last executing test programs: 4.944639954s ago: executing program 1 (id=1941): syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x806, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 4.061298428s ago: executing program 1 (id=1951): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x1, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) 3.996380734s ago: executing program 1 (id=1953): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000180)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) fchdir(0xffffffffffffffff) 3.609220696s ago: executing program 1 (id=1955): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0x57) 3.542521962s ago: executing program 1 (id=1957): syz_usb_connect(0x0, 0x36, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000100)=@req3, 0x1c) 2.515143258s ago: executing program 4 (id=1967): r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000001100), 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000180), 0x2) 2.464601582s ago: executing program 4 (id=1968): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000b00), r1) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}}, 0x0) 2.357381101s ago: executing program 4 (id=1969): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)={0x40, r1, 0x1, 0xfffffffc, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x24, 0x33, @reassoc_resp={{{0x0, 0x0, 0x8}, {}, @broadcast, @device_a, @random="f7ab87594b3f"}, 0x0, 0x0, @random, @val, @void}}]}, 0x40}}, 0x0) 2.331892684s ago: executing program 4 (id=1970): socket(0xa, 0x5, 0x0) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x810a88, &(0x7f00000000c0)={[{@orlov}]}, 0x84, 0x47b, &(0x7f0000000500)="$eJzs3M1vFOUfAPDvzLa88+vCD194UVfRSHxpaUHl4AWjCRcTEz3gsZZCkAIGaiKESDUGj4a/QD2a+Bd4wotRThqveDcmxHARPZg1szvTbtvp2mW3LLifTzL0eXaemXm++8yz+8w8swQwsGrZP0nEloi4EREjzeziArXmn9u3Lk39eevSVBL1+pu/J41yf9y6NFUULbbbPJ+pRvpJErtLjnv+wsVTkzMz0+fy/Njs6ffGzl+4+PzJ05Mnpk9Mn5k4dOjggfGXXpx4oSdxbs3quuvDs3t2Hnn76utTR6++88PXWRW35Otb42iqdn3MWtQWv5ctnup67/eW69sW0slQaZFrW+9edVilSkRkzTXc6P8jUYmFxhuJ1z7ua+WAtZauX/ZSpUjM1YH/sGw0Dwyi4os+u/4tlrs49ui7m4dj/j7G7XxprhmKNLuGrzavjdbq2rUWEUfn/vo8W6L0PgQAQG9dOxwRz5WN/9J4sChUWyhfjYhtEbE9Iv4fETsi4oGIRtmHIuLhDo9fW5JfPv75aWPHQXUgG/+9nM9tLR7/pUWRaiXPbW3EP5wcPzkzvT8i/hcR+2J4fZYfb3OMb1/9+bOV1rWO/7IlO34xFszr8dvQkht0xyZnJ7uJudXNjyJ2DZXFn8zPBGTj450RsesO9p813slnvtqz0vp/j7+N8nmmjtS/jHi62f5zsST+QtJ+fnJsQ8xM7x8rzopFm0XEXFz/8cobKx2/q/h7IGv/TaXn/3z81aR1vvZ858e48sun5dc06/K/d3D+r0veWrSLDyZnZ8+NR6xL5pa/PrGwbZEvymfx79tb3v+3R/z9Rb7d7ojITuJHIuLRiHgsb7vHI+KJiNjbJv7vX3ny3ZXW3Qvtf6yj9u88UTn13Tf5vm50Hn/W/gcbqX35K6v5/FttBbt9/wAAAOB+kDaegU/S0fl0mm7Mn+HfEZvSmXp99tnjZ98/c6z5rHw1htPiTtdIy/3Q8fzecJGfWJI/0LhvXK/X6xsb+dGpszOeB4f+2lzS/0dHm+t+rfS7dsCaW9U8WjEJs9Iv2oD7Ug/m0YH7lP4Pg0v/h8Gl/8PgKuv/lyNu96EqwF3m+x8Gl/4Pg0v/h8Gl/8NA6uZ3/e0S2490s/lwb+tzOCJ6HWAzkXa/n8paNUF5Iu3gP0dom4gexN63RFq2akNE9KM+6yNitYUvL6thbGj25F5XrN+fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xTwAAAP//w8bfVw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000040)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0) 2.088638534s ago: executing program 4 (id=1972): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000300), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="050000000508"], 0x80}}, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x6, 0x0, 0x0, {0x0, 0xea60}, {0x77359400}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "6f8f1b7e3e806009"}}, 0x48}}, 0x0) 1.954260955s ago: executing program 4 (id=1973): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000f1d566201e043c40d7cc000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) 1.954053795s ago: executing program 1 (id=1974): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0022220000009603000700000000070c00000016b8ef0a1a7083000000000b000000008332"], 0x0}, 0x0) syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f0000000000)='B') 1.940175206s ago: executing program 0 (id=1975): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x14, 0x2, [@TCA_HHF_BACKLOG_LIMIT={0x8, 0x1, 0xfffffff0}, @TCA_HHF_HH_FLOWS_LIMIT={0x8, 0x3, 0x377}]}}]}, 0x40}}, 0x0) 1.513281982s ago: executing program 0 (id=1982): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f0000000fc0)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d61736369692c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dd4a620e92c6e6f6465636f6d706f73652c747970653d5dbcce902c756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d40f194712c626172726965722c63726561746f723d65fe04c22c6e6f6465636f6d706f73652c6465636f6d706f73652c63726561746f723d8a7222832c7569643d", @ANYRESDEC=0x0, @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303030362c626172726965722c6e6f626172726965722c736d61636b66737472616e736d7574653d55dac73dddd1aa0ff491f57216572f1e671a989f42c64dc0b65d67d4250567573bb5e8d8c2d916d55de0fad0693e50202f126e0e71e930d123c47bc4a1d2ab46e52a07fd8ca501f330abb8b07d3a5364154ec1faf99b6a9779abe230ce8f5a290ef9442c7569643c", @ANYRES32, @ANYBLOB="101500000000", @ANYRES32, @ANYRESDEC, @ANYRES64], 0x1, 0x6f8, &(0x7f0000000300)="$eJzs3TtoJOcdAPD/rFarXQXOOvseTjBY+MAJEbmTTsiJ0uQSQlBhgnGK1OJO5xO30hlJDrojxHIefQpXqZxCnUkRnCrNQVLHGIJblYYEN67UKczszGpWu9pd6fS6+PcTs/PNfM/5z87M7g5iAvjaWpiK6tNIYmHqzc10eWd7tjmyPTuWZzcjohYRlYhqaxbJamS5d/IpvpmuzMsnh/Xz4fL8259/tfNFa6maT1n5Sr96PdS6V23lU0xGxEg+7zZ6SIufHOy+o727h7Y3rKS9hWnAbhSBiz89U6vwzPa6bLXzPv539tqv+lGOW+CCSlrXzS4TEeMRUY9oXfXzs0PlbEd38rbOewAAAABwVI2jV3lhN3ZjMy6dxnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/1X+/P8knypFejKS4vn/tXxd5OkLaPCDED8ba82fnv5gAAAAAAAAAODUvbobu7EZl4rlvSS75/9a6R7/N+K9WI+lWIubsRmLsREbsRYzETFRaqi2ubixsTaT1Yy40qfm7fi0R83bh4/xzglvMwAAAAAAAABccPUB+Q9Hu9f9Nhb27/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBFkESMtGbZdKVIT0SlGhH1iKil5bYiPi3Sz4mk18qnZz8OAAAAeCb1zsWkPkSdF96P3diMS8XyXpJ957+WfV+ux3uxGhuxHBvRjKW4l3+HTr/1V3a2Z5s727MrUZ9dSVf+/b97mVY7P/7ySEPPWozWbw+9e345K9GI+7GcrbkZdyOJVpeVvJWXd7Zn0/lKOq5sbB0+SMeU/CjXZzQjpfS99OX6J1n6j52/IlSPtInHMJZHpbeJLHe0HZHpfGxpjctFBHpHYuDeqfbtaSYq7V9+rvTvqXfMP+jf+/iBUj1/uTkXByNxOyrtPXStKxKjnZW//bePf/mgufrwwf31qYuzST29P7DEwUjMliJxvf974rmKxGDTWSSutpcX4mfxi5iKL8feirVYjl/FYmzE0mSRv5i/n9PXif6R+my8vPTWoJGkx+Rk+/zVa0yT0TGmmIyfZqnFeC3bp5diOZJ4FBFL8Ub2dztm2meD/T18dYijvjLEmbbkxneyWTtM0Ti87F+Ga/KkpHG9XIpr+Zw7keWV1+xH6cWeUSqudcNfj0qq38oTaQu/63t9OGsHIzFTisRLh71fWiH9c/apYb25+nDtweK7Q/b3ej5Pj6M/XKirRLqHX4x6vnGXs9ckO6ams7yX2lfYznjV8jsuLZWuvKvteq0j9efxKO51HKnfj7mYi/ms9LWs9GjXFSvNu95uqfMcnualn7Sq7Rs75c9bj6LZ+jwEwMU2/t3xWuM/jX81Pmr8vvGg8Wb9J2M/GHulFqP/HP1hdXrk9coryV/jo/jN/vd/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+NYfP3m42GwurfVOVHpnJf1rLTb3igeJ9SnTkUjyR+UMUThZf/xkb2CD/RNj+fCOWf0kE8XTGstZxdMUOwtPnuIwkq2D+6s+eF8UT3kaooukK+Bp5WOPueh5f83oBdiVBxOTx6xe3q48UbxhS4WP/u5t9NpfIxHRq/CAE8fIM596gHN2a2Pl3Vvrj598b3ll8Z2ld5ZWR+fm5qfn596YvXV/ubk03XotVTj1h98CZ6X8caKtFhGvDq7b50GtAAAAAAAAAAAAwCk6i/+FOO9tBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5vC1NRfRpJzEzfnE6Xd7Znm+lUpPdLViOiEhHJryOSf0TcidYUE6XmksP6+XB5/u3Pv9r5Yr+talG+ErF1aL3hbOVTTEbESD4/qfbuDm6vtp8c65GdtCOTBuxGETg4b/8LAAD//6Nb8HA=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000080)=""/43, 0x2b) getdents(r0, 0xfffffffffffffffd, 0x58) 1.499513023s ago: executing program 2 (id=1983): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000001300290a000000000000000007006800", @ANYRES32=r1, @ANYBLOB="000000000000000024000c800900010076"], 0x44}}, 0x0) 1.482957955s ago: executing program 3 (id=1984): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r0, 0x8b04, &(0x7f0000000000)={'wlan1\x00', @random="0e00"}) 1.406648331s ago: executing program 0 (id=1985): syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000002380)='.\x02\x00', 0x0, &(0x7f0000000240)=ANY=[], 0xff, 0x9be, &(0x7f0000000e00)="$eJzs3c1vXOW9B/Dv8Uvia1AIkMvNRUAm4QYM5Dq2U0IjNk3scTLUL5XtSERVRShJqihWqaCVAHWRSlVXRe2i6oLuWHaFxAY2VXbtX9BFpYp/AXUVddGpzplxbGOPx079Rvh8rOM5L7/zPL/H5/g88vHMecLXWbPZrKb7XL78x91Mlv3nwsQXH3/yYTn94nYOpDcvF58lA0lqSV+So0n/+MTc7HSXgm4lV5PcSYokB9N63ZSrKX6Th5eX76T4Q1lv5fJ9NoxNafKNttfnHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EfF+MTIyGiRqcbM5ddrnVVDgHfa2LNc3ufVqN/F513rTYpyysDA0lDfR48sb36i/HYiT7WWnqoGJM9APnjoicOvPt7Xs7T/Bglvxb/agyFvecd33//g1puLi9ff2aZEvm4u1mca87ON6fMX67XG/Gzt3NmzI6cvTc7XJhtT9fkr8wv16dr4XP38wuxcbWj8hdrouXNnavXhK7OXZy5ODE/Vl1a+8v9jIyNna68Nf69+fm5+dub0a8Pz45caU1ONmYtVTLm5jHmlPBG/21ioLdTPT9dqN24uXj+zKqN1TokyaLRbS8qgsW5BYyNjY6OjY2OjZ18+9/IrIyN9yyt6U60Y+Yqs2eXeSVue0Vv5WbOvfdSz2cjtvYDDf6Cn3f9nKo3M5HJeT23dr/FMZC6zme6wvW2p/z95ur5hvSv7/6Ve/ujy5idT9f/PtJae6dT/d8hl977ezfv5ILfyZhazmOt5Z9XWg/dRYrO5963a/NfF1DOTRuYzm0amc75aU2uvqeVczuZsRvJGLmUy86llMo1MpZ75XMl8FlKvzqjxzKWe81noKw90LUMZzwupZTTnci5nUks9w7mS2VzOTC5mIuerUm7kZvVzP7NBjveCRjcTNLZB0Ab9f3vFFvp/vqF24CoO96fZ7v8PdA8dGt+NhAAAAIBt979/yaEjj/3570l/nq7usQMAAAAPmurtek+VL/3l3NMpJhtT9ZG9TgsAAADYRkX1GbsiyWCOteaWPgnlJgAAAAA8IKr//z9TvgyWc8dS+PsfAAAAHjTdn7HfNaI4lVpul5tq11qR19oR7ef8Dk42purD47NTr47mueopA9UnDdaU1pvDSfXxgxdzvBV1fLD1Ori6xIEyanT41dEM5ES7IUPPli/PDq0TOVZGvpjnW5HPL0UOZE3kmTISAB50Jzbojzfb/7+YU62IU09Wj2/ve3KdPnhEzwoA+0X3MXa6RhTfWhr+p8Pf/4/lxrHWWwqG81bezmKu5VT1aYPqHQftUnOnyHKpgyvehnCqy92AwRUjvJxauh9w7OF17wcMrhjo5dSaOwKdYs/swpEAgN1zYk0/vEH/32y25tbc/9/47/9BbykEgH3l3gj2Oziz120EAFa7r166dwcTAgAAAAAAAAAAAAAAAAAAAAAAAAAAgAfAbjz/f1/O3E6yD9Iws7MzA7tzhv/gQLJfmrxNM3t9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA3FEnveut7koNJ30iS07uf1c65vdcJ7LHibu7mvRza6zwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB407ef/96T1+lBrVfp6kpNJrib5/l7nuJ3u7nUCe2zF8//LY55mkb7WYU/RPz4xNztdHv4cLLd/8fEnH5bT/dRTFlDWsGpwiXYNnfd6tNprcOL6u7d++vZPahMXqiQvLExOTUxfnPvOcuATxadJLa1pyVK+Py/aZ/Hqln9atnRz9U5W9U6srfd/1tv7Xr0n//Tbzm1btpzGzcXrY2VNC/XXF37245vvrQh6LMeTZ4eSodU1/aicOtR0PP0b1Vt8WfyqOJTf52p1/Ms0imZRHqJHqvb/142bi9eH33p78VqHnA7nWJJrycDmczq29kgsqc66nv6y1pEqqPx2pEt5G3qo91Cz2SpxtEMbHq1OmcEttaHWuQ2VLj/3dhvPdMjo8Ty35SP9XJca2/7ZbGktFV8Wfysu5a/55YrxP3rK438ym/ntLGOqyBVnSuc2n1xu+djKDW98NbLjbyU74Nf5Yb597/j3rLj+t4/V7lyPVtS4Y78XRasXaqvmj3ylR2pffTpl2c7zSCuqQ57/nZfW7tclz5e6XFG26fd/teLL4qNiKP/IbeP/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+1+R9K63vic5meRwkkfK5VrS3I76egaL7Shmkw6sWXN7F2vfP3ruzRV3czfv5dCepgMAAAAAAADAtrkw8cXHn3xYTtX/43vzf8VnyUDrP/19SQ4Xv+sfn5ibne5SUH9yNcmdcn5gazmU++Xh5eU75dLRrbcFANicfwcAAP//U9R2+g==") unshare(0x20000400) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) quotactl_fd$Q_GETNEXTQUOTA(r0, 0x0, 0x0, 0x0) 1.400212502s ago: executing program 3 (id=1986): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(r1, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000001c0)="faf4ceb0350689621a591ca72fde78a236", 0x11}, {&(0x7f0000000200)="b896a15f48052eec7bc7fe285f228824877bd9d7deef9ae32aa7eaa025f93fb4067ab22fccd16dab6b0416f4b91b89414a67a83cbfcae17db95e9608f4babaa8e26db9ccd33b4d990b3335fc877386a42a048e85fe13735653f5dc6a50f69daff639872adff92fa2553c3a0a85a879576bc223c105571fc143ed0821500e1f522f14cda2967fa4c88b112d574ade8c01d2e7758804757feae278d1eb4ef41ecd6ce5089b6dba007c20825bf781caec663385fbef14106aa320ac804e6a1ee47b202731ea", 0xc4}, {&(0x7f0000000380)="dc7e2b4b9bb2aab402bf2ea914dc3d9012974cbcbcc38802d296d236d57b0ceeee1b7d6309c448f1b66d929d", 0x2c}], 0x3}}], 0x1, 0x0) 1.393429163s ago: executing program 2 (id=1987): r0 = socket$kcm(0x2, 0x3, 0x2) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) sendmsg$inet(r0, &(0x7f0000003a80)={&(0x7f0000000940)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x0) 1.322471858s ago: executing program 3 (id=1988): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r1, &(0x7f00000008c0)=ANY=[], 0x5b) sendfile(r0, r1, &(0x7f0000000000), 0x9) 1.253511834s ago: executing program 2 (id=1989): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=@bridge_dellink={0x2c, 0x11, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4, 0x3, 0x0, 0x0}}]}]}, 0x2c}}, 0x0) 1.245578465s ago: executing program 2 (id=1990): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x40, r0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1671}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}]]}, 0x40}}, 0x0) 1.226621776s ago: executing program 0 (id=1991): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x90}, 0x9c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000580)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x7ffe}, 0x90) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000540)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}], 0x1c) 1.189555299s ago: executing program 3 (id=1992): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="120000002e0000000800000002"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000001d80), &(0x7f0000001d40)=r0}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r1, &(0x7f0000000300), 0x0}, 0x20) 1.087697618s ago: executing program 2 (id=1993): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1, 0x200000005c831, 0xffffffffffffffff, 0x0) select(0x40, &(0x7f00000001c0), 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 1.087524478s ago: executing program 3 (id=1994): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000180)='./file2\x00', 0x14018, &(0x7f00000001c0)={[{@part={'part', 0x3d, 0x19b}}, {@nodecompose}, {@part={'part', 0x3d, 0x1001}}, {@nobarrier}, {}, {@creator={'creator', 0x3d, "1eeb3907"}}, {@gid}, {@gid}, {@nls={'nls', 0x3d, 'cp862'}}, {@uid}, {@creator={'creator', 0x3d, "af2afe27"}}, {@nobarrier}]}, 0xdf, 0x6c4, &(0x7f0000000640)="$eJzs3c1vHGcZAPBnZtf2rpESp03agiphNaIgLBJ/yAVziUEI+VChCg6cV4nTWNm4le2CGyEw39ce+geUg2+ckLgHlTNcEBwtTpUQuXDybdF87Hrj3bV348Qbw+8Xzc477zvv17MzsztrRRPA/621uag+iiTW5t7ezbYP9peaB/tLU2VxMyKydBpRLVaRbEYkn0asRrHE57PMcv9kUD8fb6x8/+//Ofis2KqWS75/2lvvZ62I+NLws9grl5iNiEq57jXRm1U7vb3bA9srTHWl+88/6ZRkAbveDhyMW6vH3ijVB57vwMWRFJ+bPWYipsuPyfxzrrw6pOc7umdvpKscAAAAjNnav68tjrJ/vVxfPozD2L3wt/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwrsrn/yflkrbTs5G0n/8/WeZFmb7QHo17AAAAAAAAAADQY6InZ6qduNW/xhcP4zB241J7u5Xkf/N/I9+4mr9+Lj6I7ViPrbgRu9GIndiJrViIiJmuhiZ3Gzs7WwtD1FzsW3PxyXFVhptwbbjdAAAAAAAAAOB/3i9i7ejv/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CJIIirFKl+uttMzkVYjohYRk9l+exF/bacviKRf5qPzHwcAAACcSe0p6lw+jMPYjUvt7VaS3/O/kt8v1+KD2Iyd2IidaMZ63CnvobO7/vRgf6l5sL/0IFvOPPS8xSh+e+jf82v5HvW4Gxt5zo24nQ/mTqR5zcw/I+JBe0y94/r546ztW4UfDzmyO+U66+yj9q8IU2ee8DMwE1FNY6ITkfl8bMVBcKU7Cr2R+NbjQY2uFqvq8Z6iu6eFSDu//FwtesiSp8b81pAzmy7X2Xx+M+iXm2etdtTp3sCdOpFII4/EYtfR98rJMY/48h9//9G95ub9e3e3585lSs/T8WNiqSsSrw4RiR++sJGonlycHs+YzzOvdbbX4rvxg5iL2XgntmIjfhSN2In1SMqZNsrjOXudOTlSq09svXPayCfL96VSDvT0Mc3Gd/JUI97I616KjUjivbgT6/FW/m8xFuLrsRzLsdL1Dl8bOO58bvlZn4521l//SpmoR8Rvy/W4FReFLK5XuuLafc2dycu6c46i9NLJ727vtfH0KVe/UCayPn7Z73Acm+ORWOiKxMsnR+J3rex1u7l5f+te4/0+n66tZCJf/+16RKtV5L1ZlmVH3K9P//rzp7PO7xRd17HseHkpauWV5EpMFEOrtMte7lxlnozXZPkXl6IsPVZWy87ntOipOFO/N/BMnSy/w/W2tJiXvdq3bCkve62rrPv7VsR70ex8HwLgBTb91enJ+r/qf6l/Uv9V/V797dq3p74x9fpkTPx54pvV+cqb6evJH+KT+OnR/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD0tj98eL/RbK5v9U+klYFFAxLReni/0X6Sz7C1Yjspn6QzUl/jSnQe+fOCjOe5JJKenGzGz6aL9kMER6s133tErY4zUP8YtVbUhprydJloXS6iNFIXM8ePzIgBO08VwawMOE/Lt+hpHi4KXAg3dx68f3P7w4df23jQeHf93fXNieXllfmV5beWbt7daK7PF6/jHiXwPBx9bwcAAAAAAAAAAAAuivP4/xLjniMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsa3NRfVRJLEwf2M+2z7YX2pmSzt9tGc1ItI0IvlJRPJpxGoUS8x0NZcM6ufjjZVKRHx21Fa1vX96Qr3W1FCz2CuXmI2ISrk+gyfau33m9pLODLOAXW8HDsbtvwEAAP//LHLtbA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000004800)=""/4096, 0x1000) getdents64(r0, 0x0, 0x0) 981.575207ms ago: executing program 3 (id=1995): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="05010000000000107d1e222e00000000000109022400010000000009040000020300020009210000000122020009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000080)={0x0, 0x0, 0x4, {0x4, 0x0, "78e4"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000a40)={0x84, &(0x7f0000000600)={0x0, 0x0, 0x3, "26e3d0"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 277.757346ms ago: executing program 0 (id=1996): syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3200c00, &(0x7f0000001bc0)=ANY=[@ANYRES8=0x0, @ANYRESDEC], 0x3, 0xa73, &(0x7f0000003cc0)="$eJzs3U2MG1cBAOA33vUmm6TEKQldktAm/LTlp7vNZgk/ETRVcyFqKm6VKi5RmpaINCBSCVpVIsmJG62qcIUiTuVQAUJqLyjqiUslGolLT4UDB6IgVeIAhcRove95xy92x/uTtb3+Punt85s39nszOzMez8x7LwBjq9b6u7AwU4Rw5a1Xj//j/r9PL055pD1Ho/V3spSqhxCKmJ7MPu/9iaX45gcvne4WF2G+9TelwxM32u/dHkK4GA6Eq6ER9l659so784+fvHTi8sF3Xz96/c4sPQAAjJdvXz26sOevf96368M37j0WtrSnp/PzRkzviOf9x+KJfzr/r4XOdFEKZVPZfJMx1LL5JrrMVy6nns032aP8qexz6+38fR3zbakof6I0rdtywyhL23EjFLXZjnStNju79Js8tH7XTxWz58+ee+bCgCoKrLt/3RdCOCCsNDSbzZ+0VuAQ1EUQVhuaOwd9BAJYkt8vvM3F/MrC2rQ/bbK/8m88Wuv+flgHG739K3+0yv/1JUcc1s9m3ZrScqX9aEdM5/cR8ueXVrr/p8/L70fU+6xnr/sIo3J/oVc9Jza4HqvVq/75drFZfSPGaT18M8sv7z/5/3RU/sdAd//eqOv/r00P/FrnYjgwBHXY1KE+BHUQ+g7NQR+AgKG1/NzckmaU8vPn+vL8LRX5Wyvypyvyt1Xkb6/Ih3H2++d/Fl4uln/n57/pV3o9LF1nuyvGH1thffLrkSstP3/ud6XWWn7+PDEMszdPPXnmq08/dW3p+f+ivf3fitv7gZhuxH3rapwhXS/Mr6u3n/1vdJZT6zHf3Vl97rpt/uZSibs75yt2L39OKB1nbqvHTOf7dvaab3/nfI1svukYtmb1zc9PtmXvS+cf6bia1tdktrz1bDmmsnqk48quGOf1gNVI22Ov5//T9jkT6sUzZ8+deTim03b6p4n6lsXph8of+puNqTuwNv22/5kJne1/drSn12vl48LO5elF+bjQyKbPLyXbt8nT9MMxnb7nvjsx3Zo+e/r7555e74WHMXfhhRe/d+rcuTM/9CK9mLZavPCi6sixWZ8chPEx9/xzP5i78MKLD5197tSzZ549c/7wkSOH5+ePfO3wwlzrvH6ufHYPbCbLX/qDrgkAAAAAAAAAAADQrx+dOH7tL29/5b2l9v/L7f9S+//05G9q///TrP1/3k4+tQpI7QB3dclvjbv3Zmc9prL56jF8PKvv7qycPdn7PhHj9jh+sf1/am+f9+ua6nNPNj3vvzfNl3UncFt/KVNZHyTt8QJjg/1Px/TlGP8qwAAV090nx7iqf+u0raf+KfRLMZrS/y1tDakfk9T+u1e/Tun4v2sD6sj624jmhINeRqC7fw79+J+lM/GB1+UjQ7M5+DqsPQz/ehbWMTSbRvEAhsOgx/9M1z1TfP6P39q6GNJsNx7tPF7m/ZfCWgz7+JPK31zjf7bHv+vr+Neld/WOfp77H13hP7+4/l6p2LC33+NvvvypH+jd1WWWfRjLT8v/QOiv/OZrWfn5DaE+/Tcrf1uf5d+2/PtXV/7/YvlptT34mX7LX6pxUeusR37dON3/y68bJzez5U99e654+Vc5UOOtWD6Ms97jzPY7gu1wGpXxf3vJn8P4ckynA2F6ziH/Rl5p/dPzFel7YE/2+UXF99uojFPcy7iP//v1GFftD2n837Q9Nrqka6V0vcu6HfVtBTab94f+/t+IhYtDUAdhSMNwjIFdDs1mc6AdeetFfLAGvf4Hffd50OUPev1Xycf/zc/h8/F/a9kPiHz83/z9+fi/eX4+vl6en4//m6/PfPzfPP+e7HPzK9gzFfmfrMjfW5G/bzl/ulv+/or3f6oi/2BF/r0V+fdV5N9dkT9Rkf/ZivzPVeTfX5H/YEX+5yvyN7tWe5TSTjVuyw/jLG+fZ/+H8ZHu//Ta/3dX5AOj6+dvHHrsqd99p7HU/n+q/Xst3cc7FtP1+Nv5xzGd3/cOpfRi3tsx/bcsf9ivd8A4yfvPyL/fH6jIB0ZXes7L/g1jqOjeY09+v61Xv1W9zvMZLV+I8Rdj/KUYPxTj2RjPxfhQjOc3qH7cGY/99g9HXy6Wf+/vzPL7fZ48bw+U9xN1uM/65NcHVvo8e96P30qttfxVNgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYmFrr78LCTBHClbdePf7kybNzi1Meac/RaP2dLKXq7feF8HCMJ2L8y/ji5gcvnS7Ht2JchPlQhKI9PTxxo13S9hDCxXAgXA2NsPfKtVfemX/85KUTlw+++/rR63duDQAAAMDm9/8AAAD//6ZSGwg=") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file2\x00', 