last executing test programs: 53.7865783s ago: executing program 1 (id=11003): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001a00)=ANY=[@ANYBLOB="300000001800010000000000000000000a800000ff03000600000000140001000000000000000000000000ce"], 0x30}}, 0x0) 53.583402741s ago: executing program 1 (id=11008): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c000000040a050000000000000000000a000005090001"], 0x2c}, 0x1, 0x0, 0x0, 0x4040080}, 0x4000800) 53.486839974s ago: executing program 1 (id=11010): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f000009df00)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x2}, 0x20) 53.342039901s ago: executing program 1 (id=11013): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$nfs(&(0x7f00000001c0)='..\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x85000, 0x0) 53.202968115s ago: executing program 1 (id=11015): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x6}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x0) 52.907285156s ago: executing program 1 (id=11021): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdafb, {0x0, 0x0, 0x0, 0x0, 0x50b17, 0x10000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}, @IFLA_BOND_AD_LACP_ACTIVE={0x5, 0x1d, 0x3}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x40044) 52.50386979s ago: executing program 32 (id=11021): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdafb, {0x0, 0x0, 0x0, 0x0, 0x50b17, 0x10000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}, @IFLA_BOND_AD_LACP_ACTIVE={0x5, 0x1d, 0x3}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x40044) 2.463682439s ago: executing program 2 (id=11959): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000053c0)={0xb0, 0x45, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x99, 0x4, 0x0, 0x1, [@typed={0x8, 0x24, 0x0, 0x0, @fd=r0}, @generic="c228d3c8dc508cc404309b84fadc76f3519e328a5d63a0baefd34abb96320bc59295eb61e105205d31018824720eaaad99bde0ce26f4dab0b2781c01063532f492ceddd52e8e57037969056e673de024e992369bdd715ae62c3ca83c6ab37ec1f1e44de388b16d34d92b6a545ecc42b80ca2c26d2272781e9323b12082b626b6d8a3c422931d6ad5e4571b3485"]}]}, 0xb0}, 0x1, 0x0, 0x0, 0xc000}, 0xc000) 2.309927929s ago: executing program 2 (id=11963): r0 = syz_open_dev$cec(&(0x7f00000000c0), 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000001c0)={"1b00", 0x100, 0x5, 0x2, 0x800, 0x0, "f759e100edc710000000d9fc6300", '\x00', "0300", '\x00', ["8b59b4d766cbd6e4af000700", "c2fed6e1dcc98aa8325c6b40", "f9c799298d4865830100", "0000000000000000001000"]}) 1.874593449s ago: executing program 4 (id=11973): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14) 1.833288719s ago: executing program 5 (id=11975): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZE(r0, 0x4b2f, 0x0) 1.819500042s ago: executing program 2 (id=11976): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c000000020605000000000000000000000000000c00078008000640000000000500010006000000050005000200000005000400020000000900020073797a310000000016000300686173683a6e65742c706f72742c6e6574"], 0x5c}}, 0x0) 1.680988923s ago: executing program 2 (id=11978): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x40003, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x1f, 0x1, 0x0, "6906001022366ccee4ba5686b4f801fef4372f2c74f6024305f11fd3454ad23d", 0x32314d48}) 1.646879781s ago: executing program 5 (id=11981): r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) writev(r0, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000000)='4', 0x1}], 0x2) 1.574085037s ago: executing program 4 (id=11982): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000680)=@base={0xa, 0x16, 0xb4, 0x3}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x79, 0x0, 0x0, 0xe7}, @initr0, @exit]}, &(0x7f0000000640)='GPL\x00', 0x2, 0xee, &(0x7f0000000340)=""/238}, 0x94) 1.455352925s ago: executing program 2 (id=11984): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000780)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8932, &(0x7f0000000900)={'wlan1\x00', @random}) 1.389240679s ago: executing program 4 (id=11986): syz_emit_ethernet(0x4e, &(0x7f0000000480)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "183061", 0x18, 0x2c, 0x0, @remote, @local, {[@routing={0x2b, 0x2, 0x0, 0x1, 0x0, [@empty]}]}}}}}, 0x0) syz_emit_ethernet(0x46, &(0x7f00000002c0)={@multicast, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "0400", 0x10, 0x2c, 0x0, @remote, @local, {[@routing={0x88, 0x0, 0x2, 0x6}, @srh={0x89, 0x0, 0x4, 0x0, 0x9, 0x0, 0x2}]}}}}}, 0x0) 1.367547032s ago: executing program 5 (id=11987): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x11}, @printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 1.219229309s ago: executing program 2 (id=11990): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x4436, &(0x7f00000088c0)="$eJzs3c9vFFUcAPA30yotArbIARMTN5FEo6ZpOaklsZRCaaFiUIjxsmzbBarbLmm3xgOHeiPxZOLBeCCaeOsJe/CKf4IXj5h4I9GDFxMTYs3uTn/MdJcutWuFfD4JTOf97n5n3r45TF+cqFyfWcjNLOQKc7ny1NWF47lPyqXF2WKIm/i1WcYOPbT/73e5M3bsUa+TvWqT1lw4dea9y8dD+HH65/urq6uroaozNDSw6ec//7g5tfm4Js7UqbbbuLXd8mEI4ciWcVV1hBA++CGEKIRwMkkbTo7dIYRDoZ53+ebnV3K7NJo794on8g8mbq0MHhtfvr3S/HePQvi69Pzr12Z/e6lj8JdXd6l7AAAAAAAAAAAAAAAAAAAec6MXL1x6t38g3I1C53K09X3d0eTY7P3Y1V3zYvt/WQAAAAAAAAAAAAAAAAAAAPif2nj/PxcdbvD+/0hyHGpSf/Xt9o+R9hl758LI6f6BZP/3aEv+G0nS7yc7Qm+Dfd+z+7+fzNRvvP/71n52am18a/32hCjuS53HcV9fCN8mG78fjfbHpfJC5bWr5cW56V0bxmMrHf/67v2p6CQb+rca/+FM++3f//+5LVdT9fzK7l1iT7R0/Dualvvus6il+J/K1NuIf1cbRh9q8Wfn0vHvrKV1by4wVJ8AqvH/onP7+I9k2t/5/b/vobmHQgi5qDrWXGoGqK5hqunN1iukpeP/VC0tNXUmH2Sz+/+vTPxPZ9rfq/l/KftFREPp+D9dS0vP1Bv3f2+8/f1/JtP+XsS/Ov4l3/8tScc/mXM7U0Vqn2Sr8/9opv12xf9SnIzzUJS6Apajenqzv1dHWjr+W9doG89/cUvrv7OZ+m1//utI97v2/Lc2/b8S1Z//aCwd/+6m5Vq9/8cy9do9/1vn/Tvp+O+vpQ2FEC2tl+ip/d9q/Mcz7bcr/rVVSVd1rOn1/9/76unfWP+1JB3/Z+qJ8eYS9Suhtv6Ltl//n8u0vxfrv+r4l+L29vqkSMf/QNNy1fj/1ML3//lMvfbHP4R+a/0dS8f/YNNytfu/a/v4T2TqtTv+L7ezcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHwHBy7AlR3Jc6j+O+vhBOJedHw/5osjCdnyyVpz5eCGEkSc+Fw9G1UnmyUMrPzJWni/lCqVSeCuF0kn8kdEULpXIlP1u4cWa9re7oerEwX5ksFiohhNEk/YVwcK2tyZnKbOFGCOHset6zcXn+xvXCXH56Zv6t/v7+/jC2PobeqPhppThXqfdezw1hfL1uT7RpcLXsc+tjORB9VF6cnyuUaunnN9UplacKpU11JpK8L0NvVJlfnJsqVIr5UvnaWn97aSg5joxdfP/i+YEt+Vei+nH4vx0WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/o7uCbX4UQOutncQghFyU/RMm/lDv3iifyDyZurQweG1++vXK/URkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLv2jNBBEcQB+MxZaegyrZbezXVFEC1cET6DH8DB6FC/hHSxSpE0RAskshP0D2yTV9zUP5sfMezAPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5R7fuvfXuolIcbW9jPj9/Ps/zp9L/b6bvn9xhhk5naeX7v6hbsq/p1F+W45Wbd6nm/XXR0zU3s9gT4b7dDDuMzS3b3Pz9X2vI+UqItqS36Scq2rZWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAjh04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswLEAAAAAgDB/6yj6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgVAAD//yfHIUE=") syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x19b5013, 0x0, 0x4, 0x0, &(0x7f0000000140)) 1.171884026s ago: executing program 4 (id=11991): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af25, &(0x7f0000000600)={0x17}) 1.122790914s ago: executing program 5 (id=11992): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000040)={0x7f17dbbb71902460, 0x1, 0x7, 0x3, 0xfffffffffffffd7e, 0x1000005, 0x0}) 956.275235ms ago: executing program 3 (id=11994): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) poll(&(0x7f00000001c0)=[{r0, 0x2000}], 0x1, 0x8) 956.14239ms ago: executing program 4 (id=11995): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x28) 955.91829ms ago: executing program 5 (id=11996): setreuid(0x0, 0xee01) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) 939.242927ms ago: executing program 0 (id=11997): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2004}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x64}, 0x1, 0x0, 0x0, 0x8000}, 0x20000854) 787.212663ms ago: executing program 3 (id=11998): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) map_shadow_stack(&(0x7f00008fb000/0x3000)=nil, 0x3000, 0x0) 784.910936ms ago: executing program 4 (id=11999): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000009e602206d0414c340000000000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, &(0x7f0000000080)={0x20, 0xa, 0x9, {0x9, 0x9, "0dd5caa8776609"}}, 0x0, 0x0, 0x0}, 0x0) 781.044704ms ago: executing program 5 (id=12000): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000d0918108ac051582588f0000000109022d00010000000009040000030b08000009058d67c8002a000009050502000000000009058b6e", @ANYRESOCT], 0x0) syz_usb_ep_write(r0, 0x8d, 0x43, &(0x7f00000001c0)="d0be166e5e8b26a5e6b39aa93e00d43ec7e813e40b8fcad530f5176b71ef3ac478184911afdd2a979d4c5b7fccca3f0c6871b5032e4727642967374587861ca6bd9584") 754.707333ms ago: executing program 0 (id=12001): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000004a40)=ANY=[@ANYBLOB="d01000003f0007012dbd7000fbdbdf25047c00000400fc800c000180060006"], 0x10d0}, 0x1, 0x0, 0x0, 0xc000}, 0xc000) 579.330215ms ago: executing program 3 (id=12002): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a1d010000000000000000020000000900010073797a3000000000080002400000000098000000030a01020000000000000000020000000900010073797a30000000000900030073797a32000000006b00030091abc12404d0c4c731b168d80d1f7f1dbb33f596"], 0xfc}, 0x1, 0x0, 0x0, 0x40010}, 0x4000914) 579.180558ms ago: executing program 0 (id=12003): unshare(0x4020400) ftruncate(0xffffffffffffffff, 0x1) 481.129643ms ago: executing program 3 (id=12004): timer_create(0x8, 0x0, &(0x7f0000002700)=0x0) timer_delete(r0) 458.295052ms ago: executing program 0 (id=12005): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_SIZE={0x8, 0x17, 0x0}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x54}}, 0x0) 348.452217ms ago: executing program 3 (id=12006): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58) 303.999857ms ago: executing program 0 (id=12007): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x4, 0x5, &(0x7f0000000240)=@framed={{0x18, 0x2, 0x0, 0x0, 0x100}, [@call={0x85, 0x0, 0x0, 0x28}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x28, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 122.364258ms ago: executing program 3 (id=12008): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000000c0)="48000000140081fb7059ae08060c040002ff0f03f1cd823010a7ce9000000000000ec000006fabca3b4e7d06a6bd7c00000000030000068a562ad6e74703c48f93bc2a0200000046", 0x48}], 0x1}, 0x4000000) 0s ago: executing program 0 (id=12009): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xe4}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x526}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x1000000}}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x70}}, 0x0) kernel console output (not intermixed with test programs): eturned -5 [ 810.570313][T28518] free_index: error reading directory table [ 810.576676][T28518] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 810.576676][T28518] [ 810.587139][T28518] xtLookup: xtSearch returned -5 [ 810.592090][T28518] free_index: error reading directory table [ 810.623169][T28518] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 810.623169][T28518] [ 810.672963][T28518] xtLookup: xtSearch returned -5 [ 810.692870][T28518] free_index: error reading directory table [ 810.840376][T28538] loop2: detected capacity change from 0 to 32768 [ 810.893070][T28538] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 810.942574][T28538] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 810.997795][T28538] (syz.2.9933,28538,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 811.033071][T28538] (syz.2.9933,28538,0):ocfs2_xattr_block_find:2831 ERROR: status = -12 [ 811.143363][ T5837] ocfs2: Unmounting device (7,2) on (node local) [ 811.176415][T28569] netlink: 'syz.1.9945': attribute type 13 has an invalid length. [ 811.948709][T28595] nft_compat: unsupported protocol 1 [ 812.354063][ T5955] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 812.373108][ T5888] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 812.384535][ T50] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 812.526184][ T5955] usb 2-1: config 0 has an invalid interface number: 168 but max is 0 [ 812.535811][ T5955] usb 2-1: config 0 has no interface number 0 [ 812.541931][ T5955] usb 2-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06 [ 812.556574][ T5955] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 812.573818][ T5888] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 812.595597][ T5888] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 812.613543][ T5955] usb 2-1: config 0 descriptor?? [ 812.636602][ T5888] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 812.655909][ T5888] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 812.694165][T28603] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 812.705410][ T5888] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 812.869774][ T5955] usb 2-1: string descriptor 0 read error: -71 [ 812.907654][ T5955] usb-storage 2-1:0.168: USB Mass Storage device detected [ 812.941442][T28639] loop2: detected capacity change from 0 to 1024 [ 812.951165][ T5955] usb-storage 2-1:0.168: Quirks match for vid 05ab pid 0060: 2 [ 812.997649][ T5947] usb 5-1: USB disconnect, device number 14 [ 813.065971][ T5955] usb 2-1: USB disconnect, device number 47 [ 813.409498][T28661] netlink: 'syz.2.9992': attribute type 21 has an invalid length. [ 813.426519][T28661] netlink: 128 bytes leftover after parsing attributes in process `syz.2.9992'. [ 813.507080][T28665] autofs4:pid:28665:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e) [ 813.527072][T28667] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9995'. [ 813.537690][T28669] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9996'. [ 813.582415][T28667] netlink: 312 bytes leftover after parsing attributes in process `syz.2.9995'. [ 813.638920][T28667] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9995'. [ 814.219939][T28708] loop2: detected capacity change from 0 to 1024 [ 814.340623][T28708] hfsplus: inconsistency in B*Tree (1,0,1,0,1) [ 814.365193][T28708] hfsplus: inconsistency in B*Tree (1,0,1,0,1) [ 814.473952][ T36] hfsplus: b-tree write err: -5, ino 4 [ 814.497997][T28721] loop1: detected capacity change from 0 to 64 [ 814.554248][T28721] syz.1.10022: attempt to access beyond end of device [ 814.554248][T28721] loop1: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 814.632998][T28721] Buffer I/O error on dev loop1, logical block 512, async page read [ 814.674694][T28721] syz.1.10022: attempt to access beyond end of device [ 814.674694][T28721] loop1: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 814.744348][T28721] Buffer I/O error on dev loop1, logical block 56576, async page read [ 815.152570][T28754] loop2: detected capacity change from 0 to 8 [ 815.200605][T28754] squashfs: Unknown parameter 'ÿÃ4…ãùrV¦w' [ 815.843341][T28786] netlink: 48 bytes leftover after parsing attributes in process `syz.3.10053'. [ 815.852706][T28786] netlink: 'syz.3.10053': attribute type 2 has an invalid length. [ 815.862969][T28787] loop4: detected capacity change from 0 to 256 [ 815.915502][T28787] FAT-fs (loop4): Directory bread(block 64) failed [ 815.922067][T28787] FAT-fs (loop4): Directory bread(block 65) failed [ 815.981748][T28787] FAT-fs (loop4): Directory bread(block 66) failed [ 815.993697][T28787] FAT-fs (loop4): Directory bread(block 67) failed [ 816.000374][T28787] FAT-fs (loop4): Directory bread(block 68) failed [ 816.015125][T28787] FAT-fs (loop4): Directory bread(block 69) failed [ 816.021778][T28787] FAT-fs (loop4): Directory bread(block 70) failed [ 816.070781][T28787] FAT-fs (loop4): Directory bread(block 71) failed [ 816.105349][T28787] FAT-fs (loop4): Directory bread(block 72) failed [ 816.122100][T28787] FAT-fs (loop4): Directory bread(block 73) failed [ 816.347363][T28805] bond2: entered allmulticast mode [ 816.353196][T28805] 8021q: adding VLAN 0 to HW filter on device bond2 [ 816.433022][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 816.510949][T28816] loop2: detected capacity change from 0 to 1024 [ 816.524687][T28816] EXT4-fs: Ignoring removed nomblk_io_submit option [ 816.576535][T28816] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 816.617050][T28816] System zones: 0-1, 3-36 [ 816.643946][T28816] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 816.715864][T28807] loop1: detected capacity change from 0 to 32768 [ 816.803994][T28807] JBD2: Invalid start block of journal: 0 [ 816.809771][T28807] (syz.1.10065,28807,0):ocfs2_journal_init:973 ERROR: Linux journal layer error [ 816.870654][ T5837] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 816.895692][T28807] (syz.1.10065,28807,0):ocfs2_check_volume:2347 ERROR: Could not initialize journal! [ 816.966451][T28807] (syz.1.10065,28807,0):ocfs2_check_volume:2432 ERROR: status = -22 [ 816.982945][T28807] (syz.1.10065,28807,1):ocfs2_mount_volume:1764 ERROR: status = -22 [ 817.008006][T28807] (syz.1.10065,28807,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 817.190955][T28833] xt_CT: No such helper "syz1" [ 817.431250][T28843] loop2: detected capacity change from 0 to 2048 [ 817.464936][T28843] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 817.515721][T28843] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 