310.704574ms ago: executing program 1 (id=1853): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26) ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000540)='C!9') 211.348506ms ago: executing program 0 (id=1854): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1000000, &(0x7f00000007c0)={[{@mblk_io_submit}]}, 0xfe, 0x52c, &(0x7f0000000d40)="$eJzs3U9vG2kZAPBnJnY2abPrLHBYVmJ3xS5KIqjTbOhuhNACEoLTSgvlHkLiRlGcuIqdtokqSMUHQEIIkLjAiQsSHwAJ9SMgpEpwR4BAFbRw4FAYZHuchtROU+LY3eT3k97MO//8PK/jGc87M/IEcG69ERHTEZFlWTYTEaV8epqX2GuX5nIPH9xebpYksuzq35JI8mmd13ohH17MVxuLiK9/NeJbyZNx6zu760vVamUrH59tbCSPsmz30trG0mpltbI5/1K8s/DuwpWFy31p52REvPflP//wez//ynu//szNPyz+dfrb7Qa2HWxHP7WbXmy9Fx2FiNg6jWBDUmi1sO3KkHMBAOBozeP9j0TEJyNiJkox0jqaa5kZbmYAAABAv2RfmIhHSfv6HwAAAHA2pRExER+MlvP7fSciTcvl9j28H4sLabVWb3w6K+2fL5iMYnptrVq5nN87MBnFpDk+l99j2xl/+9D4fES8HBE/KI23xsvLterKUM98AAAAwPlxsdXnT9JO//+fpXb/HwAAADhjJoedAAAAAHDq9P8BAADg7NP/BwAAgDPtg/ffb5as8/zrlRs72+u1G5dWKvX18sb2cnm5tnW9vFqrrd4vRNQ2nvZ61Vrt+mdjc/vWbKNSb8zWd3YXN2rbm43Ftf95BDYAAAAwQC+/fvf3SUTsfW48jYgsOTCvGJGNHFy4MPj8gNOTPsvCfzq9PIDBGxl2AsDQOKSH86s47ASAoXvafqDnzTu/6X8uAADA6Zj6+P71/1ZpGs3nJd1X2RtcdsBpyq//Jz22deAMc/0fzq/OeX/3AcD5UzzqCECnAM689Bib+smv/2fZMyUFAAD03USrJGk57wdMRJqWyxEvth4L8Pis4EsR8btS8YVra9XKXGtK4vQAAAAAAAAAAAAAAAAAAAAAAAAAABxTliWR9dB+GmCM9poPAAAAfDhEpH9J8ud/TZXemjh8fmA0+VepNYyImz+5+qNbS43G1lxz+t/3pzd+nE9/e+CnLwAAAIAuOv30Tj8eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrp4YPby50yyLj3vxQRk93iF2KsNRyLYkRc+EcShQPrJREx0of4e3ci4pVu8ZNmWjGZZ3E4fhoR40OOf7EP8eE8u9vc/3yx2/aXxhutYfftr5CXk2rv/0a6xu/s/0Z67P9e7PaC6ZOTXr33y9me8e9EvFrovv/pxE/yN6FwIHazvHnMNn7zG7u7veZlP4uY6vr9k+wv06zNJoXrs/Wd3UtrG0urldXK5vz83DsL7y5cWbg8e22tWsn/do3x/U/86j9Htf9Cj/iTj9vf9f1/65jt//e9Ww8+2q4WD80qxk+zbPrN7p+/V9rxP794KH7nu+9T+b+7OT7Vqe+16we99ovfvvb6Ee1f6dH+sae0f/qY7Z/52nf/eMxFAYABqO/sri9Vq5WtZ6skEXsnWP0ElcgPPgYadHCV8Xgu0uhzZTwGGHTpyM9G5yB2APl8Jw/1XPwL/q8NDQAAOEuS/YP+YWcCAAAAAAAAAAAAAAAAAAAA51d9Z/TI3yc75s/RPczaui5zOObecJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCk/wYAAP//2f7FUg==") truncate(&(0x7f0000000040)='./file2\x00', 0x80000) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) 163.916307ms ago: executing program 3 (id=1855): r0 = epoll_create(0x7) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x12}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)) 119.196018ms ago: executing program 0 (id=1856): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000002900), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f00000032c0)={0x0, 0x0, &(0x7f0000003280)={&(0x7f0000003200)={0x34, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0x100000000000000}}]}, 0x34}, 0x1, 0x0, 0x0, 0x880}, 0x40c4) 59.242719ms ago: executing program 1 (id=1857): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x0, 0x0, 0x3}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000200)={0x18, 0x14, 0x301, 0x0, 0x0, {0x1e}, [@generic="c1"]}, 0x18}}, 0x0) 27.276019ms ago: executing program 1 (id=1858): getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, &(0x7f0000000100)) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) ioctl$AUTOFS_IOC_CATATONIC(r0, 0x800443d3, 0x20000002) 0s ago: executing program 3 (id=1859): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008b"]) kernel console output (not intermixed with test programs): 2566][ T7330] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #15: comm syz.1.542: mark_inode_dirty error [ 129.252067][ T7330] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.542: corrupted inode contents [ 129.297209][ T7330] EXT4-fs error (device loop1): ext4_truncate:4288: inode #15: comm syz.1.542: mark_inode_dirty error [ 129.321549][ T7330] EXT4-fs error (device loop1) in ext4_setattr:5645: Corrupt filesystem [ 129.477175][ T5827] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 129.531209][ T7357] netlink: 'syz.3.553': attribute type 1 has an invalid length. [ 129.541661][ T7357] netlink: 4 bytes leftover after parsing attributes in process `syz.3.553'. [ 129.687570][ T5827] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 129.707081][ T5827] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 129.744790][ T5827] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 129.774402][ T5827] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.793258][ T5827] usb 5-1: Product: syz [ 129.803373][ T5827] usb 5-1: Manufacturer: syz [ 129.813498][ T5827] usb 5-1: SerialNumber: syz [ 129.824635][ T7361] netlink: 8 bytes leftover after parsing attributes in process `syz.3.555'. [ 129.930163][ T7330] EXT4-fs error (device loop1): ext4_do_update_inode:5230: inode #15: comm syz.1.542: corrupted inode contents [ 129.980290][ T7353] loop0: detected capacity change from 0 to 32768 [ 130.001937][ T5787] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 130.023940][ T7353] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 130.055325][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.074379][ T7345] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 130.085261][ T7345] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 130.110969][ T5827] cdc_ether: probe of 5-1:1.0 failed with error -22 [ 130.147374][ T5827] usb 5-1: USB disconnect, device number 3 [ 130.204328][ T5783] ocfs2: Unmounting device (7,0) on (node local) [ 130.619219][ T7381] tap0: tun_chr_ioctl cmd 35108 [ 130.663922][ T7375] loop3: detected capacity change from 0 to 32768 [ 130.697649][ T5827] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 130.899562][ T5827] usb 5-1: config index 0 descriptor too short (expected 301, got 72) [ 130.908121][ T5827] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 130.927320][ T5827] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 130.957047][ T5827] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 1024, setting to 64 [ 130.972424][ T5827] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 130.985284][ T5827] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 130.985840][ T7389] loop3: detected capacity change from 0 to 4096 [ 130.996771][ T5827] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 131.019626][ T5827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.116544][ T7391] loop0: detected capacity change from 0 to 4096 [ 131.199607][ T7391] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 131.257296][ T5827] usb 5-1: usb_control_msg returned -71 [ 131.262937][ T5827] usbtmc 5-1:16.0: can't read capabilities [ 131.277804][ T5827] usbtmc 5-1:16.0: Failed to submit iin_urb [ 131.293620][ T5827] usbtmc: probe of 5-1:16.0 failed with error -90 [ 131.335744][ T5827] usb 5-1: USB disconnect, device number 4 [ 131.751489][ T7393] loop3: detected capacity change from 0 to 32768 [ 131.830967][ T7395] loop1: detected capacity change from 0 to 40427 [ 131.850090][ T7395] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff [ 131.864637][ T7397] loop0: detected capacity change from 0 to 32768 [ 131.880987][ T7395] F2FS-fs (loop1): invalid crc value [ 131.910137][ T7395] F2FS-fs (loop1): Found nat_bits in checkpoint [ 132.041748][ T7395] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 132.167846][ T5787] syz-executor: attempt to access beyond end of device [ 132.167846][ T5787] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 132.217776][ T5787] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 132.406482][ T7399] loop4: detected capacity change from 0 to 32768 [ 132.496013][ T7399] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 132.704702][ T7399] XFS (loop4): Ending clean mount [ 132.751254][ T7399] XFS (loop4): Quotacheck needed: Please wait. [ 132.808097][ T7429] netlink: 'syz.0.582': attribute type 2 has an invalid length. [ 132.866931][ T7399] XFS (loop4): Quotacheck: Done. [ 132.901436][ T27] audit: type=1800 audit(2000000028.910:44): pid=7399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.572" name="file1" dev="loop4" ino=9286 res=0 errno=0 [ 133.036269][ T6755] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 133.175332][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.183492][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.543053][ T7458] loop4: detected capacity change from 0 to 256 [ 133.572962][ T7458] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 133.824997][ T7468] loop0: detected capacity change from 0 to 1024 [ 133.944679][ T27] audit: type=1800 audit(2000000029.950:45): pid=7468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.599" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 134.009544][ T7456] loop3: detected capacity change from 0 to 32768 [ 134.092206][ T7477] loop1: detected capacity change from 0 to 4096 [ 134.119115][ T7477] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.161886][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.469530][ T7493] loop3: detected capacity change from 0 to 512 [ 134.989501][ T7520] loop4: detected capacity change from 0 to 64 [ 135.008952][ T42] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 135.056870][ T7524] netlink: 8 bytes leftover after parsing attributes in process `syz.3.623'. [ 135.207598][ T42] usb 1-1: Using ep0 maxpacket: 8 [ 135.221571][ T42] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 135.233892][ T42] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 135.253368][ T7532] loop4: detected capacity change from 0 to 1024 [ 135.262780][ T42] usb 1-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 135.273998][ T42] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.299781][ T7532] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 135.316505][ T42] usb 1-1: config 0 descriptor?? [ 135.350211][ T7532] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.424017][ T7532] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 135.523919][ T41] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 135.538875][ T41] EXT4-fs (loop4): This should not happen!! Data will be lost [ 135.538875][ T41] [ 135.555129][ T41] EXT4-fs (loop4): Total free blocks count 0 [ 135.561550][ T41] EXT4-fs (loop4): Free/Dirty block details [ 135.567810][ T41] EXT4-fs (loop4): free_blocks=20480 [ 135.573297][ T41] EXT4-fs (loop4): dirty_blocks=32 [ 135.578584][ T41] EXT4-fs (loop4): Block reservation details [ 135.584644][ T41] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 135.594023][ T3542] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 131587 with max blocks 1 with error 28 [ 135.741643][ T42] holtek 0003:1241:5015.0007: unknown main item tag 0x0 [ 135.752969][ T7534] loop3: detected capacity change from 0 to 32768 [ 135.760739][ T42] holtek 0003:1241:5015.0007: unknown main item tag 0x0 [ 135.770084][ T42] holtek 0003:1241:5015.0007: unknown main item tag 0x0 [ 135.777320][ T42] holtek 0003:1241:5015.0007: unknown main item tag 0x0 [ 135.784470][ T42] holtek 0003:1241:5015.0007: unknown main item tag 0x0 [ 135.799182][ T42] holtek 0003:1241:5015.0007: hidraw0: USB HID vff.ff Device [HID 1241:5015] on usb-dummy_hcd.0-1/input0 [ 135.811756][ T42] holtek 0003:1241:5015.0007: no inputs found [ 135.882090][ T7550] netlink: 'syz.1.635': attribute type 21 has an invalid length. [ 135.895267][ T7550] netlink: 'syz.1.635': attribute type 1 has an invalid length. [ 135.904155][ T7550] netlink: 'syz.1.635': attribute type 2 has an invalid length. [ 135.916408][ T7550] netlink: 9062 bytes leftover after parsing attributes in process `syz.1.635'. [ 135.945855][ T42] usb 1-1: USB disconnect, device number 6 [ 136.018031][ T5827] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 136.222565][ T5827] usb 5-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 136.231993][ T5827] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.240708][ T5827] usb 5-1: Product: syz [ 136.244977][ T5827] usb 5-1: Manufacturer: syz [ 136.249623][ T5827] usb 5-1: SerialNumber: syz [ 136.256360][ T5827] usb 5-1: config 0 descriptor?? [ 136.428283][ T7568] loop1: detected capacity change from 0 to 2048 [ 136.445094][ T7569] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 136.485643][ T27] audit: type=1800 audit(2000000032.490:46): pid=7568 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.643" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 136.536896][ T7568] NILFS (loop1): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 136.553966][ T7568] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=16) [ 136.576405][ T7568] Remounting filesystem read-only [ 136.635936][ T5787] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 136.647744][ T5787] NILFS (loop1): discard dirty page: offset=0, ino=16 [ 136.654954][ T5787] NILFS (loop1): discard dirty block: blocknr=23, size=1024 [ 136.663336][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 136.669517][ T5827] airspy 5-1:0.0: Board ID: 00 [ 136.676839][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 136.685809][ T5827] airspy 5-1:0.0: Firmware version: [ 136.691566][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 136.692608][ T5787] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 136.709004][ T5787] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 136.716325][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 136.726282][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 136.735786][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 136.753810][ T5787] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 136.761117][ T5787] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 136.775529][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 136.785135][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 136.809393][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 136.956480][ T7584] loop0: detected capacity change from 0 to 128 [ 137.018355][ T7584] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 137.054433][ T7584] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.071668][ T5827] airspy 5-1:0.0: usb_control_msg() failed -71 request 0e [ 137.101409][ T5827] airspy 5-1:0.0: Registered as swradio24 [ 137.137691][ T7592] loop1: detected capacity change from 0 to 256 [ 137.142182][ T7591] loop3: detected capacity change from 0 to 8192 [ 137.144929][ T5827] airspy 5-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 137.171336][ T5827] usb 5-1: USB disconnect, device number 5 [ 137.195617][ T7592] FAT-fs (loop1): Directory bread(block 64) failed [ 137.202600][ T7592] FAT-fs (loop1): Directory bread(block 65) failed [ 137.214633][ T7592] FAT-fs (loop1): Directory bread(block 66) failed [ 137.221571][ T7592] FAT-fs (loop1): Directory bread(block 67) failed [ 137.233573][ T5783] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 137.233987][ T7592] FAT-fs (loop1): Directory bread(block 68) failed [ 137.255874][ T7592] FAT-fs (loop1): Directory bread(block 69) failed [ 137.270815][ T7592] FAT-fs (loop1): Directory bread(block 70) failed [ 137.278288][ T7592] FAT-fs (loop1): Directory bread(block 71) failed [ 137.285370][ T7592] FAT-fs (loop1): Directory bread(block 72) failed [ 137.292903][ T7592] FAT-fs (loop1): Directory bread(block 73) failed [ 137.523872][ T7603] netlink: 428 bytes leftover after parsing attributes in process `syz.1.658'. [ 137.535998][ T7603] netlink: 32 bytes leftover after parsing attributes in process `syz.1.658'. [ 137.940196][ T7628] loop3: detected capacity change from 0 to 2048 [ 138.583942][ T7643] tipc: Started in network mode [ 138.599437][ T7643] tipc: Node identity 2d6806f2b032df77002e0000004, cluster identity 4711 [ 138.875579][ T7649] loop4: detected capacity change from 0 to 2048 [ 138.925859][ T7649] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 138.959516][ T7649] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 139.098053][ T6755] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.901344][ T7695] loop0: detected capacity change from 0 to 256 [ 139.924182][ T7695] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 140.013464][ T7699] loop3: detected capacity change from 0 to 1024 [ 140.239162][ T7680] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 140.737290][ T7725] process 'syz.4.714' launched './file1' with NULL argv: empty string added [ 141.060363][ T7741] program syz.1.720 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 141.074289][ T7742] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 141.185741][ T7749] loop3: detected capacity change from 0 to 512 [ 141.330174][ T7754] Zero length message leads to an empty skb [ 141.413746][ T7759] netlink: 4 bytes leftover after parsing attributes in process `syz.3.729'. [ 141.430900][ T7761] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 141.836451][ T7776] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 141.989334][ T7788] loop3: detected capacity change from 0 to 256 [ 142.035724][ T27] audit: type=1326 audit(2000000038.040:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.1.