0x6042, 0x0) sendfile(r1, r0, 0x0, 0x80000002) 223.785331ms ago: executing program 2 (id=1997): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000400)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c0050890e1d2cc1bbbdf08d08fe06ff2766758d8955927fab01a7ccdecfc59b2041a9461723f1db971e775e0e358c03b00c510998283ed6f1dba0502d352e58b65a28492b0a7053e14eccd84ac5b3452602d77c0ca0"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) lsetxattr(&(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=@known='trusted.overlay.nlink\x00', 0x0, 0x0, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0) 0s ago: executing program 0 (id=1998): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r0, @ANYBLOB="01000000000000000000010000002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b00736970000600010002000000080005"], 0xc4}}, 0x0) sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000008c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="0100000000000000000011"], 0x14}}, 0x0) kernel console output (not intermixed with test programs): v0: Interface deactivated: batadv_slave_0 [ 152.969581][ T3640] EXT4-fs (loop3): unmounting filesystem. [ 152.986255][ T57] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 153.006628][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 153.024294][ T57] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 153.045325][ T57] device bridge_slave_1 left promiscuous mode [ 153.051872][ T57] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.070473][ T57] device bridge_slave_0 left promiscuous mode [ 153.076894][ T57] bridge0: port 1(bridge_slave_0) entered disabled state [ 153.092324][ T6714] loop3: detected capacity change from 0 to 1024 [ 153.163087][ T57] device veth1_macvtap left promiscuous mode [ 153.169597][ T6714] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 153.198040][ T57] device veth0_macvtap left promiscuous mode [ 153.246861][ T57] device veth1_vlan left promiscuous mode [ 153.268025][ T57] device veth0_vlan left promiscuous mode [ 153.287415][ T6718] loop1: detected capacity change from 0 to 8 [ 153.354986][ T6718] SQUASHFS error: lzo decompression failed, data probably corrupt [ 153.362856][ T6718] SQUASHFS error: Failed to read block 0x4ec: -5 [ 153.419596][ T3640] EXT4-fs (loop3): unmounting filesystem. [ 153.423291][ T6718] SQUASHFS error: Unable to read metadata cache entry [4ea] [ 153.441270][ T6718] SQUASHFS error: Unable to read inode 0x20087 [ 153.510516][ T6709] loop0: detected capacity change from 0 to 32768 [ 153.632960][ T6709] XFS (loop0): Mounting V5 Filesystem [ 153.811612][ T6707] loop2: detected capacity change from 0 to 32768 [ 153.816201][ T6709] XFS (loop0): Ending clean mount [ 153.840495][ T6709] XFS (loop0): Quotacheck needed: Please wait. [ 153.913791][ T6709] XFS (loop0): Quotacheck: Done. [ 153.957248][ T6709] XFS (loop0): User initiated shutdown received. [ 153.968997][ T6709] XFS (loop0): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:496). Shutting down filesystem. [ 154.015741][ T6709] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 154.074840][ T3639] XFS (loop0): Unmounting Filesystem [ 154.280990][ T6739] loop1: detected capacity change from 0 to 32768 [ 154.290825][ T6739] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1065 (6739) [ 154.313940][ T6739] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 154.341096][ T6739] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 154.357882][ T6739] BTRFS info (device loop1): using free space tree [ 154.470946][ T6763] loop0: detected capacity change from 0 to 256 [ 154.482173][ T6739] BTRFS info (device loop1): enabling ssd optimizations [ 154.672669][ T3638] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 154.809991][ T57] team0 (unregistering): Port device team_slave_1 removed [ 154.821885][ T3653] Bluetooth: hci0: command tx timeout [ 154.928038][ T57] team0 (unregistering): Port device team_slave_0 removed [ 154.986072][ T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 155.039102][ T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 155.063887][ T6776] loop1: detected capacity change from 0 to 128 [ 155.650949][ T57] bond0 (unregistering): Released all slaves [ 155.856058][ T3685] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 155.953138][ T6789] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 155.962645][ T6789] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 155.971423][ T6789] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 155.980134][ T6789] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 156.094824][ T3685] usb 2-1: Using ep0 maxpacket: 16 [ 156.214724][ T3685] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 156.258697][ T3685] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 156.445914][ T3685] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 156.474542][ T3685] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.482572][ T3685] usb 2-1: Product: syz [ 156.501476][ T3685] usb 2-1: Manufacturer: syz [ 156.512417][ T3685] usb 2-1: SerialNumber: syz [ 156.530749][ T3685] r8152-cfgselector 2-1: config 0 descriptor?? [ 156.551984][ T6631] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 156.565748][ T6631] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 156.576635][ T6631] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 156.596638][ T6631] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 156.741637][ T6631] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.775409][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 156.783658][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 156.802899][ T6631] 8021q: adding VLAN 0 to HW filter on device team0 [ 156.815712][ T3685] usbip-host 2-1: 2-1 is not in match_busid table... skip! [ 156.826421][ T57] usb 2-1: config 0 descriptor?? [ 156.841264][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 156.852611][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 156.867392][ T4770] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.874554][ T4770] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.894774][ T3648] Bluetooth: hci0: command tx timeout [ 156.898918][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 156.911762][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 156.923138][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 156.942352][ T4770] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.949606][ T4770] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.980301][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 157.045088][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 157.066279][ T3726] usb 2-1: USB disconnect, device number 4 [ 157.075202][ T57] usb 2-1: can't set config #0, error -71 [ 157.079147][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 157.093719][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 157.107281][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 157.118538][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 157.142942][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 157.152327][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 157.170390][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 157.193761][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 157.214161][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 157.247790][ T6631] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 157.587046][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 157.595243][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 157.610641][ T6631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 157.765094][ T3726] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 157.816772][ T4001] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 157.897172][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 157.906534][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 157.929090][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 157.939198][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 157.953902][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 157.964137][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 157.993947][ T6631] device veth0_vlan entered promiscuous mode [ 158.017451][ T6631] device veth1_vlan entered promiscuous mode [ 158.026206][ T3726] usb 3-1: Using ep0 maxpacket: 16 [ 158.056440][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 158.079400][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 158.088521][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 158.121470][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 158.139495][ T6631] device veth0_macvtap entered promiscuous mode [ 158.154780][ T3726] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.170073][ T6631] device veth1_macvtap entered promiscuous mode [ 158.174563][ T3726] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.197014][ T4001] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.204517][ T3726] usb 3-1: New USB device found, idVendor=1532, idProduct=011b, bcdDevice= 0.00 [ 158.216735][ T6631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 158.224500][ T3726] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.230524][ T4001] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 158.245988][ T3726] usb 3-1: config 0 descriptor?? [ 158.252808][ T6631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.263896][ T4001] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 158.274947][ T6631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 158.279538][ T4001] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.294492][ T6631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.306728][ T4001] usb 1-1: config 0 descriptor?? [ 158.307163][ T6631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 158.322441][ T6631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.333892][ T6631] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 158.346649][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 158.360476][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 158.371459][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 158.381040][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 158.388958][ T6869] loop1: detected capacity change from 0 to 32768 [ 158.391520][ T6631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.406518][ T6631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.408359][ T6869] XFS (loop1): Mounting V5 Filesystem [ 158.424512][ T6631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.435708][ T6631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.445690][ T6631] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.454649][ T4008] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 158.456420][ T6631] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.476767][ T6631] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 158.485246][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 158.496093][ T6869] XFS (loop1): Ending clean mount [ 158.499626][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 158.503750][ T6869] XFS (loop1): Quotacheck needed: Please wait. [ 158.522008][ T6631] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.532398][ T6631] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.541372][ T6631] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.550932][ T6631] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.572064][ T6869] XFS (loop1): Quotacheck: Done. [ 158.612470][ T26] audit: type=1800 audit(1729288611.123:41): pid=6869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1107" name="bus" dev="loop1" ino=9291 res=0 errno=0 [ 158.638862][ T26] audit: type=1800 audit(1729288611.153:42): pid=6869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1107" name="bus" dev="loop1" ino=9291 res=0 errno=0 [ 158.680705][ T3638] XFS (loop1): Unmounting Filesystem [ 158.699654][ T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.726657][ T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.745311][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.751316][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 158.764094][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.785514][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 158.821566][ T4001] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 158.831926][ T4001] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 158.839567][ T4001] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 158.847181][ T4008] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 158.856464][ T4001] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 158.863873][ T4001] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 158.871604][ T4008] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.881288][ T4001] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 158.895171][ T4008] usb 4-1: config 0 descriptor?? [ 158.935696][ T4008] cp210x 4-1:0.0: cp210x converter detected [ 158.941946][ T4001] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 158.974737][ T3653] Bluetooth: hci0: command tx timeout [ 158.980409][ T3726] razer 0003:1532:011B.0009: failed to enable macro keys: -71 [ 158.998856][ T3726] razer 0003:1532:011B.0009: hidraw1: USB HID v0.00 Device [HID 1532:011b] on usb-dummy_hcd.2-1/input0 [ 159.021128][ T6888] loop4: detected capacity change from 0 to 4096 [ 159.031967][ T3726] usb 3-1: USB disconnect, device number 7 [ 159.066503][ T4001] usb 1-1: USB disconnect, device number 8 [ 159.152287][ T6892] netlink: 332 bytes leftover after parsing attributes in process `syz.1.1112'. [ 159.162464][ T6892] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1112'. [ 159.178402][ T6892] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1112'. [ 159.374696][ T4008] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 159.419541][ T4008] usb 4-1: cp210x converter now attached to ttyUSB0 [ 159.585170][ T6916] "syz.2.1123" (6916) uses obsolete ecb(arc4) skcipher [ 159.626586][ T4001] usb 4-1: USB disconnect, device number 6 [ 159.639347][ T4001] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 159.673836][ T4001] cp210x 4-1:0.0: device disconnected [ 159.684441][ T26] audit: type=1400 audit(1729288612.203:43): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name=3A656E6365643A20202020202020202020202030206B420A416E6F6E796D6F75733A2020202020202020202020202030206B420A4C617A79467265653A202020202020202020202020202030206B420A416E6F6E4875676550616765733A20202020202020202030206B420A53686D656D506D644D61707065643A202020202020202030206B420A46696C65506D644D61707065643A20202020202020202030206B420A5368617265645F48756765746C623A202020202020202030206B420A507269766174655F48756765746C623A2020202020202030206B420A537761703A20202020202020202020202020202020202030206B420A537761705073733A20202020202020202020202020202030206B420A4C6F636B65643A2020202020202020202020202020202030206B420A544850656C696769626C653A20202020300A566D466C6167733A206D72206D77206D65207364200A32303030303030302D323130303030303020727778702030303030303030302030303A30302030200A53697A653A20202020202020202020202020203136333834206B420A4B [ 159.968303][ T6938] input: syz0 as /devices/virtual/input/input12 [ 160.244827][ T6941] loop0: detected capacity change from 0 to 256 [ 160.273406][ T6941] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 160.300284][ T6946] loop1: detected capacity change from 0 to 16 [ 160.306378][ T6947] loop4: detected capacity change from 0 to 8 [ 160.330647][ T6946] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 160.337575][ T6947] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 160.397771][ T6947] cramfs: Error -3 while decompressing! [ 160.403642][ T6947] cramfs: ffffffff974c8518(42)->ffff88805a7d5000(4096) [ 160.516578][ T6955] kAFS: unparsable volume name [ 160.585899][ T6957] netlink: 'syz.0.1144': attribute type 1 has an invalid length. [ 160.930317][ T6970] loop2: detected capacity change from 0 to 8192 [ 160.972226][ T6976] netlink: 'syz.4.1152': attribute type 21 has an invalid length. [ 160.988903][ T6976] netlink: 'syz.4.1152': attribute type 6 has an invalid length. [ 160.996870][ T6977] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 161.025979][ T6943] loop3: detected