818.275587][T28879] netlink: 'syz.2.10098': attribute type 7 has an invalid length. [ 818.306884][T28879] netlink: 148 bytes leftover after parsing attributes in process `syz.2.10098'. [ 818.766124][T28866] loop1: detected capacity change from 0 to 32768 [ 818.800654][T28866] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 818.934527][T28866] XFS (loop1): Ending clean mount [ 818.942515][T28892] loop2: detected capacity change from 0 to 32768 [ 818.989271][T28892] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 818.989342][T28866] XFS (loop1): Quotacheck needed: Please wait. [ 819.179201][T28866] XFS (loop1): Quotacheck: Done. [ 819.232146][T28892] XFS (loop2): Ending clean mount [ 819.358804][T28940] program syz.4.10120 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 819.375652][ T5837] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 819.400485][ T5843] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 819.883939][T28956] netlink: 'syz.4.10131': attribute type 39 has an invalid length. [ 819.940113][T28960] libceph: resolve '4' (ret=-3): failed [ 819.982903][ T5916] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 820.092032][T28964] ieee802154 phy0 wpan0: encryption failed: -90 [ 820.143184][ T5916] usb 1-1: Using ep0 maxpacket: 8 [ 820.177144][ T5916] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 820.214511][ T5916] usb 1-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x3D, changing to 0xD [ 820.246535][ T5916] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 820.262932][ T5916] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0xD has invalid maxpacket 0 [ 820.299155][ T5916] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 820.305280][T28971] loop4: detected capacity change from 0 to 256 [ 820.332101][ T5916] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40 [ 820.344965][T28974] xt_bpf: check failed: parse error [ 820.351298][ T5916] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 820.362731][ T5916] usb 1-1: Product: syz [ 820.373235][ T5916] usb 1-1: Manufacturer: syz [ 820.377989][ T5916] usb 1-1: SerialNumber: syz [ 820.391114][T28950] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 820.409132][ T5916] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 820.440435][ T5916] usbtest 1-1:1.0: Linux user mode ISO test driver [ 820.459677][ T5916] usbtest 1-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt) [ 820.494528][T28971] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 820.659161][ T5955] usb 1-1: USB disconnect, device number 21 [ 820.933868][ T5947] usb 3-1: new high-speed USB device number 121 using dummy_hcd [ 821.105388][ T5947] usb 3-1: Using ep0 maxpacket: 16 [ 821.116779][ T5947] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 821.127518][ T5947] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 821.138417][ T5947] usb 3-1: Product: syz [ 821.142599][ T5947] usb 3-1: Manufacturer: syz [ 821.147714][ T5947] usb 3-1: SerialNumber: syz [ 821.173018][ T5947] usb 3-1: config 0 descriptor?? [ 821.197045][ T5947] visor 3-1:0.0: Sony Clie 3.5 converter detected [ 821.384516][ T5947] usb 3-1: clie_3_5_startup: get config number bad return length: 0 [ 821.392676][ T5947] visor 3-1:0.0: probe with driver visor failed with error -5 [ 821.563293][T29023] loop4: detected capacity change from 0 to 256 [ 821.570424][T29023] exfat: Deprecated parameter 'utf8' [ 821.613292][ T5947] usb 3-1: USB disconnect, device number 121 [ 821.641782][T29026] ieee802154 phy0 wpan0: encryption failed: -22 [ 821.654896][T29023] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 822.125278][T29042] loop1: detected capacity change from 0 to 64 [ 822.882910][ T5947] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 823.060115][ T5947] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 823.082346][ T5947] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 823.101220][ T5947] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 823.121696][ T5947] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 823.193300][T29069] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 823.218480][ T5947] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 823.446001][T29074] loop4: detected capacity change from 0 to 32768 [ 823.473478][T13908] usb 4-1: USB disconnect, device number 32 [ 823.485147][T29074] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.10188 (29074) [ 823.528643][T29074] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 823.575888][T29074] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm [ 823.695333][T29074] BTRFS info (device loop4): enabling ssd optimizations [ 823.713124][T29074] BTRFS info (device loop4): enabling free space tree [ 823.838298][ T5831] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 823.903145][ T5916] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 824.093074][ T5916] usb 1-1: Using ep0 maxpacket: 32 [ 824.102747][ T5916] usb 1-1: config 0 has an invalid interface number: 54 but max is 0 [ 824.111291][ T5916] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 824.142427][ T5916] usb 1-1: config 0 has no interface number 0 [ 824.149864][T29108] loop2: detected capacity change from 0 to 32768 [ 824.175060][T29108] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.10205 (29108) [ 824.188233][ T5916] usb 1-1: too many endpoints for config 0 interface 54 altsetting 205: 134, using maximum allowed: 30 [ 824.229460][ T5916] usb 1-1: config 0 interface 54 altsetting 205 has 0 endpoint descriptors, different from the interface descriptor's value: 134 [ 824.262893][ T5916] usb 1-1: config 0 interface 54 has no altsetting 0 [ 824.263442][T29108] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 824.292432][ T5916] usb 1-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11 [ 824.322950][ T5916] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 824.336047][T29108] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 824.363958][ T5916] usb 1-1: Product: syz [ 824.373239][ T5916] usb 1-1: Manufacturer: syz [ 824.377865][ T5916] usb 1-1: SerialNumber: syz [ 824.440056][ T5916] usb 1-1: config 0 descriptor?? [ 824.482457][ T5916] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 824.491725][ T5916] usb 1-1: MIDIStreaming interface descriptor not found [ 824.513047][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 824.622612][T29104] loop1: detected capacity change from 0 to 40427 [ 824.624207][T29104] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 824.624230][T29104] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 824.678979][T29108] BTRFS info (device loop2): enabling ssd optimizations [ 824.679007][T29108] BTRFS info (device loop2): enabling free space tree [ 824.746523][ T980] usb 1-1: USB disconnect, device number 22 [ 824.964237][T29104] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 824.982391][T29104] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 824.982431][T29104] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 825.007977][ T5837] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 825.057755][T29104] fscrypt (loop1, inode 3): Error -61 getting encryption context [ 825.089611][T29165] loop4: detected capacity change from 0 to 128 [ 825.393207][T29170] xt_TPROXY: Can be used only with -p tcp or -p udp [ 825.753279][T29190] netlink: 'syz.4.10229': attribute type 5 has an invalid length. [ 825.903518][T29195] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10231'. [ 825.944752][T29195] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10231'. [ 826.608486][T29191] loop2: detected capacity change from 0 to 32768 [ 826.627698][T29191] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.10228 (29191) [ 826.661155][T29191] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 826.691082][T29191] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 826.818165][T29239] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 826.825219][T29239] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 826.860908][T29191] BTRFS info (device loop2): enabling ssd optimizations [ 826.872991][T29191] BTRFS info (device loop2): enabling free space tree [ 827.065575][ T5837] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 827.130855][T29258] loop4: detected capacity change from 0 to 64 [ 828.354340][T29304] loop4: detected capacity change from 0 to 64 [ 828.595584][T29309] loop1: detected capacity change from 0 to 2048 [ 828.649639][T29309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 828.754857][ T5843] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 828.807857][T29322] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10282'. [ 828.903598][T29327] bridge5: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 829.052933][ T5955] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 829.245882][ T5955] usb 5-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 829.273200][ T5955] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 829.292837][ T5955] usb 5-1: Product: syz [ 829.298291][ T5955] usb 5-1: Manufacturer: syz [ 829.322862][ T5955] usb 5-1: SerialNumber: syz [ 829.353989][ T5955] usb 5-1: config 0 descriptor?? [ 829.394330][T29354] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10298'. [ 829.403785][T29354] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10298'. [ 829.570787][ T5955] int51x1 5-1:0.0: probe with driver int51x1 failed with error -22 [ 829.695734][T29367] netlink: 'syz.3.10305': attribute type 1 has an invalid length. [ 829.709265][T29367] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10305'. [ 829.782257][ T5947] usb 5-1: USB disconnect, device number 15 [ 829.849040][T29373] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10307'. [ 829.943022][ T5955] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 830.036042][T29384] netlink: 136 bytes leftover after parsing attributes in process `syz.3.10312'. [ 830.045495][T29384] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 830.104787][ T5955] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 830.125343][ T5955] usb 2-1: config 0 interface 0 has no altsetting 0 [ 830.141541][ T5955] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 830.156151][ T5955] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 830.165963][ T5955] usb 2-1: Product: syz [ 830.170187][ T5955] usb 2-1: Manufacturer: syz [ 830.177256][ T5955] usb 2-1: SerialNumber: syz [ 830.187963][ T5955] usb 2-1: config 0 descriptor?? [ 830.207839][ T5955] usb 2-1: selecting invalid altsetting 0 [ 830.342273][ T980] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 830.456270][ T5955] usb 2-1: USB disconnect, device number 48 [ 830.459009][T29399] ptrace attach of "./syz-executor exec"[5831] was attempted by " Œ Ðÿ ð¥ Àÿ Àÿ Ðÿ À• ðÿ °ÿ Àÿ ÿÿÿÿ"[29399] [ 830.535283][ C0] vkms_vblank_simulate: vblank timer overrun [ 830.597781][ T980] usb 1-1: Using ep0 maxpacket: 8 [ 830.614116][ T980] usb 1-1: config 7 has an invalid interface number: 246 but max is 0 [ 830.623217][ T980] usb 1-1: config 7 has no interface number 0 [ 830.629388][ T980] usb 1-1: config 7 interface 246 altsetting 128 endpoint 0x4 has invalid maxpacket 1024, setting to 64 [ 830.681503][ T980] usb 1-1: config 7 interface 246 altsetting 128 has an invalid descriptor for endpoint zero, skipping [ 830.712835][ T980] usb 1-1: config 7 interface 246 altsetting 128 endpoint 0xB has an invalid bInterval 251, changing to 7 [ 830.753356][ T980] usb 1-1: config 7 interface 246 altsetting 128 has an invalid descriptor for endpoint zero, skipping [ 830.779051][ T980] usb 1-1: config 7 interface 246 altsetting 128 bulk endpoint 0x1 has invalid maxpacket 64 [ 830.823109][ T980] usb 1-1: config 7 interface 246 has no altsetting 0 [ 830.855206][ T980] usb 1-1: string descriptor 0 read error: -22 [ 830.861527][ T980] usb 1-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice= 8.30 [ 830.892809][ T980] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 830.914328][T29409] loop2: detected capacity change from 0 to 64 [ 830.938727][ T980] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx [ 830.965891][ T980] usb 1-1: selecting invalid altsetting 0 [ 830.969767][T29409] syz.2.10324: attempt to access beyond end of device [ 830.969767][T29409] loop2: rw=0, sector=234881062, nr_sectors = 2 limit=64 [ 830.986974][ T2343] pvrusb2: Invalid read control endpoint [ 830.998495][T29409] Buffer I/O error on dev loop2, logical block 117440531, async page read [ 831.023585][ T2343] usb 1-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2 [ 831.052972][ T2343] usb 1-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw [ 831.053191][T29409] syz.2.10324: attempt to access beyond end of device [ 831.053191][T29409] loop2: rw=0, sector=8548515840, nr_sectors = 2 limit=64 [ 831.139926][T29409] Buffer I/O error on dev loop2, logical block 4274257920, async page read [ 831.176244][T29409] syz.2.10324: attempt to access beyond end of device [ 831.176244][T29409] loop2: rw=0, sector=301989888, nr_sectors = 2 limit=64 [ 831.241928][T29409] Buffer I/O error on dev loop2, logical block 150994944, async page read [ 831.273378][ T980] usb 1-1: USB disconnect, device number 23 [ 831.289407][T29409] syz.2.10324: attempt to access beyond end of device [ 831.289407][T29409] loop2: rw=0, sector=234881062, nr_sectors = 2 limit=64 [ 831.304092][T29409] Buffer I/O error on dev loop2, logical block 117440531, async page read [ 831.324499][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 831.324515][ T30] audit: type=1800 audit(2000000111.040:200): pid=29409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.10324" name="file2" dev="loop2" ino=6 res=0 errno=0 [ 831.513138][T29424] loop2: detected capacity change from 0 to 16 [ 831.542080][T29424] erofs (device loop2): mounted with root inode @ nid 36. [ 831.585980][T29424] erofs (device loop2): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 831.625354][T29424] syz.2.10332: attempt to access beyond end of device [ 831.625354][T29424] loop2: rw=524288, sector=128, nr_sectors = 1 limit=16 [ 831.667115][T29424] syz.2.10332: attempt to access beyond end of device [ 831.667115][T29424] loop2: rw=524288, sector=0, nr_sectors = 1024 limit=16 [ 831.718787][T29424] syz.2.10332: attempt to access beyond end of device [ 831.718787][T29424] loop2: rw=0, sector=128, nr_sectors = 1 limit=16 [ 831.765635][T29424] syz.2.10332: attempt to access beyond end of device [ 831.765635][T29424] loop2: rw=0, sector=0, nr_sectors = 1024 limit=16 [ 831.823709][T29424] erofs (device loop2): read error -5 @ 0 of nid 89 [ 831.856491][ T30] audit: type=1800 audit(2000000111.580:201): pid=29424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.10332" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 832.198930][T29454] netlink: 'syz.3.10346': attribute type 10 has an invalid length. [ 832.271181][T29454] team0: Port device syz_tun added [ 832.284973][T29456] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10347'. [ 832.310491][T29430] loop4: detected capacity change from 0 to 32768 [ 832.340893][T29430] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.10334 (29430) [ 832.382226][T29430] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 832.413053][T29430] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 832.564905][T29430] BTRFS info (device loop4): enabling ssd optimizations [ 832.571889][T29430] BTRFS info (device loop4): enabling free space tree [ 832.633731][T29482] loop2: detected capacity change from 0 to 256 [ 832.696642][T29482] FAT-fs (loop2): Directory bread(block 64) failed [ 832.722415][T29482] FAT-fs (loop2): Directory bread(block 65) failed [ 832.733211][T29430] BTRFS info (device loop4): balance: start -ssoft,devid=0,vrange=18446744073709551614..0,limit=118 [ 832.753605][T29482] FAT-fs (loop2): Directory bread(block 66) failed [ 832.763062][T29430] BTRFS info (device loop4): balance: ended with status: 0 [ 832.780542][T29482] FAT-fs (loop2): Directory bread(block 67) failed [ 832.798932][T29482] FAT-fs (loop2): Directory bread(block 68) failed [ 832.820452][T29482] FAT-fs (loop2): Directory bread(block 69) failed [ 832.842176][T29482] FAT-fs (loop2): Directory bread(block 70) failed [ 832.859355][T29482] FAT-fs (loop2): Directory bread(block 71) failed [ 832.879241][T29482] FAT-fs (loop2): Directory bread(block 72) failed [ 832.895428][ T5831] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 832.906272][T29482] FAT-fs (loop2): Directory bread(block 73) failed [ 833.271187][T29474] loop1: detected capacity change from 0 to 40427 [ 833.308284][T29474] F2FS-fs (loop1): invalid crc value [ 833.561875][T29474] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 833.585735][T29474] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 833.799583][T29519] xt_TCPMSS: Only works on TCP SYN packets [ 834.117104][T29528] netlink: 'syz.2.10373': attribute type 1 has an invalid length. [ 834.452709][T29540] xt_CT: You must specify a L4 protocol and not use inversions on it [ 834.805791][T29553] IPVS: length: 73 != 8 [ 834.963399][T29561] netlink: 'syz.3.10388': attribute type 3 has an invalid length. [ 835.111994][T29546] loop1: detected capacity change from 0 to 32768 [ 