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6ed8e9a9 code=0x7ffc0000 [ 142.101842][ T27] audit: type=1326 audit(2000000038.040:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.1.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6ed8e9a9 code=0x7ffc0000 [ 142.145762][ T27] audit: type=1326 audit(2000000038.040:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.1.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e6ed8e9a9 code=0x7ffc0000 [ 142.167988][ C1] vkms_vblank_simulate: vblank timer overrun [ 142.203110][ T27] audit: type=1326 audit(2000000038.040:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.1.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6ed8e9a9 code=0x7ffc0000 [ 142.267224][ T27] audit: type=1326 audit(2000000038.040:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.1.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e6ed8e9a9 code=0x7ffc0000 [ 142.292273][ T27] audit: type=1326 audit(2000000038.080:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.1.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6ed8e9a9 code=0x7ffc0000 [ 142.314372][ C1] vkms_vblank_simulate: vblank timer overrun [ 142.326880][ T27] audit: type=1326 audit(2000000038.080:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.1.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6ed8e9a9 code=0x7ffc0000 [ 142.349104][ C1] vkms_vblank_simulate: vblank timer overrun [ 142.382004][ T27] audit: type=1326 audit(2000000038.080:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.1.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f3e6ed8e9a9 code=0x7ffc0000 [ 142.405238][ T27] audit: type=1326 audit(2000000038.080:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.1.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6ed8e9a9 code=0x7ffc0000 [ 142.455769][ T27] audit: type=1326 audit(2000000038.080:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.1.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e6ed8e9a9 code=0x7ffc0000 [ 142.588952][ T7787] loop0: detected capacity change from 0 to 32768 [ 142.609203][ T7787] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.742 (7787) [ 142.635375][ T7787] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 142.646119][ T7787] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 142.655265][ T7787] BTRFS info (device loop0): force clearing of disk cache [ 142.662942][ T7787] BTRFS info (device loop0): metadata ratio 0 [ 142.669278][ T7787] BTRFS info (device loop0): enabling ssd optimizations [ 142.676395][ T7787] BTRFS info (device loop0): using spread ssd allocation scheme [ 142.684777][ T7787] BTRFS info (device loop0): using free space tree [ 142.720754][ T7787] BTRFS info (device loop0): auto enabling async discard [ 142.729772][ T7787] BTRFS info (device loop0): rebuilding free space tree [ 142.773131][ T5783] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 142.977559][ T5827] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 143.158253][ T7834] C: renamed from team_slave_0 (while UP) [ 143.170141][ T5827] usb 5-1: config 0 has an invalid interface number: 215 but max is 0 [ 143.187404][ T5827] usb 5-1: config 0 has no interface number 0 [ 143.208856][ T5827] usb 5-1: New USB device found, idVendor=07cf, idProduct=1001, bcdDevice=4e.2a [ 143.227062][ T5827] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.235137][ T5827] usb 5-1: Product: syz [ 143.247101][ T5827] usb 5-1: Manufacturer: syz [ 143.251744][ T5827] usb 5-1: SerialNumber: syz [ 143.268660][ T5827] usb 5-1: config 0 descriptor?? [ 143.276050][ T5827] usb-storage 5-1:0.215: USB Mass Storage device detected [ 143.314446][ T5827] usb-storage 5-1:0.215: Quirks match for vid 07cf pid 1001: a [ 143.324147][ T7834] netlink: 'syz.0.757': attribute type 4 has an invalid length. [ 143.332358][ T7834] netlink: 120 bytes leftover after parsing attributes in process `syz.0.757'. [ 143.349277][ T7834] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 143.516377][ T7840] loop0: detected capacity change from 0 to 64 [ 143.552008][ T5827] usb 5-1: USB disconnect, device number 6 [ 143.576536][ T7840] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 143.621920][ T7842] loop1: detected capacity change from 0 to 128 [ 143.640412][ T7842] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 143.661259][ T7842] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 143.703862][ T5783] minix_free_inode: bit 3 already cleared [ 143.720055][ T5783] minix_free_inode: bit 4 already cleared [ 143.749655][ T5783] minix_free_inode: bit 2 already cleared [ 143.758871][ T7842] overlayfs: upper fs needs to support d_type. [ 143.766248][ T7842] overlayfs: upper fs does not support tmpfile. [ 143.777244][ T5783] minix_free_inode: bit 5 already cleared [ 144.431295][ T7846] loop3: detected capacity change from 0 to 32768 [ 144.803311][ T7856] loop0: detected capacity change from 0 to 32768 [ 144.867770][ T7856] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 144.921893][ T7856] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 145.156662][ T5783] ocfs2: Unmounting device (7,0) on (node local) [ 145.332355][ T7889] netlink: 'syz.3.782': attribute type 2 has an invalid length. [ 145.359731][ T7889] netlink: 'syz.3.782': attribute type 2 has an invalid length. [ 145.372425][ T7889] netlink: 8 bytes leftover after parsing attributes in process `syz.3.782'. [ 145.950975][ T7906] loop1: detected capacity change from 0 to 32768 [ 145.977490][ T7906] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.789 (7906) [ 145.995597][ T7906] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 146.016498][ T7906] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 146.033923][ T7906] BTRFS info (device loop1): using free space tree [ 146.081252][ T7906] BTRFS info (device loop1): enabling ssd optimizations [ 146.094389][ T7906] BTRFS info (device loop1): auto enabling async discard [ 146.220473][ T5787] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 146.242894][ T7943] netlink: 76 bytes leftover after parsing attributes in process `syz.0.799'. [ 146.267296][ T7943] nbd: illegal input index -65456 [ 146.711039][ T7961] netlink: 12 bytes leftover after parsing attributes in process `syz.4.807'. [ 147.265987][ T7980] Bluetooth: MGMT ver 1.22 [ 147.811222][ T8006] loop7: detected capacity change from 0 to 7 [ 147.854464][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.863963][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 147.880622][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.890034][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 147.929742][ T8006] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 147.948378][ T8014] loop4: detected capacity change from 0 to 764 [ 147.957144][ T8006] Buffer I/O error on dev loop7, logical block 0, async page read [ 147.977445][ T8006] ldm_validate_partition_table(): Disk read failed. [ 147.986696][ T8006] Dev loop7: unable to read RDB block 0 [ 148.003752][ T8006] loop7: unable to read partition table [ 148.014825][ T8006] loop7: partition table beyond EOD, truncated [ 148.024708][ T8014] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 148.048102][ T8006] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 148.924796][ T8047] netlink: 16 bytes leftover after parsing attributes in process `syz.1.846'. [ 149.003561][ T8053] loop1: detected capacity change from 0 to 256 [ 149.062160][ T8055] loop4: detected capacity change from 0 to 512 [ 149.089951][ T8055] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 149.297615][ T8065] netlink: 8 bytes leftover after parsing attributes in process `syz.4.854'. [ 149.567216][ T3433] Bluetooth: hci4: Frame reassembly failed (-84) [ 149.578329][ T8081] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 149.637358][ T8085] netlink: 8 bytes leftover after parsing attributes in process `syz.1.870'. [ 149.900966][ T8084] loop3: detected capacity change from 0 to 32768 [ 150.111248][ T8096] loop1: detected capacity change from 0 to 4096 [ 150.203539][ T8096] EXT4-fs: inline encryption not supported [ 150.207251][ T42] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 150.218808][ T8096] EXT4-fs (loop1): Test dummy encryption mode enabled [ 150.231882][ T8096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.330567][ T8096] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 150.382301][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.404047][ T42] usb 1-1: Using ep0 maxpacket: 16 [ 150.411184][ T42] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 150.422870][ T42] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 150.434306][ T42] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 150.443819][ T42] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.452644][ T42] usb 1-1: Product: syz [ 150.456840][ T42] usb 1-1: Manufacturer: syz [ 150.461611][ T5827] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 150.469791][ T42] usb 1-1: SerialNumber: syz [ 150.669558][ T5827] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 150.698378][ T5827] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 150.714532][ T5827] usb 4-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 150.723819][ T5827] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.735136][ T5827] usb 4-1: config 0 descriptor?? [ 150.904382][ T42] usb 1-1: 0:2 : does not exist [ 151.043756][ T8120] netlink: 28 bytes leftover after parsing attributes in process `syz.1.875'. [ 151.052987][ T8120] netlink: 28 bytes leftover after parsing attributes in process `syz.1.875'. [ 151.312796][ T42] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 151.339732][ T42] usb 1-1: USB disconnect, device number 7 [ 151.568541][ T5827] hid-led: probe of 0003:0FC5:B080.0008 failed with error -71 [ 151.577297][ T5785] Bluetooth: hci4: command 0x1003 tx timeout [ 151.579616][ T5791] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 151.587668][ T5827] usb 4-1: USB disconnect, device number 3 [ 151.853867][ T8129] loop1: detected capacity change from 0 to 4096 [ 151.991190][ T8134] loop0: detected capacity change from 0 to 4096 [ 152.000596][ T8134] EXT4-fs: inline encryption not supported [ 152.013559][ T8134] EXT4-fs (loop0): Test dummy encryption mode enabled [ 152.038984][ T8134] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.198812][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.532241][ T8159] loop1: detected capacity change from 0 to 512 [ 152.555972][ T8159] EXT4-fs (loop1): orphan cleanup on readonly fs [ 152.594946][ T8159] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 152.634394][ T8159] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 152.656216][ T8159] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.892: Failed to acquire dquot type 1 [ 152.692378][ T8159] EXT4-fs (loop1): 1 truncate cleaned up [ 152.705361][ T8159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 152.788265][ T8169] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 152.825146][ T8159] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 152.865803][ T8159] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 8 [ 152.946614][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.952625][ T8171] loop3: detected capacity change from 0 to 4096 [ 152.969084][ T8171] EXT4-fs: inline encryption not supported [ 152.985639][ T8177] loop0: detected capacity change from 0 to 256 [ 153.177434][ T8185] loop0: detected capacity change from 0 to 512 [ 153.188474][ T8185] EXT4-fs: Ignoring removed nobh option [ 153.194806][ T8185] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 153.210118][ T8185] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal [ 153.234163][ T8190] loop3: detected capacity change from 0 to 8 [ 153.318040][ T8194] netlink: 8 bytes leftover after parsing attributes in process `syz.3.909'. [ 154.081409][ T8210] loop0: detected capacity change from 0 to 4096 [ 154.088657][ T8210] EXT4-fs: inline encryption not supported [ 154.095372][ T8210] EXT4-fs (loop0): Test dummy encryption mode enabled [ 154.106038][ T8210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 154.183220][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.797502][ T8231] loop1: detected capacity change from 0 to 128 [ 154.842868][ T8231] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 154.862528][ T8231] ext4 filesystem being mounted at /252/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 154.994146][ T5787] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 155.124593][ T8238] loop3: detected capacity change from 0 to 256 [ 155.314016][ T8245] loop3: detected capacity change from 0 to 128 [ 156.636557][ T8275] netlink: 12 bytes leftover after parsing attributes in process `syz.3.945'. [ 157.091138][ T8265] loop4: detected capacity change from 0 to 40427 [ 157.143345][ T8265] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x7ffff [ 157.177628][ T8265] F2FS-fs (loop4): invalid crc value [ 157.222479][ T8265] F2FS-fs (loop4): Found nat_bits in checkpoint [ 157.385867][ T8283] netlink: 8 bytes leftover after parsing attributes in process `syz.1.948'. [ 157.442223][ T8265] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 157.463964][ T8283] netlink: 'syz.1.948': attribute type 2 has an invalid length. [ 157.569056][ T8280] f2fs_ckpt-7:4: attempt to access beyond end of device [ 157.569056][ T8280] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 157.647330][ T8280] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 157.887006][ C1] sched: RT throttling activated [ 158.010733][ T8279] loop3: detected capacity change from 0 to 131072 [ 158.205364][ T8296] loop0: detected capacity change from 0 to 256 [ 158.235978][ T8296] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 158.268349][ T8296] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 158.310555][ T8296] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 158.390094][ T27] audit: type=1800 audit(2000000310.404:57): pid=8296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.955" name="file3" dev="loop0" ino=1048618 res=0 errno=0 [ 158.681788][ T8307] loop0: detected capacity change from 0 to 2048 [ 158.712346][ T8307] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 158.948979][ T8320] syzkaller1: tun_chr_ioctl cmd 1074025672 [ 158.954855][ T8320] syzkaller1: ignored: set checksum enabled [ 159.081023][ T8324] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 159.201432][ T5827] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 159.226019][ T42] IPVS: starting estimator thread 0... [ 159.244445][ T8330] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 159.257890][ T5827] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 159.347382][ T8331] IPVS: using max 23 ests per chain, 55200 per kthread [ 159.413212][ T8335] loop4: detected capacity change from 0 to 1024 [ 159.462284][ T8315] loop3: detected capacity change from 0 to 32768 [ 159.728839][ T8342] loop0: detected capacity change from 0 to 128 [ 159.775630][ T8342] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 159.797167][ T8342] ext4 filesystem being mounted at /271/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.835556][ T8342] EXT4-fs error (device loop0): swap_inode_boot_loader:384: inode #5: comm syz.0.975: iget: checksum invalid [ 159.973105][ T5783] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 160.142748][ T8340] loop4: detected capacity change from 0 to 40427 [ 160.154089][ T8340] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 160.163561][ T8340] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 160.178723][ T8340] F2FS-fs (loop4): invalid crc value [ 160.206390][ T8340] F2FS-fs (loop4): Found nat_bits in checkpoint [ 160.299804][ T8359] loop0: detected capacity change from 0 to 512 [ 160.313590][ T8340] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 160.319301][ T8359] EXT4-fs: Ignoring removed oldalloc option [ 160.326899][ T8340] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 160.342860][ T8359] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 160.363939][ T8359] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz.0.980: inode #11: comm syz.0.980: iget: illegal inode # [ 160.386144][ T8359] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.980: couldn't read orphan inode 11 (err -117) [ 160.403986][ T8359] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.456447][ T8359] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 213 vs 220 free clusters [ 160.564872][ T8352] loop3: detected capacity change from 0 to 32768 [ 160.586218][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.052978][ T8370] loop0: detected capacity change from 0 to 4096 [ 161.368051][ T8386] loop4: detected capacity change from 0 to 512 [ 161.375313][ T8386] EXT4-fs: Ignoring removed oldalloc option [ 161.415073][ T8386] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 161.450884][ T8393] sch_tbf: burst 2 is lower than device vlan0 mtu (1514) ! [ 161.458463][ T8386] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.992: inode #11: comm syz.4.992: iget: illegal inode # [ 161.481645][ T8386] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.992: couldn't read orphan inode 11 (err -117) [ 161.526739][ T8386] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.594881][ T8386] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 213 vs 220 free clusters [ 161.631208][ T6755] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.148394][ T8412] loop3: detected capacity change from 0 to 1024 [ 162.176040][ T8412] EXT4-fs: Ignoring removed orlov option [ 162.241952][ T8402] loop0: detected capacity change from 0 to 32768 [ 162.374872][ T8416] ialloc: diAlloc returned -17! [ 162.492854][ T8406] loop1: detected capacity change from 0 to 32768 [ 162.520988][ T8406] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1000 (8406) [ 162.576522][ T8406] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 162.597498][ T8406] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 162.606215][ T8406] BTRFS info (device loop1): force clearing of disk cache [ 162.613480][ T8406] BTRFS info (device loop1): metadata ratio 0 [ 162.620136][ T8406] BTRFS info (device loop1): enabling ssd optimizations [ 162.638794][ T8406] BTRFS info (device loop1): using spread ssd allocation scheme [ 162.646488][ T8406] BTRFS info (device loop1): using free space tree [ 162.666277][ T8420] loop0: detected capacity change from 0 to 1024 [ 162.676275][ T8420] EXT4-fs: Ignoring removed orlov option [ 162.688940][ T8420] EXT4-fs: Ignoring removed nomblk_io_submit option [ 162.722743][ T8406] BTRFS info (device loop1): auto enabling async discard [ 162.735799][ T8406] BTRFS info (device loop1): rebuilding free space tree [ 162.745068][ T8420] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.757068][ T8444] loop4: detected capacity change from 0 to 2048 [ 162.783742][ T8444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.865548][ T5787] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 162.884848][ T1130] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 162.887785][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.949130][ T42] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 162.963456][ T1130] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28 [ 162.971311][ T8448] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1012'. [ 162.977641][ T1130] EXT4-fs (loop4): This should not happen!! Data will be lost [ 162.977641][ T1130] [ 163.011173][ T1130] EXT4-fs (loop4): Total free blocks count 0 [ 163.029205][ T1130] EXT4-fs (loop4): Free/Dirty block details [ 163.045741][ T1130] EXT4-fs (loop4): free_blocks=2415919104 [ 163.059404][ T1130] EXT4-fs (loop4): dirty_blocks=16 [ 163.080722][ T1130] EXT4-fs (loop4): Block reservation details [ 163.082688][ T8450] loop0: detected capacity change from 0 to 164 [ 163.086757][ T1130] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 163.118626][ T8450] rock: directory entry would overflow storage [ 163.118848][ T6755] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.134232][ T8450] rock: sig=0x66, size=4, remaining=3 [ 163.151078][ T42] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 163.166670][ T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.198693][ T42] usb 4-1: config 0 descriptor?? [ 163.308052][ T8454] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 163.363687][ T8454] CIFS mount error: No usable UNC path provided in device string! [ 163.363687][ T8454] [ 163.394850][ T8454] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 163.421536][ T42] [drm] vendor descriptor length:6 data:06 5f 01 00 00 00 00 00 00 00 00 [ 163.434664][ T42] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 163.631514][ T42] [drm:udl_init] *ERROR* Selecting channel failed [ 163.650504][ T42] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2 [ 163.659247][ T42] [drm] Initialized udl on minor 2 [ 163.674919][ T42] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 163.690077][ T42] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 163.701119][ T5827] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 163.712140][ T42] usb 4-1: USB disconnect, device number 4 [ 163.727740][ T5827] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 164.355041][ T8478] loop1: detected capacity change from 0 to 2048 [ 164.401456][ T8478] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 164.732952][ T8479] loop3: detected capacity change from 0 to 32768 [ 164.956060][ T8483] loop0: detected capacity change from 0 to 64 [ 165.472737][ T8494] loop3: detected capacity change from 0 to 2048 [ 165.712768][ T27] audit: type=1326 audit(2000000317.724:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.4.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1a38e9a9 code=0x7fc00000 [ 165.740254][ T8489] loop0: detected capacity change from 0 to 32768 [ 165.777100][ T8506] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1034'. [ 165.793135][ T8506] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1034'. [ 166.334865][ T8513] netlink: 10 bytes leftover after parsing attributes in process `syz.1.1038'. [ 166.440249][ T27] audit: type=1326 audit(2000000318.454:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8497 comm="syz.4.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdf1a38e9a9 code=0x7fc00000 [ 166.526774][ T8521] loop4: detected capacity change from 0 to 1024 [ 166.751887][ T8527] ipvlan2: entered promiscuous mode [ 166.763339][ T8527] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 166.774566][ T8527] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 166.976567][ T8539] loop1: detected capacity change from 0 to 128 [ 167.147207][ T6942] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 167.337200][ T6942] usb 5-1: Using ep0 maxpacket: 16 [ 167.355227][ T6942] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 167.378932][ T6942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 167.394790][ T6942] usb 5-1: Product: syz [ 167.406003][ T6942] usb 5-1: Manufacturer: syz [ 167.417920][ T6942] usb 5-1: SerialNumber: syz [ 167.427636][ T6942] r8152-cfgselector 5-1: config 0 descriptor?? [ 167.651137][ T6942] r8152-cfgselector 5-1: Needed 1 retries to read version [ 167.860068][ T6942] r8152-cfgselector 5-1: Unknown version 0x0000 [ 167.873064][ T6942] r8152-cfgselector 5-1: USB disconnect, device number 7 [ 168.104858][ T8583] loop3: detected capacity change from 0 to 128 [ 168.587232][ T787] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 168.797111][ T787] usb 1-1: Using ep0 maxpacket: 8 [ 168.804307][ T787] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 168.823286][ T787] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 168.845254][ T787] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 168.865554][ T787] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 168.908183][ T787] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 168.927764][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.177535][ T787] usb 1-1: GET_CAPABILITIES returned 0 [ 169.183349][ T787] usbtmc 1-1:16.0: can't read capabilities [ 169.256607][ T8602] loop3: detected capacity change from 0 to 32768 [ 169.417080][ T787] usb 1-1: USB disconnect, device number 8 [ 169.442197][ T27] audit: type=1400 audit(2000000321.444:60): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3A202020202030206B420A4C617A79467265653A202020202020202020202020202030206B420A416E6F6E4875676550616765733A20202020202020202030206B420A53686D656D506D644D61707065643A202020202020202030206B420A46696C65506D644D61707065643A20202020202020202030206B420A5368617265645F48756765746C623A202020202020202030206B420A50 pid=8614 comm="syz.4.1082" [ 169.558541][ T8617] loop4: detected capacity change from 0 to 256 [ 169.690732][ T8621] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1086'. [ 170.012105][ T8640] netlink: 'syz.0.1095': attribute type 5 has an invalid length. [ 170.040027][ T8638] erspan0: entered promiscuous mode [ 170.217159][ T969] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 170.327646][ T8655] loop4: detected capacity change from 0 to 256 [ 170.343981][ T8655] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 170.370134][ T27] audit: type=1800 audit(2000000322.384:61): pid=8655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1102" name="file1" dev="loop4" ino=1048623 res=0 errno=0 [ 170.392473][ T8655] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 170.404582][ T8655] exFAT-fs (loop4): Filesystem has been set read-only [ 170.411869][ T8655] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c7521e0 iblock : 8, err : -5) [ 170.417191][ T969] usb 2-1: Using ep0 maxpacket: 32 [ 170.423531][ T8655] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 170.434041][ T969] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 170.445817][ T969] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.448350][ T8655] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 170.463619][ T8655] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805c7521e0 iblock : 8, err : -5) [ 170.474100][ T8655] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 170.474692][ T969] usb 2-1: config 0 descriptor?? [ 170.495416][ T969] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 170.509008][ T5834] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 170.697130][ T5834] usb 1-1: Using ep0 maxpacket: 16 [ 170.719874][ T5834] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 170.728284][ T5834] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 170.757140][ T5834] usb 1-1: config 0 has no interface number 0 [ 170.765980][ T5834] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 170.775621][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.783727][ T5834] usb 1-1: Product: syz [ 170.787987][ T5834] usb 1-1: Manufacturer: syz [ 170.792808][ T5834] usb 1-1: SerialNumber: syz [ 170.800930][ T5834] usb 1-1: config 0 descriptor?? [ 171.028496][ T5834] usb 1-1: Found UVC 0.00 device syz (046d:08f3) [ 171.050192][ T5834] usb 1-1: No valid video chain found. [ 171.068702][ T5834] usb 1-1: USB disconnect, device number 9 [ 171.318391][ T969] gspca_vc032x: reg_w err -71 [ 171.323145][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.333086][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.340114][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.345932][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.351476][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.357389][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.362824][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.369347][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.374745][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.391665][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.405982][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.417170][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.427036][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.437087][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.442431][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.460316][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.466190][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.472044][ T969] gspca_vc032x: I2c Bus Busy Wait 00 [ 171.479455][ T969] gspca_vc032x: Unknown sensor... [ 171.497290][ T969] vc032x: probe of 2-1:0.0 failed with error -22 [ 171.512982][ T969] usb 2-1: USB disconnect, device number 2 [ 171.660606][ T8680] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1114'. [ 171.750841][ T8683] loop3: detected capacity change from 0 to 4096 [ 172.036636][ T8698] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1119'. [ 172.049861][ T8699] loop0: detected capacity