capacity change from 0 to 32768 [ 161.033386][ T6943] XFS: ikeep mount option is deprecated. [ 161.035574][ T26] audit: type=1800 audit(1729288613.553:44): pid=6970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1149" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 161.039668][ T6943] XFS: noikeep mount option is deprecated. [ 161.067075][ T6976] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1152'. [ 161.146240][ T6943] XFS (loop3): Mounting V5 Filesystem [ 161.215661][ T26] audit: type=1800 audit(1729288613.723:45): pid=6986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1149" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 161.295808][ T6943] XFS (loop3): Ending clean mount [ 161.306414][ T6993] loop1: detected capacity change from 0 to 128 [ 161.318413][ T6943] XFS (loop3): Quotacheck needed: Please wait. [ 161.324442][ T6995] loop4: detected capacity change from 0 to 512 [ 161.346960][ T6995] EXT4-fs (loop4): filesystem is read-only [ 161.356182][ T6995] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 161.384371][ T6943] XFS (loop3): Quotacheck: Done. [ 161.409106][ T6995] EXT4-fs (loop4): filesystem is read-only [ 161.435987][ T6995] EXT4-fs (loop4): orphan cleanup on readonly fs [ 161.471232][ T6995] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1155: bg 0: block 64: padding at end of block bitmap is not set [ 161.544620][ T6995] EXT4-fs (loop4): Remounting filesystem read-only [ 161.547847][ T6997] FAT-fs (loop1): error, corrupted directory (invalid i_start) [ 161.553675][ T6995] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 161.579525][ T3640] XFS (loop3): Unmounting Filesystem [ 161.585241][ T6995] EXT4-fs (loop4): Remounting filesystem read-only [ 161.585313][ T6997] FAT-fs (loop1): Filesystem has been set read-only [ 161.595547][ T6995] EXT4-fs (loop4): 1 orphan inode deleted [ 161.628890][ T6995] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 161.677912][ T6995] sp0: Synchronizing with TNC [ 161.745528][ T7005] loop1: detected capacity change from 0 to 256 [ 161.783628][ T7005] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 161.829179][ T6631] EXT4-fs (loop4): unmounting filesystem. [ 161.829426][ T6980] loop0: detected capacity change from 0 to 40427 [ 161.855129][ T6980] F2FS-fs (loop0): invalid crc value [ 161.893435][ T6980] F2FS-fs (loop0): Found nat_bits in checkpoint [ 161.975983][ T7017] netlink: 'syz.2.1165': attribute type 1 has an invalid length. [ 162.004214][ T7017] netlink: 'syz.2.1165': attribute type 2 has an invalid length. [ 162.008708][ T6980] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 162.029201][ T7017] netlink: 16074 bytes leftover after parsing attributes in process `syz.2.1165'. [ 162.614621][ T4001] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 162.812802][ T7040] loop0: detected capacity change from 0 to 32768 [ 162.872728][ T7040] XFS (loop0): Mounting V5 Filesystem [ 162.951176][ T7058] loop3: detected capacity change from 0 to 8 [ 162.957672][ T7040] XFS (loop0): Ending clean mount [ 162.966785][ T7040] XFS (loop0): Quotacheck needed: Please wait. [ 162.987457][ T4001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 163.001465][ T4001] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 163.012027][ T4001] usb 3-1: New USB device found, idVendor=056a, idProduct=037e, bcdDevice=6c.75 [ 163.031129][ T4001] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.061275][ T4001] usb 3-1: config 0 descriptor?? [ 163.074161][ T7040] XFS (loop0): Quotacheck: Done. [ 163.118328][ T7063] loop1: detected capacity change from 0 to 512 [ 163.151795][ T3639] XFS (loop0): Unmounting Filesystem [ 163.548497][ T4001] wacom 0003:056A:037E.000B: Unknown device_type for 'HID 056a:037e'. Ignoring. [ 163.555399][ T7074] loop0: detected capacity change from 0 to 32768 [ 163.579851][ T7074] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 163.638450][ T3639] ocfs2: Unmounting device (7,0) on (node local) [ 163.698376][ T7080] omfs: Invalid superblock (0) [ 163.758265][ T4001] usb 3-1: USB disconnect, device number 8 [ 163.783515][ T7083] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1189'. [ 163.795118][ T7083] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 164.081613][ T7100] netlink: 'syz.4.1197': attribute type 7 has an invalid length. [ 164.178952][ T7104] device wireguard0 entered promiscuous mode [ 164.332529][ T7115] loop3: detected capacity change from 0 to 1024 [ 165.471499][ T7156] can0: slcan on ttyS3. [ 165.521307][ T7131] loop0: detected capacity change from 0 to 40427 [ 165.566826][ T7131] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 165.577060][ T7156] can0 (unregistered): slcan off ttyS3. [ 165.584339][ T7131] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 165.607219][ T7131] F2FS-fs (loop0): invalid crc value [ 165.647809][ T7131] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669) [ 165.658234][ T7160] loop3: detected capacity change from 0 to 4096 [ 165.659252][ T7160] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 165.674703][ T7131] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 165.741816][ T7131] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 165.749499][ T7131] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 165.844613][ T3726] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 165.849980][ T7144] loop1: detected capacity change from 0 to 40427 [ 165.881830][ T7144] F2FS-fs (loop1): invalid crc value [ 165.919928][ T7144] F2FS-fs (loop1): Found nat_bits in checkpoint [ 166.006503][ T7144] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 166.013916][ T7144] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 166.089775][ T3638] syz-executor: attempt to access beyond end of device [ 166.089775][ T3638] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 166.104601][ T3726] usb 3-1: Using ep0 maxpacket: 32 [ 166.141200][ T7178] netlink: 'syz.0.1228': attribute type 19 has an invalid length. [ 166.144843][ T4007] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 166.382497][ T7186] lo speed is unknown, defaulting to 1000 [ 166.404798][ T3726] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 166.414079][ T7186] lo speed is unknown, defaulting to 1000 [ 166.423350][ T3726] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.437683][ T7186] lo speed is unknown, defaulting to 1000 [ 166.443529][ T3726] usb 3-1: Product: syz [ 166.448129][ T3726] usb 3-1: Manufacturer: syz [ 166.452776][ T3726] usb 3-1: SerialNumber: syz [ 166.467256][ T7186] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 166.476495][ T3726] usb 3-1: config 0 descriptor?? [ 166.500408][ T7186] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 166.518767][ T4007] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 166.538790][ T4007] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 895 [ 166.545086][ T7186] lo speed is unknown, defaulting to 1000 [ 166.563482][ T7186] lo speed is unknown, defaulting to 1000 [ 166.563665][ T4007] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 166.580710][ T7186] lo speed is unknown, defaulting to 1000 [ 166.595698][ T7186] lo speed is unknown, defaulting to 1000 [ 166.611673][ T7186] lo speed is unknown, defaulting to 1000 [ 166.616168][ T7198] IPVS: sh: TCP 172.20.20.170:0 - no destination available [ 166.634534][ T4007] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0 [ 166.724741][ T4007] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice= 0.00 [ 166.733978][ T4007] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 166.743360][ T4007] usb 5-1: SerialNumber: syz [ 166.750406][ T4007] usb 5-1: config 0 descriptor?? [ 166.774840][ T7168] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 166.814676][ T4007] port100 5-1:0.0: NFC: Could not get supported command types [ 166.930025][ T3683] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 167.035948][ T4007] usb 5-1: USB disconnect, device number 6 [ 167.171623][ T7218] loop0: detected capacity change from 0 to 1024 [ 167.190883][ T7218] hfsplus: extend alloc file! (8192,512,16777719) [ 167.207158][ T3726] (unnamed net_device) (uninitialized): Assigned a random MAC address: fe:7d:b5:4e:d5:dd [ 167.234247][ T3726] rtl8150 3-1:0.0: eth1: rtl8150 is detected [ 167.243431][ T3726] usb 3-1: USB disconnect, device number 9 [ 167.324746][ T3683] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 167.334021][ T3683] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.344146][ T3683] usb 2-1: config 0 descriptor?? [ 167.385608][ T3683] cp210x 2-1:0.0: cp210x converter detected [ 167.551915][ T7231] loop3: detected capacity change from 0 to 512 [ 167.590780][ T7231] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #17: comm syz.3.1254: iget: bogus i_mode (0) [ 167.624250][ T7231] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1254: couldn't read orphan inode 17 (err -117) [ 167.644560][ T7231] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 167.717384][ T7231] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.1254: bg 0: block 7: invalid block bitmap [ 167.825899][ T3683] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 167.837580][ T3640] EXT4-fs (loop3): unmounting filesystem. [ 167.904499][ T3683] usb 2-1: cp210x converter now attached to ttyUSB0 [ 168.110019][ T3683] usb 2-1: USB disconnect, device number 5 [ 168.134996][ T3683] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 168.136334][ T7232] loop0: detected capacity change from 0 to 32768 [ 168.163864][ T3683] cp210x 2-1:0.0: device disconnected [ 168.175550][ T7249] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.184722][ T7249] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.211193][ T7232] XFS (loop0): Mounting V5 Filesystem [ 168.296551][ T7232] XFS (loop0): Ending clean mount [ 168.311970][ T7232] XFS (loop0): Quotacheck needed: Please wait. [ 168.366972][ T7232] XFS (loop0): Quotacheck: Done. [ 168.451679][ T3639] XFS (loop0): Unmounting Filesystem [ 168.989931][ T7300] omfs: Invalid superblock (0) [ 169.055001][ T3683] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 169.224587][ T22] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 169.464767][ T3683] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 169.476023][ T22] usb 2-1: Using ep0 maxpacket: 16 [ 169.504521][ T3683] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 169.513576][ T3683] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.537972][ T3683] usb 1-1: config 0 descriptor?? [ 169.604907][ T22] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 169.612922][ T22] usb 2-1: config 0 has no interface number 0 [ 169.634587][ T22] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 169.649375][ T22] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 169.784020][ T22] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 169.795803][ T22] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 169.803940][ T22] usb 2-1: Product: syz [ 169.809788][ T22] usb 2-1: SerialNumber: syz [ 169.818983][ T22] usb 2-1: config 0 descriptor?? [ 169.866666][ T22] cm109 2-1:0.8: invalid payload size 0, expected 4 [ 169.874390][ T22] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input16 [ 169.963364][ T7345] loop4: detected capacity change from 0 to 8192 [ 169.991741][ T7349] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 170.024319][ T26] audit: type=1800 audit(1729288622.533:46): pid=7345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1296" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 170.046006][ T3683] keytouch 0003:0926:3333.000C: fixing up Keytouch IEC report descriptor [ 170.071088][ T3683] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.000C/input/input17 [ 170.152305][ T26] audit: type=1800 audit(1729288622.663:47): pid=7352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1296" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 170.192863][ T3726] usb 2-1: USB disconnect, device number 6 [ 170.199107][ C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 170.199241][ C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 170.238908][ T3683] keytouch 0003:0926:3333.000C: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 170.278169][ T3726] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 170.390996][ T7363] input: syz1 as /devices/virtual/input/input18 [ 170.643363][ T7373] netlink: 'syz.4.1308': attribute type 1 has an invalid length. [ 170.648402][ T7372] loop2: detected capacity change from 0 to 512 [ 170.709453][ T7372] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 170.751572][ T7372] ext4 filesystem being mounted at /288/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 170.874002][ T3636] EXT4-fs (loop2): unmounting filesystem. [ 170.929936][ T7359] loop3: detected capacity change from 0 to 32768 [ 171.007578][ T7359] XFS (loop3): Mounting V5 Filesystem [ 171.034201][ T7382] loop1: detected capacity change from 0 to 8192 [ 171.139125][ T7399] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 171.179874][ T7359] XFS (loop3): Ending clean mount [ 171.190577][ T4299] usb 1-1: USB disconnect, device number 9 [ 171.202045][ T26] audit: type=1800 audit(1729288623.713:48): pid=7382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1311" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 171.222317][ C1] keytouch 0003:0926:3333.000C: usb_submit_urb(ctrl) failed: -19 [ 171.255127][ T7359] XFS (loop3): Quotacheck needed: Please wait. [ 171.322666][ T7359] XFS (loop3): Quotacheck: Done. [ 171.344030][ T26] audit: type=1800 audit(1729288623.853:49): pid=7402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1311" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 171.512187][ T7398] loop4: detected capacity change from 0 to 32768 [ 171.529694][ T7398] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1315 (7398) [ 171.570753][ T7398] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 171.594838][ T7398] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 171.603668][ T7398] BTRFS info (device loop4): setting nodatacow, compression disabled [ 171.624112][ T3640] XFS (loop3): Unmounting Filesystem [ 171.644965][ T7398] BTRFS info (device loop4): turning on flush-on-commit [ 171.653839][ T7398] BTRFS info (device loop4): enabling auto defrag [ 171.707458][ T7398] BTRFS info (device loop4): max_inline at 0 [ 171.713494][ T7398] BTRFS info (device loop4): using free space tree [ 172.054718][ T7398] BTRFS info (device loop4): enabling ssd optimizations [ 172.080378][ T7404] loop1: detected capacity change from 0 to 32768 [ 172.153624][ T7398] BTRFS error (device loop4): target device is invalid! [ 172.184753][ T6631] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 172.199627][ T7431] netlink: 'syz.0.1321': attribute type 1 has an invalid length. [ 172.201968][ T7401] loop2: detected capacity change from 0 to 40427 [ 172.228401][ T7401] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 172.254621][ T7401] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 172.285872][ T7401] F2FS-fs (loop2): invalid crc value [ 172.339978][ T7401] F2FS-fs (loop2): Found nat_bits in checkpoint [ 172.370036][ T26] audit: type=1326 audit(1729288624.883:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.0.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271957dff9 code=0x7ffc0000 [ 172.467707][ T26] audit: type=1326 audit(1729288624.913:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.0.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f271957dff9 code=0x7ffc0000 [ 172.509622][ T7401] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 172.524314][ T7401] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 172.540754][ T26] audit: type=1326 audit(1729288624.913:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.0.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271957dff9 code=0x7ffc0000 [ 172.594615][ T4006] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 172.614953][ T26] audit: type=1326 audit(1729288624.913:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.0.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271957dff9 code=0x7ffc0000 [ 172.657818][ T26] audit: type=1326 audit(1729288624.923:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.0.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f271957dff9 code=0x7ffc0000 [ 172.716312][ T26] audit: type=1326 audit(1729288624.923:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.0.