835.145497][T29546] (syz.1.10381,29546,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 835.213252][T29546] (syz.1.10381,29546,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 835.285356][T29546] JBD2: Ignoring recovery information on journal [ 835.336531][T29578] netlink: 40 bytes leftover after parsing attributes in process `syz.0.10394'. [ 835.375659][T29546] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 835.725311][ T5843] ocfs2: Unmounting device (7,1) on (node local) [ 836.110016][T29618] netlink: 45 bytes leftover after parsing attributes in process `syz.1.10404'. [ 836.273448][ T5888] usb 3-1: new full-speed USB device number 122 using dummy_hcd [ 836.465440][ T5888] usb 3-1: config 5 has an invalid interface number: 123 but max is 0 [ 836.474999][ T5888] usb 3-1: config 5 has no interface number 0 [ 836.481131][ T5888] usb 3-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 836.523301][ T5888] usb 3-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid maxpacket 60849, setting to 64 [ 836.554264][ T5888] usb 3-1: config 5 interface 123 has no altsetting 0 [ 836.587131][ T5888] usb 3-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7 [ 836.601926][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 836.625753][ T5888] usb 3-1: Product: syz [ 836.644429][ T5888] usb 3-1: Manufacturer: syz [ 836.649065][ T5888] usb 3-1: SerialNumber: syz [ 836.666747][T29610] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 836.811318][T29651] loop1: detected capacity change from 0 to 64 [ 836.860415][T29651] syz.1.10432: attempt to access beyond end of device [ 836.860415][T29651] loop1: rw=0, sector=2590, nr_sectors = 2 limit=64 [ 836.881158][T29651] Buffer I/O error on dev loop1, logical block 1295, async page read [ 836.905509][T29651] syz.1.10432: attempt to access beyond end of device [ 836.905509][T29651] loop1: rw=0, sector=2590, nr_sectors = 2 limit=64 [ 836.936030][T29651] Buffer I/O error on dev loop1, logical block 1295, async page read [ 836.972692][ T5888] comedi comedi5: driver 'ni6501' has successfully auto-configured 'ni6501'. [ 837.008538][ T30] audit: type=1800 audit(2000000116.730:202): pid=29651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.10432" name="file2" dev="loop1" ino=6 res=0 errno=0 [ 837.029937][ T5888] usb 3-1: USB disconnect, device number 122 [ 837.040238][T29651] Trying to free block not in datazone [ 837.062970][T29651] minix_free_block (loop1:21): bit already cleared [ 837.356859][T29666] cifs: Unknown parameter 'no'‘a£Nð[G¶zob,erèèµ;%j¸¼ [ 837.356859][T29666] ‡üzæ,€@q¬Ú÷ôÐåéJ#³"ŽÚh/.W1ȱ¨nNCº"†CÙ׈¡E)Ð8+€î¶á÷' [ 837.500941][T29670] bond4: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 837.524759][T29670] bond4 (unregistering): Released all slaves [ 837.647514][T29680] loop2: detected capacity change from 0 to 1024 [ 837.938227][T29690] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 838.066796][T29695] xt_l2tp: v2 doesn't support IP mode [ 838.227772][ T30] audit: type=1107 audit(2000000117.950:203): pid=29705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='…æ!' [ 838.546512][T29725] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10468'. [ 838.648282][T29731] netlink: 'syz.4.10471': attribute type 2 has an invalid length. [ 838.663013][T29731] netlink: 'syz.4.10471': attribute type 8 has an invalid length. [ 838.675282][T29731] netlink: 132 bytes leftover after parsing attributes in process `syz.4.10471'. [ 838.766873][T29737] loop1: detected capacity change from 0 to 64 [ 839.355648][T29771] netlink: 6032 bytes leftover after parsing attributes in process `syz.1.10489'. [ 839.377406][T29772] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10491'. [ 839.413025][T29778] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 839.554641][T29785] xt_hashlimit: Unknown mode mask C4, kernel too old? [ 839.873040][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 840.016472][T29804] bond3: option packets_per_slave: mode dependency failed, not supported in mode active-backup(1) [ 840.086191][T29804] bond3 (unregistering): Released all slaves [ 840.170213][T29820] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10513'. [ 840.191344][T29820] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10513'. [ 840.854565][T29860] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10534'. [ 840.960437][T29866] loop1: detected capacity change from 0 to 256 [ 840.981684][T29866] exfat: Deprecated parameter 'namecase' [ 841.013455][T29868] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10539'. [ 841.031094][T29866] exfat: Deprecated parameter 'namecase' [ 841.099715][T29866] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 841.114377][T29872] netlink: 129704 bytes leftover after parsing attributes in process `syz.3.10540'. [ 841.192402][T29866] exFAT-fs (loop1): error, data size is invalid(16777215) [ 841.524010][ T30] audit: type=1326 audit(2000000121.250:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29893 comm="syz.2.10550" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f68e1f8eec9 code=0x0 [ 842.267476][ T30] audit: type=1326 audit(2000000121.990:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29924 comm="syz.1.10566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb038eec9 code=0x7ffc0000 [ 842.355715][ T30] audit: type=1326 audit(2000000121.990:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29924 comm="syz.1.10566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb038eec9 code=0x7ffc0000 [ 842.378182][ C1] vkms_vblank_simulate: vblank timer overrun [ 842.422871][ T30] audit: type=1326 audit(2000000122.020:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29924 comm="syz.1.10566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f8eb038eec9 code=0x7ffc0000 [ 842.445312][ C1] vkms_vblank_simulate: vblank timer overrun [ 842.507751][T29933] netlink: ct family unspecified [ 842.518986][T29933] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 842.544500][ T30] audit: type=1326 audit(2000000122.020:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29924 comm="syz.1.10566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb038eec9 code=0x7ffc0000 [ 842.548620][T29935] netlink: 32 bytes leftover after parsing attributes in process `syz.4.10570'. [ 842.643024][ T30] audit: type=1326 audit(2000000122.020:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29924 comm="syz.1.10566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb038eec9 code=0x7ffc0000 [ 842.665463][ C1] vkms_vblank_simulate: vblank timer overrun [ 843.142619][T29952] loop4: detected capacity change from 0 to 4096 [ 843.170645][T29952] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 843.218673][T29892] syz.0.10549 (29892): drop_caches: 2 [ 843.256992][T29952] ntfs3(loop4): ino=19, mi_enum_attr [ 843.272662][T29952] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 843.315692][T29952] ntfs3(loop4): failed to convert "c46c" to iso8859-14 [ 843.346622][T29952] ntfs3(loop4): ino=20, mi_enum_attr [ 843.844987][T29971] loop4: detected capacity change from 0 to 4096 [ 843.863081][T29971] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 843.865454][T29978] netlink: 'syz.0.10592': attribute type 15 has an invalid length. [ 843.891130][T29954] loop2: detected capacity change from 0 to 32768 [ 843.904412][T29954] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.10580 (29954) [ 843.912964][T29978] __nla_validate_parse: 1 callbacks suppressed [ 843.912980][T29978] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10592'. [ 843.962400][T29954] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 843.975723][T29971] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 844.019294][T29971] ntfs3(loop4): mft corrupted [ 844.024520][T29971] ntfs3(loop4): Failed to load $Extend (-22). [ 844.033276][T29954] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 844.048189][T29971] ntfs3(loop4): Failed to initialize $Extend. [ 844.106969][T29971] ntfs3(loop4): ino=5, "/" indx_read [ 844.239789][T29954] BTRFS info (device loop2): enabling ssd optimizations [ 844.256286][T29954] BTRFS info (device loop2): enabling free space tree [ 844.433171][ T5837] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 844.867342][T29979] loop1: detected capacity change from 0 to 32768 [ 845.064912][T30025] random: crng reseeded on system resumption [ 845.268803][T30033] netlink: 224 bytes leftover after parsing attributes in process `syz.0.10610'. [ 845.561096][ T30] audit: type=1326 audit(2000000125.280:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30045 comm="syz.4.10617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ffc0000 [ 845.632605][ T30] audit: type=1326 audit(2000000125.280:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30045 comm="syz.4.10617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ffc0000 [ 845.699798][ T30] audit: type=1326 audit(2000000125.280:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30045 comm="syz.4.10617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ffc0000 [ 845.772984][ T30] audit: type=1326 audit(2000000125.280:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30045 comm="syz.4.10617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ffc0000 [ 845.795430][ C1] vkms_vblank_simulate: vblank timer overrun [ 845.855654][ T30] audit: type=1326 audit(2000000125.310:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30045 comm="syz.4.10617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f360c78eec9 code=0x7ffc0000 [ 845.878009][ C1] vkms_vblank_simulate: vblank timer overrun [ 845.886028][T30060] netlink: 'syz.1.10608': attribute type 3 has an invalid length. [ 846.189322][T30080] usb usb8: usbfs: process 30080 (syz.1.10634) did not claim interface 0 before use [ 846.314296][ T5916] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 846.315461][T30089] netlink: 'syz.1.10638': attribute type 1 has an invalid length. [ 846.330797][T30089] netlink: 208 bytes leftover after parsing attributes in process `syz.1.10638'. [ 846.452984][ T5909] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 846.475941][ T5916] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 846.492453][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 846.501567][ T5916] usb 5-1: Product: syz [ 846.506220][ T5916] usb 5-1: Manufacturer: syz [ 846.510884][ T5916] usb 5-1: SerialNumber: syz [ 846.532563][ T5916] usb 5-1: config 0 descriptor?? [ 846.543556][ T5916] ch341 5-1:0.0: ch341-uart converter detected [ 846.555124][T30099] loop2: detected capacity change from 0 to 16 [ 846.564136][T30099] erofs (device loop2): mounted with root inode @ nid 36. [ 846.597191][T30099] syz.2.10643: attempt to access beyond end of device [ 846.597191][T30099] loop2: rw=0, sector=103079215096, nr_sectors = 8 limit=16 [ 846.635133][ T5909] usb 4-1: config 0 has an invalid descriptor of length 26, skipping remainder of the config [ 846.653098][ T5909] usb 4-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4 [ 846.675530][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 846.704195][ T5947] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 846.707236][ T5909] usb 4-1: config 0 descriptor?? [ 846.737219][ T5909] usb 4-1: bad CDC descriptors [ 846.848920][T30107] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10647'. [ 846.863998][ T5947] usb 2-1: Using ep0 maxpacket: 16 [ 846.871410][ T5947] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 846.882592][ T5947] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 846.903224][ T5947] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 846.912304][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 846.942922][ T5947] usb 2-1: Product: syz [ 846.947123][ T5947] usb 2-1: Manufacturer: syz [ 846.947978][ T5916] usb 5-1: failed to send control message: -71 [ 846.951713][ T5947] usb 2-1: SerialNumber: syz [ 846.968533][T13908] usb 4-1: USB disconnect, device number 33 [ 846.974643][ T5916] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 846.997023][ T5916] usb 5-1: USB disconnect, device number 16 [ 847.006646][ T5916] ch341 5-1:0.0: device disconnected [ 847.164690][T30109] loop2: detected capacity change from 0 to 32768 [ 847.172440][T30109] btrfs: Deprecated parameter 'usebackuproot' [ 847.181857][T30109] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 847.198100][ T5947] usb 2-1: 0:2 : does not exist [ 847.203569][T30109] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.10648 (30109) [ 847.219585][ T5947] usb 2-1: unit 9 not found! [ 847.231257][ T5947] usb 2-1: 4:0: cannot get min/max values for control 4 (id 4) [ 847.252344][T30109] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 847.268875][ T5947] usb 2-1: USB disconnect, device number 49 [ 847.279104][T30109] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm [ 847.316330][T30109] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 847.381569][T30109] BTRFS info (device loop2): rebuilding free space tree [ 847.398639][T30109] BTRFS info (device loop2): disabling free space tree [ 847.407745][T30109] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 847.418048][T30109] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 847.436339][T30109] BTRFS info (device loop2): turning on sync discard [ 847.444659][T30109] BTRFS info (device loop2): enabling disk space caching [ 847.451916][T30109] BTRFS info (device loop2): force clearing of disk cache [ 847.459750][T30109] BTRFS info (device loop2): trying to use backup root at mount time [ 847.550664][T30109] btrfs: Deprecated parameter 'usebackuproot' [ 847.572786][T30109] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 847.589999][T30109] BTRFS info (device loop2 state M): force clearing of disk cache [ 847.598377][T30109] BTRFS info (device loop2 state M): trying to use backup root at mount time [ 847.664770][ T5837] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 847.869356][T30136] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10654'. [ 847.910185][T30138] netlink: 240 bytes leftover after parsing attributes in process `syz.2.10652'. [ 848.012817][ T5947] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 848.199606][ T5947] usb 4-1: Using ep0 maxpacket: 32 [ 848.221451][ T5947] usb 4-1: unable to get BOS descriptor or descriptor too short [ 848.254027][ T5947] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 848.265895][T30152] netlink: 216 bytes leftover after parsing attributes in process `syz.4.10661'. [ 848.307514][ T5947] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 848.330860][ T5947] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 848.356972][ T5947] usb 4-1: Product: syz [ 848.369497][ T5947] usb 4-1: Manufacturer: syz [ 848.379055][ T5947] usb 4-1: SerialNumber: syz [ 848.462019][T30158] loop2: detected capacity change from 0 to 256 [ 848.500725][T30158] FAT-fs (loop2): Directory bread(block 64) failed [ 848.514502][T30158] FAT-fs (loop2): Directory bread(block 65) failed [ 848.521789][T30158] FAT-fs (loop2): Directory bread(block 66) failed [ 848.535626][T30158] FAT-fs (loop2): Directory bread(block 67) failed [ 848.542249][T30158] FAT-fs (loop2): Directory bread(block 68) failed [ 848.550843][T30158] FAT-fs (loop2): Directory bread(block 69) failed [ 848.558196][T30158] FAT-fs (loop2): Directory bread(block 70) failed [ 848.565438][T30158] FAT-fs (loop2): Directory bread(block 71) failed [ 848.572041][T30158] FAT-fs (loop2): Directory bread(block 72) failed [ 848.579603][T30158] FAT-fs (loop2): Directory bread(block 73) failed [ 848.622988][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 848.623004][ T30] audit: type=1800 audit(2000000128.340:220): pid=30158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.10665" name="file1" dev="loop2" ino=1048669 res=0 errno=0 [ 848.650690][ T5947] usb 4-1: Limiting number of CPorts to U8_MAX [ 848.675815][T13908] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 848.696526][ T5947] usb 4-1: Not enough endpoints found in device, aborting! [ 848.698115][T30164] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10667'. [ 848.855723][T13908] usb 5-1: Using ep0 maxpacket: 16 [ 848.882172][ T5947] usb 4-1: USB disconnect, device number 34 [ 848.890817][T13908] usb 5-1: config 0 has an invalid interface number: 104 but max is 1 [ 848.911344][T13908] usb 5-1: config 0 has an invalid interface number: 104 but max is 1 [ 848.937980][T30172] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10671'. [ 848.938648][T13908] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 848.963861][T13908] usb 5-1: config 0 has no interface number 0 [ 848.977908][T13908] usb 5-1: config 0 interface 104 altsetting 0 endpoint 0x8 has an invalid bInterval 0, changing to 7 [ 848.990057][T13908] usb 5-1: config 0 interface 104 has no altsetting 1 [ 849.000125][T13908] usb 5-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 0.00 [ 849.012787][T13908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 849.028681][T13908] usb 5-1: Product: syz [ 849.033379][T13908] usb 5-1: Manufacturer: syz [ 849.037990][T13908] usb 5-1: SerialNumber: syz [ 849.053428][T13908] usb 5-1: config 0 descriptor?? [ 849.114451][T30174] loop2: detected capacity change from 0 to 4096 [ 849.143089][T30174] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 