change from 0 to 256 [ 172.057384][ T8699] exfat: Deprecated parameter 'utf8' [ 172.062786][ T8699] exfat: Deprecated parameter 'utf8' [ 172.105335][ T8699] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7bac8b1f, utbl_chksum : 0xe619d30d) [ 172.154433][ T8703] vivid-002: disconnect [ 172.169352][ T8702] vivid-002: reconnect [ 172.192599][ T27] audit: type=1800 audit(2000000324.204:62): pid=8699 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1121" name="file1" dev="loop0" ino=1048625 res=0 errno=0 [ 172.302135][ T8709] loop3: detected capacity change from 0 to 256 [ 172.552516][ T8719] syz_tun: entered promiscuous mode [ 172.568313][ T8719] macvlan2: entered promiscuous mode [ 172.571063][ T8721] loop0: detected capacity change from 0 to 256 [ 172.573802][ T8719] macvlan2: entered allmulticast mode [ 172.593076][ T8719] syz_tun: entered allmulticast mode [ 172.601312][ T8719] syz_tun: left allmulticast mode [ 172.606713][ T8719] syz_tun: left promiscuous mode [ 172.658814][ T8725] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1132'. [ 172.679480][ T8725] netlink: 'syz.4.1132': attribute type 20 has an invalid length. [ 172.699574][ T8725] netlink: 'syz.4.1132': attribute type 21 has an invalid length. [ 172.713894][ T8723] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1131'. [ 172.723095][ T8723] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1131'. [ 172.904856][ T8733] loop1: detected capacity change from 0 to 1024 [ 172.997981][ T27] audit: type=1800 audit(2000000325.014:63): pid=8733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1137" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 173.063551][ T41] hfsplus: b-tree write err: -5, ino 4 [ 173.407274][ T969] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 173.470450][ T8750] loop0: detected capacity change from 0 to 32768 [ 173.481733][ T8750] [ 173.481733][ T8750] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 173.481733][ T8750] [ 173.497230][ T5848] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 173.518718][ T8750] ERROR: (device loop0): diWrite: ixpxd invalid [ 173.518718][ T8750] [ 173.536403][ T8750] ERROR: (device loop0): txCommit: [ 173.536403][ T8750] [ 173.553340][ T8750] jfs_unlink: dtDelete returned -2 [ 173.584032][ T5783] [ 173.584032][ T5783] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 173.584032][ T5783] [ 173.597487][ T969] usb 2-1: Using ep0 maxpacket: 16 [ 173.601614][ T5783] [ 173.601614][ T5783] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 173.601614][ T5783] [ 173.606203][ T969] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 173.635426][ T969] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 173.654891][ T969] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.679671][ T969] usb 2-1: config 0 descriptor?? [ 173.709306][ T5848] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 173.727138][ T5848] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023 [ 173.742389][ T8759] loop4: detected capacity change from 0 to 64 [ 173.742908][ T5848] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 173.767103][ T5848] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.785578][ T5848] usb 4-1: Product: syz [ 173.795659][ T5848] usb 4-1: Manufacturer: syz [ 173.805806][ T5848] usb 4-1: SerialNumber: syz [ 173.926620][ T8765] dummy0: entered promiscuous mode [ 173.933363][ T8765] macvtap1: entered promiscuous mode [ 173.943267][ T8765] macvtap1: entered allmulticast mode [ 173.949888][ T8765] dummy0: entered allmulticast mode [ 173.962622][ T8765] dummy0: left allmulticast mode [ 173.969059][ T8765] dummy0: left promiscuous mode [ 174.037317][ T5848] cdc_ncm 4-1:1.0: bind() failure [ 174.044939][ T5848] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 174.071409][ T5848] cdc_ncm 4-1:1.1: bind() failure [ 174.081601][ T5848] usb 4-1: USB disconnect, device number 5 [ 174.135230][ T969] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0 [ 174.152291][ T969] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0 [ 174.177376][ T969] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0 [ 174.184486][ T969] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0 [ 174.197444][ T969] mcp2221 0003:04D8:00DD.000A: unknown main item tag 0x0 [ 174.207651][ T969] mcp2221 0003:04D8:00DD.000A: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 174.394031][ C1] usb 2-1: input irq status -75 received [ 174.595606][ T5834] usb 2-1: USB disconnect, device number 3 [ 174.726605][ T8784] netlink: 19 bytes leftover after parsing attributes in process `syz.4.1167'. [ 174.877742][ T8790] netlink: 'syz.0.1161': attribute type 1 has an invalid length. [ 175.061506][ T8796] Bluetooth: MGMT ver 1.22 [ 175.224731][ T8800] loop3: detected capacity change from 0 to 512 [ 175.255422][ T8786] loop4: detected capacity change from 0 to 32768 [ 175.287102][ T5834] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 175.295044][ T8786] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 175.422055][ T8786] XFS (loop4): Ending clean mount [ 175.435531][ T8786] XFS (loop4): Quotacheck needed: Please wait. [ 175.466826][ T8814] loop1: detected capacity change from 0 to 2048 [ 175.494615][ T5834] usb 1-1: Using ep0 maxpacket: 16 [ 175.502543][ T5834] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 175.522165][ T5834] usb 1-1: config 0 has no interface number 0 [ 175.522846][ T8786] XFS (loop4): Quotacheck: Done. [ 175.535219][ T5834] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 175.547521][ T5834] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 175.557133][ T8820] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 175.583210][ T5834] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 175.597081][ T5834] usb 1-1: Product: syz [ 175.601293][ T5834] usb 1-1: SerialNumber: syz [ 175.617418][ T5834] usb 1-1: config 0 descriptor?? [ 175.631261][ T5834] usbhid 1-1:0.8: couldn't find an input interrupt endpoint [ 175.689059][ T8820] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 175.721143][ T8820] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4) [ 175.729124][ T6755] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 175.751533][ T8820] Remounting filesystem read-only [ 175.771483][ T5787] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 175.781021][ T5787] NILFS (loop1): discard dirty page: offset=0, ino=2 [ 175.788313][ T5787] NILFS (loop1): discard dirty block: blocknr=18, size=1024 [ 175.795621][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 175.804762][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 175.813711][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 175.824889][ T5787] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 175.838624][ T5787] NILFS (loop1): discard dirty block: blocknr=35, size=1024 [ 175.845969][ T5787] NILFS (loop1): discard dirty block: blocknr=36, size=1024 [ 175.858814][ T5787] NILFS (loop1): discard dirty block: blocknr=37, size=1024 [ 175.867228][ T5787] NILFS (loop1): discard dirty block: blocknr=38, size=1024 [ 175.887162][ T5787] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 175.894203][ T5787] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 175.905896][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 175.920320][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 175.944270][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 175.955113][ T5787] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 175.961902][ T5787] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 175.987472][ T5834] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 175.987681][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 176.012773][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 176.021886][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 176.036248][ T5787] NILFS (loop1): discard dirty page: offset=0, ino=4 [ 176.044338][ T5787] NILFS (loop1): discard dirty block: blocknr=40, size=1024 [ 176.060403][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 176.070563][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 176.086622][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 176.095818][ T5787] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 176.106733][ T5787] NILFS (loop1): discard dirty block: blocknr=42, size=1024 [ 176.114203][ T5787] NILFS (loop1): discard dirty block: blocknr=43, size=1024 [ 176.126961][ T5787] NILFS (loop1): discard dirty block: blocknr=44, size=1024 [ 176.135111][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 176.145648][ T5787] NILFS (loop1): discard dirty page: offset=196608, ino=3 [ 176.152965][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 176.161951][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 176.171136][ T5787] NILFS (loop1): discard dirty block: blocknr=49, size=1024 [ 176.177155][ T5834] usb 4-1: Using ep0 maxpacket: 32 [ 176.178475][ T5787] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 176.190548][ T5834] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 176.204829][ T5834] usb 4-1: config 0 has no interface number 0 [ 176.216925][ T5834] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 176.232705][ T5834] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 176.240875][ T5834] usb 4-1: Product: syz [ 176.245220][ T5834] usb 4-1: Manufacturer: syz [ 176.250550][ T5834] usb 4-1: SerialNumber: syz [ 176.257812][ T5834] usb 4-1: config 0 descriptor?? [ 176.267494][ T5834] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 176.496236][ T5834] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 176.531719][ T5834] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 176.754089][ T8847] loop1: detected capacity change from 0 to 512 [ 176.781419][ T8847] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.795154][ T8847] ext4 filesystem being mounted at /311/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.853568][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.926514][ C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 176.936209][ T6942] usb 4-1: USB disconnect, device number 6 [ 176.953767][ T6942] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 176.991636][ T6942] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 177.003657][ T6942] quatech2 4-1:0.51: device disconnected [ 177.106704][ T8864] loop1: detected capacity change from 0 to 512 [ 177.125137][ T8864] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 177.564603][ T969] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 177.619684][ T8880] loop4: detected capacity change from 0 to 128 [ 177.635103][ T8882] loop3: detected capacity change from 0 to 64 [ 177.752672][ T969] usb 2-1: Using ep0 maxpacket: 8 [ 177.774567][ T969] usb 2-1: config index 0 descriptor too short (expected 30, got 18) [ 177.785894][ T969] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 177.797252][ T969] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.806553][ T969] usb 2-1: Product: syz [ 177.811251][ T969] usb 2-1: Manufacturer: syz [ 177.816138][ T969] usb 2-1: SerialNumber: syz [ 177.823043][ T969] usb 2-1: config 0 descriptor?? [ 177.840555][ T969] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 177.848899][ T969] usb 2-1: setting power ON [ 177.851605][ T8890] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1202'. [ 177.854156][ T969] dvb-usb: bulk message failed: -22 (2/0) [ 177.866889][ T8890] netem: invalid attributes len -18 [ 177.876301][ T8890] netem: change failed [ 177.899181][ T969] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 177.924132][ T969] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 177.933520][ T969] usb 2-1: media controller created [ 177.962528][ T969] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 177.994734][ T969] usb 2-1: selecting invalid altsetting 6 [ 178.001505][ T969] usb 2-1: digital interface selection failed (-22) [ 178.008913][ T969] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 178.019535][ T969] usb 2-1: setting power OFF [ 178.024927][ T969] dvb-usb: bulk message failed: -22 (2/0) [ 178.031206][ T969] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 178.040587][ T969] (NULL device *): no alternate interface [ 178.063377][ T5834] usb 1-1: USB disconnect, device number 10 [ 178.088846][ T8870] dvb-usb: bulk message failed: -22 (3/0) [ 178.095319][ T8870] dvb-usb: bulk message failed: -22 (37/0) [ 178.139184][ T8895] dvb-usb: bulk message failed: -22 (3/0) [ 178.144972][ T8895] dvb-usb: bulk message failed: -22 (4/0) [ 178.167270][ T8895] cxusb: i2c read failed [ 178.182997][ T969] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 178.213328][ T969] usb 2-1: USB disconnect, device number 4 [ 178.599369][ T8902] loop3: detected capacity change from 0 to 32768 [ 178.964714][ T8921] loop1: detected capacity change from 0 to 4096 [ 178.990126][ T8921] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 178.998872][ T8921] ntfs3: loop1: Failed to load $Extend (-22). [ 179.005157][ T8921] ntfs3: loop1: Failed to initialize $Extend. [ 179.047448][ T8921] ntfs3: loop1: ino=1b, "file0" directory corrupted [ 179.219938][ T8917] loop3: detected capacity change from 0 to 40427 [ 179.222790][ T8926] loop4: detected capacity change from 0 to 512 [ 179.235549][ T8926] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 179.271970][ T8926] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.285554][ T8926] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 179.336386][ T27] audit: type=1800 audit(2000000331.344:64): pid=8926 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1219" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 179.391820][ T27] audit: type=1800 audit(2000000331.344:65): pid=8926 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1219" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 179.394238][ T6755] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.477713][ T8932] tap0: tun_chr_ioctl cmd 1074025677 [ 179.487732][ T8932] tap0: linktype set to 6 [ 180.048533][ T8954] netlink: 'syz.3.1232': attribute type 9 has an invalid length. [ 180.068679][ T8954] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1232'. [ 180.071281][ T8952] loop4: detected capacity change from 0 to 4096 [ 180.112675][ T8952] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 180.202606][ T8952] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 180.303333][ T8957] loop3: detected capacity change from 0 to 24 [ 180.314801][ T8957] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 180.344988][ T8958] overlayfs: missing 'lowerdir' [ 180.428667][ T8961] loop3: detected capacity change from 0 to 64 [ 180.649882][ T8971] loop1: detected capacity change from 0 to 4096 [ 180.673196][ T8971] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 180.730131][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.463941][ T8983] loop0: detected capacity change from 0 to 32768 [ 181.493398][ T8989] loop4: detected capacity change from 0 to 32768 [ 181.506780][ T8983] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 181.520048][ T8989] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 181.545729][ T8989] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 