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271957dff9 code=0x7ffc0000 [ 172.954775][ T4006] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 172.978428][ T4006] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 173.074778][ T4006] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 173.098447][ T4006] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 173.114525][ T4006] usb 4-1: SerialNumber: syz [ 173.178628][ T7453] loop2: detected capacity change from 0 to 16 [ 173.190868][ T7453] erofs: (device loop2): mounted with root inode @ nid 36. [ 173.203531][ T7453] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 173.231718][ T7453] erofs: (device loop2): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 173.250087][ T7453] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117] [ 173.417099][ T4006] usb 4-1: 0:2 : does not exist [ 173.500713][ T4006] usb 4-1: USB disconnect, device number 7 [ 174.045916][ T7465] loop3: detected capacity change from 0 to 2048 [ 174.105518][ T7465] loop3: p1 < > p4 [ 174.110403][ T7465] loop3: p4 size 8388608 extends beyond EOD, truncated [ 174.341979][ T7474] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1338'. [ 174.356729][ T7475] overlayfs: upper fs is r/o, try multi-lower layers mount [ 174.486362][ T7462] loop1: detected capacity change from 0 to 40427 [ 174.505697][ T7462] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 174.527605][ T7462] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 174.601450][ T7462] F2FS-fs (loop1): Found nat_bits in checkpoint [ 174.692024][ T7497] program syz.3.1349 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 174.708962][ T7462] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 174.718716][ T7462] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 174.853722][ T7501] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1352'. [ 174.964643][ T4299] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 175.224770][ T4299] usb 3-1: Using ep0 maxpacket: 16 [ 175.254379][ T7494] loop4: detected capacity change from 0 to 32768 [ 175.318372][ T7494] XFS (loop4): Mounting V5 Filesystem [ 175.332572][ T7517] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1351'. [ 175.364233][ T7517] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1351'. [ 175.439018][ T7494] XFS (loop4): Ending clean mount [ 175.538538][ T4299] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 175.566428][ T4299] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.590597][ T4299] usb 3-1: Product: syz [ 175.599877][ T4299] usb 3-1: Manufacturer: syz [ 175.604969][ T4299] usb 3-1: SerialNumber: syz [ 175.610795][ T4299] r8152-cfgselector 3-1: config 0 descriptor?? [ 175.630281][ T6631] XFS (loop4): Unmounting Filesystem [ 175.694716][ T3652] Bluetooth: hci2: command 0x0406 tx timeout [ 175.694951][ T3647] Bluetooth: hci4: command 0x0406 tx timeout [ 175.701099][ T3652] Bluetooth: hci1: command 0x0406 tx timeout [ 175.706964][ T3651] Bluetooth: hci3: command 0x0406 tx timeout [ 175.849737][ T7541] netlink: 'syz.0.1367': attribute type 25 has an invalid length. [ 175.859082][ T7541] netlink: 'syz.0.1367': attribute type 8 has an invalid length. [ 175.884675][ T4299] r8152-cfgselector 3-1: Unknown version 0x0000 [ 175.935205][ T4299] r8152-cfgselector 3-1: Unknown version 0x0000 [ 175.949650][ T4299] r8152-cfgselector 3-1: bad CDC descriptors [ 176.010152][ T4299] usbip-host 3-1: 3-1 is not in match_busid table... skip! [ 176.039990][ T7543] loop0: detected capacity change from 0 to 4096 [ 176.054176][ T7543] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 176.100514][ T7547] loop3: detected capacity change from 0 to 2048 [ 176.133005][ T7543] ntfs3: loop0: failed to convert "c46c" to iso8859-6 [ 176.144933][ T7543] ntfs3: loop0: failed to convert "0030" to iso8859-6 [ 176.152324][ T7543] ntfs3: loop0: failed to convert "0031" to iso8859-6 [ 176.164350][ T7543] ntfs3: loop0: failed to convert "0032" to iso8859-6 [ 176.182580][ T7543] ntfs3: loop0: failed to convert "0033" to iso8859-6 [ 176.212478][ T7547] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 176.213333][ T4299] usb 3-1: USB disconnect, device number 10 [ 176.372543][ T46] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.396271][ T3640] EXT4-fs (loop3): unmounting filesystem. [ 176.404975][ T7538] loop1: detected capacity change from 0 to 32768 [ 176.442713][ T7538] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1365 (7538) [ 176.462257][ T7538] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 176.473071][ T7538] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 176.508762][ T7538] BTRFS info (device loop1): using free space tree [ 176.551812][ T46] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.565273][ T7557] loop3: detected capacity change from 0 to 1024 [ 176.576750][ T7557] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 176.631809][ T7555] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1373'. [ 176.700745][ T46] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.805892][ T46] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.868762][ T7538] BTRFS info (device loop1): enabling ssd optimizations [ 176.883975][ T7577] loop0: detected capacity change from 0 to 4096 [ 176.912783][ T7577] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 176.981455][ T7585] sg_write: process 579 (syz.3.1380) changed security contexts after opening file descriptor, this is not allowed. [ 177.070730][ T3638] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 177.237915][ T3651] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 177.251318][ T3651] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 177.259625][ T3651] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 177.267706][ T3651] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 177.275646][ T3651] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 177.284534][ T3651] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 177.509292][ T7588] lo speed is unknown, defaulting to 1000 [ 177.607053][ T7606] Bluetooth: MGMT ver 1.22 [ 177.770227][ T7612] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 177.779117][ T7612] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 177.787945][ T7612] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 177.792988][ T7617] trusted_key: encrypted_key: keyword 'u{d‚ate' not recognized [ 177.796667][ T7612] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 177.970370][ T7588] chnl_net:caif_netlink_parms(): no params data found [ 178.141812][ T7634] loop1: detected capacity change from 0 to 128 [ 178.152460][ T7588] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.182763][ T7588] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.192475][ T7588] device bridge_slave_0 entered promiscuous mode [ 178.292582][ T7588] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.306480][ T7588] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.321452][ T7588] device bridge_slave_1 entered promiscuous mode [ 178.521151][ T7588] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 178.533943][ T7588] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 178.580032][ T7588] team0: Port device team_slave_0 added [ 178.615640][ T7588] team0: Port device team_slave_1 added [ 178.724846][ T3726] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 178.800753][ T7588] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 178.814569][ T7588] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.842182][ T7588] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 178.862444][ T7588] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 178.869620][ T7588] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.915609][ T7588] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.937963][ T46] device hsr_slave_0 left promiscuous mode [ 178.947169][ T46] device hsr_slave_1 left promiscuous mode [ 178.953518][ T7666] syz.1.1414 (7666): /proc/7665/oom_adj is deprecated, please use /proc/7665/oom_score_adj instead. [ 178.968648][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 178.977124][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 178.986844][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 178.995309][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 179.004203][ T46] device bridge_slave_1 left promiscuous mode [ 179.016230][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.028505][ T46] device bridge_slave_0 left promiscuous mode [ 179.037094][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.097974][ T46] device veth1_macvtap left promiscuous mode [ 179.104052][ T46] device veth0_macvtap left promiscuous mode [ 179.110629][ T46] device veth1_vlan left promiscuous mode [ 179.116517][ T46] device veth0_vlan left promiscuous mode [ 179.169094][ T3726] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 179.186115][ T3726] usb 4-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=40.85 [ 179.209316][ T3726] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.229101][ T3726] usb 4-1: config 0 descriptor?? [ 179.236487][ T7658] loop2: detected capacity change from 0 to 32768 [ 179.254418][ T7658] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1411 (7658) [ 179.282590][ T3726] comedi comedi0: Wrong number of endpoints [ 179.289628][ T3726] dt9812 4-1:0.0: driver 'dt9812' failed to auto-configure device. [ 179.309973][ T7658] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 179.326796][ T7658] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 179.358401][ T7658] BTRFS info (device loop2): using free space tree [ 179.378376][ T3651] Bluetooth: hci0: command tx timeout [ 179.480721][ T3109] usb 4-1: USB disconnect, device number 8 [ 179.538195][ T7658] BTRFS info (device loop2): enabling ssd optimizations [ 179.661802][ T3636] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 179.813825][ T7690] loop1: detected capacity change from 0 to 256 [ 179.827786][ T7690] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 179.942215][ T7690] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 180.014812][ T7690] FAT-fs (loop1): Filesystem has been set read-only [ 180.384392][ T7708] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 180.429016][ T7710] loop1: detected capacity change from 0 to 736 [ 180.619140][ T7714] loop1: detected capacity change from 0 to 256 [ 180.638686][ T7714] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 180.736695][ T46] team0 (unregistering): Port device team_slave_1 removed [ 180.877847][ T46] team0 (unregistering): Port device team_slave_0 removed [ 180.990954][ T7700] loop2: detected capacity change from 0 to 40427 [ 180.998458][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 181.017296][ T7700] F2FS-fs (loop2): Found nat_bits in checkpoint [ 181.127404][ T7700] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 181.158469][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 181.202205][ T7712] loop0: detected capacity change from 0 to 32768 [ 181.229049][ T3636] syz-executor: attempt to access beyond end of device [ 181.229049][ T3636] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 181.461202][ T3651] Bluetooth: hci0: command tx timeout [ 182.262614][ T46] bond0 (unregistering): Released all slaves [ 182.384205][ T7742] loop2: detected capacity change from 0 to 40427 [ 182.422072][ T7588] device hsr_slave_0 entered promiscuous mode [ 182.448401][ T7588] device hsr_slave_1 entered promiscuous mode [ 182.472489][ T7742] F2FS-fs (loop2): Found nat_bits in checkpoint [ 182.486626][ T7588] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 182.513974][ T7745] loop0: detected capacity change from 0 to 4096 [ 182.520520][ T7588] Cannot create hsr debugfs directory [ 182.579142][ T7745] ntfs: volume version 3.1. [ 182.590478][ T7745] __ntfs_error: 5 callbacks suppressed [ 182.590494][ T7745] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 182.610059][ T7742] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 182.630317][ T7745] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 182.674053][ T7745] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 182.696238][ T7742] syz.2.1440: attempt to access beyond end of device [ 182.696238][ T7742] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 182.761424][ T7745] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 182.793520][ T7745] ntfs: (device loop0): ntfs_lookup(): ntfs_lookup_ino_by_name() failed with error code 5. [ 183.315888][ T3636] syz-executor: attempt to access beyond end of device [ 183.315888][ T3636] loop2: rw=2049, sector=45112, nr_sectors = 8 limit=40427 [ 183.541102][ T3651] Bluetooth: hci0: command tx timeout [ 184.066435][ T7755] loop0: detected capacity change from 0 to 32768 [ 184.090532][ T7755] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1445 (7755) [ 184.131323][ T7755] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 184.155477][ T7755] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 184.162931][ T7588] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 184.184299][ T7755] BTRFS info (device loop0): using free space tree [ 184.194967][ T7588] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 184.232166][ T7588] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 184.262256][ T7588] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 184.311684][ T7755] BTRFS info (device loop0): enabling ssd optimizations [ 184.416931][ T7761] loop3: detected capacity change from 0 to 40427 [ 184.429927][ T7761] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 184.439298][ T7761] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 184.477528][ T7761] F2FS-fs (loop3): Found nat_bits in checkpoint [ 184.533931][ T7761] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 184.542642][ T7761] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 184.550534][ T7755] syz.0.1445 (7755) used greatest stack depth: 18928 bytes left [ 184.559350][ T7588] 8021q: adding VLAN 0 to HW filter on device bond0 [ 184.577204][ T3639] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 184.597711][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 184.612066][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 184.644733][ T7757] loop1: detected capacity change from 0 to 40427 [ 184.661265][ T7588] 8021q: adding VLAN 0 to HW filter on device team0 [ 184.694860][ T7757] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 184.702671][ T7757] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 184.717138][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 184.735849][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 184.754976][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 184.762089][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 184.836518][ T7757] F2FS-fs (loop1): invalid crc value [ 184.857941][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 184.875308][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 184.887373][ T7757] F2FS-fs (loop1): Found nat_bits in checkpoint [ 184.915260][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 184.944071][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.951229][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 184.984878][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 185.007489][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 185.035704][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 185.044231][ T7757] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 185.068011][ T7757] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 185.078342][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 185.103735][ T7588] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 185.132432][ T26] audit: type=1804 audit(1729288637.643:61): pid=7757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1446" name="/newroot/322/file0/file0" dev="loop1" ino=10 res=1 errno=0 [ 185.139861][ T7588] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 185.174335][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 185.198911][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 185.236597][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 185.247510][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 185.263790][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 185.284230][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 185.303319][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 185.318193][ T7800] netlink: 'syz.0.1455': attribute type 2 has an invalid length. [ 185.339084][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 185.448064][ T7804] netlink: 'syz.0.1456': attribute type 5 has an invalid length. [ 185.574332][ T7811] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1457'. [ 185.615607][ T3651] Bluetooth: hci0: command tx timeout [ 185.774250][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 185.802970][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 185.833223][ T7588] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 186.008425][ T7817] loop0: detected capacity change from 0 to 8192 [ 186.032184][ T7822] loop1: detected capacity change from 0 to 2048 [ 186.033396][ T7817] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 186.053336][ T7817] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 186.084596][ T7817] REISERFS (device loop0): using ordered data mode [ 186.091143][ T7817] reiserfs: using flush barriers [ 186.124943][ T7817] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 186.166737][ T7822] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 186.181895][ T7822] ext4 filesystem being mounted at /323/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 186.205056][ T7817] REISERFS (device loop0): checking transaction log (loop0) [ 186.261027][ T7817] REISERFS (device loop0): Using r5 hash to sort names [ 186.286376][ T7817] REISERFS (device loop0): using 3.5.x disk format [ 186.293217][ T7817] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 186.331582][ T3638] EXT4-fs (loop1): unmounting filesystem. [ 186.431639][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 