849.262588][T13908] asix 5-1:0.104 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 849.308784][T13908] asix 5-1:0.104: probe with driver asix failed with error -71 [ 849.351276][T13908] usb 5-1: USB disconnect, device number 17 [ 849.525518][T30192] netlink: 'syz.1.10679': attribute type 1 has an invalid length. [ 849.533993][T30192] netlink: 224 bytes leftover after parsing attributes in process `syz.1.10679'. [ 849.670219][ T5955] usb 3-1: new high-speed USB device number 123 using dummy_hcd [ 849.824699][ T5955] usb 3-1: Using ep0 maxpacket: 8 [ 849.844534][ T5955] usb 3-1: unable to get BOS descriptor or descriptor too short [ 849.871704][ T5955] usb 3-1: config 8 has an invalid interface number: 255 but max is 0 [ 849.890414][ T5955] usb 3-1: config 8 has no interface number 0 [ 849.896960][ T5955] usb 3-1: config 8 interface 255 has no altsetting 0 [ 849.937746][ T5955] usb 3-1: string descriptor 0 read error: -22 [ 849.957467][ T5955] usb 3-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf [ 849.968887][T30205] loop4: detected capacity change from 0 to 256 [ 849.982900][ T5955] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 850.245621][T30216] netlink: 196 bytes leftover after parsing attributes in process `syz.1.10693'. [ 850.262976][ T5947] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 850.434181][ T5955] eth%d: CATC EL1210A NetMate USB Ethernet at usb-dummy_hcd.2-1, 00:00:00:00:00:00. [ 850.444404][ T5947] usb 5-1: Using ep0 maxpacket: 8 [ 850.455105][ T5947] usb 5-1: config 4 has an invalid interface number: 244 but max is 0 [ 850.455133][ T5947] usb 5-1: config 4 has no interface number 0 [ 850.455171][ T5947] usb 5-1: config 4 interface 244 altsetting 1 endpoint 0x1 has an invalid bInterval 41, changing to 7 [ 850.455198][ T5947] usb 5-1: config 4 interface 244 altsetting 1 endpoint 0x2 has invalid maxpacket 11380, setting to 1024 [ 850.455223][ T5947] usb 5-1: config 4 interface 244 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 1024 [ 850.455246][ T5947] usb 5-1: config 4 interface 244 has no altsetting 0 [ 850.457638][ T5947] usb 5-1: New USB device found, idVendor=05ac, idProduct=fa33, bcdDevice=cb.aa [ 850.457664][ T5947] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 850.457690][ T5947] usb 5-1: Product: syz [ 850.457704][ T5947] usb 5-1: Manufacturer: syz [ 850.457718][ T5947] usb 5-1: SerialNumber: syz [ 850.461747][T30205] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 850.557343][ T5955] usb 3-1: USB disconnect, device number 123 [ 850.703284][ T5947] ipheth 5-1:4.244: Unable to find endpoints [ 850.735020][ T5947] usb 5-1: USB disconnect, device number 18 [ 850.814726][T30242] xt_TCPMSS: Only works on TCP SYN packets [ 851.119489][T30262] loop2: detected capacity change from 0 to 256 [ 851.286303][T30273] netlink: 'syz.3.10716': attribute type 3 has an invalid length. [ 851.319736][T30262] FAT-fs (loop2): Directory bread(block 64) failed [ 851.324913][T30273] netlink: 224 bytes leftover after parsing attributes in process `syz.3.10716'. [ 851.342051][T30262] FAT-fs (loop2): Directory bread(block 65) failed [ 851.372096][T30262] FAT-fs (loop2): Directory bread(block 66) failed [ 851.374810][T30275] loop4: detected capacity change from 0 to 164 [ 851.391210][T30262] FAT-fs (loop2): Directory bread(block 67) failed [ 851.403782][T30262] FAT-fs (loop2): Directory bread(block 68) failed [ 851.420620][T30262] FAT-fs (loop2): Directory bread(block 69) failed [ 851.452077][T30262] FAT-fs (loop2): Directory bread(block 70) failed [ 851.464117][T30262] FAT-fs (loop2): Directory bread(block 71) failed [ 851.470773][T30262] FAT-fs (loop2): Directory bread(block 72) failed [ 851.478514][T30262] FAT-fs (loop2): Directory bread(block 73) failed [ 851.494524][T30275] Unsupported NM flag settings (240) [ 851.522837][ T5947] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 851.684279][ T5947] usb 2-1: Using ep0 maxpacket: 8 [ 851.694650][ T5947] usb 2-1: unable to get BOS descriptor or descriptor too short [ 851.718580][ T5947] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E [ 851.752792][ T5947] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 851.789911][T30285] xt_hashlimit: max too large, truncated to 1048576 [ 851.791172][ T5947] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 851.841875][ T5947] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 851.879565][ T5947] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 851.898503][ T5947] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 0 [ 851.912159][T30293] netlink: 'syz.3.10724': attribute type 9 has an invalid length. [ 851.920158][ T5947] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 851.943799][ T5947] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB1, changing to 0x81 [ 851.975819][ T5947] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 852.022430][ T5947] usb 2-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 852.060210][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 852.088670][ T5947] usb 2-1: Product: syz [ 852.104822][ T5947] usb 2-1: Manufacturer: syz [ 852.119690][ T5947] usb 2-1: SerialNumber: syz [ 852.138998][ T5947] usb 2-1: config 0 descriptor?? [ 852.177642][ T5947] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 852.415637][T30317] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 852.465558][ T5947] usb 2-1: USB disconnect, device number 50 [ 852.542537][ T5887] udevd[5887]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 852.895896][ T5888] usb 3-1: new high-speed USB device number 124 using dummy_hcd [ 853.092837][ T5888] usb 3-1: Using ep0 maxpacket: 16 [ 853.112228][ T5888] usb 3-1: config 0 has an invalid interface number: 17 but max is 0 [ 853.138493][ T5888] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 853.170529][ T5888] usb 3-1: config 0 has no interface number 0 [ 853.197194][ T5888] usb 3-1: New USB device found, idVendor=0408, idProduct=4034, bcdDevice=dd.cd [ 853.216451][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 853.225515][T30358] netlink: 'syz.4.10750': attribute type 8 has an invalid length. [ 853.236749][ T5888] usb 3-1: Product: syz [ 853.241550][ T5888] usb 3-1: Manufacturer: syz [ 853.262953][ T5888] usb 3-1: SerialNumber: syz [ 853.285656][ T5888] usb 3-1: config 0 descriptor?? [ 853.319823][T30363] delete_channel: no stack [ 853.516185][ T5888] uvcvideo 3-1:0.17: Found UVC 0.00 device syz (0408:4034) [ 853.535149][T30378] loop4: detected capacity change from 0 to 256 [ 853.536693][ T5888] uvcvideo 3-1:0.17: No valid video chain found. [ 853.589843][T30380] netlink: 'syz.1.10762': attribute type 11 has an invalid length. [ 853.662634][T30378] FAT-fs (loop4): Directory bread(block 64) failed [ 853.684856][T30378] FAT-fs (loop4): Directory bread(block 65) failed [ 853.689840][T30386] loop1: detected capacity change from 0 to 512 [ 853.702628][T30378] FAT-fs (loop4): Directory bread(block 66) failed [ 853.710895][T30386] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 853.720958][ T5909] usb 3-1: USB disconnect, device number 124 [ 853.726380][T30378] FAT-fs (loop4): Directory bread(block 67) failed [ 853.761643][T30378] FAT-fs (loop4): Directory bread(block 68) failed [ 853.779769][T30378] FAT-fs (loop4): Directory bread(block 69) failed [ 853.787425][T30386] UDF-fs: error (device loop1): udf_verify_fi: directory (ino 21) has entry past directory size at pos 128 [ 853.788226][T30378] FAT-fs (loop4): Directory bread(block 70) failed [ 853.807573][T30378] FAT-fs (loop4): Directory bread(block 71) failed [ 853.820565][T30378] FAT-fs (loop4): Directory bread(block 72) failed [ 853.830324][T30378] FAT-fs (loop4): Directory bread(block 73) failed [ 853.863484][ T5888] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 854.045419][ T5888] usb 4-1: Using ep0 maxpacket: 32 [ 854.069188][ T5888] usb 4-1: unable to get BOS descriptor or descriptor too short [ 854.086536][ T5888] usb 4-1: config 7 has an invalid interface number: 187 but max is 0 [ 854.099894][ T5888] usb 4-1: config 7 has no interface number 0 [ 854.106274][ T5888] usb 4-1: config 7 interface 187 altsetting 6 bulk endpoint 0x4 has invalid maxpacket 947 [ 854.117767][ T5888] usb 4-1: config 7 interface 187 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0 [ 854.142893][ T5888] usb 4-1: config 7 interface 187 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 0 [ 854.166168][ T5888] usb 4-1: config 7 interface 187 has no altsetting 0 [ 854.180131][ T5888] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 854.190543][T30401] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 854.190857][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 854.218181][ T5888] usb 4-1: Product: syz [ 854.224035][ T5888] usb 4-1: Manufacturer: syz [ 854.228844][ T5888] usb 4-1: SerialNumber: syz [ 854.260141][T30384] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 854.386481][T30410] netlink: 'syz.2.10775': attribute type 1 has an invalid length. [ 854.430691][T30410] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10775'. [ 854.480056][T30414] netlink: 172 bytes leftover after parsing attributes in process `syz.1.10778'. [ 854.501897][ T5888] usb 4-1: Unused bulk OUT endpoint found: 0x03 [ 854.525536][T30414] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 854.532859][ T5888] usb 4-1: Not enough endpoints found in device, aborting! [ 854.788517][T13908] usb 4-1: USB disconnect, device number 35 [ 854.850021][T30429] loop4: detected capacity change from 0 to 1024 [ 855.522859][ T5947] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 855.663816][T30468] loop1: detected capacity change from 0 to 256 [ 855.676687][T30469] netlink: 'syz.3.10804': attribute type 10 has an invalid length. [ 855.696640][ T5947] usb 5-1: Using ep0 maxpacket: 8 [ 855.720832][ T5947] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 855.740380][T30468] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 855.785728][ T5947] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 855.800837][T30468] exFAT-fs (loop1): start_clu is invalid cluster(0x400) [ 855.808775][ T5947] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 855.838813][ T5947] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 855.880049][ T5947] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 855.902330][ T5947] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 855.933881][ T5947] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 855.955401][ T5947] usb 5-1: config 0 descriptor?? [ 855.978591][T30454] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 856.096828][ T5909] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 856.230368][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.231096][ C0] Bluetooth: hci5: Unexpected continuation: 1 bytes [ 856.238396][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.251081][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.258277][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.265250][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.272113][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.279124][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.286949][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.293932][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.300750][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.307954][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.315360][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.322325][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.329268][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.336221][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.342811][ T5909] usb 4-1: Using ep0 maxpacket: 8 [ 856.343267][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.354984][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.361811][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.368870][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.375737][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.382626][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.383941][ T5909] usb 4-1: config 162 has an invalid interface number: 84 but max is 2 [ 856.389608][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.404606][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.411425][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.418710][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.425629][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.432476][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.439507][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.446435][T30478] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 856.480113][ T5909] usb 4-1: config 162 has an invalid interface number: 3 but max is 2 [ 856.490950][ T5888] usb 5-1: USB disconnect, device number 19 [ 856.497345][ T5849] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 856.539570][ T5909] usb 4-1: config 162 has no interface number 0 [ 856.561796][ T5909] usb 4-1: config 162 has no interface number 1 [ 856.605850][ T5909] usb 4-1: config 162 interface 84 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 856.636100][ T5909] usb 4-1: config 162 interface 2 altsetting 1 has a duplicate endpoint with address 0x9, skipping [ 856.647644][ T5909] usb 4-1: config 162 interface 2 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 856.660715][ T5909] usb 4-1: config 162 interface 2 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024 [ 856.699843][ T5909] usb 4-1: config 162 interface 2 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024 [ 856.730563][ T5909] usb 4-1: config 162 interface 2 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 856.744684][T30504] loop1: detected capacity change from 0 to 1024 [ 856.765069][ T5909] usb 4-1: config 162 interface 84 has no altsetting 0 [ 856.785674][ T5909] usb 4-1: config 162 interface 2 has no altsetting 0 [ 856.799609][T30506] loop2: detected capacity change from 0 to 256 [ 856.806301][ T5909] usb 4-1: config 162 interface 3 has no altsetting 0 [ 856.829032][ T5909] usb 4-1: New USB device found, idVendor=0e8d, idProduct=763f, bcdDevice=9b.23 [ 856.839670][ T5909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 856.847904][T30506] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 856.872550][ T5909] usb 4-1: Product: syz [ 856.878301][ T5909] usb 4-1: Manufacturer: syz [ 856.885769][ T5909] usb 4-1: SerialNumber: syz [ 856.886769][ T60] hfsplus: b-tree write err: -5, ino 4 [ 857.103473][ T5916] usb 3-1: new full-speed USB device number 125 using dummy_hcd [ 857.149733][ T5849] Bluetooth: hci5: Opcode 0x0c03 failed: -71 [ 857.167031][ T5909] usb 4-1: USB disconnect, device number 36 [ 857.288757][ T5916] usb 3-1: config 8 has an invalid interface number: 80 but max is 0 [ 857.299123][T30529] binder: 30526:30529 ioctl c0306201 200000000380 returned -14 [ 857.311147][ T5916] usb 3-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 857.341717][ T5916] usb 3-1: config 8 has no interface number 0 [ 857.355859][ T5916] usb 3-1: config 8 interface 80 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 857.366806][ T5916] usb 3-1: config 8 interface 80 altsetting 0 has an endpoint descriptor with address 0xFA, changing to 0x8A [ 857.380171][ T5916] usb 3-1: config 8 interface 80 altsetting 0 endpoint 0x8A has invalid maxpacket 45699, setting to 64 [ 857.402614][ T5916] usb 3-1: config 8 interface 80 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 14 [ 857.429187][T30531] ieee802154 phy0 wpan0: encryption failed: -90 [ 857.429898][ T5916] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=c1.6f [ 857.444839][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 857.459430][T30506] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 857.486560][ T5916] usb 3-1: NFC: intf ffff88802f47b000 id ffffffff8eb201c0 [ 857.612559][ T5916] nfcmrvl 3-1:8.80: NFC: registered with nci successfully [ 857.695752][ T5916] usb 3-1: USB disconnect, device number 125 [ 857.708522][ T5916] usb 3-1: NFC: intf ffff88802f47b000 [ 857.866381][T30559] netlink: 'syz.0.10847': attribute type 21 has an invalid length. [ 857.877481][T30559] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10847'. [ 857.925773][ T5947] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 858.074154][T30574] SET target dimension over the limit! [ 858.103317][ T5947] usb 2-1: Using ep0 maxpacket: 16 [ 858.116739][ T5947] usb 2-1: config 0 has an invalid interface number: 105 but max is 0 [ 858.135427][ T5947] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 858.154941][ T5947] usb 2-1: config 0 has no interface number 0 [ 858.164166][ T5947] usb 2-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28 [ 858.174793][T30580] netlink: 32 bytes leftover after parsing attributes in process `syz.0.10858'. [ 858.177260][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 858.193533][ T5947] usb 2-1: Product: syz [ 858.197789][ T5947] usb 2-1: Manufacturer: syz [ 858.212362][ T5947] usb 2-1: SerialNumber: syz [ 858.222287][ T5947] usb 2-1: config 0 descriptor?? [ 858.358981][T30587] netlink: 'syz.3.10861': attribute type 10 has an invalid length. [ 858.405340][T30542] 9pnet_fd: p9_fd_create_tcp (30542): problem connecting socket to 127.0.0.1 [ 858.431031][T30587] team0: Port device dummy0 added [ 858.444481][ T5947] uvcvideo 2-1:0.105: Found UVC 0.00 device syz (046d:08d3) [ 858.451820][ T5947] uvcvideo 2-1:0.105: No valid video chain found. [ 858.579501][ T30] audit: type=1326 audit(2000000138.300:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30594 comm="syz.0.10866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f050418eec9 code=0x7ffc0000 [ 858.601944][ C0] vkms_vblank_simulate: vblank timer overrun [ 858.678811][ T5916] usb 2-1: USB disconnect, device number 51 [ 858.695439][ T30] audit: type=1326 audit(2000000138.340:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30594 comm="syz.0.10866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f050418eec9 code=0x7ffc0000 [ 858.717906][ C0] vkms_vblank_simulate: vblank timer overrun [ 858.759092][ T30] audit: type=1326 audit(2000000138.340:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30594 comm="syz.0.10866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7f050418eec9 code=0x7ffc0000 [ 858.802932][ T30] audit: type=1326 audit(2000000138.340:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30594 comm="syz.0.10866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f050418eec9 code=0x7ffc0000 [ 858.859481][ T30] audit: type=1326 audit(2000000138.340:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30594 comm="syz.0.10866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f050418eec9 code=0x7ffc0000 [ 858.945490][T30615] ieee802154 phy0 wpan0: encryption failed: -22 [ 859.135304][T30625] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 859.341147][T30635] netlink: 'syz.0.10883': attribute type 1 has an invalid length. [ 859.363109][T30635] nbd: couldn't find a device at index 20 [ 859.573097][T30643] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10889'. [ 859.903721][T30654] openvswitch: netlink: Duplicate or invalid key (type 0). [ 859.910971][T30654] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 860.002980][T30658] xt_TCPMSS: Only works on TCP SYN packets [ 860.260735][T30645] loop1: detected capacity change from 0 to 32768 [ 860.309831][T30645] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 860.496752][T30645] XFS (loop1): Ending clean mount [ 860.526760][T30645] XFS (loop1): Quotacheck needed: Please wait. [ 860.538813][T30686] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10906'. [ 860.555373][T30690] netlink: 220 bytes leftover after parsing attributes in process `syz.4.10908'. [ 860.607923][T30645] XFS (loop1): Quotacheck: Done. [ 860.712042][T30691] loop2: detected capacity change from 0 to 4096 [ 860.742842][T30691] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 860.775723][ T5843] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 860.802673][T30691] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 860.833094][T30691] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 860.877148][T30700] netlink: 'syz.3.10916': attribute type 21 has an invalid length. [ 860.894161][T30700] IPv6: NLM_F_CREATE should be specified when creating new route [ 860.902164][T30700] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 860.909438][T30700] IPv6: NLM_F_CREATE should be set when creating new route [ 860.916723][T30700] IPv6: NLM_F_CREATE should be set when creating new route [ 860.923986][T30700] IPv6: NLM_F_CREATE should be set when creating new route [ 860.973482][T30691] ntfs3(loop2): ino=1e, mi_enum_attr [ 860.978819][T30691] ntfs3(loop2): ino=1e, mi_enum_attr [ 860.994577][T30691] ntfs3(loop2): ino=1e, mi_enum_attr [ 861.105835][ T3549] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 861.133274][ T5837] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 861.139840][ T5837] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 861.197624][ T5837] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 861.443278][T30723] loop2: detected capacity change from 0 to 256 [ 861.473813][T30723] exfat: Deprecated parameter 'utf8' [ 861.503113][T30723] exfat: Deprecated parameter 'utf8' [ 861.541690][T30726] netlink: 'syz.4.10926': attribute type 1 has an invalid length. [ 861.557140][T30723] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7b823c56, utbl_chksum : 0xe619d30d) [ 861.933074][T30744] Zero length message leads to an empty skb [ 862.874947][T30789] No source specified [ 862.977201][T30794] loop4: detected capacity change from 0 to 512 [ 863.059758][T30794] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 863.082664][T30794] ext4 filesystem being mounted at /2249/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 863.100445][T30794] EXT4-fs error (device loop4): ext4_search_dir:1474: inode #2: block 3: comm syz.4.10961: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0 [ 863.251875][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 863.477195][T30786] loop1: detected capacity change from 0 to 40427 [ 863.523345][T30786] F2FS-fs (loop1): invalid crc value [ 863.534074][T30814] netlink: 'syz.2.10968': attribute type 3 has an invalid length. [ 863.540255][T30815] efs: cannot read volume header [ 863.694812][T30818] ip6erspan0: entered promiscuous mode [ 863.746651][T30786] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 863.767803][T30786] F2FS-fs (loop1): Start checkpoint disabled! [ 863.784052][T30786] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0 [ 863.822910][T30786] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 864.048518][T30835] netlink: 'syz.4.10978': attribute type 32 has an invalid length. [ 864.494529][T30847] 8021q: adding VLAN 0 to HW filter on device bond3 [ 864.892930][T30876] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10998'. [ 864.998275][T30878] netlink: 'syz.2.10999': attribute type 10 has an invalid length. [ 865.037535][T30885] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 865.044830][T30885] IPv6: NLM_F_CREATE should be set when creating new route [ 865.055001][T30885] IPv6: NLM_F_CREATE should be set when creating new route [ 865.215877][T30894] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11008'. [ 865.501942][T30907] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11012'. [ 865.979657][T30890] loop4: detected capacity change from 0 to 32768 [ 866.001548][ T3076] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 866.055123][T30890] (syz.4.11005,30890,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 866.086808][T30890] (syz.4.11005,30890,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 866.127789][T30890] JBD2: Ignoring recovery information on journal [ 866.234039][T30890] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 866.275578][ T3076] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 866.456368][ T5831] ocfs2: Unmounting device (7,4) on (node local) [ 866.885151][ T3076] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 866.974430][T30937] loop4: detected capacity change from 0 to 1024 [ 867.086574][ T3549] hfsplus: b-tree write err: -5, ino 4 [ 867.118911][ T3076] netdevsim netdevsim1 netdevsim0 (unregistering): left allmulticast mode [ 867.142988][T30478] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 867.151922][ T3076] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode [ 867.163715][T30478] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 867.177227][T30478] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 867.181877][ T3076] bridge0: port 3(netdevsim0) entered disabled state [ 867.240498][T13798] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 867.262157][T13798] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 867.314688][ T3076] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 867.364141][T30949] netlink: 'syz.3.11034': attribute type 71 has an invalid length. [ 867.458899][T30940] wg1 speed is unknown, defaulting to 1000 [ 867.674305][T30935] loop2: detected capacity change from 0 to 32768 [ 867.686125][T30962] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11040'. [ 867.699256][T30935] BTRFS error: failed to parse compression option 'zlib:nobarrier' [ 867.795757][ T3076] bridge_slave_1: left allmulticast mode [ 867.808357][ T6411] udevd[6411]: incorrect btrfs checksum on /dev/loop2 [ 867.818460][ T3076] bridge_slave_1: left promiscuous mode [ 867.836374][ T3076] bridge0: port 2(bridge_slave_1) entered disabled state [ 867.903476][ T5909] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 867.905702][ T3076] bridge_slave_0: left allmulticast mode [ 867.947511][ T3076] bridge_slave_0: left promiscuous mode [ 867.973666][ T3076] bridge0: port 1(bridge_slave_0) entered disabled state [ 868.065083][ T5909] usb 5-1: config 0 has an invalid interface number: 199 but max is 1 [ 868.084758][ T5909] usb 5-1: config 0 has no interface number 1 [ 868.113141][ T5909] usb 5-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 868.149383][ T5909] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 868.180231][ T5909] usb 5-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 868.205622][ T5909] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 868.238162][ T5909] usb 5-1: SerialNumber: syz [ 868.257026][ T5909] usb 5-1: config 0 descriptor?? [ 868.273509][ T5909] uvcvideo 5-1:0.199: Found UVC 0.00 device (0002:0000) [ 868.294325][ T5909] uvcvideo 5-1:0.199: No valid video chain found. [ 868.305158][T30981] netlink: 'syz.0.11047': attribute type 1 has an invalid length. [ 868.326993][T30981] netlink: 224 bytes leftover after parsing attributes in process `syz.0.11047'. [ 868.519825][ T5955] usb 5-1: USB disconnect, device number 20 [ 869.292472][ T3076] bond0 (unregistering): (slave 5‚): Releasing backup interface [ 869.313198][ T5849] Bluetooth: hci4: command tx timeout [ 869.313388][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 869.351829][ T3076] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 869.364108][ T3076] bond0 (unregistering): Released all slaves [ 869.403025][ T3076] bond1 (unregistering): Released all slaves [ 869.450798][ T3076] bond2 (unregistering): Released all slaves [ 870.280119][T31062] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security [ 870.323348][ T36] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 870.361381][ T36] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0 [ 870.612984][T31080] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11082'. [ 870.657623][T31080] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11082'. [ 870.681564][T31086] netlink: 'syz.2.11083': attribute type 30 has an invalid length. [ 870.701337][T30940] chnl_net:caif_netlink_parms(): no params data found [ 870.702604][T31086] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11083'. [ 870.846585][T31095] No control pipe specified [ 870.856147][T31086] bond2: option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4) [ 870.868334][T31086] bond2 (unregistering): Released all slaves [ 871.155054][T31103] netlink: 64 bytes leftover after parsing attributes in process `syz.4.11090'. [ 871.392883][ T5849] Bluetooth: hci4: command tx timeout [ 871.432811][T30522] usb 3-1: new full-speed USB device number 126 using dummy_hcd [ 871.526857][T30940] bridge0: port 1(bridge_slave_0) entered blocking state [ 871.548097][T30940] bridge0: port 1(bridge_slave_0) entered disabled state [ 871.566540][T30940] bridge_slave_0: entered allmulticast mode [ 871.582111][T30940] bridge_slave_0: entered promiscuous mode [ 871.591382][T31124] ./file0: Can't open blockdev [ 871.607084][T30940] bridge0: port 2(bridge_slave_1) entered blocking state [ 871.628054][T30522] usb 3-1: config 8 has an invalid interface number: 223 but max is 0 [ 871.637772][T30522] usb 3-1: config 8 contains an unexpected descriptor of type 0x1, skipping [ 871.653050][T30940] bridge0: port 2(bridge_slave_1) entered disabled state [ 871.660333][T30940] bridge_slave_1: entered allmulticast mode [ 871.668627][T30522] usb 3-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 871.680896][T30940] bridge_slave_1: entered promiscuous mode [ 871.688686][T30522] usb 3-1: config 8 has no interface number 0 [ 871.702566][T30522] usb 3-1: config 8 interface 223 altsetting 0 endpoint 0x7 has invalid maxpacket 15872, setting to 64 [ 871.725041][T30522] usb 3-1: config 8 interface 223 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 871.726719][T31126] netlink: 'syz.4.11100': attribute type 7 has an invalid length. [ 871.765563][T30522] usb 3-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 871.776966][T30522] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 871.783082][T31126] netlink: 'syz.4.11100': attribute type 8 has an invalid length. [ 871.807041][T30522] usb 3-1: Product: syz [ 871.832755][T30522] usb 3-1: Manufacturer: syz [ 871.837386][T30522] usb 3-1: SerialNumber: syz [ 872.029449][ T3076] hsr_slave_0: left promiscuous mode [ 872.103980][ T3076] hsr_slave_1: left promiscuous mode [ 872.133149][ T3076] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 872.159050][T30522] usb 3-1: USB disconnect, device number 126 [ 872.159476][ T3076] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 872.187504][ T3076] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 872.287858][ T3076] veth1_macvtap: left promiscuous mode [ 872.310565][ T3076] veth0_macvtap: left promiscuous mode [ 872.319760][ T3076] veth1_vlan: left promiscuous mode [ 872.995974][ T3076] team_slave_1 (unregistering): left promiscuous mode [ 873.004624][ T3076] team0 (unregistering): Port device team_slave_1 removed [ 873.046989][ T3076] team_slave_0 (unregistering): left promiscuous mode [ 873.054782][ T3076] team0 (unregistering): Port device team_slave_0 removed [ 873.472934][ T5849] Bluetooth: hci4: command tx timeout [ 873.501267][T30940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 873.514742][T30940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 873.628484][T30940] team0: Port device team_slave_0 added [ 873.648516][T30940] team0: Port device team_slave_1 added [ 873.880923][T31187] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11121'. [ 873.881537][T30940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 873.922834][T30940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 873.948775][ C0] vkms_vblank_simulate: vblank timer overrun [ 873.992915][T30940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 874.054334][T30940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 874.061339][T30940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 874.134901][T30940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 874.336242][T30940] hsr_slave_0: entered promiscuous mode [ 874.373833][T30940] hsr_slave_1: entered promiscuous mode [ 874.383068][ T5888] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 874.399762][T30940] debugfs: 'hsr0' already exists in 'hsr' [ 874.420432][T30940] Cannot create hsr debugfs directory [ 874.544541][ T5888] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 874.576316][ T3076] IPVS: stop unused estimator thread 0... [ 874.593007][ T5888] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 874.653096][ T5888] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 874.676975][T31225] netlink: 32 bytes leftover after parsing attributes in process `syz.3.11135'. [ 874.694388][ T5888] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 874.832012][T31229] netlink: 'syz.2.11136': attribute type 2 has an invalid length. [ 874.840639][T31229] netlink: 'syz.2.11136': attribute type 1 has an invalid length. [ 874.848787][T31229] netlink: 152 bytes leftover after parsing attributes in process `syz.2.11136'. [ 875.404190][T31250] netdevsim netdevsim0 netdevsim0: refused to change device tx_queue_len [ 875.423553][T30940] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 875.449154][T30940] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 875.466556][ T5955] usb 4-1: new full-speed USB device number 37 using dummy_hcd [ 875.481845][T30940] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 875.502146][T31254] vivid-000: disconnect [ 875.510654][T31253] vivid-000: reconnect [ 875.522004][T30940] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 875.555332][ T5849] Bluetooth: hci4: command tx timeout [ 875.667632][ T5955] usb 4-1: unable to get BOS descriptor or descriptor too short [ 875.685114][ T5955] usb 4-1: not running at top speed; connect to a high speed hub [ 875.690097][T31268] netlink: 'syz.2.11150': attribute type 2 has an invalid length. [ 875.701059][T31268] netlink: 'syz.2.11150': attribute type 1 has an invalid length. [ 875.705183][ T5955] usb 4-1: config 3 has an invalid interface number: 106 but max is 0 [ 875.731723][ T5955] usb 4-1: config 3 has no interface number 0 [ 875.746534][ T5955] usb 4-1: config 3 interface 106 altsetting 10 endpoint 0xD has invalid maxpacket 512, setting to 64 [ 875.778708][ T5955] usb 4-1: config 3 interface 106 altsetting 10 endpoint 0xF has invalid maxpacket 1024, setting to 64 [ 875.796575][ T5888] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -32 [ 875.809808][T30940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 875.816925][ T5955] usb 4-1: config 3 interface 106 has no altsetting 0 [ 875.833095][ T5888] stv0680 5-1:4.0: STV(e): camera