181.590663][ T27] audit: type=1800 audit(2000000333.604:66): pid=8989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1255" name="bus" dev="loop4" ino=17058 res=0 errno=0 [ 181.626569][ T8983] XFS (loop0): Ending clean mount [ 181.732546][ T8983] XFS (loop0): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair. [ 181.788152][ T6755] ocfs2: Unmounting device (7,4) on (node local) [ 181.855091][ T5783] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 182.418012][ T9017] loop1: detected capacity change from 0 to 512 [ 182.448603][ T9019] loop3: detected capacity change from 0 to 512 [ 182.465075][ T9017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 182.485301][ T9017] ext4 filesystem being mounted at /332/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 182.635350][ T9007] loop0: detected capacity change from 0 to 32768 [ 182.656887][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.704417][ T27] audit: type=1800 audit(2000000334.704:67): pid=9007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1250" name="file1" dev="loop0" ino=4 res=0 errno=0 [ 182.813279][ T9027] QAT: Device 7 not found [ 183.130309][ T9038] loop1: detected capacity change from 0 to 64 [ 183.139441][ T9038] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 183.139512][ T9033] loop4: detected capacity change from 0 to 4096 [ 183.194525][ T9033] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 183.359232][ T9033] ntfs: volume version 3.1. [ 183.366109][ T9043] loop0: detected capacity change from 0 to 8 [ 183.378092][ T9031] loop3: detected capacity change from 0 to 32768 [ 183.775195][ T9059] netlink: 'syz.3.1275': attribute type 9 has an invalid length. [ 183.786541][ T9059] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1275'. [ 183.803091][ T5834] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 183.968412][ T9065] bridge0: entered promiscuous mode [ 183.974395][ T9065] macsec1: entered allmulticast mode [ 183.983155][ T9065] bridge0: entered allmulticast mode [ 183.990137][ T5834] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 183.992928][ T9065] bridge0: port 3(macsec1) entered blocking state [ 184.007931][ T5834] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 184.022835][ T9065] bridge0: port 3(macsec1) entered disabled state [ 184.027308][ T5834] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 184.049946][ T9065] bridge0: left allmulticast mode [ 184.056047][ T5834] usb 1-1: config 1 has no interface number 1 [ 184.057148][ T9065] bridge0: left promiscuous mode [ 184.067156][ T5834] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 184.082530][ T5834] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 184.098567][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.115088][ T5834] usb 1-1: Product: syz [ 184.121723][ T5834] usb 1-1: Manufacturer: syz [ 184.145850][ T5834] usb 1-1: SerialNumber: syz [ 184.376019][ T5834] usb 1-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0 [ 184.407211][ T5834] usb 1-1: MIDIStreaming interface descriptor not found [ 184.409533][ T9057] loop1: detected capacity change from 0 to 40427 [ 184.453885][ T9057] F2FS-fs (loop1): Found nat_bits in checkpoint [ 184.472776][ T9076] loop4: detected capacity change from 0 to 8 [ 184.518291][ T5834] usb 1-1: USB disconnect, device number 11 [ 184.608096][ T9057] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 184.766163][ T5787] syz-executor: attempt to access beyond end of device [ 184.766163][ T5787] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 184.797297][ T5787] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 184.950952][ T9069] loop3: detected capacity change from 0 to 32768 [ 185.285589][ T9091] input: syz0 as /devices/virtual/input/input12 [ 185.461982][ T9100] loop4: detected capacity change from 0 to 1024 [ 185.516864][ T9105] loop0: detected capacity change from 0 to 64 [ 185.530088][ T9105] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 185.563541][ T3433] hfsplus: b-tree write err: -5, ino 4 [ 185.933574][ T27] audit: type=1326 audit(2000000337.944:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9118 comm="syz.3.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f389a58e9a9 code=0x7ffc0000 [ 185.976214][ T27] audit: type=1326 audit(2000000337.944:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9118 comm="syz.3.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f389a58e9a9 code=0x7ffc0000 [ 186.023507][ T27] audit: type=1326 audit(2000000337.944:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9118 comm="syz.3.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f389a58e9a9 code=0x7ffc0000 [ 186.036173][ T9102] loop1: detected capacity change from 0 to 32768 [ 186.046310][ T27] audit: type=1326 audit(2000000337.954:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9118 comm="syz.3.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f389a58e9a9 code=0x7ffc0000 [ 186.075627][ T27] audit: type=1326 audit(2000000337.954:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9118 comm="syz.3.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f389a58e9a9 code=0x7ffc0000 [ 186.100121][ T9102] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1286 (9102) [ 186.116030][ T27] audit: type=1326 audit(2000000337.974:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9118 comm="syz.3.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f389a58e9a9 code=0x7ffc0000 [ 186.144587][ T27] audit: type=1326 audit(2000000337.974:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9118 comm="syz.3.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f389a585967 code=0x7ffc0000 [ 186.174197][ T27] audit: type=1326 audit(2000000337.974:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9118 comm="syz.3.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f389a52ab89 code=0x7ffc0000 [ 186.201468][ T27] audit: type=1326 audit(2000000337.974:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9118 comm="syz.3.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f389a585967 code=0x7ffc0000 [ 186.224644][ T9102] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 186.236495][ T9102] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 186.246559][ T27] audit: type=1326 audit(2000000337.974:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9118 comm="syz.3.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f389a52ab89 code=0x7ffc0000 [ 186.255311][ T9102] BTRFS info (device loop1): turning off barriers [ 186.279757][ T9110] loop4: detected capacity change from 0 to 32768 [ 186.288363][ T9102] BTRFS info (device loop1): setting nodatasum [ 186.295074][ T9102] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 186.305140][ T9102] BTRFS info (device loop1): use zstd compression, level 3 [ 186.313284][ T9102] BTRFS info (device loop1): using free space tree [ 186.325503][ T9110] [ 186.325503][ T9110] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 186.325503][ T9110] [ 186.370110][ T9110] JFS: Invalid stbl[1] = -128 for inode 2, block = 0 [ 186.434475][ T12] [ 186.434475][ T12] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 186.434475][ T12] [ 186.448150][ T12] [ 186.448150][ T12] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 186.448150][ T12] [ 186.461862][ T111] [ 186.461862][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 186.461862][ T111] [ 186.475596][ T6755] [ 186.475596][ T6755] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 186.475596][ T6755] [ 186.521425][ T6755] [ 186.521425][ T6755] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 186.521425][ T6755] [ 186.576299][ T9142] loop0: detected capacity change from 0 to 22 [ 186.622567][ T9142] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 186.644539][ T9142] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 186.872373][ T5787] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 187.324135][ T9160] loop1: detected capacity change from 0 to 512 [ 187.389628][ T9160] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.422333][ T9160] ext4 filesystem being mounted at /341/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 187.632371][ T9146] loop0: detected capacity change from 0 to 40427 [ 187.645774][ T9146] F2FS-fs (loop0): invalid crc value [ 187.672665][ T9146] F2FS-fs (loop0): Found nat_bits in checkpoint [ 187.766725][ T9179] loop4: detected capacity change from 0 to 512 [ 187.799739][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.818866][ T9146] F2FS-fs (loop0): Start checkpoint disabled! [ 187.838107][ T9179] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 187.855672][ T9146] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 187.902350][ T9179] EXT4-fs warning (device loop4): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 187.946002][ T9179] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 187.966755][ T9179] EXT4-fs warning (device loop4): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 187.980005][ T12] kworker/u4:1: attempt to access beyond end of device [ 187.980005][ T12] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 187.998594][ T12] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 188.005920][ T12] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 188.069492][ T6755] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 188.436441][ T9202] loop0: detected capacity change from 0 to 4096 [ 188.447205][ T5834] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 188.647144][ T5834] usb 5-1: Using ep0 maxpacket: 16 [ 188.665450][ T5834] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.677257][ T5834] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.687770][ T5834] usb 5-1: config 0 interface 0 has no altsetting 0 [ 188.694423][ T5834] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 188.720142][ T5834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.743395][ T5834] usb 5-1: config 0 descriptor?? [ 188.799412][ T9213] loop3: detected capacity change from 0 to 512 [ 189.045834][ T6942] kernel write not supported for file /snd/midiC2D0 (pid: 6942 comm: kworker/0:5) [ 189.090394][ T9223] loop0: detected capacity change from 0 to 2048 [ 189.100534][ T9225] team_slave_0: entered promiscuous mode [ 189.106252][ T9225] team_slave_1: entered promiscuous mode [ 189.117330][ T9225] macsec2: entered promiscuous mode [ 189.117576][ T9223] UDF-fs: bad mount option "Û" or missing value [ 189.129773][ T9225] team0: entered promiscuous mode [ 189.137047][ T9225] team0: Device macsec2 is already an upper device of the team interface [ 189.157745][ T9225] team0: left promiscuous mode [ 189.163207][ T9225] team_slave_0: left promiscuous mode [ 189.168751][ T9225] team_slave_1: left promiscuous mode [ 189.193918][ T9192] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.219002][ T9192] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 189.266034][ T9227] loop3: detected capacity change from 0 to 1024 [ 189.521746][ T42] usb 5-1: USB disconnect, device number 8 [ 189.547640][ T9230] veth1_vlan: left promiscuous mode [ 189.577404][ T9230] netlink: 'syz.1.1342': attribute type 1 has an invalid length. [ 189.605602][ T9230] netlink: 'syz.1.1342': attribute type 2 has an invalid length. [ 189.634486][ T9223] loop0: detected capacity change from 0 to 40427 [ 189.647188][ T9223] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff [ 189.663345][ T9223] F2FS-fs (loop0): Image doesn't support compression [ 189.670798][ T9223] F2FS-fs (loop0): Image doesn't support compression [ 189.678503][ T9223] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x4 [ 189.693568][ T9223] F2FS-fs (loop0): invalid crc value [ 189.720988][ T9223] F2FS-fs (loop0): Found nat_bits in checkpoint [ 189.721612][ T9236] loop1: detected capacity change from 0 to 64 [ 189.835717][ T9223] F2FS-fs (loop0): Start checkpoint disabled! [ 189.845009][ T9223] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 190.712629][ T9246] loop1: detected capacity change from 0 to 32768 [ 190.748753][ T9246] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 190.883755][ T9246] XFS (loop1): Ending clean mount [ 190.918978][ T9246] XFS (loop1): Quotacheck needed: Please wait. [ 190.939253][ T9276] 8021q: adding VLAN 0 to HW filter on device bond1 [ 190.947951][ T9276] bond0: (slave bond1): Enslaving as an active interface with a down link [ 191.054225][ T9246] XFS (loop1): Quotacheck: Done. [ 191.126892][ T9283] loop4: detected capacity change from 0 to 8 [ 191.239590][ T5787] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 191.573357][ T5785] Bluetooth: hci2: command 0x0406 tx timeout [ 191.866017][ T9305] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1371'. [ 192.075565][ T9315] loop4: detected capacity change from 0 to 24 [ 192.088095][ T9315] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 192.109025][ T9315] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 192.732997][ T9317] loop1: detected capacity change from 0 to 40427 [ 192.768788][ T9317] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 192.795967][ T9317] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 192.859448][ T9317] F2FS-fs (loop1): Found nat_bits in checkpoint [ 192.970704][ T9317] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 192.987092][ T9317] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 193.078283][ T9317] syz.1.1378: attempt to access beyond end of device [ 193.078283][ T9317] loop1: rw=2049, sector=53248, nr_sectors = 136 limit=40427 [ 193.082641][ T9333] loop3: detected capacity change from 0 to 32768 [ 193.187710][ T5787] syz-executor: attempt to access beyond end of device [ 193.187710][ T5787] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 193.207189][ T5787] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 193.466405][ T9333] loop3: detected capacity change from 0 to 4096 [ 193.526081][ T9339] loop0: detected capacity change from 0 to 32768 [ 193.554943][ T9339] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 193.603090][ T9345] loop4: detected capacity change from 0 to 32768 [ 193.603730][ T9339] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 193.612703][ T9345] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1389 (9345) [ 193.620874][ T9339] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 193.668296][ T9345] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 193.679611][ T9339] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 193.702479][ T9345] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 193.731774][ T9345] BTRFS info (device loop4): turning on sync discard [ 193.757333][ T9345] BTRFS info (device loop4): doing ref verification [ 193.764378][ T9345] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 193.801467][ T9345] BTRFS info (device loop4): trying to use backup root at mount time [ 193.847160][ T9345] BTRFS info (device loop4): force clearing of disk cache [ 193.854337][ T9345] BTRFS info (device loop4): setting nodatacow, compression disabled [ 193.892119][ T9345] BTRFS info (device loop4): doing ref verification [ 193.921365][ T9345] BTRFS info (device loop4): doing ref verification [ 193.965009][ T9345] BTRFS info (device loop4): using free space tree [ 