186.454052][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 186.492097][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 186.512794][ T7814] loop2: detected capacity change from 0 to 32768 [ 186.513740][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 186.542023][ T7588] device veth0_vlan entered promiscuous mode [ 186.563242][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 186.576800][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 186.592143][ T7588] device veth1_vlan entered promiscuous mode [ 186.604381][ T7814] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 186.620666][ T7588] device veth0_macvtap entered promiscuous mode [ 186.628713][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 186.658437][ T7844] loop3: detected capacity change from 0 to 1024 [ 186.664946][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 186.665614][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 186.691906][ T7844] hfsplus: bad catalog entry type [ 186.719272][ T3708] hfsplus: b-tree write err: -5, ino 4 [ 186.735728][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 186.755426][ T7588] device veth1_macvtap entered promiscuous mode [ 186.771318][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 186.779902][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 186.790547][ T7847] loop1: detected capacity change from 0 to 256 [ 186.817001][ T7847] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 186.824682][ T7588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.887190][ T7588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.897813][ T7588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.913805][ T7851] loop3: detected capacity change from 0 to 128 [ 186.924515][ T7588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.934382][ T7588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.948520][ T7851] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 186.950648][ T7588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.970842][ T7851] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 186.972533][ T7588] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 186.992707][ T7588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.013097][ T3636] ocfs2: Unmounting device (7,2) on (node local) [ 187.033431][ T7588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.069357][ T7588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.090231][ T7588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.110642][ T7588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.132975][ T7588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.167342][ T7588] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.185896][ T3708] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 187.209253][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 187.223164][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 187.246048][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 187.275706][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 187.287350][ T7588] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.324604][ T7588] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.333351][ T7588] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.366909][ T7588] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.503038][ T7864] loop0: detected capacity change from 0 to 64 [ 187.549473][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.591464][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.641861][ T3708] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.646679][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 187.658113][ T3708] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.690317][ T7869] loop0: detected capacity change from 0 to 64 [ 187.696080][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 188.234170][ T7861] loop2: detected capacity change from 0 to 32768 [ 188.261601][ T7861] XFS: ikeep mount option is deprecated. [ 188.276104][ T7896] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1490'. [ 188.284090][ T7861] XFS: ikeep mount option is deprecated. [ 188.358131][ T7861] XFS (loop2): Mounting V5 Filesystem [ 188.463019][ T7861] XFS (loop2): Ending clean mount [ 188.480849][ T7861] XFS (loop2): Quotacheck needed: Please wait. [ 188.530927][ T7861] XFS (loop2): Quotacheck: Done. [ 188.616731][ T3685] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 188.718441][ T3636] XFS (loop2): Unmounting Filesystem [ 188.727114][ T3997] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 188.800071][ T7885] loop3: detected capacity change from 0 to 40427 [ 188.856573][ T7885] F2FS-fs (loop3): invalid crc value [ 188.875693][ T3685] usb 5-1: Using ep0 maxpacket: 16 [ 188.882813][ T7885] F2FS-fs (loop3): Found nat_bits in checkpoint [ 188.949515][ T7885] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 188.958660][ T7885] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 188.984654][ T3997] usb 2-1: Using ep0 maxpacket: 8 [ 188.994782][ T3685] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 189.071378][ T3640] syz-executor: attempt to access beyond end of device [ 189.071378][ T3640] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 189.104739][ T3997] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 189.120013][ T3997] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 189.132308][ T3997] usb 2-1: config 0 has no interface number 0 [ 189.155898][ T3997] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 189.175741][ T3997] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 189.186368][ T3685] usb 5-1: New USB device found, idVendor=05ac, idProduct=026c, bcdDevice= 0.40 [ 189.204567][ T3685] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 189.216412][ T3997] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 189.230302][ T3685] usb 5-1: Product: syz [ 189.244534][ T3685] usb 5-1: Manufacturer: syz [ 189.249169][ T3685] usb 5-1: SerialNumber: syz [ 189.254829][ T3997] usb 2-1: config 0 interface 52 has no altsetting 0 [ 189.306441][ T3685] usbhid 5-1:1.0: couldn't find an input interrupt endpoint [ 189.384837][ T3997] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 189.393918][ T3997] usb 2-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 189.434575][ T3997] usb 2-1: Product: syz [ 189.438778][ T3997] usb 2-1: SerialNumber: syz [ 189.445150][ T3997] usb 2-1: config 0 descriptor?? [ 189.527090][ T3685] usb 5-1: USB disconnect, device number 7 [ 189.711628][ T3997] input: syz (Stick) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input19 [ 189.737153][ T3078] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 189.763219][ T7938] netlink: 'syz.2.1503': attribute type 2 has an invalid length. [ 189.779447][ T3078] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 189.812248][ T3078] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 189.851787][ T3078] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 189.918127][ T7910] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 189.974284][ T3681] usb 2-1: USB disconnect, device number 7 [ 190.093968][ T7947] loop3: detected capacity change from 0 to 512 [ 190.149743][ T7947] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 190.175178][ T7947] ext4 filesystem being mounted at /283/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 190.198322][ T7947] EXT4-fs error (device loop3): ext4_empty_dir:3154: inode #12: block 31: comm syz.3.1507: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=1, rec_len=6, size=1024 fake=1 [ 190.217557][ C0] vkms_vblank_simulate: vblank timer overrun [ 190.250843][ T7947] EXT4-fs (loop3): Remounting filesystem read-only [ 190.289129][ T7947] EXT4-fs warning (device loop3): ext4_empty_dir:3156: inode #12: comm syz.3.1507: directory missing '..' [ 190.356607][ T7961] loop0: detected capacity change from 0 to 256 [ 190.413144][ T3640] EXT4-fs (loop3): unmounting filesystem. [ 190.663769][ T7972] netlink: 'syz.0.1517': attribute type 8 has an invalid length. [ 190.699931][ T7970] loop1: detected capacity change from 0 to 4096 [ 190.708356][ T7970] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 190.750257][ T7970] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 190.789569][ T7978] loop2: detected capacity change from 0 to 128 [ 190.837299][ T7978] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 190.873120][ T7978] ext4 filesystem being mounted at /328/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 190.905269][ C0] vkms_vblank_simulate: vblank timer overrun [ 190.947315][ T7978] fscrypt (loop2, inode 12): Unsupported encryption flags (0x08) [ 191.022362][ T3636] EXT4-fs (loop2): unmounting filesystem. [ 191.176180][ T3997] kernel write not supported for file 694/task/695/clear_refs (pid: 3997 comm: kworker/0:8) [ 191.206830][ T8003] bridge0: port 3(vlan2) entered blocking state [ 191.221297][ T8003] bridge0: port 3(vlan2) entered disabled state [ 191.298200][ T8010] netlink: 'syz.0.1534': attribute type 5 has an invalid length. [ 191.483678][ T8020] loop4: detected capacity change from 0 to 256 [ 191.533044][ T8020] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 191.554301][ T8022] loop2: detected capacity change from 0 to 2048 [ 191.571780][ T8022] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 191.596028][ T8022] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1540'. [ 191.721767][ T8029] (unnamed net_device) (uninitialized): (slave veth1_to_hsr): Device is not bonding slave [ 191.745767][ T8029] (unnamed net_device) (uninitialized): option active_slave: invalid value (veth1_to_hsr) [ 192.348174][ T8053] mkiss: ax0: crc mode is auto. [ 192.380186][ T8059] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 192.602883][ T8035] loop0: detected capacity change from 0 to 40427 [ 192.633374][ T8035] F2FS-fs (loop0): invalid crc value [ 192.658943][ T8035] F2FS-fs (loop0): Found nat_bits in checkpoint [ 192.721414][ T8068] loop1: detected capacity change from 0 to 4096 [ 192.739459][ T8068] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 192.755846][ T8035] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 192.780903][ T4303] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 192.813951][ T8068] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 192.815199][ T3708] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.876677][ T8068] ntfs3: loop1: ino=1e, "file1" attr_set_size [ 193.031562][ T3708] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.074615][ T4303] usb 4-1: Using ep0 maxpacket: 32 [ 193.210869][ T3708] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.236161][ T4303] usb 4-1: config 0 has no interfaces? [ 193.366476][ T3708] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.381945][ T4303] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 193.401421][ T4303] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 193.422462][ T4303] usb 4-1: Product: syz [ 193.427150][ T4303] usb 4-1: Manufacturer: syz [ 193.427754][ T3647] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 193.433297][ T4303] usb 4-1: config 0 descriptor?? [ 193.445597][ T3647] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 193.454184][ T3647] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 193.475000][ T3647] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 193.492604][ T3647] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 193.500369][ T3647] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 193.537247][ T8093] lo speed is unknown, defaulting to 1000 [ 193.651418][ T8097] loop1: detected capacity change from 0 to 128 [ 193.739217][ T4303] usb 4-1: USB disconnect, device number 9 [ 193.765619][ T8093] chnl_net:caif_netlink_parms(): no params data found [ 194.021515][ T8105] program syz.0.1575 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 194.023409][ T8086] loop2: detected capacity change from 0 to 32768 [ 194.041166][ T8086] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.1569 (8086) [ 194.057460][ T8086] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 194.068240][ T8086] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 194.077495][ T8086] BTRFS info (device loop2): enabling auto defrag [ 194.084060][ T8086] BTRFS info (device loop2): max_inline at 0 [ 194.090252][ T8086] BTRFS info (device loop2): enabling ssd optimizations [ 194.097362][ T8086] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8) [ 194.107571][ T1234] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.107665][ T1234] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.123460][ T8086] BTRFS info (device loop2): use lzo compression, level 0 [ 194.130769][ T8086] BTRFS info (device loop2): using free space tree [ 194.353570][ T8093] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.385021][ T8093] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.413469][ T8093] device bridge_slave_0 entered promiscuous mode [ 194.466142][ T3636] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 194.521339][ T8093] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.534683][ T8093] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.543031][ T8093] device bridge_slave_1 entered promiscuous mode [ 194.855865][ T8127] loop0: detected capacity change from 0 to 32768 [ 194.864051][ T8127] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1577 (8127) [ 194.922008][ T8127] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 194.936890][ T8093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.952419][ T8127] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 194.978863][ T8127] BTRFS info (device loop0): using free space tree [ 195.024364][ T8093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 195.036731][ T3685] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 195.143930][ T8127] BTRFS info (device loop0): enabling ssd optimizations [ 195.214767][ T26] audit: type=1800 audit(1729288647.733:62): pid=8127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1577" name="bus" dev="loop0" ino=263 res=0 errno=0 [ 195.215866][ T8127] BTRFS error (device loop0): balance: invalid convert metadata profile raid0 [ 195.261639][ T8093] team0: Port device team_slave_0 added [ 195.299671][ T8093] team0: Port device team_slave_1 added [ 195.368497][ T3639] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 195.384626][ T8093] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 195.394782][ T8093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.422415][ T3685] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 195.440270][ T3685] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 195.481042][ T8093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 195.534973][ T3685] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 195.542694][ T3651] Bluetooth: hci0: command tx timeout [ 195.575083][ T3685] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 195.591924][ T3685] usb 4-1: SerialNumber: syz [ 195.689011][ T8093] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 195.704578][ T8093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.758774][ T8093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 195.785488][ T8168] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1589'. [ 195.887170][ T3685] usb 4-1: 0:2 : does not exist [ 195.972582][ T3685] usb 4-1: USB disconnect, device number 10 [ 196.093323][ T8093] device hsr_slave_0 entered promiscuous mode [ 196.113629][ T8166] loop1: detected capacity change from 0 to 32768 [ 196.121185][ T8093] device hsr_slave_1 entered promiscuous mode [ 196.141192][ T8166] XFS: ikeep mount option is deprecated. [ 196.153466][ T8093] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 196.173591][ T8166] XFS: ikeep mount option is deprecated. [ 196.183720][ T8093] Cannot create hsr debugfs directory [ 196.257255][ T8166] XFS (loop1): Mounting V5 Filesystem [ 196.371114][ T8166] XFS (loop1): Ending clean mount [ 196.386806][ T8166] XFS (loop1): Quotacheck needed: Please wait. [ 196.451432][ T8166] XFS (loop1): Quotacheck: Done. [ 196.508309][ T8189] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1593'. [ 196.527291][ T3708] device hsr_slave_0 left promiscuous mode [ 196.531373][ T8189] bond0: (slave bond_slave_0): Slave does not support ipsec offload [ 196.566379][ T3708] device hsr_slave_1 left promiscuous mode [ 196.575263][ T3708] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 196.591167][ T3638] XFS (loop1): Unmounting Filesystem [ 196.591842][ T3708] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 196.610759][ T3708] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 196.624611][ T3708] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 196.647145][ T3708] device bridge_slave_1 left promiscuous mode [ 196.666977][ T3708] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.696088][ T3708] device bridge_slave_0 left promiscuous mode [ 196.705336][ T3708] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.814061][ T3708] device veth1_macvtap left promiscuous mode [ 196.824682][ T3708] device veth0_macvtap left promiscuous mode [ 196.841027][ T3708] device veth1_vlan left promiscuous mode [ 196.847016][ T3708] device veth0_vlan left promiscuous mode [ 196.854674][ T4006] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 197.108799][ T8193] loop2: detected capacity change from 0 to 32768 [ 197.150465][ T8193] XFS (loop2): Mounting V5 Filesystem [ 197.220796][ T4006] usb 1-1: config 45 has too many interfaces: 194, using maximum allowed: 32 [ 197.231944][ T8193] XFS (loop2): Ending clean mount [ 197.235025][ T4006] usb 1-1: config 45 has 1 interface, different from the descriptor's value: 194 [ 197.246487][ T4006] usb 1-1: config 45 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.257686][ T4006] usb 1-1: config 45 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.267642][ T4006] usb 1-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00 [ 197.276875][ T4006] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.290427][ T8193] XFS (loop2): Quotacheck needed: Please wait. [ 197.364104][ T8193] XFS (loop2): Quotacheck: Done. [ 197.415662][ T3636] XFS (loop2): Unmounting Filesystem [ 197.620862][ T3651] Bluetooth: hci0: command tx timeout [ 197.743170][ T3708] team0 (unregistering): Port device team_slave_1 removed [ 197.777586][ T4006] uclogic 0003:5543:0042.000D: unknown main item tag 0x0 [ 197.797687][ T4006] uclogic 0003:5543:0042.000D: unknown main item tag 0x0 [ 197.805229][ T4006] uclogic 0003:5543:0042.000D: unknown main item tag 0x0 [ 197.812462][ T4006] uclogic 0003:5543:0042.000D: unknown main item tag 0x0 [ 197.820279][ T4006] uclogic 0003:5543:0042.000D: unknown main item tag 0x0 [ 197.831308][ T4006] uclogic 0003:5543:0042.000D: No inputs registered, leaving [ 197.842283][ T4006] uclogic 0003:5543:0042.000D: hidraw0: USB HID v0.00 Device [HID 5543:0042] on usb-dummy_hcd.0-1/input0 [ 197.864167][ T3708] team0 (unregistering): Port device team_slave_0 removed [ 197.938252][ T3708] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 197.997465][ T4006] usb 1-1: USB disconnect, device number 10 [ 198.028882][ T3708] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 198.686224][ T3708] bond0 (unregistering): Released all slaves [ 198.808345][ T8199] netlink: 340 bytes leftover after parsing attributes in process `syz.1.1597'. [ 198.983077][ T8224] ALSA: mixer_oss: invalid OSS volume '' [ 199.521338][ T8093] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 199.555451][ T8093] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 199.569651][ T8093] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 199.583679][ T8245] loop3: detected capacity change from 0 to 1024 [ 199.592546][ T8093] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 199.620718][ T8245] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 199.710734][ T3651] Bluetooth: hci0: command tx timeout [ 199.743892][ T8093] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.759291][ T8227] loop0: detected capacity change from 0 to 32768 [ 199.783951][ T8227] XFS: ikeep mount option is deprecated. [ 199.815133][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 199.823524][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 199.840309][ T8227] XFS: ikeep mount option is deprecated. [ 199.851204][ T8251] loop3: detected capacity change from 0 to 1024 [ 199.857049][ T8093] 8021q: adding VLAN 0 to HW filter on device team0 [ 199.875725][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 199.888376][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 199.899399][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.906554][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 199.942669][ T8227] XFS (loop0): Mounting V5 Filesystem [ 199.960365][ T4770] hfsplus: b-tree write err: -5, ino 4 [ 199.962865][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 199.976583][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 199.985748][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 199.995410][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.002512][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.031379][ T8266] loop1: detected capacity change from 0 to 64 [ 200.058072][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 200.058673][ T8267] loop3: detected capacity change from 0 to 1024 [ 200.073501][ T8227] XFS (loop0): Ending clean mount [ 200.111369][ T8227] XFS (loop0): Quotacheck needed: Please wait. [ 200.122785][ T8267] hfsplus: bad catalog entry type [ 200.129720][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 200.141040][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 200.190238][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.195070][ T8227] XFS (loop0): Quotacheck: Done. [ 200.207384][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 200.216519][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 200.225329][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 200.233618][ T9] hfsplus: b-tree write err: -5, ino 4 [ 200.233826][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 200.282573][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 200.308923][ T8093] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 200.338582][ T8093] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 200.361420][ T8272] bridge0: port 3(vlan2) entered blocking state [ 200.373042][ T3639] XFS (loop0): Unmounting Filesystem [ 200.380986][ T8272] bridge0: port 3(vlan2) entered disabled state [ 200.384103][ T8276] loop1: detected capacity change from 0 to 256 [ 200.459620][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 200.483978][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 200.741258][ T8284] mkiss: ax0: crc mode is auto. [ 200.888535][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 200.903076][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 200.915105][ T8287] loop1: detected capacity change from 0 to 4096 [ 200.929050][ T8093] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.938184][ T8287] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 201.025943][ T8287] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 201.049161][ T8287] ntfs3: loop1: Failed to load $Extend. [ 201.387355][ T8279] loop2: detected capacity change from 0 to 32768 [ 201.446011][ T8279] read_mapping_page failed! [ 201.533811][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 201.558705][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 201.614394][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 201.633392][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 201.663069][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 201.681847][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 201.707069][ T8093] device veth0_vlan entered promiscuous mode [ 201.738379][ T8093] device veth1_vlan entered promiscuous mode [ 201.765357][ T8292] loop3: detected capacity change from 0 to 32768 [ 201.774660][ T3651] Bluetooth: hci0: command tx timeout [ 201.804577][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 201.812749][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 201.839849][ T8292] XFS (loop3): Mounting V5 Filesystem [ 201.853966][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 201.909089][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 201.965636][ T8292] XFS (loop3): Ending clean mount [ 201.976707][ T8093] device veth0_macvtap entered promiscuous mode [ 202.022131][ T8292] XFS (loop3): Quotacheck needed: Please wait. [ 202.035548][ T8093] device veth1_macvtap entered promiscuous mode [ 202.068231][ T8093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.094089][ T8093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.113664][ T8292] XFS (loop3): Quotacheck: Done. [ 202.134572][ T8093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.187896][ T8093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.215739][ T8093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.236897][ T8093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.256053][ T3640] XFS (loop3): Unmounting Filesystem [ 202.258300][ T8093] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 202.280521][ T8093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.291182][ T8093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.306425][ T8322] loop0: detected capacity change from 0 to 1024 [ 202.317413][ T8093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.346247][ T8093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.361373][ T8093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.372873][ T8322] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 202.381637][ T8322] ext4 filesystem being mounted at /345/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 202.392387][ T8093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.407063][ T8093] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 202.432529][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 202.443972][ T3639] EXT4-fs (loop0): unmounting filesystem. [ 202.461040][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 202.470843][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 202.493127][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 202.515876][ T8327] bridge0: port 3(vlan3) entered blocking state [ 202.522184][ T8327] bridge0: port 3(vlan3) entered disabled state [ 202.555281][ T8093] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.568901][ T8093] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.578297][ T8093] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.591990][ T8093] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.747059][ T3666] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.773108][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.793275][ T3666] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.803965][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.838379][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 202.870901][ T3666] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 202.934616][ T4004] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 203.028524][ T3685] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 203.057802][ T8349] loop4: detected capacity change from 0 to 128 [ 203.070601][ T8349] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 203.082886][ T8349] sysv_count_free_blocks: free block count was -2041545935, correcting to 3 [ 203.123745][ T8349] sysv_count_free_inodes: unable to read inode table [ 203.139551][ T8349] sysv_count_free_inodes: unable to read inode table [ 203.164586][ T4808] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 203.174577][ T4004] usb 4-1: Using ep0 maxpacket: 8 [ 203.180220][ T8093] sysv_free_block: trying to free block not in datazone [ 203.188444][ T8093] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 203.251174][ T8351] netlink: 911 bytes leftover after parsing attributes in process `syz.4.1651'. [ 203.260401][ T8351] openvswitch: netlink: ufid size 36 bytes exceeds the range (1, 16) [ 203.274860][ T3685] usb 1-1: Using ep0 maxpacket: 32 [ 203.297842][ T4004] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 203.319156][ T4004] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 203.371364][ T8345] loop2: detected capacity change from 0 to 32768 [ 203.381558][ T8345] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1648 (8345) [ 203.400507][ T3685] usb 1-1: config 0 has no interfaces? [ 203.409256][ T8345] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 203.424302][ T8345] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 203.433470][ T4808] usb 2-1: Using ep0 maxpacket: 8 [ 203.441633][ T8345] BTRFS info (device loop2): using free space tree [ 203.469085][ T8345] BTRFS info (device loop2): enabling ssd optimizations [ 203.514664][ T4004] usb 4-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.40 [ 203.523759][ T4004] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.532580][ T3685] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 203.557003][ T4808] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 203.564682][ T3685] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 203.574432][ T3685] usb 1-1: Product: syz [ 203.575010][ T4808] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.580396][ T4004] usb 4-1: Product: syz [ 203.591090][ T3685] usb 1-1: Manufacturer: syz [ 203.596666][ T4004] usb 4-1: Manufacturer: syz [ 203.599589][ T3636] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 203.601270][ T4004] usb 4-1: SerialNumber: syz [ 203.617541][ T3685] usb 1-1: config 0 descriptor?? [ 203.631361][ T4808] usb 2-1: config 0 descriptor?? [ 203.876662][ T3685] usb 1-1: USB disconnect, device number 11 [ 204.142968][ T8388] binder: 8387:8388 ioctl 400c620e 200003c0 returned -22 [ 204.204276][ T8392] device syz_tun entered promiscuous mode [ 204.212046][ T8392] device macvlan2 entered promiscuous mode [ 204.315370][ T4004] hid (null): report_id 2668810406 is invalid [ 204.323524][ T4004] asus 0003:0B05:19B6.000E: report_id 2668810406 is invalid [ 204.344551][ T4004] asus 0003:0B05:19B6.000E: item 0 4 1 8 parsing failed [ 204.354040][ T4004] asus 0003:0B05:19B6.000E: Asus hid parse failed: -22 [ 204.372469][ T4004] asus: probe of 0003:0B05:19B6.000E failed with error -22 [ 204.585317][ T4808] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 204.598321][ T3685] usb 4-1: USB disconnect, device number 11 [ 204.604600][ T4808] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x0080: ffffffb9 [ 204.665207][ T4808] asix: probe of 2-1:0.0 failed with error -71 [ 204.684397][ T4808] usb 2-1: USB disconnect, device number 8 [ 204.721801][ T8398] loop4: detected capacity change from 0 to 32768 [ 204.772412][ T8398] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 204.802040][ T26] audit: type=1800 audit(1729288657.313:63): pid=8398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1665" name="bus" dev="loop4" ino=17058 res=0 errno=0 [ 205.039778][ T8093] ocfs2: Unmounting device (7,4) on (node local) [ 205.389553][ T8438] usb usb1: usbfs: process 8438 (syz.1.1684) did not claim interface 0 before use [ 205.450684][ T8440] loop0: detected capacity change from 0 to 256 [ 205.475491][ T8440] exfat: Deprecated parameter 'namecase' [ 205.519410][ T8440] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 205.592423][ T8446] loop4: detected capacity change from 0 to 1024 [ 205.605745][ T8415] loop2: detected capacity change from 0 to 40427 [ 205.627776][ T8415] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 205.642562][ T8415] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 205.642923][ T8446] EXT4-fs: Ignoring removed nobh option [ 205.662925][ T8415] F2FS-fs (loop2): invalid crc value [ 205.678909][ T8446] EXT4-fs: Ignoring removed orlov option [ 205.715072][ T8446] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 205.733862][ T8415] F2FS-fs (loop2): Found nat_bits in checkpoint [ 205.787536][ T8455] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1690'. [ 205.810110][ T8415] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 205.819662][ T8093] EXT4-fs (loop4): unmounting filesystem. [ 205.835736][ T8415] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 205.957453][ T3666] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 205.987520][ T3666] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 206.316654][ T8472] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1698'. [ 206.614900][ T8461] loop1: detected capacity change from 0 to 32768 [ 206.623036][ T8461] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1693 (8461) [ 206.646536][ T8461] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 206.657243][ T8461] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 206.666481][ T8461] BTRFS info (device loop1): using free space tree [ 206.774619][ T8461] BTRFS info (device loop1): enabling ssd optimizations [ 206.917906][ T3638] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 207.060946][ T8505] loop3: detected capacity change from 0 to 2048 [ 207.124260][ T8506] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 207.167552][ T8509] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1707'. [ 207.292148][ T26] audit: type=1804 audit(1729288659.783:64): pid=8505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1705" name="/newroot/309/file0/file2" dev="loop3" ino=16 res=1 errno=0 [ 207.341034][ T26] audit: type=1804 audit(1729288659.833:65): pid=8513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1705" name="/newroot/309/file0/file2" dev="loop3" ino=16 res=1 errno=0 [ 207.409101][ T8516] lo speed is unknown, defaulting to 1000 [ 207.679048][ T8529] loop2: detected capacity change from 0 to 128 [ 207.726657][ T26] audit: type=1800 audit(1729288660.243:66): pid=8529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1714" name="file1" dev="loop2" ino=1048661 res=0 errno=0 [ 207.773346][ T8529] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8) [ 207.790334][ T26] audit: type=1800 audit(1729288660.273:67): pid=8529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1714" name="file1" dev="loop2" ino=1048661 res=0 errno=0 [ 207.815877][ T8529] FAT-fs (loop2): Filesystem has been set read-only [ 207.846422][ T8531] loop1: detected capacity change from 0 to 128 [ 207.851974][ T8529] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522) [ 207.914144][ T8531] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 207.967508][ T8531] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 208.034148][ T8541] loop2: detected capacity change