ping failed!! [ 875.844184][ T5955] usb 4-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=e8.8a [ 875.863526][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 875.865348][ T5888] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 875.871533][ T5955] usb 4-1: Product: syz [ 875.888744][T30940] 8021q: adding VLAN 0 to HW filter on device team0 [ 875.896120][ T5888] stv0680 5-1:4.0: last error: 0, command = 0x0 [ 875.910746][ T3076] bridge0: port 1(bridge_slave_0) entered blocking state [ 875.917937][ T3076] bridge0: port 1(bridge_slave_0) entered forwarding state [ 875.927824][ T5888] usb 5-1: USB disconnect, device number 21 [ 875.955165][ T5955] usb 4-1: Manufacturer: syz [ 875.959805][ T5955] usb 4-1: SerialNumber: syz [ 875.980271][T31019] bridge0: port 2(bridge_slave_1) entered blocking state [ 875.987520][T31019] bridge0: port 2(bridge_slave_1) entered forwarding state [ 875.997928][T31244] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 876.020106][T31244] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 876.230622][T31283] tmpfs: Bad value for 'mpol' [ 876.271059][ T30] audit: type=1400 audit(2000000155.990:226): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//&@\)//&" pid=31284 comm="syz.0.11158" [ 876.312080][ T5955] kobil_sct 4-1:3.106: KOBIL USB smart card terminal converter detected [ 876.356554][ T5955] usb 4-1: KOBIL USB smart card terminal converter now attached to ttyUSB0 [ 876.387237][ T5955] usb 4-1: USB disconnect, device number 37 [ 876.449075][ T5955] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0 [ 876.502062][ T5955] kobil_sct 4-1:3.106: device disconnected [ 876.530898][T30940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 876.946819][T30940] veth0_vlan: entered promiscuous mode [ 876.976322][T30940] veth1_vlan: entered promiscuous mode [ 877.035856][T30940] veth0_macvtap: entered promiscuous mode [ 877.065483][T30940] veth1_macvtap: entered promiscuous mode [ 877.106875][T30940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 877.127322][T30940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 877.161455][T31288] Bluetooth: hci0: Opcode 0x0c20 failed: -4 [ 877.195371][ T3076] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 877.233898][ T3076] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 877.258778][T31019] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 877.287458][T31019] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 877.313180][T31330] netlink: 132 bytes leftover after parsing attributes in process `syz.4.11176'. [ 877.604316][ T3076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 877.612160][ T3076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 877.732090][ T3076] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 877.754964][ T3076] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 877.765015][T31348] loop2: detected capacity change from 0 to 1024 [ 877.807690][T31348] hfsplus: bad catalog entry type [ 877.954419][ T36] hfsplus: b-tree write err: -5, ino 4 [ 878.125242][T31365] netlink: 676 bytes leftover after parsing attributes in process `syz.4.11191'. [ 878.163034][T31365] netlink: 676 bytes leftover after parsing attributes in process `syz.4.11191'. [ 878.519430][T31381] vlan0: entered promiscuous mode [ 878.853013][T31395] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11207'. [ 879.152469][T31379] loop4: detected capacity change from 0 to 32768 [ 879.174248][ T30] audit: type=1800 audit(2000000158.890:227): pid=31379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.11198" name="file1" dev="loop4" ino=4 res=0 errno=0 [ 879.410475][T31387] loop2: detected capacity change from 0 to 32768 [ 880.070383][T31442] random: crng reseeded on system resumption [ 881.033963][ T5888] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 881.052115][T31498] loop2: detected capacity change from 0 to 1024 [ 881.176526][ T3549] hfsplus: b-tree write err: -5, ino 8 [ 881.196314][ T5888] usb 4-1: Using ep0 maxpacket: 32 [ 881.207401][ T5888] usb 4-1: unable to get BOS descriptor or descriptor too short [ 881.218079][T31506] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11261'. [ 881.232558][ T5888] usb 4-1: config 128 has an invalid interface number: 127 but max is 3 [ 881.241477][ T5888] usb 4-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config [ 881.280882][ T5888] usb 4-1: config 128 has 1 interface, different from the descriptor's value: 4 [ 881.303359][ T5888] usb 4-1: config 128 has no interface number 0 [ 881.309714][ T5888] usb 4-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 881.324634][ T5888] usb 4-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0 [ 881.363526][ T5888] usb 4-1: config 128 interface 127 has no altsetting 0 [ 881.382302][ T5888] usb 4-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55 [ 881.406185][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 881.422883][ T5888] usb 4-1: Product: syz [ 881.433394][ T5888] usb 4-1: Manufacturer: syz [ 881.445906][ T5888] usb 4-1: SerialNumber: syz [ 881.743002][ T5888] usb 4-1: USB disconnect, device number 38 [ 881.807030][ T6411] udevd[6411]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 881.863316][T31510] loop2: detected capacity change from 0 to 32768 [ 881.871179][T31510] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.11262 (31510) [ 881.910473][T31510] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 881.926010][T31510] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 882.012779][ T5916] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 882.024028][T31510] BTRFS info (device loop2): enabling ssd optimizations [ 882.031149][T31510] BTRFS info (device loop2): enabling free space tree [ 882.134913][ T5837] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 882.167539][ T5916] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 882.182987][ T5916] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 882.201336][ T5916] usb 6-1: Product: syz [ 882.211468][ T5916] usb 6-1: Manufacturer: syz [ 882.221808][ T5916] usb 6-1: SerialNumber: syz [ 882.271983][ T5916] usb 6-1: config 0 descriptor?? [ 882.509764][ T5916] hso 6-1:0.0: Failed to find BULK IN ep [ 882.534552][ T5916] usb-storage 6-1:0.0: USB Mass Storage device detected [ 882.695193][ T5888] usb 6-1: USB disconnect, device number 2 [ 882.864872][T13908] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 883.024705][T13908] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 883.044183][T13908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 883.057807][T13908] usb 5-1: config 0 descriptor?? [ 883.288455][T13908] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 883.339105][T31589] xt_TCPMSS: Only works on TCP SYN packets [ 883.497643][T13908] [drm:udl_init] *ERROR* Selecting channel failed [ 883.551021][T13908] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2 [ 883.582719][T13908] [drm] Initialized udl on minor 2 [ 883.594901][T13908] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 883.615231][T13908] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 883.635588][ T5955] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 883.646865][T13908] usb 5-1: USB disconnect, device number 22 [ 883.655264][ T5955] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 883.992159][T31585] loop2: detected capacity change from 0 to 32768 [ 884.026112][T31616] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11303'. [ 884.341937][T31632] loop5: detected capacity change from 0 to 256 [ 884.379045][T31632] exfat: Deprecated parameter 'utf8' [ 884.444600][T31632] exfat: Deprecated parameter 'utf8' [ 884.489423][T31640] netlink: 'syz.0.11316': attribute type 2 has an invalid length. [ 884.517594][T31632] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d) [ 884.522924][T31640] netlink: 'syz.0.11316': attribute type 1 has an invalid length. [ 884.593175][T31640] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11316'. [ 884.651930][T31632] exFAT-fs (loop5): error, in sector 160, dentry 12 should be unused, but 0x85 [ 884.875058][T31658] tmpfs: Bad value for 'mpol' [ 885.032422][T31670] openvswitch: netlink: Missing valid actions attribute. [ 885.035149][T31669] netlink: 'syz.2.11330': attribute type 10 has an invalid length. [ 885.042416][T31670] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 885.074700][T31669] macvlan0: entered promiscuous mode [ 885.080033][T31669] macvlan0: entered allmulticast mode [ 885.105333][T31669] veth1_vlan: entered allmulticast mode [ 885.126849][T31669] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 885.167252][T31677] loop4: detected capacity change from 0 to 256 [ 885.189221][T31677] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 885.617262][T31700] gre1: entered allmulticast mode [ 885.751033][T31706] netlink: 56 bytes leftover after parsing attributes in process `syz.2.11349'. [ 885.906424][T31715] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 886.670332][T31710] loop4: detected capacity change from 0 to 32768 [ 886.718161][T31710] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 886.978926][T31710] XFS (loop4): Ending clean mount [ 887.133978][ T5831] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 887.182310][T31760] netlink: 'syz.5.11365': attribute type 21 has an invalid length. [ 887.251354][T31760] netlink: 164 bytes leftover after parsing attributes in process `syz.5.11365'. [ 887.289591][T31730] loop2: detected capacity change from 0 to 32768 [ 887.558853][T31768] xt_hashlimit: invalid rate [ 888.058179][T31789] netlink: 'syz.5.11377': attribute type 1 has an invalid length. [ 888.783800][ T30] audit: type=1326 audit(2000000168.500:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31831 comm="syz.2.11393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68e1f8eec9 code=0x7ffc0000 [ 888.862847][ T30] audit: type=1326 audit(2000000168.500:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31831 comm="syz.2.11393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68e1f8eec9 code=0x7ffc0000 [ 888.956240][ T30] audit: type=1326 audit(2000000168.530:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31831 comm="syz.2.11393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f68e1f8eec9 code=0x7ffc0000 [ 889.064286][ T30] audit: type=1326 audit(2000000168.700:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31831 comm="syz.2.11393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68e1f8eec9 code=0x7ffc0000 [ 889.066832][T31846] netlink: 'syz.5.11398': attribute type 3 has an invalid length. [ 889.149506][T31846] netlink: 'syz.5.11398': attribute type 3 has an invalid length. [ 889.163393][ T30] audit: type=1326 audit(2000000168.700:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31831 comm="syz.2.11393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68e1f8eec9 code=0x7ffc0000 [ 889.203103][T31846] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11398'. [ 889.221227][T31856] sctp: [Deprecated]: syz.2.11401 (pid 31856) Use of struct sctp_assoc_value in delayed_ack socket option. [ 889.221227][T31856] Use struct sctp_sack_info instead [ 889.444113][T31863] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11405'. [ 889.492904][T31865] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11406'. [ 890.000204][T31893] bond0: option arp_validate: invalid value (18446744073491447809) [ 890.008614][ T3549] bond0: (slave 30): interface is now down [ 890.045702][ T3549] bond0: (slave bond_slave_1): interface is now down [ 890.054200][ T3549] bond0: (slave dummy0): interface is now down [ 890.095947][ T3549] bond0: now running without any active interface! [ 890.401369][T31920] netlink: 'syz.0.11430': attribute type 1 has an invalid length. [ 890.458404][T31920] netlink: 224 bytes leftover after parsing attributes in process `syz.0.11430'. [ 890.713007][ T5916] usb 3-1: new high-speed USB device number 127 using dummy_hcd [ 890.875381][ T5916] usb 3-1: Using ep0 maxpacket: 16 [ 890.910995][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 890.956756][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 890.993863][ T5916] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 891.015056][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 891.049514][ T5916] usb 3-1: config 0 descriptor?? [ 891.280574][ T5916] usbhid 3-1:0.0: can't add hid device: -71 [ 891.299215][ T5916] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 891.321915][ T5916] usb 3-1: USB disconnect, device number 127 [ 891.605193][T31986] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11456'. [ 891.714339][ T2343] pvrusb2: request_firmware fatal error with code=-110 [ 891.733997][ T2343] pvrusb2: Failure uploading firmware1 [ 891.739479][ T2343] pvrusb2: Device initialization was not successful. [ 891.763102][ T2343] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 891.776733][ T2343] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 891.802983][ T980] pvrusb2: Device being rendered inoperable [ 892.740053][T32014] netlink: 'syz.5.11470': attribute type 7 has an invalid length. [ 892.797360][T32020] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 893.327068][T32053] delete_channel: no stack [ 893.686919][T32072] netlink: 6 bytes leftover after parsing attributes in process `syz.2.11498'. [ 893.715684][T32072] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 893.736785][T32078] netlink: 'syz.5.11501': attribute type 2 has an invalid length. [ 893.744412][T32079] netlink: 72 bytes leftover after parsing attributes in process `syz.0.11502'. [ 893.758037][T32079] netlink: 72 bytes leftover after parsing attributes in process `syz.0.11502'. [ 893.787520][T32078] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.11501'. [ 893.835570][T32078] nbd: must specify an index to disconnect [ 893.895618][T32085] netlink: 'syz.0.11504': attribute type 1 has an invalid length. [ 893.958263][T32089] netdevsim netdevsim3: Direct firmware load for ÿ failed with error -2 [ 894.057322][T32089] netdevsim netdevsim3: Falling back to sysfs fallback for: ÿ [ 894.088941][T32095] loop2: detected capacity change from 0 to 736 [ 894.221372][T32095] rock: directory entry would overflow storage [ 894.248082][T32095] rock: sig=0x3b10, size=4, remaining=3 [ 894.476823][T32114] libceph: resolve '4.' (ret=-3): failed [ 894.638138][T32123] netlink: zone id is out of range [ 894.675644][T32123] netlink: zone id is out of range [ 894.952568][T32142] bridge0: port 4(bond0) entered blocking state [ 894.983631][T32142] bridge0: port 4(bond0) entered disabled state [ 894.990208][T32142] bond0: entered allmulticast mode [ 895.018268][T32144] loop5: detected capacity change from 0 to 2048 [ 895.032798][T32142] bond_slave_0: entered allmulticast mode [ 895.048458][T32142] bond_slave_1: entered allmulticast mode [ 895.059035][T32144] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found! [ 895.075109][T32142] bond0: entered promiscuous mode [ 895.087304][T32142] bond_slave_0: entered promiscuous mode [ 895.104029][T32142] bond_slave_1: entered promiscuous mode [ 895.119537][T32144] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 895.131959][T32142] bridge0: port 4(bond0) entered blocking state [ 895.138504][T32142] bridge0: port 4(bond0) entered forwarding state [ 895.364789][T32162] netlink: 'syz.2.11543': attribute type 1 has an invalid length. [ 895.587461][T32174] loop4: detected capacity change from 0 to 1024 [ 895.593862][T13908] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 895.672908][ T3076] hfsplus: b-tree write err: -5, ino 4 [ 895.744046][T13908] usb 4-1: Using ep0 maxpacket: 8 [ 895.758903][T13908] usb 4-1: unable to get BOS descriptor or descriptor too short [ 895.788721][T13908] usb 4-1: config 8 interface 0 altsetting 7 bulk endpoint 0x3 has invalid maxpacket 8 [ 895.825860][T13908] usb 4-1: config 8 interface 0 has no altsetting 0 [ 895.855731][T13908] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5 [ 895.885290][T13908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 895.912810][T13908] usb 4-1: Product: syz [ 895.917009][T13908] usb 4-1: Manufacturer: syz [ 895.921603][T13908] usb 4-1: SerialNumber: syz [ 895.958938][T32163] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 896.112258][T32202] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 896.183576][T13908] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 896.190611][T13908] usb 4-1: selecting invalid altsetting 0 [ 896.316243][T13908] usb 4-1: USB disconnect, device number 39 [ 896.318796][ T30] audit: type=1326 audit(2000000176.030:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32207 comm="syz.0.11567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f050418eec9 code=0x7ffc0000 [ 896.434829][ T30] audit: type=1326 audit(2000000176.030:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32207 comm="syz.0.11567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f050418eec9 code=0x7ffc0000 [ 896.450595][ T5887] udevd[5887]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:8.