194.048267][ T9354] loop1: detected capacity change from 0 to 8192 [ 194.073448][ T9354] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 194.086781][ T9354] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 194.096528][ T9354] REISERFS (device loop1): using ordered data mode [ 194.103345][ T9354] reiserfs: using flush barriers [ 194.113515][ T9354] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 194.141705][ T9345] BTRFS info (device loop4): enabling ssd optimizations [ 194.142215][ T9354] REISERFS (device loop1): checking transaction log (loop1) [ 194.162211][ T9345] BTRFS info (device loop4): rebuilding free space tree [ 194.247247][ T9374] loop3: detected capacity change from 0 to 512 [ 194.273785][ T9376] loop0: detected capacity change from 0 to 128 [ 194.293612][ T9354] REISERFS (device loop1): Using tea hash to sort names [ 194.317929][ T9354] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 194.333000][ T9376] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 194.377999][ T9376] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 194.448729][ T6755] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 194.614100][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.622209][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.706103][ T5783] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 195.253038][ T9399] cgroup: fork rejected by pids controller in /syz4 [ 196.166544][ T9415] 9pnet: p9_errstr2errno: server reported unknown error [ 196.592873][ T5785] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 196.605163][ T5785] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 196.617349][ T5785] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 196.632158][ T5785] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 196.645395][ T5785] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 196.658102][ T5785] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 197.177723][ T9424] chnl_net:caif_netlink_parms(): no params data found [ 197.272772][ T9430] loop1: detected capacity change from 0 to 32768 [ 197.325348][ T9430] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 197.394575][ T9424] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.421617][ T9460] loop3: detected capacity change from 0 to 2048 [ 197.427469][ T9424] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.435681][ T9424] bridge_slave_0: entered allmulticast mode [ 197.451479][ T9424] bridge_slave_0: entered promiscuous mode [ 197.467728][ T9424] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.476815][ T9424] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.491271][ T9424] bridge_slave_1: entered allmulticast mode [ 197.501406][ T9424] bridge_slave_1: entered promiscuous mode [ 197.564089][ T9430] XFS (loop1): Ending clean mount [ 197.586503][ T9430] XFS (loop1): Quotacheck needed: Please wait. [ 197.596970][ T9424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 197.615127][ T9424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 197.672302][ T3433] XFS (loop1): Metadata corruption detected at xfs_dinode_verify+0x2b9/0x1140, inode 0x2443 dinode [ 197.700953][ T3433] XFS (loop1): Unmount and run xfs_repair [ 197.708449][ T3433] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 197.712679][ T9466] team0: Port device ip6gretap1 added [ 197.716107][ T3433] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00 INA............. [ 197.716162][ T3433] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 197.743544][ T9424] team0: Port device team_slave_0 added [ 197.753756][ T3433] 00000020: 34 f7 58 68 a5 e2 bf 3d 34 f7 58 68 a5 e2 bf 3d 4.Xh...=4.Xh...= [ 197.764550][ T3433] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20 4.Xh...=....... [ 197.773935][ T3433] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 197.777592][ T9424] team0: Port device team_slave_1 added [ 197.783710][ T3433] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 54 01 7a fc ............T.z. [ 197.797766][ T3433] 00000060: ff ff ff ff 4c 7b c2 21 00 00 00 00 00 00 00 04 ....L{.!........ [ 197.806654][ T3433] 00000070: 00 00 00 01 00 00 00 80 00 00 00 00 00 00 00 08 ................ [ 197.858285][ T9430] XFS (loop1): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 197.871789][ T9424] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 197.879772][ T9424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.947095][ T9424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 197.964849][ T9424] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 197.977037][ T9424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.012683][ T9424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 198.102645][ T5787] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 198.158668][ T9424] hsr_slave_0: entered promiscuous mode [ 198.162055][ T9465] loop0: detected capacity change from 0 to 32768 [ 198.172720][ T9424] hsr_slave_1: entered promiscuous mode [ 198.178565][ T9465] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1437 (9465) [ 198.192477][ T9424] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 198.201818][ T9424] Cannot create hsr debugfs directory [ 198.202329][ T9470] loop3: detected capacity change from 0 to 512 [ 198.219266][ T9465] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 198.229672][ T9465] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 198.238982][ T9465] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 198.248688][ T9465] BTRFS info (device loop0): force lzo compression, level 0 [ 198.256118][ T9465] BTRFS info (device loop0): turning on sync discard [ 198.263202][ T9465] BTRFS info (device loop0): force clearing of disk cache [ 198.270938][ T9465] BTRFS info (device loop0): enabling disk space caching [ 198.278120][ T9465] BTRFS info (device loop0): turning off discard [ 198.284672][ T9465] BTRFS info (device loop0): disk space caching is enabled [ 198.369173][ T3433] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.433080][ T9465] BTRFS info (device loop0): enabling ssd optimizations [ 198.463862][ T9465] BTRFS info (device loop0): rebuilding free space tree [ 198.533534][ T9465] BTRFS info (device loop0): disabling free space tree [ 198.540928][ T9465] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 198.550999][ T9465] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 198.564158][ T3433] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.655439][ T3433] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.752582][ T3433] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.767280][ T5785] Bluetooth: hci3: command tx timeout [ 198.791463][ T5783] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 199.283621][ T9496] loop3: detected capacity change from 0 to 32768 [ 200.099078][ T9516] loop0: detected capacity change from 0 to 2048 [ 200.100174][ T9519] loop1: detected capacity change from 0 to 1024 [ 200.202468][ T9424] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 200.240069][ T9424] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 200.362175][ T27] kauditd_printk_skb: 72 callbacks suppressed [ 200.362190][ T27] audit: type=1800 audit(2000000352.374:148): pid=9521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1448" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 200.408457][ T9424] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 200.522848][ T9424] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 200.740881][ T9538] Falling back ldisc for ttyS3. [ 200.852273][ T5785] Bluetooth: hci3: command tx timeout [ 200.996670][ T9541] loop3: detected capacity change from 0 to 2048 [ 201.004695][ T9532] loop0: detected capacity change from 0 to 32768 [ 201.049319][ T9424] 8021q: adding VLAN 0 to HW filter on device bond0 [ 201.072356][ T9424] 8021q: adding VLAN 0 to HW filter on device team0 [ 201.138047][ T3542] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.145344][ T3542] bridge0: port 1(bridge_slave_0) entered forwarding state [ 201.195621][ T3433] hsr_slave_0: left promiscuous mode [ 201.205005][ T3433] hsr_slave_1: left promiscuous mode [ 201.214214][ T3433] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 201.225555][ T3433] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 201.240119][ T3433] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 201.251364][ T3433] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 201.261989][ T3433] bridge_slave_1: left allmulticast mode [ 201.272158][ T3433] bridge_slave_1: left promiscuous mode [ 201.280300][ T3433] bridge0: port 2(bridge_slave_1) entered disabled state [ 201.291554][ T9532] overlayfs: overlapping lowerdir path [ 201.301503][ T3433] bridge_slave_0: left allmulticast mode [ 201.307607][ T3433] bridge_slave_0: left promiscuous mode [ 201.314899][ T3433] bridge0: port 1(bridge_slave_0) entered disabled state [ 201.356170][ T3433] veth1_macvtap: left promiscuous mode [ 201.362258][ T3433] veth0_macvtap: left promiscuous mode [ 201.368254][ T3433] veth1_vlan: left promiscuous mode [ 201.373607][ T3433] veth0_vlan: left promiscuous mode [ 201.716871][ T9552] loop0: detected capacity change from 0 to 16 [ 202.220998][ T3433] team0 (unregistering): Port device team_slave_1 removed [ 202.290900][ T3433] team0 (unregistering): Port device team_slave_0 removed [ 202.346711][ T3433] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 202.411431][ T3433] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 202.932173][ T5785] Bluetooth: hci3: command tx timeout [ 203.058396][ T3433] bond0 (unregistering): Released all slaves [ 203.131866][ T3542] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.139225][ T3542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 203.268987][ T9424] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 203.594865][ T9424] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.997742][ T9589] loop1: detected capacity change from 0 to 64 [ 204.010888][ T9424] veth0_vlan: entered promiscuous mode [ 204.034849][ T9424] veth1_vlan: entered promiscuous mode [ 204.079747][ T9424] veth0_macvtap: entered promiscuous mode [ 204.113088][ T9424] veth1_macvtap: entered promiscuous mode [ 204.179034][ T9424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.206418][ T9424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.225678][ T9424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.247229][ T9424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.270695][ T9424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 204.288463][ T9424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.300201][ T9424] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 204.311519][ T9424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.337058][ T9424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.357565][ T9599] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1476'. [ 204.366868][ T9424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.394335][ T9424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.408862][ T9424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 204.419639][ T9424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.430644][ T9424] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 204.437451][ T969] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 204.462804][ T9424] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.471809][ T9424] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.482208][ T9424] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.491188][ T9424] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.605373][ T3542] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.619021][ T969] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 204.624338][ T9605] loop0: detected capacity change from 0 to 256 [ 204.635486][ T3542] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.647138][ T969] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 204.662865][ T969] usb 2-1: config 0 interface 0 has no altsetting 0 [ 204.670708][ T969] usb 2-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00 [ 204.680025][ T969] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.694034][ T969] usb 2-1: config 0 descriptor?? [ 204.700530][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.716205][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.834493][ T9607] loop0: detected capacity change from 0 to 4096 [ 205.018014][ T5785] Bluetooth: hci3: command tx timeout [ 205.131358][ T969] hid-alps 0003:044E:120B.000C: unknown main item tag 0x0 [ 205.147101][ T969] hid-alps 0003:044E:120B.000C: unknown main item tag 0x0 [ 205.154806][ T969] hid-alps 0003:044E:120B.000C: unknown main item tag 0x0 [ 205.167068][ T969] hid-alps 0003:044E:120B.000C: unknown main item tag 0x0 [ 205.174255][ T969] hid-alps 0003:044E:120B.000C: unknown main item tag 0x0 [ 205.183912][ T969] hid-alps 0003:044E:120B.000C: unknown main item tag 0x0 [ 205.191687][ T969] hid-alps 0003:044E:120B.000C: unknown main item tag 0x0 [ 205.199718][ T5775] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 205.208426][ T969] hid-alps 0003:044E:120B.000C: unknown main item tag 0x0 [ 205.216236][ T969] hid-alps 0003:044E:120B.000C: unknown main item tag 0x0 [ 205.223761][ T969] hid-alps 0003:044E:120B.000C: item fetching failed at offset 9/11 [ 205.232794][ T969] hid-alps 0003:044E:120B.000C: parse failed [ 205.242381][ T969] hid-alps: probe of 0003:044E:120B.000C failed with error -22 [ 205.382854][ T969] usb 2-1: USB disconnect, device number 5 [ 205.409742][ T5775] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 205.427039][ T5775] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.441234][ T9611] loop4: detected capacity change from 0 to 40427 [ 205.448143][ T5775] usb 4-1: Product: syz [ 205.452438][ T5775] usb 4-1: Manufacturer: syz [ 205.457615][ T5775] usb 4-1: SerialNumber: syz [ 205.463735][ T9611] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 205.473919][ T5775] usb 4-1: config 0 descriptor?? [ 205.479024][ T9611] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 205.490342][ T9611] F2FS-fs (loop4): build fault injection attr: rate: 18446, type: 0x7ffff [ 205.505268][ T9611] F2FS-fs (loop4): invalid crc value [ 205.514158][ T9611] F2FS-fs (loop4): Found nat_bits in checkpoint [ 205.566595][ T9611] F2FS-fs (loop4): Start checkpoint disabled! [ 205.590139][ T9611] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 205.598950][ T9611] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 205.639608][ T27] audit: type=1800 audit(2000000001.770:149): pid=9611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1481" name="file1" dev="loop4" ino=10 res=0 errno=0 [ 205.661675][ T9611] syz.4.1481: attempt to access beyond end of device [ 205.661675][ T9611] loop4: rw=2049, sector=77824, nr_sectors = 800 limit=40427 [ 205.829294][ T41] kworker/u4:2: attempt to access beyond end of device [ 205.829294][ T41] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 205.849297][ T41] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 205.856373][ T41] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 205.938718][ T5775] usb 4-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0) [ 205.971058][ T5775] usb 4-1: Firmware version (0.0) predates our first public release. [ 205.988676][ T5775] usb 4-1: Please update to version 0.2 or newer [ 206.212950][ T5775] usb 4-1: USB disconnect, device number 7 [ 206.513787][ T969] kernel write not supported for file bpf-prog (pid: 969 comm: kworker/1:2) [ 206.645621][ T27] audit: type=1326 audit(2000000002.770:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.0.