from 0 to 256 [ 208.078716][ T8541] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 208.122387][ T8543] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 208.147138][ T8541] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 208.332012][ T8554] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1726'. [ 208.440556][ T8557] loop1: detected capacity change from 0 to 64 [ 208.698598][ T8567] loop2: detected capacity change from 0 to 1024 [ 208.757000][ T8537] loop4: detected capacity change from 0 to 32768 [ 208.784689][ T11] hfsplus: b-tree write err: -5, ino 4 [ 208.801064][ T8537] [ 208.801064][ T8537] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 208.801064][ T8537] [ 208.868620][ T8537] [ 208.868620][ T8537] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 208.868620][ T8537] [ 208.914696][ T8537] [ 208.914696][ T8537] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 208.914696][ T8537] [ 208.934442][ T8578] loop1: detected capacity change from 0 to 512 [ 208.947221][ T8537] [ 208.947221][ T8537] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 208.947221][ T8537] [ 208.969461][ T8537] [ 208.969461][ T8537] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 208.969461][ T8537] [ 208.974163][ T8578] EXT4-fs: Ignoring removed nobh option [ 208.998693][ T106] [ 208.998693][ T106] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 208.998693][ T106] [ 209.033186][ T8578] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 209.054904][ T8093] [ 209.054904][ T8093] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 209.054904][ T8093] [ 209.077609][ T8578] EXT4-fs (loop1): 1 truncate cleaned up [ 209.084444][ T8578] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 209.088167][ T8093] [ 209.088167][ T8093] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 209.088167][ T8093] [ 209.201601][ T8563] loop0: detected capacity change from 0 to 32768 [ 209.250853][ T3638] EXT4-fs (loop1): unmounting filesystem. [ 209.266395][ T8563] XFS (loop0): Mounting V5 Filesystem [ 209.365089][ T8563] XFS (loop0): Ending clean mount [ 209.392007][ T8563] XFS (loop0): Quotacheck needed: Please wait. [ 209.474077][ T8563] XFS (loop0): Quotacheck: Done. [ 209.633932][ T3639] XFS (loop0): Unmounting Filesystem [ 209.669755][ T8616] loop1: detected capacity change from 0 to 1024 [ 209.791782][ T8622] loop4: detected capacity change from 0 to 64 [ 209.911425][ T8622] syz.4.1753: attempt to access beyond end of device [ 209.911425][ T8622] loop4: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 209.974074][ T8622] Buffer I/O error on dev loop4, logical block 134217734, lost async page write [ 210.192367][ T8607] loop2: detected capacity change from 0 to 32768 [ 210.201178][ T8607] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop2 scanned by syz.2.1745 (8607) [ 210.224282][ T8607] BTRFS info (device loop2): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928 [ 210.244829][ T8607] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 210.253882][ T8607] BTRFS info (device loop2): disabling tree log [ 210.274801][ T8607] BTRFS warning (device loop2): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 210.293684][ T8636] loop0: detected capacity change from 0 to 1024 [ 210.300156][ T8607] BTRFS info (device loop2): trying to use backup root at mount time [ 210.315710][ T8607] BTRFS info (device loop2): setting nodatacow, compression disabled [ 210.329533][ T8636] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 210.338552][ T8607] BTRFS info (device loop2): enabling ssd optimizations [ 210.350186][ T8607] BTRFS info (device loop2): using spread ssd allocation scheme [ 210.359399][ T8607] BTRFS info (device loop2): using free space tree [ 210.451122][ T8651] netlink: 'syz.4.1763': attribute type 1 has an invalid length. [ 210.459082][ T8651] netlink: 'syz.4.1763': attribute type 2 has an invalid length. [ 210.473181][ T8651] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 210.582078][ T8668] loop0: detected capacity change from 0 to 128 [ 210.611671][ T8666] loop1: detected capacity change from 0 to 2048 [ 210.702771][ T8666] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 210.735989][ T3636] BTRFS info (device loop2): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928 [ 211.389497][ T6100] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 211.465609][ T8714] loop3: detected capacity change from 0 to 256 [ 211.490439][ T8714] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001003e, chksum : 0x00424b3e, utbl_chksum : 0xe619d30d) [ 211.787601][ T6100] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 211.799168][ T6100] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 211.814358][ T6100] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 211.824382][ T6100] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.875144][ T8693] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 211.904774][ T8716] loop0: detected capacity change from 0 to 32768 [ 211.932557][ T8733] netlink: 956 bytes leftover after parsing attributes in process `syz.1.1791'. [ 211.936224][ T8716] XFS (loop0): Mounting V5 Filesystem [ 211.971526][ T8716] XFS (loop0): Ending clean mount [ 212.002749][ T26] audit: type=1800 audit(1729288664.513:68): pid=8716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1787" name="file1" dev="loop0" ino=6150 res=0 errno=0 [ 212.060244][ T3718] XFS (loop0): Metadata CRC error detected at xfs_rmapbt_read_verify+0x39/0xc0, xfs_rmapbt block 0x14 [ 212.073180][ T3718] XFS (loop0): Unmount and run xfs_repair [ 212.084626][ T3718] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 212.092040][ T3718] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 212.103944][ T3718] 00000010: 00 00 00 00 00 00 00 14 00 00 00 01 00 00 00 10 ................ [ 212.113973][ T3718] 00000020: ed 37 bf 6e 74 ea 4e 01 af ba 5f ee 27 4b 0f 3a .7.nt.N..._.'K.: [ 212.124144][ T3718] 00000030: 00 00 00 00 05 1b 0d e2 00 00 00 00 00 00 00 01 ................ [ 212.129143][ T3685] usb 5-1: USB disconnect, device number 8 [ 212.134511][ T3718] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 212.152747][ T3718] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 212.162918][ T3718] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 212.181937][ T3718] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 212.191294][ T8716] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x14 len 4 error 74 [ 212.200580][ T8747] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1794'. [ 212.221465][ T8716] XFS (loop0): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1acd/0x2210 (fs/xfs/libxfs/xfs_defer.c:573). Shutting down filesystem. [ 212.238559][ T8716] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 212.285419][ T3639] XFS (loop0): Unmounting Filesystem [ 212.348777][ T6100] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 212.809185][ T6100] usb 2-1: unable to get BOS descriptor or descriptor too short [ 212.868313][ T6100] usb 2-1: not running at top speed; connect to a high speed hub [ 212.985467][ T6100] usb 2-1: config 1 has an invalid interface descriptor of length 4, skipping [ 213.010504][ T6100] usb 2-1: config 1 has an invalid descriptor of length 192, skipping remainder of the config [ 213.042449][ T6100] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3 [ 213.062615][ T8769] loop0: detected capacity change from 0 to 128 [ 213.082212][ T8769] VFS: Found a Xenix FS (block size = 512) on device loop0 [ 213.106859][ T8769] sysv_free_block: trying to free block not in datazone [ 213.138626][ T8751] loop3: detected capacity change from 0 to 40427 [ 213.161110][ T8751] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 213.175414][ T8751] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 213.183854][ T3639] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 213.201993][ T8751] F2FS-fs (loop3): invalid crc value [ 213.221863][ T8751] F2FS-fs (loop3): Found nat_bits in checkpoint [ 213.256627][ T6100] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0301, bcdDevice= 0.40 [ 213.273945][ T8751] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 213.281127][ T6100] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.281182][ T8751] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 213.315476][ T6100] usb 2-1: Product: syz [ 213.324526][ T6100] usb 2-1: Manufacturer: syz [ 213.329178][ T6100] usb 2-1: SerialNumber: syz [ 213.491970][ T8789] netlink: 'syz.2.1809': attribute type 28 has an invalid length. [ 213.626913][ T6100] usb 2-1: USB disconnect, device number 9 [ 213.664979][ T8794] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 213.821778][ T8801] loop2: detected capacity change from 0 to 136 [ 214.222434][ T8813] loop2: detected capacity change from 0 to 128 [ 214.281921][ T8813] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 214.309340][ T8797] loop4: detected capacity change from 0 to 32768 [ 214.317765][ T8813] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 214.327385][ T8797] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1813 (8797) [ 214.343308][ T8797] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 214.368125][ T8797] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 214.383114][ T8795] loop0: detected capacity change from 0 to 40427 [ 214.404873][ T8797] BTRFS info (device loop4): setting nodatacow, compression disabled [ 214.413843][ T8795] F2FS-fs (loop0): invalid crc value [ 214.423436][ T8797] BTRFS info (device loop4): turning on flush-on-commit [ 214.443218][ T8797] BTRFS info (device loop4): enabling auto defrag [ 214.453763][ T8795] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 214.460168][ T8797] BTRFS info (device loop4): max_inline at 0 [ 214.491090][ T8797] BTRFS info (device loop4): using free space tree [ 214.554878][ T8795] F2FS-fs (loop0): Start checkpoint disabled! [ 214.594605][ T8795] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 214.643234][ T8797] BTRFS info (device loop4): enabling ssd optimizations [ 214.659834][ T4770] kworker/u4:7: attempt to access beyond end of device [ 214.659834][ T4770] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 214.773374][ T8093] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 214.774639][ T6100] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 215.239137][ T6100] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 215.252075][ T6100] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 215.277665][ T8860] loop0: detected capacity change from 0 to 1024 [ 215.284135][ T6100] usb 3-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00 [ 215.298633][ T6100] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.310629][ T6100] usb 3-1: config 0 descriptor?? [ 215.340517][ T8863] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1833'. [ 215.363338][ T8860] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 215.410867][ T3639] EXT4-fs (loop0): unmounting filesystem. [ 215.737005][ T8892] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1845'. [ 215.744720][ T3996] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 215.791078][ T6100] wacom 0003:056A:00D0.000F: Unknown device_type for 'HID 056a:00d0'. Assuming pen. [ 215.812756][ T6100] wacom 0003:056A:00D0.000F: hidraw0: USB HID v0.00 Device [HID 056a:00d0] on usb-dummy_hcd.2-1/input0 [ 215.829339][ T6100] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:00D0.000F/input/input20 [ 215.876506][ T8898] loop1: detected capacity change from 0 to 64 [ 215.904799][ T3718] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 215.988022][ T3996] usb 1-1: Using ep0 maxpacket: 16 [ 216.006961][ T6100] usb 3-1: USB disconnect, device number 11 [ 216.032027][ T8904] lo speed is unknown, defaulting to 1000 [ 216.104888][ T3996] usb 1-1: config 0 has an invalid interface number: 251 but max is 0 [ 216.116504][ T3996] usb 1-1: config 0 has no interface number 0 [ 216.130379][ T3996] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 216.140920][ T3996] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 216.240999][ T8910] loop3: detected capacity change from 0 to 1024 [ 216.305768][ T3996] usb 1-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 216.326035][ T3996] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.348115][ T3996] usb 1-1: Product: syz [ 216.352343][ T3996] usb 1-1: Manufacturer: syz [ 216.361060][ T3996] usb 1-1: SerialNumber: syz [ 216.368720][ T3996] usb 1-1: config 0 descriptor?? [ 216.386343][ T8874] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 216.393677][ T8874] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 216.484803][ T3718] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 216.504113][ T3718] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.514227][ T3718] usb 5-1: Product: syz [ 216.524034][ T3718] usb 5-1: Manufacturer: syz [ 216.538943][ T3718] usb 5-1: SerialNumber: syz [ 216.561086][ T3718] usb 5-1: config 0 descriptor?? [ 216.630575][ T8874] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 216.640531][ T8928] lo speed is unknown, defaulting to 1000 [ 216.651776][ T8874] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 216.834862][ T3718] cx82310_eth: probe of 5-1:0.0 failed with error -22 [ 216.964790][ T8942] loop3: detected capacity change from 0 to 2048 [ 216.994001][ T8946] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 217.004964][ T4008] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 217.244751][ T4008] usb 2-1: Using ep0 maxpacket: 8 [ 217.275106][ T3718] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 217.344964][ T3996] asix 1-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 217.366353][ T4008] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 217.377936][ T3996] asix 1-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 217.388567][ T4008] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 26056, setting to 1024 [ 217.407957][ T3996] asix: probe of 1-1:0.251 failed with error -71 [ 217.419844][ T4008] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 217.433992][ T3996] usb 1-1: USB disconnect, device number 12 [ 217.444749][ T4008] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 217.454414][ T4008] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 217.484527][ T4008] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 217.489849][ T3684] usb 5-1: USB disconnect, device number 9 [ 217.494285][ T4008] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8d.58 [ 217.494311][ T4008] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.535169][ T4008] usb 2-1: config 0 descriptor?? [ 217.554997][ T8932] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 217.587243][ T3647] Bluetooth: hci5: urb ffff8881457a3300 submission failed (90) [ 217.637614][ T8965] lo speed is unknown, defaulting to 1000 [ 217.711200][ T8971] netlink: 'syz.3.1880': attribute type 29 has an invalid length. [ 217.721813][ T8971] netlink: 'syz.3.1880': attribute type 29 has an invalid length. [ 217.848494][ T8975] loop2: detected capacity change from 0 to 256 [ 217.855206][ T3996] usb 2-1: USB disconnect, device number 10 [ 217.904701][ T8975] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 218.015135][ T8982] netlink: 'syz.0.1884': attribute type 11 has an invalid length. [ 218.024393][ T8982] netlink: 204 bytes leftover after parsing attributes in process `syz.0.1884'. [ 218.612622][ T9015] loop0: detected capacity change from 0 to 2048 [ 218.666544][ T9015] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 218.794416][ T9021] loop1: detected capacity change from 0 to 1024 [ 218.826319][ T46] hfsplus: b-tree write err: -5, ino 4 [ 218.847992][ T3639] EXT4-fs (loop0): unmounting filesystem. [ 219.091763][ T9030] netlink: 'syz.2.1909': attribute type 3 has an invalid length. [ 219.136025][ T9004] loop4: detected capacity change from 0 to 32768 [ 219.236835][ T9004] ERROR: (device loop4): dbAlloc: the hint is outside the map [ 219.236835][ T9004] [ 219.294650][ T9004] ERROR: (device loop4): remounting filesystem as read-only [ 219.303393][ T9004] ERROR: (device loop4): diWrite: ixpxd invalid [ 219.303393][ T9004] [ 219.343918][ T9004] ERROR: (device loop4): txCommit: [ 219.343918][ T9004] [ 219.382557][ T9010] loop3: detected capacity change from 0 to 40427 [ 219.470036][ T9010] F2FS-fs (loop3): Found nat_bits in checkpoint [ 219.584716][ T9010] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 219.652696][ T3640] syz-executor: attempt to access beyond end of device [ 219.652696][ T3640] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 220.263830][ T9068] loop0: detected capacity change from 0 to 4096 [ 220.300563][ T9081] loop3: detected capacity change from 0 to 128 [ 220.302553][ T9068] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 220.322429][ T9081] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 220.334253][ T9081] ext4 filesystem being mounted at /367/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 220.367504][ T9068] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 220.379610][ T9068] ntfs3: loop0: Failed to load $Extend. [ 220.441123][ T9089] lo speed is unknown, defaulting to 1000 [ 220.560403][ T3640] EXT4-fs (loop3): unmounting filesystem. [ 221.136008][ T9101] syz.4.1936 