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 896.457285][ C0] vkms_vblank_simulate: vblank timer overrun [ 896.494138][T32216] binder: 32215:32216 ioctl c018620b 0 returned -14 [ 896.543118][ T30] audit: type=1326 audit(2000000176.040:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32207 comm="syz.0.11567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7f050418eec9 code=0x7ffc0000 [ 896.616753][ T30] audit: type=1326 audit(2000000176.040:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32207 comm="syz.0.11567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f050418eec9 code=0x7ffc0000 [ 896.639271][ C0] vkms_vblank_simulate: vblank timer overrun [ 896.698866][ T30] audit: type=1326 audit(2000000176.040:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32207 comm="syz.0.11567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f050418eec9 code=0x7ffc0000 [ 896.721335][ C0] vkms_vblank_simulate: vblank timer overrun [ 897.094567][ T5888] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 897.168930][T32214] loop5: detected capacity change from 0 to 32768 [ 897.196747][T32214] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 897.253623][ T5888] usb 5-1: Using ep0 maxpacket: 32 [ 897.262570][ T5888] usb 5-1: config 0 has an invalid interface number: 74 but max is 1 [ 897.271086][ T5888] usb 5-1: config 0 has no interface number 1 [ 897.277195][T32214] XFS (loop5): Ending clean mount [ 897.281338][T32214] XFS (loop5): Quotacheck needed: Please wait. [ 897.294894][ T5888] usb 5-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa [ 897.304268][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 897.312262][ T5888] usb 5-1: Product: syz [ 897.332873][ T5888] usb 5-1: Manufacturer: syz [ 897.342997][ T5888] usb 5-1: SerialNumber: syz [ 897.371427][ T5888] usb 5-1: config 0 descriptor?? [ 897.396759][T32214] XFS (loop5): Quotacheck: Done. [ 897.439951][T32225] loop2: detected capacity change from 0 to 40427 [ 897.459733][ T5888] snd-usb-audio 5-1:0.74: probe with driver snd-usb-audio failed with error -22 [ 897.472574][T32225] F2FS-fs: heap/no_heap options were deprecated [ 897.501934][T30940] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 897.546023][T32225] F2FS-fs (loop2): build fault injection rate: 23 [ 897.575995][T32225] F2FS-fs (loop2): build fault injection type: 0x3bfe8c [ 897.593830][ T6457] udevd[6457]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.74/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 897.637247][T32225] F2FS-fs (loop2): invalid crc value [ 897.708882][T32225] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970 [ 897.784409][ T24] usb 5-1: USB disconnect, device number 23 [ 897.930907][T32225] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 897.943863][T32225] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 898.009931][T32272] netlink: 64 bytes leftover after parsing attributes in process `syz.0.11589'. [ 898.025861][T32225] F2FS-fs (loop2): inject slab alloc in f2fs_alloc_inode of alloc_inode+0x6a/0x1b0 [ 898.343677][ T5888] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 898.515989][ T5888] usb 4-1: Using ep0 maxpacket: 16 [ 898.524825][ T5888] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 898.546677][ T5888] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 898.619922][T32299] nfs: Deprecated parameter 'nointr' [ 898.703517][ T5888] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 898.712589][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 898.724947][ T5888] usb 4-1: Product: syz [ 898.729128][ T5888] usb 4-1: Manufacturer: syz [ 898.733935][ T5888] usb 4-1: SerialNumber: syz [ 899.148233][T32321] loop2: detected capacity change from 0 to 64 [ 899.196124][ T5888] usb 4-1: cannot find UAC_HEADER [ 899.268109][ T5888] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 899.313006][ T5888] usb 4-1: USB disconnect, device number 40 [ 899.397760][ T6411] udevd[6411]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 899.743161][T32353] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11627'. [ 899.861142][T32357] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 900.334873][T32386] cgroup: Invalid name [ 900.416525][T32384] loop4: detected capacity change from 0 to 8192 [ 900.655856][T32405] netlink: zone id is out of range [ 900.661015][T32405] netlink: zone id is out of range [ 900.731624][T32405] netlink: zone id is out of range [ 900.737736][T32405] netlink: zone id is out of range [ 900.744046][T32405] netlink: zone id is out of range [ 900.750161][T32405] netlink: zone id is out of range [ 901.075369][T32429] netlink: 24 bytes leftover after parsing attributes in process `syz.4.11665'. [ 901.155160][ T24] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 901.331509][ T24] usb 4-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 901.372717][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 901.380823][ T24] usb 4-1: Product: syz [ 901.386313][ T24] usb 4-1: Manufacturer: syz [ 901.397766][ T24] usb 4-1: SerialNumber: syz [ 901.413240][ T24] usb 4-1: config 0 descriptor?? [ 901.446267][T32449] netlink: 4268 bytes leftover after parsing attributes in process `syz.4.11676'. [ 901.464724][T32449] openvswitch: netlink: Missing key (keys=40, expected=80) [ 901.502528][T32455] x_tables: ip_tables: osf match: only valid for protocol 6 [ 901.828746][ T24] usb 4-1: f81604_write: reg: 105 data: 8a failed: -EPROTO [ 901.848144][ T24] f81604 4-1:0.0: Setting termination of CH#0 failed: -EPROTO [ 901.864018][T32473] netlink: 'syz.5.11685': attribute type 29 has an invalid length. [ 901.867359][ T24] f81604 4-1:0.0: probe with driver f81604 failed with error -71 [ 901.903594][ T24] usb 4-1: USB disconnect, device number 41 [ 901.927061][T32473] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11685'. [ 902.250957][T32493] loop4: detected capacity change from 0 to 8 [ 902.277770][T32493] syz.4.11696: attempt to access beyond end of device [ 902.277770][T32493] loop4: rw=2048, sector=36028797018963960, nr_sectors = 16 limit=8 [ 902.329279][T32493] SQUASHFS error: Failed to read block 0xfffffffffffffffc: -5 [ 902.360223][T32493] unable to read xattr id index table [ 902.420204][T32493] loop4: detected capacity change from 0 to 1024 [ 902.451861][T32493] EXT4-fs: Ignoring removed i_version option [ 902.469648][T32493] EXT4-fs: Ignoring removed nobh option [ 902.492268][T32493] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 902.542280][T32493] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 902.578435][T32493] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: inode #32: comm syz.4.11696: iget: special inode unallocated [ 902.623102][T32493] EXT4-fs (loop4): no journal found [ 902.664803][T32493] EXT4-fs (loop4): can't get journal size [ 902.682123][T32493] EXT4-fs error (device loop4): ext4_protect_reserved_inode:160: inode #32: comm syz.4.11696: iget: special inode unallocated [ 902.753268][T32493] EXT4-fs (loop4): failed to initialize system zone (-117) [ 902.760617][T32493] EXT4-fs (loop4): mount failed [ 902.949875][T32514] loop2: detected capacity change from 0 to 4096 [ 903.055565][T32514] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 903.240581][T32497] loop5: detected capacity change from 0 to 32768 [ 903.769208][T32548] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 904.196204][T32533] loop4: detected capacity change from 0 to 32768 [ 904.221856][T32533] [ 904.221856][T32533] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 904.221856][T32533] [ 904.271113][T32569] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11733'. [ 904.290540][T32533] JFS: metapage_get_blocks failed [ 904.318715][T32533] ERROR: (device loop4): release_metapage: metapage_write_one() failed [ 904.318715][T32533] [ 904.367250][T32533] ERROR: (device loop4): diWrite: ixpxd invalid [ 904.367250][T32533] [ 904.389543][T32533] ERROR: (device loop4): txCommit: [ 904.389543][T32533] [ 904.467560][ T5831] [ 904.467560][ T5831] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 904.467560][ T5831] [ 904.493913][ T5831] [ 904.493913][ T5831] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 904.493913][ T5831] [ 904.916114][T32598] netlink: 'syz.3.11748': attribute type 13 has an invalid length. [ 905.118264][T32606] netlink: 256 bytes leftover after parsing attributes in process `syz.0.11750'. [ 906.009110][T32610] loop5: detected capacity change from 0 to 32768 [ 906.196139][T32610] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 906.225329][T32610] OCFS2: ERROR (device loop5): int ocfs2_validate_xattr_block(struct super_block *, struct buffer_head *): Extended attribute block #2304 has bad signature [ 906.285974][T32655] ip6t_REJECT: ECHOREPLY is not supported [ 906.302141][T32610] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 906.353068][T32610] OCFS2: File system is now read-only. [ 906.371667][T32610] (syz.5.11752,32610,0):ocfs2_xattr_block_find:2831 ERROR: status = -30 [ 906.457068][T30940] ocfs2: Unmounting device (7,5) on (node local) [ 907.342574][ T30] audit: type=1326 audit(2000000187.060:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32705 comm="syz.4.11789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ff00000 [ 907.412763][ T30] audit: type=1326 audit(2000000187.060:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32705 comm="syz.4.11789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ff00000 [ 907.490941][ T30] audit: type=1326 audit(2000000187.060:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32705 comm="syz.4.11789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ff00000 [ 907.565331][T32717] netlink: 'syz.5.11794': attribute type 21 has an invalid length. [ 907.578371][ T30] audit: type=1326 audit(2000000187.060:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32705 comm="syz.4.11789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ff00000 [ 907.615397][T32718] tmpfs: Bad value for 'size' [ 907.652786][ T30] audit: type=1326 audit(2000000187.060:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32705 comm="syz.4.11789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ff00000 [ 907.697000][ T36] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 907.729724][ T30] audit: type=1326 audit(2000000187.060:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32705 comm="syz.4.11789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ff00000 [ 907.737478][ T36] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 907.817142][ T30] audit: type=1326 audit(2000000187.060:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32705 comm="syz.4.11789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ff00000 [ 907.843385][ T36] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 907.852242][ T36] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 907.904202][T32734] netlink: 'syz.2.11800': attribute type 3 has an invalid length. [ 907.911415][ T30] audit: type=1326 audit(2000000187.060:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32705 comm="syz.4.11789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ff00000 [ 908.002299][ T30] audit: type=1326 audit(2000000187.060:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32705 comm="syz.4.11789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ff00000 [ 908.074446][ T30] audit: type=1326 audit(2000000187.060:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32705 comm="syz.4.11789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ff00000 [ 908.185900][T32750] netlink: 'syz.3.11807': attribute type 13 has an invalid length. [ 908.216656][T32750] netlink: 'syz.3.11807': attribute type 17 has an invalid length. [ 908.485388][T32750] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 908.793102][ T307] netlink: zone id is out of range [ 908.798257][ T307] netlink: zone id is out of range [ 908.826526][ T307] netlink: zone id is out of range [ 908.832163][ T307] netlink: zone id is out of range [ 909.624223][ T347] loop5: detected capacity change from 0 to 4096 [ 909.661805][ T347] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 909.762526][ T347] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 909.791352][ T347] ntfs3(loop5): ino=19, mi_enum_attr [ 909.835466][ T343] loop2: detected capacity change from 0 to 32768 [ 909.883363][ T357] IPVS: set_ctl: invalid protocol: 108 172.20.20.170:20003 [ 910.002688][T13908] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 910.014191][ T359] loop5: detected capacity change from 0 to 128 [ 910.083147][ T359] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 910.123672][ T359] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 910.163122][T13908] usb 4-1: Using ep0 maxpacket: 32 [ 910.174721][T13908] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 910.189033][T13908] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 910.200448][T13908] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 910.203103][T30940] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 910.209923][T13908] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 910.229834][T13908] usb 4-1: config 0 descriptor?? [ 910.247618][T13908] hub 4-1:0.0: USB hub found [ 910.349416][ T371] loop2: detected capacity change from 0 to 8 [ 910.394035][ T371] SQUASHFS error: Unable to read directory block [629:26] [ 910.439295][T13908] hub 4-1:0.0: 2 ports detected [ 910.594408][ T378] loop5: detected capacity change from 0 to 2048 [ 910.634864][ T378] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 910.640662][T13908] hub 4-1:0.0: hub_hub_status failed (err = -71) [ 910.686423][T13908] hub 4-1:0.0: config failed, can't get hub status (err -71) [ 910.714734][T13908] usbhid 4-1:0.0: can't add hid device: -71 [ 910.720759][T13908] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 910.797501][T13908] usb 4-1: USB disconnect, device number 42 [ 910.841975][ T391] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 911.108113][ T401] loop2: detected capacity change from 0 to 4096 [ 911.135089][ T401] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 911.203235][ T401] ntfs3(loop2): ino=3, mi_enum_attr [ 911.312913][ T411] netlink: 'syz.3.11869': attribute type 11 has an invalid length. [ 911.373706][ T1037] ntfs3(loop2): ino=1f, failed to open parent directory r=5 to update [ 911.612962][ T415] loop5: detected capacity change from 0 to 4096 [ 911.658543][ T415] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 911.775369][ T415] ntfs3(loop5): ino=19, mi_enum_attr [ 911.779020][ T426] loop2: detected capacity change from 0 to 2048 [ 911.794427][ T415] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 911.844068][ T426] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 911.881189][ T426] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #16: comm syz.2.11875: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 912.104346][ T5837] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 912.520598][ T462] loop4: detected capacity change from 0 to 2048 [ 912.581048][ T462] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 912.632721][ T980] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 912.804608][ T980] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 912.826683][ T980] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1 [ 912.848655][ T980] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 10 [ 912.862907][ T980] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 10 [ 912.889527][ T980] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 255, setting to 64 [ 912.944315][ T980] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 912.963002][ T30] kauditd_printk_skb: 57 callbacks suppressed [ 912.963020][ T30] audit: type=1326 audit(2000000192.660:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=481 comm="syz.4.11903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ffc0000 [ 913.022881][ T980] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 913.031958][ T980] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 913.072885][ T980] usb 6-1: Manufacturer: syz [ 913.082711][ T30] audit: type=1326 audit(2000000192.660:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=481 comm="syz.4.11903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ffc0000 [ 913.128985][ T980] usb 6-1: config 0 descriptor?? [ 913.157812][ T30] audit: type=1326 audit(2000000192.680:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=481 comm="syz.4.11903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f360c78eec9 code=0x7ffc0000 [ 913.213680][ T30] audit: type=1326 audit(2000000192.680:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=481 comm="syz.4.11903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ffc0000 [ 913.249755][ T494] netlink: 64 bytes leftover after parsing attributes in process `syz.2.11909'. [ 913.293135][ T30] audit: type=1326 audit(2000000192.680:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=481 comm="syz.4.11903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f360c78eec9 code=0x7ffc0000 [ 913.361057][ T5888] usb 6-1: USB disconnect, device number 3 [ 913.542298][ T505] netlink: 232 bytes leftover after parsing attributes in process `syz.4.11914'. [ 913.563516][ T505] netlink: 232 bytes leftover after parsing attributes in process `syz.4.11914'. [ 913.592807][ T505] netlink: 52 bytes leftover after parsing attributes in process `syz.4.11914'. [ 914.077875][ T526] netlink: 20 bytes leftover