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2cd98e9a9 code=0x7ffc0000 [ 206.677499][ T27] audit: type=1326 audit(2000000002.780:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.0.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2cd98e9a9 code=0x7ffc0000 [ 206.726778][ T27] audit: type=1326 audit(2000000002.800:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.0.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7fe2cd98e9a9 code=0x7ffc0000 [ 206.790434][ T27] audit: type=1326 audit(2000000002.800:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.0.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2cd98e9a9 code=0x7ffc0000 [ 206.846112][ T9652] loop0: detected capacity change from 0 to 2048 [ 206.852719][ T27] audit: type=1326 audit(2000000002.800:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.0.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2cd98e9a9 code=0x7ffc0000 [ 206.877868][ T27] audit: type=1326 audit(2000000002.810:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.0.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe2cd98e9a9 code=0x7ffc0000 [ 206.905756][ T27] audit: type=1326 audit(2000000002.810:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.0.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2cd98e9a9 code=0x7ffc0000 [ 206.929720][ T27] audit: type=1326 audit(2000000002.810:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.0.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2cd98e9a9 code=0x7ffc0000 [ 206.952841][ T27] audit: type=1326 audit(2000000002.830:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.0.1497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe2cd98e9a9 code=0x7ffc0000 [ 206.998091][ T9637] loop4: detected capacity change from 0 to 32768 [ 207.009624][ T9653] tap0: tun_chr_ioctl cmd 1074025677 [ 207.015480][ T9653] tap0: linktype set to 805 [ 207.059247][ T9637] loop4: p1 p2 p3 < p5 p6 p7 > [ 207.129293][ T9637] loop4: p2 size 16775168 extends beyond EOD, truncated [ 207.140994][ T9637] loop4: p5 start 4294970168 is beyond EOD, truncated [ 207.482019][ T9668] loop1: detected capacity change from 0 to 4096 [ 207.642023][ T9679] loop3: detected capacity change from 0 to 512 [ 207.660468][ T9679] EXT4-fs: Ignoring removed oldalloc option [ 208.409780][ T9712] loop0: detected capacity change from 0 to 128 [ 208.456189][ T9712] loop0: detected capacity change from 0 to 512 [ 208.465903][ T9716] loop1: detected capacity change from 0 to 512 [ 208.497356][ T9716] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 208.505527][ T9716] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 208.526909][ T9716] EXT4-fs (loop1): 1 truncate cleaned up [ 208.543239][ T9720] loop3: detected capacity change from 0 to 128 [ 208.552632][ T9716] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.630048][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.850859][ T9728] loop0: detected capacity change from 0 to 1024 [ 208.868783][ T9705] loop4: detected capacity change from 0 to 40427 [ 208.876600][ T9705] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 208.885021][ T9728] EXT4-fs: inline encryption not supported [ 208.890980][ T9705] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 208.900339][ T9705] F2FS-fs (loop4): heap/no_heap options were deprecated [ 208.907486][ T9728] EXT4-fs: Ignoring removed bh option [ 208.915816][ T9705] F2FS-fs (loop4): invalid crc value [ 208.929926][ T9705] F2FS-fs (loop4): Found nat_bits in checkpoint [ 209.022228][ T9705] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 209.037144][ T9705] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 209.131717][ T9705] syz.4.1524: attempt to access beyond end of device [ 209.131717][ T9705] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 209.167729][ T9705] F2FS-fs (loop4): Remounting filesystem read-only [ 209.175078][ T9705] syz.4.1524: attempt to access beyond end of device [ 209.175078][ T9705] loop4: rw=2049, sector=45128, nr_sectors = 8 limit=40427 [ 209.207257][ T9705] F2FS-fs (loop4): Remounting filesystem read-only [ 209.372747][ T9727] loop3: detected capacity change from 0 to 32768 [ 209.987712][ T9753] loop4: detected capacity change from 0 to 4096 [ 210.011092][ T9753] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 210.119444][ T9753] ntfs3: loop4: ino=1e, "file1" ntfs3_write_inode failed, -22. [ 210.500869][ T9759] loop0: detected capacity change from 0 to 32768 [ 211.087483][ T9] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 211.288612][ T9] usb 5-1: config 0 has an invalid interface number: 120 but max is 0 [ 211.307136][ T9] usb 5-1: config 0 has no interface number 0 [ 211.313308][ T9] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 211.337121][ T9] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid maxpacket 255, setting to 64 [ 211.348455][ T9] usb 5-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 211.357820][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.378013][ T9] usb 5-1: config 0 descriptor?? [ 211.384189][ T9780] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 211.393907][ T9] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.120/input/input13 [ 211.644651][ T9] usb 5-1: USB disconnect, device number 9 [ 212.004797][ T9789] loop0: detected capacity change from 0 to 32768 [ 212.147438][ T9803] netlink: 'syz.1.1563': attribute type 1 has an invalid length. [ 212.160051][ T9803] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1563'. [ 212.516690][ T9815] loop1: detected capacity change from 0 to 1024 [ 212.589582][ T27] kauditd_printk_skb: 3 callbacks suppressed [ 212.589595][ T27] audit: type=1800 audit(2000000008.720:162): pid=9815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1571" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 212.693450][ T9805] loop3: detected capacity change from 0 to 32768 [ 213.019250][ T9827] loop1: detected capacity change from 0 to 64 [ 213.469958][ T9855] loop1: detected capacity change from 0 to 1024 [ 213.479096][ T9855] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 213.508736][ T9855] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 213.610290][ T9855] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 213.752217][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.878947][ T9878] loop1: detected capacity change from 0 to 128 [ 213.911816][ T9878] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 213.927074][ T9878] ext4 filesystem being mounted at /413/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 214.009832][ T9883] netlink: 428 bytes leftover after parsing attributes in process `syz.0.1607'. [ 214.014688][ T5787] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 214.028594][ T9883] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1607'. [ 214.147548][ T42] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 214.314880][ T9899] loop3: detected capacity change from 0 to 256 [ 214.357160][ T42] usb 5-1: Using ep0 maxpacket: 8 [ 214.365847][ T42] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 214.378465][ T42] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 214.388466][ T42] usb 5-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 214.397638][ T42] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.408277][ T42] usb 5-1: config 0 descriptor?? [ 214.637225][ T969] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 214.838746][ T42] holtek 0003:1241:5015.000D: unknown main item tag 0x0 [ 214.845811][ T42] holtek 0003:1241:5015.000D: unknown main item tag 0x0 [ 214.853678][ T42] holtek 0003:1241:5015.000D: unknown main item tag 0x0 [ 214.861882][ T42] holtek 0003:1241:5015.000D: unknown main item tag 0x0 [ 214.869876][ T42] holtek 0003:1241:5015.000D: unknown main item tag 0x0 [ 214.879775][ T969] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 214.889270][ T969] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.902530][ T969] usb 2-1: Product: syz [ 214.909833][ T42] holtek 0003:1241:5015.000D: hidraw0: USB HID vff.ff Device [HID 1241:5015] on usb-dummy_hcd.4-1/input0 [ 214.921565][ T969] usb 2-1: Manufacturer: syz [ 214.926559][ T969] usb 2-1: SerialNumber: syz [ 214.932024][ T42] holtek 0003:1241:5015.000D: no inputs found [ 214.940692][ T969] usb 2-1: config 0 descriptor?? [ 215.079797][ T42] usb 5-1: USB disconnect, device number 10 [ 215.374966][ T969] airspy 2-1:0.0: Board ID: 00 [ 215.387031][ T969] airspy 2-1:0.0: Firmware version: [ 215.776708][ T969] airspy 2-1:0.0: usb_control_msg() failed -71 request 0e [ 215.797629][ T969] airspy 2-1:0.0: Registered as swradio24 [ 215.803895][ T969] airspy 2-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 215.832344][ T969] usb 2-1: USB disconnect, device number 6 [ 216.290087][ T9941] loop4: detected capacity change from 0 to 256 [ 216.305567][ T9941] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 217.195402][ T9982] loop1: detected capacity change from 0 to 64 [ 217.211731][ T9982] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 217.269753][ T5787] minix_free_inode: bit 3 already cleared [ 217.295216][ T5787] minix_free_inode: bit 4 already cleared [ 217.304530][ T5787] minix_free_inode: bit 2 already cleared [ 217.307695][ T9947] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 217.316829][ T5787] minix_free_inode: bit 5 already cleared [ 217.707134][ T969] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 217.812042][ T9996] loop4: detected capacity change from 0 to 32768 [ 217.819776][ T9996] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1648 (9996) [ 217.840626][ T9996] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 217.851240][ T9996] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 217.877553][ T9996] BTRFS info (device loop4): force clearing of disk cache [ 217.886101][ T9996] BTRFS info (device loop4): metadata ratio 0 [ 217.892930][ T9996] BTRFS info (device loop4): enabling ssd optimizations [ 217.900616][ T9996] BTRFS info (device loop4): using spread ssd allocation scheme [ 217.908504][ T9996] BTRFS info (device loop4): using free space tree [ 217.919308][ T969] usb 2-1: config 0 has an invalid interface number: 215 but max is 0 [ 217.927942][ T969] usb 2-1: config 0 has no interface number 0 [ 217.937163][ T969] usb 2-1: New USB device found, idVendor=07cf, idProduct=1001, bcdDevice=4e.2a [ 217.946867][ T969] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.955643][ T969] usb 2-1: Product: syz [ 217.960818][ T969] usb 2-1: Manufacturer: syz [ 217.966366][ T969] usb 2-1: SerialNumber: syz [ 217.975264][ T969] usb 2-1: config 0 descriptor?? [ 217.984927][ T969] usb-storage 2-1:0.215: USB Mass Storage device detected [ 217.999702][ T969] usb-storage 2-1:0.215: Quirks match for vid 07cf pid 1001: a [ 218.016500][ T9996] BTRFS info (device loop4): auto enabling async discard [ 218.024816][ T9996] BTRFS info (device loop4): rebuilding free space tree [ 218.103938][ T9424] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 218.242206][ T5848] usb 2-1: USB disconnect, device number 7 [ 218.381767][T10022] loop4: detected capacity change from 0 to 128 [ 218.392405][T10022] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 218.406672][T10022] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 218.430250][T10022] overlayfs: upper fs needs to support d_type. [ 218.436818][T10022] overlayfs: upper fs does not support tmpfile. [ 219.324585][T10057] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1672'. [ 219.593779][T10051] loop4: detected capacity change from 0 to 32768 [ 219.603255][T10051] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.1668 (10051) [ 219.619733][T10051] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 219.637853][T10051] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 219.658276][T10051] BTRFS info (device loop4): using free space tree [ 219.735404][T10051] BTRFS info (device loop4): enabling ssd optimizations [ 219.742796][T10051] BTRFS info (device loop4): auto enabling async discard [ 219.928537][ T9424] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 220.754799][T10121] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 221.076901][T10137] loop0: detected capacity change from 0 to 512 [ 221.091667][T10137] EXT4-fs (loop0): write access unavailable, skipping orphan cleanup [ 221.101207][T10137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 221.125161][T10137] EXT4-fs (loop0): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 221.207765][ T5783] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.358607][T10146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1705'. [ 221.725170][T10160] loop4: detected capacity change from 0 to 128 [ 221.741988][T10160] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 221.768066][T10160] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 221.855415][ T9424] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 221.932315][T10166] loop1: detected capacity change from 0 to 128 [ 222.746664][T10197] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 222.898233][T10200] loop4: detected capacity change from 0 to 128 [ 222.924243][T10200] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 222.956417][T10201] loop0: detected capacity change from 0 to 1024 [ 222.963450][T10200] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 223.010656][T10200] EXT4-fs error (device loop4): swap_inode_boot_loader:384: inode #5: comm syz.4.1731: iget: checksum invalid [ 223.088662][ T9424] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 223.394737][T10185] loop1: detected capacity change from 0 to 131072 [ 223.404169][T10185] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0) [ 223.412450][T10185] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 223.426434][T10185] F2FS-fs (loop1): invalid crc value [ 223.434012][ T9] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 223.447826][ T9] hid-generic 0000:0000:0000.000E: hidraw0: HID v0.00 Device [syz1] on syz0 [ 223.459138][T10185] F2FS-fs (loop1): Found nat_bits in checkpoint [ 223.524205][T10185] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 223.531420][T10185] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 223.792997][T10216] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1736'. [ 223.957280][T10223] loop0: detected capacity change from 0 to 256 [ 224.345806][T10233] loop0: detected capacity change from 0 to 512 [ 224.484029][T10237] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1745'. [ 224.817862][T10254] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1751'. [ 224.841100][T10254] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1751'. [ 224.930202][T10257] netlink: 'syz.4.1755': attribute type 21 has an invalid length. [ 224.938798][T10257] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1755'. [ 