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 221.464607][ T3996] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 221.524571][ T37] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 221.669139][ T9135] loop4: detected capacity change from 0 to 32768 [ 221.725823][ T9135] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 221.774788][ T37] usb 4-1: Using ep0 maxpacket: 32 [ 221.836374][ T3996] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 221.851581][ T3996] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.862813][ T8093] ocfs2: Unmounting device (7,4) on (node local) [ 221.863286][ T3996] usb 3-1: config 0 descriptor?? [ 221.905552][ T3996] cp210x 3-1:0.0: cp210x converter detected [ 222.073640][ T9148] loop4: detected capacity change from 0 to 64 [ 222.084941][ T37] usb 4-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 222.107200][ T37] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.129944][ T37] usb 4-1: Product: syz [ 222.140092][ T37] usb 4-1: Manufacturer: syz [ 222.144815][ T37] usb 4-1: SerialNumber: syz [ 222.163265][ T37] usb 4-1: config 0 descriptor?? [ 222.312460][ T9154] loop4: detected capacity change from 0 to 64 [ 222.347712][ T3996] usb 3-1: cp210x converter now attached to ttyUSB0 [ 222.358740][ T26] audit: type=1800 audit(1729288674.873:69): pid=9154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1960" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 222.442765][ T9158] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 222.550047][ T3996] usb 3-1: USB disconnect, device number 12 [ 222.567248][ T3996] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 222.600479][ T3996] cp210x 3-1:0.0: device disconnected [ 222.755001][ T9166] program syz.4.1966 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 222.848924][ T37] peak_usb 4-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 222.859787][ T37] peak_usb 4-1:0.0 can0: sending command failure: -22 [ 222.871741][ T37] peak_usb 4-1:0.0 can0: sending command failure: -22 [ 222.939256][ T37] peak_usb: probe of 4-1:0.0 failed with error -22 [ 223.012510][ T9164] loop0: detected capacity change from 0 to 32768 [ 223.024813][ T9164] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1965 (9164) [ 223.034721][ T9174] loop4: detected capacity change from 0 to 512 [ 223.044007][ T9174] EXT4-fs: Ignoring removed orlov option [ 223.052083][ T9164] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 223.063090][ T9164] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 223.072731][ T9164] BTRFS info (device loop0): using free space tree [ 223.076387][ T9174] EXT4-fs error (device loop4): ext4_orphan_get:1400: comm syz.4.1970: inode #13: comm syz.4.1970: iget: illegal inode # [ 223.081332][ T3682] usb 4-1: USB disconnect, device number 12 [ 223.101257][ T9174] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1970: couldn't read orphan inode 13 (err -117) [ 223.116438][ T9174] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 223.147883][ T9164] BTRFS info (device loop0): enabling ssd optimizations [ 223.209052][ T8093] EXT4-fs (loop4): unmounting filesystem. [ 223.244424][ T9194] loop2: detected capacity change from 0 to 4096 [ 223.272788][ T9194] NILFS (loop2): invalid segment: Checksum error in segment payload [ 223.289773][ T9194] NILFS (loop2): trying rollback from an earlier position [ 223.350885][ T9194] NILFS (loop2): recovery complete [ 223.358635][ T9197] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 223.400189][ T3639] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 223.676877][ T37] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 223.684651][ T3684] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 223.849044][ T9217] loop0: detected capacity change from 0 to 1024 [ 223.869813][ T9219] netlink: 'syz.2.1983': attribute type 1 has an invalid length. [ 223.880476][ T9219] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1983'. [ 223.917723][ T9] hfsplus: b-tree write err: -5, ino 4 [ 223.950548][ T3684] usb 2-1: Using ep0 maxpacket: 16 [ 223.984644][ T37] usb 5-1: Using ep0 maxpacket: 32 [ 224.007657][ T9226] loop0: detected capacity change from 0 to 1764 [ 224.084757][ T3684] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 224.106269][ T3684] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 224.119794][ T37] usb 5-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7 [ 224.143537][ T37] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.154791][ T3684] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 224.169104][ T3684] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.169915][ T37] usb 5-1: config 0 descriptor?? [ 224.194773][ T3684] usb 2-1: config 0 descriptor?? [ 224.240149][ T37] gspca_main: sq930x-2.14.0 probing 041e:403c [ 224.261115][ T9241] loop3: detected capacity change from 0 to 1024 [ 224.277947][ T9241] hfsplus: walked past end of dir [ 224.283293][ T9241] hfsplus: walked past end of dir [ 224.584577][ T6100] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 224.679025][ T3684] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0010/input/input24 [ 224.769875][ T3684] microsoft 0003:045E:07DA.0010: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 224.834579][ T6100] usb 4-1: Using ep0 maxpacket: 16 [ 224.984766][ T6100] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 224.997597][ T6100] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 225.007392][ T6100] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 225.024858][ T6100] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 225.034403][ T6100] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.051069][ T6100] usb 4-1: config 0 descriptor?? [ 225.083711][ T9246] loop0: detected capacity change from 0 to 2048 [ 225.091037][ T127] usb 2-1: USB disconnect, device number 11 [ 225.140789][ T9248] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 225.168144][ T26] audit: type=1804 audit(1729288677.683:70): pid=9246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1996" name="/newroot/418/file0/file2" dev="loop0" ino=16 res=1 errno=0 [ 225.189505][ T37] gspca_sq930x: reg_w 0105 bf00 failed -71 [ 225.222298][ T9246] NILFS (loop0): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3) [ 225.244551][ T9246] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=16) [ 225.265395][ T37] sq930x: probe of 5-1:0.0 failed with error -71 [ 225.273215][ T37] usb 5-1: USB disconnect, device number 10 [ 225.278608][ T9246] Remounting filesystem read-only [ 225.326445][ T3639] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 225.338096][ T3639] NILFS (loop0): discard dirty page: offset=0, ino=16 [ 225.345537][ T3639] NILFS (loop0): discard dirty block: blocknr=23, size=1024 [ 225.353059][ T3639] NILFS (loop0): discard dirty block: blocknr=24, size=1024 [ 225.360857][ T3639] NILFS (loop0): discard dirty block: blocknr=25, size=1024 [ 225.369269][ T3639] NILFS (loop0): discard dirty block: blocknr=26, size=1024 [ 225.377005][ T3639] NILFS (loop0): discard dirty page: offset=4096, ino=16 [ 225.384262][ T3639] NILFS (loop0): discard dirty block: blocknr=27, size=1024 [ 225.393530][ T3639] NILFS (loop0): discard dirty block: blocknr=28, size=1024 [ 225.404626][ T3639] NILFS (loop0): discard dirty block: blocknr=29, size=1024 [ 225.412064][ T3639] NILFS (loop0): discard dirty block: blocknr=30, size=1024 [ 225.419882][ T3639] NILFS (loop0): discard dirty page: offset=8192, ino=16 [ 225.427330][ T3639] NILFS (loop0): discard dirty block: blocknr=31, size=1024 [ 225.435188][ T3639] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 225.444380][ T3639] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 225.451231][ T9249] loop2: detected capacity change from 0 to 32768 [ 225.453905][ T3639] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 225.471223][ T3639] NILFS (loop0): discard dirty page: offset=4096, ino=6 [ 225.478549][ T3639] NILFS (loop0): discard dirty block: blocknr=39, size=1024 [ 225.487119][ T3639] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 225.490117][ T9249] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 225.497755][ T3639] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 225.514567][ T3639] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 225.525926][ T3639] NILFS (loop0): discard dirty page: offset=0, ino=5 [ 225.531206][ T6100] koneplus 0003:1E7D:2E22.0011: unknown main item tag 0x0 [ 225.532607][ T3639] NILFS (loop0): discard dirty block: blocknr=41, size=1024 [ 225.532627][ T3639] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 225.532643][ T3639] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 225.540930][ T9249] [ 225.547920][ T3639] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 225.556015][ T9249] ====================================================== [ 225.556023][ T9249] WARNING: possible circular locking dependency detected [ 225.556030][ T9249] 6.1.113-syzkaller #0 Not tainted [ 225.556040][ T9249] ------------------------------------------------------ [ 225.556045][ T9249] syz.2.1997/9249 is trying to acquire lock: [ 225.556055][ T9249] ffff888053801808 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2 [ 225.565319][ T3639] NILFS (loop0): discard dirty page: offset=0, ino=3 [ 225.567284][ T9249] ){+.+.}-{3:3} [ 225.577725][ T3639] NILFS (loop0): discard dirty block: blocknr=42, size=1024 [ 225.583100][ T9249] , at: ocfs2_xattr_set+0xe96/0x1930 [ 225.590278][ T3639] NILFS (loop0): discard dirty block: blocknr=43, size=1024 [ 225.595194][ T9249] [ 225.595194][ T9249] but task is already holding lock: [ 225.595202][ T9249] ffff88805ee906f8 (&oi->ip_xattr_sem){++++}-{3:3} [ 225.602394][ T3639] NILFS (loop0): discard dirty block: blocknr=44, size=1024 [ 225.608257][ T9249] , at: ocfs2_xattr_set+0x62f/0x1930 [ 225.608290][ T9249] [ 225.608290][ T9249] which lock already depends on the new lock. [ 225.608290][ T9249] [ 225.608295][ T9249] [ 225.608295][ T9249] the existing dependency chain (in reverse order) is: [ 225.608300][ T9249] [ 225.608300][ T9249] -> #2 (&oi->ip_xattr_sem){++++}-{3:3}: [ 225.608326][ T9249] lock_acquire+0x1f8/0x5a0 [ 225.616514][ T3639] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 225.623037][ T9249] down_read+0xad/0xa30 [ 225.718355][ T9249] ocfs2_init_acl+0x398/0x930 [ 225.723558][ T9249] ocfs2_mknod+0x1f75/0x2e20 [ 225.728657][ T9249] vfs_mknod+0x444/0x4d0 [ 225.733409][ T9249] do_mknodat+0x3f8/0x5a0 [ 225.738249][ T9249] __x64_sys_mknod+0x8a/0xa0 [ 225.743350][ T9249] do_syscall_64+0x3b/0xb0 [ 225.748654][ T9249] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 225.755059][ T9249] [ 225.755059][ T9249] -> #1 (jbd2_handle){++++}-{0:0}: [ 225.762342][ T9249] lock_acquire+0x1f8/0x5a0 [ 225.767415][ T9249] jbd2_journal_lock_updates+0xa6/0x380 [ 225.773509][ T9249] __ocfs2_flush_truncate_log+0x2ef/0x12a0 [ 225.779836][ T9249] ocfs2_flush_truncate_log+0x4b/0x60 [ 225.785737][ T9249] ocfs2_sync_fs+0x121/0x380 [ 225.790848][ T9249] sync_filesystem+0x1bc/0x220 [ 225.796124][ T9249] generic_shutdown_super+0x6b/0x340 [ 225.801932][ T9249] kill_block_super+0x7a/0xe0 [ 225.807127][ T9249] deactivate_locked_super+0xa0/0x110 [ 225.813012][ T9249] cleanup_mnt+0x490/0x520 [ 225.817948][ T9249] task_work_run+0x246/0x300 [ 225.823052][ T9249] exit_to_user_mode_loop+0xde/0x100 [ 225.828844][ T9249] exit_to_user_mode_prepare+0xb1/0x140 [ 225.834897][ T9249] syscall_exit_to_user_mode+0x60/0x270 [ 225.840952][ T9249] do_syscall_64+0x47/0xb0 [ 225.845878][ T9249] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 225.852302][ T9249] [ 225.852302][ T9249] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}: [ 225.862825][ T9249] validate_chain+0x1661/0x5950 [ 225.868203][ T9249] __lock_acquire+0x125b/0x1f80 [ 225.873574][ T9249] lock_acquire+0x1f8/0x5a0 [ 225.878592][ T9249] down_write+0x36/0x60 [ 225.883282][ T9249] ocfs2_xattr_set+0xe96/0x1930 [ 225.888676][ T9249] __vfs_setxattr+0x3e7/0x420 [ 225.893875][ T9249] __vfs_setxattr_noperm+0x12a/0x5e0 [ 225.899672][ T9249] vfs_setxattr+0x21d/0x420 [ 225.904691][ T9249] setxattr+0x250/0x2b0 [ 225.909355][ T9249] path_setxattr+0x1bc/0x2a0 [ 225.914459][ T9249] __x64_sys_lsetxattr+0xb4/0xd0 [ 225.919912][ T9249] do_syscall_64+0x3b/0xb0 [ 225.924861][ T9249] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 225.931289][ T9249] [ 225.931289][ T9249] other info that might help us debug this: [ 225.931289][ T9249] [ 225.941506][ T9249] Chain exists of: [ 225.941506][ T9249] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2 --> jbd2_handle --> &oi->ip_xattr_sem [ 225.941506][ T9249] [ 225.957228][ T9249] Possible unsafe locking scenario: [ 225.957228][ T9249] [ 225.964665][ T9249] CPU0 CPU1 [ 225.970012][ T9249] ---- ---- [ 225.975361][ T9249] lock(&oi->ip_xattr_sem); [ 225.979951][ T9249] lock(jbd2_handle); [ 225.986539][ T9249] lock(&oi->ip_xattr_sem); [ 225.993643][ T9249] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2); [ 226.000928][ T9249] [ 226.000928][ T9249] *** DEADLOCK *** [ 226.000928][ T9249] [ 226.009061][ T9249] 3 locks held by syz.2.1997/9249: [ 226.014155][ T9249] #0: ffff88807de9c460 (sb_writers#29){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 226.023380][ T9249] #1: ffff88805ee909c8 (&sb->s_type->i_mutex_key#38){+.+.}-{3:3}, at: vfs_setxattr+0x1dd/0x420 [ 226.033898][ T9249] #2: ffff88805ee906f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x62f/0x1930 [ 226.043812][ T9249] [ 226.043812][ T9249] stack backtrace: [ 226.049692][ T9249] CPU: 1 PID: 9249 Comm: syz.2.1997 Not tainted 6.1.113-syzkaller #0 [ 226.057753][ T9249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 226.067803][ T9249] Call Trace: [ 226.071079][ T9249] [ 226.074010][ T9249] dump_stack_lvl+0x1e3/0x2cb [ 226.078688][ T9249] ? nf_tcp_handle_invalid+0x642/0x642 [ 226.084141][ T9249] ? print_circular_bug+0x12b/0x1a0 [ 226.089333][ T9249] check_noncircular+0x2fa/0x3b0 [ 226.094289][ T9249] ? add_chain_block+0x850/0x850 [ 226.099216][ T9249] ? lockdep_lock+0x11f/0x2a0 [ 226.103911][ T9249] ? _find_first_zero_bit+0xd0/0x100 [ 226.109189][ T9249] validate_chain+0x1661/0x5950 [ 226.114027][ T9249] ? kernel_text_address+0x9f/0xd0 [ 226.119143][ T9249] ? stack_trace_save+0x113/0x1c0 [ 226.124164][ T9249] ? reacquire_held_locks+0x660/0x660 [ 226.129545][ T9249] ? stack_trace_snprint+0xe0/0xe0 [ 226.134679][ T9249] ? look_up_lock_class+0x77/0x140 [ 226.139804][ T9249] ? register_lock_class+0x100/0x990 [ 226.145094][ T9249] ? is_dynamic_key+0x260/0x260 [ 226.149941][ T9249] ? mark_lock+0x9a/0x340 [ 226.154264][ T9249] __lock_acquire+0x125b/0x1f80 [ 226.159115][ T9249] lock_acquire+0x1f8/0x5a0 [ 226.163612][ T9249] ? ocfs2_xattr_set+0xe96/0x1930 [ 226.168646][ T9249] ? read_lock_is_recursive+0x10/0x10 [ 226.174012][ T9249] ? __might_sleep+0xb0/0xb0 [ 226.178587][ T9249] ? rwsem_write_trylock+0x166/0x210 [ 226.183863][ T9249] ? ocfs2_inode_lock_atime+0x5a0/0x5a0 [ 226.189396][ T9249] ? ocfs2_xattr_ibody_find+0x7c0/0x7c0 [ 226.194935][ T9249] ? ocfs2_xattr_ibody_find+0xc6/0x7c0 [ 226.200413][ T9249] down_write+0x36/0x60 [ 226.204557][ T9249] ? ocfs2_xattr_set+0xe96/0x1930 [ 226.209577][ T9249] ocfs2_xattr_set+0xe96/0x1930 [ 226.214424][ T9249] ? __ocfs2_xattr_set_handle+0x1060/0x1060 [ 226.220328][ T9249] ? print_irqtrace_events+0x210/0x210 [ 226.225783][ T9249] ? aa_get_newest_label+0xfb/0x6e0 [ 226.230977][ T9249] ? posix_xattr_acl+0xa5/0xd0 [ 226.235729][ T9249] ? evm_protect_xattr+0x366/0xb10 [ 226.240828][ T9249] ? ocfs2_xattr_trusted_get+0x40/0x40 [ 226.246275][ T9249] __vfs_setxattr+0x3e7/0x420 [ 226.250941][ T9249] __vfs_setxattr_noperm+0x12a/0x5e0 [ 226.256219][ T9249] vfs_setxattr+0x21d/0x420 [ 226.260712][ T9249] ? xattr_permission+0x4f0/0x4f0 [ 226.265723][ T9249] ? __might_fault+0xbd/0x110 [ 226.270392][ T9249] setxattr+0x250/0x2b0 [ 226.274535][ T9249] ? path_setxattr+0x2a0/0x2a0 [ 226.279295][ T9249] ? __mnt_want_write+0x222/0x2a0 [ 226.284319][ T9249] path_setxattr+0x1bc/0x2a0 [ 226.288900][ T9249] ? simple_xattr_list_add+0xf0/0xf0 [ 226.294175][ T9249] ? syscall_enter_from_user_mode+0x2e/0x230 [ 226.300142][ T9249] __x64_sys_lsetxattr+0xb4/0xd0 [ 226.305068][ T9249] do_syscall_64+0x3b/0xb0 [ 226.309475][ T9249] ? clear_bhb_loop+0x45/0xa0 [ 226.314142][ T9249] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 226.320032][ T9249] RIP: 0033:0x7fac46d7dff9 [ 226.324448][ T9249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.344065][ T9249] RSP: 002b:00007fac47a90038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 226.352513][ T9249] RAX: ffffffffffffffda RBX: 00007fac46f35f80 RCX: 00007fac46d7dff9 [ 226.360505][ T9249] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000020000280 [ 226.368474][ T9249] RBP: 00007fac46df0296 R08: 0000000000000000 R09: 0000000000000000 [ 226.376440][ T9249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.384401][ T9249] R13: 0000000000000000 R14: 00007fac46f35f80 R15: 00007ffd43548c78 [ 226.392375][ T9249] [ 226.422491][ T6100] koneplus 0003:1E7D:2E22.0011: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.3-1/input0 [ 226.449829][ T9255] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1998'. [ 226.471254][ T3636] ocfs2: Unmounting device (7,2) on (node local) [ 226.706934][ T6100] usb 4-1: USB disconnect, device number 13