after parsing attributes in process `syz.0.11924'. [ 914.255119][ T534] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11928'. [ 914.286735][ T533] netlink: 666 bytes leftover after parsing attributes in process `syz.5.11927'. [ 914.491702][ T545] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11934'. [ 914.552769][ T980] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 914.704423][ T980] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 914.743140][ T980] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 914.774861][ T980] usb 3-1: config 0 descriptor?? [ 914.802234][ T980] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 915.030583][ T546] loop5: detected capacity change from 0 to 32768 [ 915.059008][ T546] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.11933 (546) [ 915.105480][ T546] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 915.123382][ T546] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm [ 915.213046][ T980] gspca_stv06xx: I2C: Read error writing address: -71 [ 915.240242][ T980] usb 3-1: USB disconnect, device number 2 [ 915.267547][ T546] BTRFS info (device loop5): enabling ssd optimizations [ 915.295335][ T546] BTRFS info (device loop5): enabling free space tree [ 915.325176][ T578] loop4: detected capacity change from 0 to 512 [ 915.364219][ T578] EXT4-fs: Ignoring removed i_version option [ 915.401856][ T578] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 915.457644][ T578] EXT4-fs (loop4): 1 truncate cleaned up [ 915.485360][ T578] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 915.503197][T30940] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 915.596919][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 916.490510][ T617] loop5: detected capacity change from 0 to 1764 [ 916.980212][ T646] netlink: 'syz.3.11974': attribute type 27 has an invalid length. [ 917.021012][ T646] netlink: 164 bytes leftover after parsing attributes in process `syz.3.11974'. [ 917.245074][ T661] random: crng reseeded on system resumption [ 917.521225][ T678] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11988'. [ 918.102965][ T710] openvswitch: netlink: EtherType 0 is less than min 600 [ 918.323768][ T5916] usb 5-1: new full-speed USB device number 24 using dummy_hcd [ 918.323930][ T5955] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 918.345740][ T682] loop2: detected capacity change from 0 to 32768 [ 918.433610][ T682] JBD2: Ignoring recovery information on journal [ 918.480989][ T727] "syz.3.12006" (727) uses obsolete ecb(arc4) skcipher [ 918.503575][ T5916] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 918.522703][ T5955] usb 6-1: Using ep0 maxpacket: 8 [ 918.534670][ T5955] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 918.548376][ T5916] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 918.557229][ T5955] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 918.571454][ T5955] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 918.583895][ T5955] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 918.585999][ T682] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 918.601403][ T5955] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 918.613340][ T5916] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 918.636687][ T5916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 918.643731][ T5955] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 918.671305][ T5955] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 918.691118][ T5916] hub 5-1:4.0: USB hub found [ 918.715944][ T5955] usb 6-1: config 0 descriptor?? [ 918.727835][ T711] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 918.737950][ T682] ------------[ cut here ]------------ [ 918.746279][ T682] UBSAN: array-index-out-of-bounds in fs/ocfs2/suballoc.c:380:22 [ 918.774454][ T682] index 0 is out of range for type 'struct ocfs2_chain_rec[] __counted_by(cl_count)' (aka 'struct ocfs2_chain_rec[]') [ 918.787665][ T682] CPU: 0 UID: 0 PID: 682 Comm: syz.2.11990 Not tainted syzkaller #0 PREEMPT(full) [ 918.787708][ T682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 918.787720][ T682] Call Trace: [ 918.787729][ T682] [ 918.787738][ T682] dump_stack_lvl+0x189/0x250 [ 918.787768][ T682] ? __pfx_dump_stack_lvl+0x10/0x10 [ 918.787788][ T682] ? __pfx__printk+0x10/0x10 [ 918.787824][ T682] ubsan_epilogue+0xa/0x40 [ 918.787845][ T682] __ubsan_handle_out_of_bounds+0xe9/0xf0 [ 918.787872][ T682] ? __asan_memcpy+0x40/0x70 [ 918.787893][ T682] ocfs2_block_group_fill+0x938/0xb30 [ 918.787934][ T682] ? __pfx_ocfs2_block_group_fill+0x10/0x10 [ 918.787978][ T682] ocfs2_reserve_suballoc_bits+0x117d/0x4680 [ 918.788007][ T682] ? do_raw_spin_lock+0x121/0x290 [ 918.788040][ T682] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 918.788082][ T682] ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10 [ 918.788110][ T682] ? stack_depot_save_flags+0x41b/0x860 [ 918.788138][ T682] ? kasan_save_track+0x4f/0x80 [ 918.788155][ T682] ? kasan_save_track+0x3e/0x80 [ 918.788171][ T682] ? __kasan_kmalloc+0x93/0xb0 [ 918.788189][ T682] ? __kmalloc_cache_noprof+0x3d5/0x6f0 [ 918.788207][ T682] ? ocfs2_reserve_new_metadata_blocks+0x113/0x940 [ 918.788230][ T682] ? ocfs2_extend_dir+0xc76/0x4870 [ 918.788247][ T682] ? ocfs2_prepare_dir_for_insert+0x2fdf/0x54b0 [ 918.788265][ T682] ? ocfs2_mknod+0x819/0x2050 [ 918.788285][ T682] ? ocfs2_mkdir+0x191/0x440 [ 918.788305][ T682] ? vfs_mkdir+0x306/0x510 [ 918.788321][ T682] ? do_mkdirat+0x247/0x590 [ 918.788337][ T682] ? __x64_sys_mkdirat+0x87/0xa0 [ 918.788353][ T682] ? do_syscall_64+0xfa/0xfa0 [ 918.788372][ T682] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.788446][ T682] ? __kasan_kmalloc+0x93/0xb0 [ 918.788475][ T682] ? __kmalloc_cache_noprof+0x3d5/0x6f0 [ 918.788498][ T682] ? do_raw_spin_unlock+0x122/0x240 [ 918.788523][ T682] ocfs2_reserve_new_metadata_blocks+0x403/0x940 [ 918.788557][ T682] ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10 [ 918.788589][ T682] ? down_write+0x162/0x1f0 [ 918.788612][ T682] ? __pfx_down_write+0x10/0x10 [ 918.788650][ T682] ocfs2_extend_dir+0xc76/0x4870 [ 918.788703][ T682] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 918.788728][ T682] ? __pfx_ocfs2_extend_dir+0x10/0x10 [ 918.788753][ T682] ? try_to_wake_up+0x7f5/0x12b0 [ 918.788781][ T682] ? __pfx_ocfs2_journal_access_di+0x10/0x10 [ 918.788800][ T682] ? __queue_work+0x102/0xfb0 [ 918.788837][ T682] ? __queue_work+0x102/0xfb0 [ 918.788869][ T682] ? css_rstat_updated+0x23a/0x4f0 [ 918.788903][ T682] ? __lock_acquire+0xab9/0xd20 [ 918.788958][ T682] ? rcu_is_watching+0x15/0xb0 [ 918.788984][ T682] ? ocfs2_buffer_cached+0x42a/0x8d0 [ 918.789018][ T682] ? ocfs2_dx_dir_name_hash+0x229/0xaf0 [ 918.789039][ T682] ? __asan_memcpy+0x40/0x70 [ 918.789058][ T682] ? ocfs2_dx_dir_name_hash+0x9ba/0xaf0 [ 918.789090][ T682] ? __pfx_ocfs2_dx_dir_name_hash+0x10/0x10 [ 918.789115][ T682] ? ocfs2_buffer_cached+0x42a/0x8d0 [ 918.789151][ T682] ocfs2_prepare_dir_for_insert+0x2fdf/0x54b0 [ 918.789204][ T682] ? rcu_is_watching+0x15/0xb0 [ 918.789228][ T682] ? __pfx_ocfs2_prepare_dir_for_insert+0x10/0x10 [ 918.789246][ T682] ? ocfs2_search_dirblock+0x381/0x850 [ 918.789278][ T682] ? __pfx_ocfs2_search_dirblock+0x10/0x10 [ 918.789295][ T682] ? rcu_is_watching+0x15/0xb0 [ 918.789320][ T682] ? ocfs2_buffer_cached+0x42a/0x8d0 [ 918.789348][ T682] ? __brelse+0x59/0xa0 [ 918.789371][ T682] ? ocfs2_find_entry+0xdd9/0x20d0 [ 918.789402][ T682] ? __pfx_ocfs2_validate_inode_block+0x10/0x10 [ 918.789433][ T682] ? __pfx_ocfs2_find_entry+0x10/0x10 [ 918.789451][ T682] ? __pfx_ocfs2_read_blocks+0x10/0x10 [ 918.789489][ T682] ? __lock_acquire+0xab9/0xd20 [ 918.789528][ T682] ? ocfs2_read_inode_block+0x11d/0x190 [ 918.789552][ T682] ? __pfx_ocfs2_read_inode_block+0x10/0x10 [ 918.789581][ T682] ? do_raw_spin_unlock+0x122/0x240 [ 918.789606][ T682] ? ocfs2_inode_lock_full_nested+0xabe/0x1b40 [ 918.789628][ T682] ? is_bpf_text_address+0x26/0x2b0 [ 918.789667][ T682] ? __pfx_ocfs2_inode_lock_full_nested+0x10/0x10 [ 918.789693][ T682] ? __kernel_text_address+0xd/0x40 [ 918.789711][ T682] ? unwind_get_return_address+0x4d/0x90 [ 918.789749][ T682] ? ocfs2_check_dir_for_entry+0x239/0x3f0 [ 918.789780][ T682] ? __pfx_ocfs2_check_dir_for_entry+0x10/0x10 [ 918.789813][ T682] ocfs2_mknod+0x819/0x2050 [ 918.789856][ T682] ? __pfx_ocfs2_mknod+0x10/0x10 [ 918.789878][ T682] ? do_raw_spin_unlock+0x122/0x240 [ 918.789903][ T682] ? ocfs2_inode_lock_full_nested+0xabe/0x1b40 [ 918.789955][ T682] ? __lock_acquire+0xab9/0xd20 [ 918.790006][ T682] ? __lock_acquire+0xab9/0xd20 [ 918.790040][ T682] ? do_raw_spin_lock+0x121/0x290 [ 918.790071][ T682] ? do_raw_spin_unlock+0x122/0x240 [ 918.790098][ T682] ? put_pid+0xe9/0x130 [ 918.790123][ T682] ocfs2_mkdir+0x191/0x440 [ 918.790145][ T682] ? __pfx_from_kgid+0x10/0x10 [ 918.790165][ T682] ? apparmor_path_mkdir+0x1a7/0x220 [ 918.790190][ T682] ? __pfx_ocfs2_mkdir+0x10/0x10 [ 918.790207][ T682] ? HAS_UNMAPPED_ID+0x11a/0x180 [ 918.790232][ T682] ? inode_permission+0x149/0x470 [ 918.790251][ T682] ? __pfx_ocfs2_permission+0x10/0x10 [ 918.790270][ T682] ? bpf_lsm_inode_mkdir+0x9/0x20 [ 918.790296][ T682] vfs_mkdir+0x306/0x510 [ 918.790324][ T682] do_mkdirat+0x247/0x590 [ 918.790347][ T682] ? __pfx_do_mkdirat+0x10/0x10 [ 918.790370][ T682] ? getname_flags+0x1e5/0x540 [ 918.790399][ T682] __x64_sys_mkdirat+0x87/0xa0 [ 918.790420][ T682] do_syscall_64+0xfa/0xfa0 [ 918.790441][ T682] ? lockdep_hardirqs_on+0x9c/0x150 [ 918.790471][ T682] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.790489][ T682] ? clear_bhb_loop+0x60/0xb0 [ 918.790514][ T682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.790533][ T682] RIP: 0033:0x7f68e1f8d617 [ 918.790552][ T682] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 918.790568][ T682] RSP: 002b:00007f68e2eb5e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 918.790589][ T682] RAX: ffffffffffffffda RBX: 00007f68e2eb5ef0 RCX: 00007f68e1f8d617 [ 918.790604][ T682] RDX: 00000000000001ff RSI: 0000200000000680 RDI: 00000000ffffff9c [ 918.790617][ T682] RBP: 0000200000000080 R08: 0000200000000140 R09: 0000000000000000 [ 918.790630][ T682] R10: 0000200000000080 R11: 0000000000000246 R12: 0000200000000680 [ 918.790644][ T682] R13: 00007f68e2eb5eb0 R14: 0000000000000000 R15: 0000000000000000 [ 918.790680][ T682] [ 918.790823][ T682] ---[ end trace ]--- [ 918.901506][ T737] netlink: 'syz.0.12009': attribute type 4 has an invalid length. [ 918.933208][ T5916] hub 5-1:4.0: 13 ports detected [ 918.972793][ T682] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 918.972814][ T682] CPU: 1 UID: 0 PID: 682 Comm: syz.2.11990 Not tainted syzkaller #0 PREEMPT(full) [ 918.972836][ T682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 918.972849][ T682] Call Trace: [ 918.972859][ T682] [ 918.972868][ T682] dump_stack_lvl+0x99/0x250 [ 918.972896][ T682] ? __asan_memcpy+0x40/0x70 [ 918.972916][ T682] ? __pfx_dump_stack_lvl+0x10/0x10 [ 918.972936][ T682] ? __pfx__printk+0x10/0x10 [ 918.972976][ T682] vpanic+0x237/0x6d0 [ 918.973000][ T682] ? __pfx_vpanic+0x10/0x10 [ 918.973036][ T682] panic+0xb9/0xc0 [ 918.973059][ T682] ? __pfx_panic+0x10/0x10 [ 918.973085][ T682] ? __pfx__printk+0x10/0x10 [ 918.973114][ T682] check_panic_on_warn+0x89/0xb0 [ 918.973137][ T682] __ubsan_handle_out_of_bounds+0xe9/0xf0 [ 918.973165][ T682] ? __asan_memcpy+0x40/0x70 [ 918.973184][ T682] ocfs2_block_group_fill+0x938/0xb30 [ 918.973224][ T682] ? __pfx_ocfs2_block_group_fill+0x10/0x10 [ 918.973266][ T682] ocfs2_reserve_suballoc_bits+0x117d/0x4680 [ 918.973296][ T682] ? do_raw_spin_lock+0x121/0x290 [ 918.973328][ T682] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 918.973368][ T682] ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10 [ 918.973395][ T682] ? stack_depot_save_flags+0x41b/0x860 [ 918.973423][ T682] ? kasan_save_track+0x4f/0x80 [ 918.973439][ T682] ? kasan_save_track+0x3e/0x80 [ 918.973457][ T682] ? __kasan_kmalloc+0x93/0xb0 [ 918.973476][ T682] ? __kmalloc_cache_noprof+0x3d5/0x6f0 [ 918.973495][ T682] ? ocfs2_reserve_new_metadata_blocks+0x113/0x940 [ 918.973518][ T682] ? ocfs2_extend_dir+0xc76/0x4870 [ 918.973535][ T682] ? ocfs2_prepare_dir_for_insert+0x2fdf/0x54b0 [ 918.973554][ T682] ? ocfs2_mknod+0x819/0x2050 [ 918.973575][ T682] ? ocfs2_mkdir+0x191/0x440 [ 918.973594][ T682] ? vfs_mkdir+0x306/0x510 [ 918.973611][ T682] ? do_mkdirat+0x247/0x590 [ 918.973627][ T682] ? __x64_sys_mkdirat+0x87/0xa0 [ 918.973644][ T682] ? do_syscall_64+0xfa/0xfa0 [ 918.973665][ T682] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.973742][ T682] ? __kasan_kmalloc+0x93/0xb0 [ 918.973765][ T682] ? __kmalloc_cache_noprof+0x3d5/0x6f0 [ 918.973787][ T682] ? do_raw_spin_unlock+0x122/0x240 [ 918.973813][ T682] ocfs2_reserve_new_metadata_blocks+0x403/0x940 [ 918.973847][ T682] ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10 [ 918.973878][ T682] ? down_write+0x162/0x1f0 [ 918.973903][ T682] ? __pfx_down_write+0x10/0x10 [ 918.973940][ T682] ocfs2_extend_dir+0xc76/0x4870 [ 918.973993][ T682] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 918.974019][ T682] ? __pfx_ocfs2_extend_dir+0x10/0x10 [ 918.974044][ T682] ? try_to_wake_up+0x7f5/0x12b0 [ 918.974072][ T682] ? __pfx_ocfs2_journal_access_di+0x10/0x10 [ 918.974091][ T682] ? __queue_work+0x102/0xfb0 [ 918.974126][ T682] ? __queue_work+0x102/0xfb0 [ 918.974158][ T682] ? css_rstat_updated+0x23a/0x4f0 [ 918.974191][ T682] ? __lock_acquire+0xab9/0xd20 [ 918.974243][ T682] ? rcu_is_watching+0x15/0xb0 [ 918.974268][ T682] ? ocfs2_buffer_cached+0x42a/0x8d0 [ 918.974301][ T682] ? ocfs2_dx_dir_name_hash+0x229/0xaf0 [ 918.974322][ T682] ? __asan_memcpy+0x40/0x70 [ 918.974342][ T682] ? ocfs2_dx_dir_name_hash+0x9ba/0xaf0 [ 918.974372][ T682] ? __pfx_ocfs2_dx_dir_name_hash+0x10/0x10 [ 918.974397][ T682] ? ocfs2_buffer_cached+0x42a/0x8d0 [ 918.974431][ T682] ocfs2_prepare_dir_for_insert+0x2fdf/0x54b0 [ 918.974480][ T682] ? rcu_is_watching+0x15/0xb0 [ 918.974503][ T682] ? __pfx_ocfs2_prepare_dir_for_insert+0x10/0x10 [ 918.974522][ T682] ? ocfs2_search_dirblock+0x381/0x850 [ 918.974556][ T682] ? __pfx_ocfs2_search_dirblock+0x10/0x10 [ 918.974574][ T682] ? rcu_is_watching+0x15/0xb0 [ 918.974598][ T682] ? ocfs2_buffer_cached+0x42a/0x8d0 [ 918.974626][ T682] ? __brelse+0x59/0xa0 [ 918.974650][ T682] ? ocfs2_find_entry+0xdd9/0x20d0 [ 918.974681][ T682] ? __pfx_ocfs2_validate_inode_block+0x10/0x10 [ 918.974717][ T682] ? __pfx_ocfs2_find_entry+0x10/0x10 [ 918.974735][ T682] ? __pfx_ocfs2_read_blocks+0x10/0x10 [ 918.974768][ T682] ? __lock_acquire+0xab9/0xd20 [ 918.974806][ T682] ? ocfs2_read_inode_block+0x11d/0x190 [ 918.974831][ T682] ? __pfx_ocfs2_read_inode_block+0x10/0x10 [ 918.974861][ T682] ? do_raw_spin_unlock+0x122/0x240 [ 918.974886][ T682] ? ocfs2_inode_lock_full_nested+0xabe/0x1b40 [ 918.974909][ T682] ? is_bpf_text_address+0x26/0x2b0 [ 918.974948][ T682] ? __pfx_ocfs2_inode_lock_full_nested+0x10/0x10 [ 918.974973][ T682] ? __kernel_text_address+0xd/0x40 [ 918.974993][ T682] ? unwind_get_return_address+0x4d/0x90 [ 918.975030][ T682] ? ocfs2_check_dir_for_entry+0x239/0x3f0 [ 918.975061][ T682] ? __pfx_ocfs2_check_dir_for_entry+0x10/0x10 [ 918.975092][ T682] ocfs2_mknod+0x819/0x2050 [ 918.975134][ T682] ? __pfx_ocfs2_mknod+0x10/0x10 [ 918.975157][ T682] ? do_raw_spin_unlock+0x122/0x240 [ 918.975182][ T682] ? ocfs2_inode_lock_full_nested+0xabe/0x1b40 [ 918.975233][ T682] ? __lock_acquire+0xab9/0xd20 [ 918.975281][ T682] ? __lock_acquire+0xab9/0xd20 [ 918.975314][ T682] ? do_raw_spin_lock+0x121/0x290 [ 918.975345][ T682] ? do_raw_spin_unlock+0x122/0x240 [ 918.975371][ T682] ? put_pid+0xe9/0x130 [ 918.975396][ T682] ocfs2_mkdir+0x191/0x440 [ 918.975418][ T682] ? __pfx_from_kgid+0x10/0x10 [ 918.975438][ T682] ? apparmor_path_mkdir+0x1a7/0x220 [ 918.975467][ T682] ? __pfx_ocfs2_mkdir+0x10/0x10 [ 918.975486][ T682] ? HAS_UNMAPPED_ID+0x11a/0x180 [ 918.975514][ T682] ? inode_permission+0x149/0x470 [ 918.975535][ T682] ? __pfx_ocfs2_permission+0x10/0x10 [ 918.975553][ T682] ? bpf_lsm_inode_mkdir+0x9/0x20 [ 918.975579][ T682] vfs_mkdir+0x306/0x510 [ 918.975606][ T682] do_mkdirat+0x247/0x590 [ 918.975628][ T682] ? __pfx_do_mkdirat+0x10/0x10 [ 918.975651][ T682] ? getname_flags+0x1e5/0x540 [ 918.975678][ T682] __x64_sys_mkdirat+0x87/0xa0 [ 918.975706][ T682] do_syscall_64+0xfa/0xfa0 [ 918.975728][ T682] ? lockdep_hardirqs_on+0x9c/0x150 [ 918.975750][ T682] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.975770][ T682] ? clear_bhb_loop+0x60/0xb0 [ 918.975793][ T682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.975812][ T682] RIP: 0033:0x7f68e1f8d617 [ 918.975830][ T682] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 918.975846][ T682] RSP: 002b:00007f68e2eb5e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 918.975869][ T682] RAX: ffffffffffffffda RBX: 00007f68e2eb5ef0 RCX: 00007f68e1f8d617 [ 918.975883][ T682] RDX: 00000000000001ff RSI: 0000200000000680 RDI: 00000000ffffff9c [ 918.975897][ T682] RBP: 0000200000000080 R08: 0000200000000140 R09: 0000000000000000 [ 918.975911][ T682] R10: 0000200000000080 R11: 0000000000000246 R12: 0000200000000680 [ 918.975924][ T682] R13: 00007f68e2eb5eb0 R14: 0000000000000000 R15: 0000000000000000 [ 918.975959][ T682] [ 918.976546][ T682] Kernel Offset: disabled