224.955631][T10257] netlink: 'syz.4.1755': attribute type 21 has an invalid length. [ 224.976681][T10257] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1755'. [ 225.132772][T10269] loop1: detected capacity change from 0 to 256 [ 225.244083][T10273] loop4: detected capacity change from 0 to 1024 [ 225.271758][T10273] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 225.298353][T10273] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 225.336481][T10273] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e02c, mo2=0000] [ 225.356020][T10279] program syz.3.1763 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 225.432733][T10273] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 2: comm syz.4.1760: lblock 2 mapped to illegal pblock 2 (length 1) [ 225.510061][T10273] EXT4-fs (loop4): Remounting filesystem read-only [ 225.550947][T10273] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 225.559707][T10273] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 225.585125][T10273] EXT4-fs (loop4): 1 orphan inode deleted [ 225.592628][T10273] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 225.673574][ T9424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.802068][T10300] loop4: detected capacity change from 0 to 16 [ 225.830893][T10300] erofs: (device loop4): mounted with root inode @ nid 36. [ 225.978640][ T9424] erofs: (device loop4): erofs_fill_dentries: bogus dirent @ nid 46 [ 226.001342][ T9424] erofs: (device loop4): erofs_readdir: invalid de[0].nameoff 0 @ nid 89 [ 226.016632][ T9424] erofs: (device loop4): erofs_readdir: invalid de[0].nameoff 0 @ nid 89 [ 226.029460][T10307] loop0: detected capacity change from 0 to 4096 [ 226.105367][T10312] loop4: detected capacity change from 0 to 1024 [ 226.163061][T10307] loop0: detected capacity change from 0 to 512 [ 226.766237][T10329] loop0: detected capacity change from 0 to 256 [ 226.822612][T10314] loop3: detected capacity change from 0 to 32768 [ 227.043550][T10308] loop1: detected capacity change from 0 to 65536 [ 227.098330][T10308] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 227.159552][T10308] XFS (loop1): Ending clean mount [ 227.201232][ T5848] XFS (loop1): Metadata CRC error detected at xfs_agf_read_verify+0x191/0x250, xfs_agf block 0x1 [ 227.229303][ T5848] XFS (loop1): Unmount and run xfs_repair [ 227.235699][ T5848] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 227.248672][ T5848] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00 XAGF..........@. [ 227.257870][ T5848] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01 ................ [ 227.266830][ T5848] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 227.280191][ T5848] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00 ......?...?..... [ 227.289591][ T5848] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3 .sH./.A..&.:g... [ 227.298815][ T5848] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 ................ [ 227.307889][ T5848] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 227.318287][ T5848] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 227.327680][T10308] XFS (loop1): metadata I/O error in "xfs_read_agf+0x27e/0x590" at daddr 0x1 len 1 error 74 [ 227.362274][T10308] XFS (loop1): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x518/0x8a0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 227.384302][T10327] loop4: detected capacity change from 0 to 32768 [ 227.393938][T10308] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 227.432386][ T5787] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 227.488366][T10327] ERROR: (device loop4): dbFindCtl: Corrupt dmapctl page [ 227.488366][T10327] [ 227.517762][T10327] ERROR: (device loop4): remounting filesystem as read-only [ 228.125572][T10348] loop1: detected capacity change from 0 to 2048 [ 228.184023][T10348] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 228.235100][T10353] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 228.532955][T10372] syzkaller0: tun_chr_ioctl cmd 35092 [ 228.547336][ T5848] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 228.760981][ T5848] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 228.787350][ T5848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.802166][ T5848] usb 1-1: config 0 descriptor?? [ 228.822254][ T5848] cp210x 1-1:0.0: cp210x converter detected [ 229.063738][T10396] loop4: detected capacity change from 0 to 2048 [ 229.120710][T10396] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.226536][ T5848] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 229.281615][ T5848] usb 1-1: cp210x converter now attached to ttyUSB0 [ 229.289272][T10396] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 229.327661][T10396] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28 [ 229.347132][T10396] EXT4-fs (loop4): This should not happen!! Data will be lost [ 229.347132][T10396] [ 229.361020][T10396] EXT4-fs (loop4): Total free blocks count 0 [ 229.381513][T10396] EXT4-fs (loop4): Free/Dirty block details [ 229.391647][T10396] EXT4-fs (loop4): free_blocks=2415919104 [ 229.408425][T10396] EXT4-fs (loop4): dirty_blocks=16 [ 229.423892][T10396] EXT4-fs (loop4): Block reservation details [ 229.453101][T10396] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 229.459496][T10406] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1814'. [ 229.473032][ T9] usb 1-1: USB disconnect, device number 12 [ 229.498423][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 229.526148][ T9] cp210x 1-1:0.0: device disconnected [ 229.578433][ T9424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.957171][ T5869] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 230.152225][ T5869] usb 5-1: config 0 has an invalid interface number: 214 but max is 0 [ 230.171416][ T5869] usb 5-1: config 0 has no interface number 0 [ 230.183364][ T5869] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64 [ 230.206220][ T5869] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 230.219740][T10423] loop3: detected capacity change from 0 to 32768 [ 230.227926][ T5869] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.232053][T10423] XFS: ikeep mount option is deprecated. [ 230.235984][ T5869] usb 5-1: Product: syz [ 230.236003][ T5869] usb 5-1: Manufacturer: syz [ 230.236015][ T5869] usb 5-1: SerialNumber: syz [ 230.256835][ T5869] usb 5-1: config 0 descriptor?? [ 230.875342][ T5869] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.214/input/input15 [ 231.080004][ T5834] usb 5-1: USB disconnect, device number 11 [ 231.141984][T10449] tap0: tun_chr_ioctl cmd 1074025677 [ 231.147681][T10449] tap0: linktype set to 769 [ 231.194901][T10451] program syz.1.1835 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 231.308154][T10456] sp0: Synchronizing with TNC [ 231.607203][T10470] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1843'. [ 231.901589][T10483] loop1: detected capacity change from 0 to 1024 [ 231.970822][T10483] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 232.029878][T10483] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.1848: bg 0: block 280: padding at end of block bitmap is not set [ 232.057371][T10483] EXT4-fs (loop1): Remounting filesystem read-only [ 232.113781][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.196307][T10497] loop0: detected capacity change from 0 to 512 [ 232.205085][T10497] EXT4-fs: Ignoring removed mblk_io_submit option [ 232.278750][T10475] loop4: detected capacity change from 0 to 32768 [ 232.358193][T10475] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 232.416623][T10475] [ 232.419004][T10475] ====================================================== [ 232.426033][T10475] WARNING: possible circular locking dependency detected [ 232.433079][T10475] 6.6.100-syzkaller #0 Not tainted [ 232.438215][T10475] ------------------------------------------------------ [ 232.445332][T10475] syz.4.1845/10475 is trying to acquire lock: [ 232.451409][T10475] ffff88805e075118 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: ocfs2_xattr_set+0xada/0x11f0 [ 232.463779][T10475] [ 232.463779][T10475] but task is already holding lock: [ 232.471156][T10475] ffff88805c6bbff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x410/0x11f0 [ 232.480841][T10475] [ 232.480841][T10475] which lock already depends on the new lock. [ 232.480841][T10475] [ 232.491320][T10475] [ 232.491320][T10475] the existing dependency chain (in reverse order) is: [ 232.500318][T10475] [ 232.500318][T10475] -> #2 (&oi->ip_xattr_sem){++++}-{3:3}: [ 232.508165][T10475] down_read+0x46/0x2e0 [ 232.512839][T10475] ocfs2_init_acl+0x2fa/0x720 [ 232.518024][T10475] ocfs2_mknod+0x12e5/0x20f0 [ 232.523216][T10475] ocfs2_mkdir+0x196/0x410 [ 232.528135][T10475] vfs_mkdir+0x296/0x440 [ 232.532883][T10475] do_mkdirat+0x1d4/0x440 [ 232.537750][T10475] __x64_sys_mkdir+0x6e/0x80 [ 232.542844][T10475] do_syscall_64+0x55/0xb0 [ 232.547768][T10475] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 232.554173][T10475] [ 232.554173][T10475] -> #1 (jbd2_handle){++++}-{0:0}: [ 232.561459][T10475] jbd2_journal_lock_updates+0xab/0x380 [ 232.567614][T10475] __ocfs2_flush_truncate_log+0x2b8/0x10b0 [ 232.573952][T10475] ocfs2_flush_truncate_log+0x4f/0x60 [ 232.579834][T10475] ocfs2_sync_fs+0x117/0x310 [ 232.584931][T10475] sync_filesystem+0x1c2/0x220 [ 232.590232][T10475] generic_shutdown_super+0x6f/0x2b0 [ 232.596208][T10475] kill_block_super+0x44/0x90 [ 232.601487][T10475] deactivate_locked_super+0x97/0x100 [ 232.607367][T10475] cleanup_mnt+0x429/0x4c0 [ 232.612285][T10475] task_work_run+0x1ce/0x250 [ 232.617380][T10475] exit_to_user_mode_loop+0xe6/0x110 [ 232.623262][T10475] exit_to_user_mode_prepare+0xb1/0x140 [ 232.629488][T10475] syscall_exit_to_user_mode+0x1a/0x50 [ 232.635467][T10475] do_syscall_64+0x61/0xb0 [ 232.640474][T10475] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 232.646877][T10475] [ 232.646877][T10475] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}: [ 232.657378][T10475] __lock_acquire+0x2ddb/0x7c80 [ 232.663088][T10475] lock_acquire+0x197/0x410 [ 232.668183][T10475] down_write+0x97/0x1f0 [ 232.672936][T10475] ocfs2_xattr_set+0xada/0x11f0 [ 232.678297][T10475] __vfs_setxattr+0x431/0x470 [ 232.683482][T10475] __vfs_setxattr_noperm+0x12d/0x5e0 [ 232.689282][T10475] vfs_setxattr+0x16c/0x2f0 [ 232.694309][T10475] path_setxattr+0x362/0x550 [ 232.699410][T10475] __x64_sys_setxattr+0xbb/0xd0 [ 232.704860][T10475] do_syscall_64+0x55/0xb0 [ 232.709783][T10475] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 232.716369][T10475] [ 232.716369][T10475] other info that might help us debug this: [ 232.716369][T10475] [ 232.727036][T10475] Chain exists of: [ 232.727036][T10475] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6 --> jbd2_handle --> &oi->ip_xattr_sem [ 232.727036][T10475] [ 232.743147][T10475] Possible unsafe locking scenario: [ 232.743147][T10475] [ 232.750581][T10475] CPU0 CPU1 [ 232.755928][T10475] ---- ---- [ 232.761455][T10475] lock(&oi->ip_xattr_sem); [ 232.766031][T10475] lock(jbd2_handle); [ 232.772868][T10475] lock(&oi->ip_xattr_sem); [ 232.779964][T10475] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6); [ 232.787326][T10475] [ 232.787326][T10475] *** DEADLOCK *** [ 232.787326][T10475] [ 232.795457][T10475] 3 locks held by syz.4.1845/10475: [ 232.800632][T10475] #0: ffff888078eb6418 (sb_writers#14){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 232.809941][T10475] #1: ffff88805c6bc2d8 (&sb->s_type->i_mutex_key#22){+.+.}-{3:3}, at: vfs_setxattr+0x145/0x2f0 [ 232.820389][T10475] #2: ffff88805c6bbff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x410/0x11f0 [ 232.830739][T10475] [ 232.830739][T10475] stack backtrace: [ 232.836840][T10475] CPU: 0 PID: 10475 Comm: syz.4.1845 Not tainted 6.6.100-syzkaller #0 [ 232.844999][T10475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 232.855261][T10475] Call Trace: [ 232.858572][T10475] [ 232.861613][T10475] dump_stack_lvl+0x16c/0x230 [ 232.866292][T10475] ? load_image+0x3b0/0x3b0 [ 232.870791][T10475] ? show_regs_print_info+0x20/0x20 [ 232.875986][T10475] ? print_circular_bug+0x12b/0x1a0 [ 232.881175][T10475] check_noncircular+0x2bd/0x3c0 [ 232.886195][T10475] ? look_up_lock_class+0x75/0x140 [ 232.891301][T10475] ? print_deadlock_bug+0x5d0/0x5d0 [ 232.896487][T10475] ? lockdep_lock+0xe0/0x220 [ 232.901064][T10475] ? lockdep_unlock+0x137/0x2d0 [ 232.906105][T10475] ? _find_first_zero_bit+0xd3/0x100 [ 232.911404][T10475] __lock_acquire+0x2ddb/0x7c80 [ 232.916249][T10475] ? verify_lock_unused+0x140/0x140 [ 232.921436][T10475] ? stack_trace_save+0x9c/0xe0 [ 232.926281][T10475] lock_acquire+0x197/0x410 [ 232.930772][T10475] ? ocfs2_xattr_set+0xada/0x11f0 [ 232.935786][T10475] ? __might_sleep+0xe0/0xe0 [ 232.940894][T10475] ? read_lock_is_recursive+0x20/0x20 [ 232.946252][T10475] ? ocfs2_inode_lock_tracker+0x3ec/0x660 [ 232.951974][T10475] ? ocfs2_xattr_block_find+0x154/0x4c0 [ 232.957530][T10475] down_write+0x97/0x1f0 [ 232.961801][T10475] ? ocfs2_xattr_set+0xada/0x11f0 [ 232.966901][T10475] ? down_read_killable+0x340/0x340 [ 232.972083][T10475] ? ocfs2_xattr_ibody_find+0xcb/0x7c0 [ 232.977620][T10475] ocfs2_xattr_set+0xada/0x11f0 [ 232.982492][T10475] ? __ocfs2_xattr_set_handle+0xf10/0xf10 [ 232.988202][T10475] ? __lock_acquire+0x1334/0x7c80 [ 232.993229][T10475] ? verify_lock_unused+0x140/0x140 [ 232.998766][T10475] ? aa_get_newest_label+0xf8/0x5c0 [ 233.003954][T10475] ? end_current_label_crit_section+0x170/0x170 [ 233.010185][T10475] ? posix_xattr_acl+0x93/0xb0 [ 233.014941][T10475] ? evm_protect_xattr+0x36d/0x7a0 [ 233.020052][T10475] ? ocfs2_xattr_trusted_get+0x40/0x40 [ 233.025516][T10475] __vfs_setxattr+0x431/0x470 [ 233.030478][T10475] __vfs_setxattr_noperm+0x12d/0x5e0 [ 233.035776][T10475] vfs_setxattr+0x16c/0x2f0 [ 233.040387][T10475] ? xattr_permission+0x470/0x470 [ 233.045404][T10475] ? __mnt_want_write+0x223/0x2a0 [ 233.050775][T10475] ? path_setxattr+0x314/0x550 [ 233.055528][T10475] path_setxattr+0x362/0x550 [ 233.060111][T10475] ? simple_xattrs_free+0x150/0x150 [ 233.065310][T10475] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 233.071477][T10475] ? lock_chain_count+0x20/0x20 [ 233.076759][T10475] __x64_sys_setxattr+0xbb/0xd0 [ 233.081603][T10475] do_syscall_64+0x55/0xb0 [ 233.086030][T10475] ? clear_bhb_loop+0x40/0x90 [ 233.090697][T10475] ? clear_bhb_loop+0x40/0x90 [ 233.095361][T10475] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 233.101247][T10475] RIP: 0033:0x7f1219d8e9a9 [ 233.105663][T10475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 233.125521][T10475] RSP: 002b:00007f121ab1a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 233.134372][T10475] RAX: ffffffffffffffda RBX: 00007f1219fb5fa0 RCX: 00007f1219d8e9a9 [ 233.142434][T10475] RDX: 0000200000000200 RSI: 00002000000001c0 RDI: 0000200000000000 [ 233.150568][T10475] RBP: 00007f1219e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 233.158735][T10475] R10: 0000000000000841 R11: 0000000000000246 R12: 0000000000000000 [ 233.166791][T10475] R13: 0000000000000000 R14: 00007f1219fb5fa0 R15: 00007fffc9adccd8 [ 233.174888][T10475] [ 233.253448][ T9424] ocfs2: Unmounting device (7,4) on (node local)