last executing test programs: 12.587766127s ago: executing program 0 (id=6420): syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x20000844, &(0x7f0000000540)=ANY=[], 0x81, 0x1506, &(0x7f0000000940)="$eJzs3AuYjlW7OPB1r7Uehia9TXIY1r3uhzcNlkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyafNEkSEhLW/5q+7/vr2+2923t/7W1fe+7fda1r1j3Pe9/v/Tz3XPO+z3tdM9/1Gl2/ZYM6zYlI/FPgr1+ShRAxQojhQojrhBCBEKJyXOW43OMFFCT/c0/C/lwPp13tDtjVxPPP23j+eRvPP2/j+edtPP+8jeeft/H88zaeP2N52Y65xa/nlXcXf/6fl/Hr//8hORWmfLWpwo29/xMpPP+8jeeft/H88zaef97G88/beP7/99X+d47x/PM2nj9jednV/vyZ19VdV/vnjzHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZY3nDeX6GFEH/fX+2+GGOMMcYYY4wx9ufx+a92B4wxxhhjjDHGGPvvB0IKJbQIRD6RX8SIAqKguEbEimtFIXGdiIjrRZy4QRQWN4oioqgoJoqLeFFClBRGoLCCRChKidIiKm4SZcTNIkGUFeVEeeFEBZEobhEVxa2ikrhNVBa3iyriDlFVVBPVRQ1xp6gp7hK1RG1RR9wt6op6or5oIO4RDcW9opG4TzQW94sm4gHRVDwomomHRHPxsGghHhEtxaOilXhMtBZtRFvRTrT/L+W/JPqJl0V/MUAki4FikHhFDBZDxFAxTAwXr4oR4jUxUrwuUsQoMVq8IcaIN8VY8ZYYJ8aLCeJtMVFMEpPFFDFVTBOp4h0xXbwrZoj3xEwxS8wWc0SamCvmiffFfLFALBQfiEXiQ7FYLBFLxTKRLj4SGWK5yBQfixXiE5ElVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4VO8UusVvsEXvFPrFffCYOiM/FQfGFyBZf/ifzz/2L/N4gQIAECRo05IN8EAMxUBAKQizEQiEoBBGIQBzEQWEoDEWgCBSDYhAP8VASSgICAgFBKSgFUYhCGSgDCZAA5aAcOHCQCIlQEW6FSlAJKkNlqAJVoCpUg2pQA2pATagJtaAW1IE6UBfqQn2oD/fAPXAvNIJG0BgaQxNoAk2hKTSDZtAcmkMLaAEtoSW0glbQGlpDW2gL7aE9dIAO0BE6QmfoDF2gC3SFrpAESdANukF36A49oAf0hJ7QC3pBb+gDfeAleAlehpdhANSVA2EQDILBMBiGwjAYBq/CCHgNXoPXIQVGwWh4A96AN2EsnIVxMB4mwASoKSfBZJgCJKdBKqTCdJgOM2AGzIRZMAvmQBrMhXkwD+bDAlgAH8Ai+BA+hCWwBJZBOqRDBiyHTMiEFXAOsmAlrILVsAbWwhpYDxtgPWyCzbAJtsJW2A7b4VP4FHbBLtgDe2Af7IPP4DP4HD6HFMiGbDgEh+AwHIYjcARyIAeOwlE4BsfgOByHE3ACTsIpOA2n4AycgbNwDs7DebgAF+AivBD/TYt9ZTemCJlLSy3zyXwyRsbIgrKgjJWxspAsJCMyIuNknCwsC8sisogsJovJeBkvS8qSEiVKkqEsJUvJqIzKMrKMTJAJspwsJ510MlEmyoqyoqwkK8nK8nZZRd4hq8pqspOrIWvImrKzqyVryzqyjqwr68n6soFsIBvKhrKRbCQby8ayiWwim8oHZTM5EIbCwzJ3Mi3lKGglR0Nr2Ua2le3km/C47CDHQkfZSXaWT8rxMA66yg4uST4ju8nJ0F0+J6fA87KnnAa95Iuyt+wj+8qXZD/Z0fWXA+RMGCgHyTkwWA6RQ+UwOR/qydyJ1ZevyxQ5So6Wb8hl8KYcK9+S4+R4OUG+LSfKSXKynCKnymkyVb4jp8t35Qz5npwpZ8nZco5Mk3PlPPm+nC8XyIXyA7lIfigXyyVyqVwm0+VHMkMul5nyY7lCfiKz5Eq5Sq6Wa+RauU6ulxvkRrlJbpZb5Fa5TW6XO+SncqfcJXfLPXKv3Cf3y8/kAfm5PCi/kNnyS3lI/kUell/JI/JrmSO/kUflt/KY/E4el9/LE/IHeVKekqflj/KM/EmelefkefmzvCB/kRflJXlZeikUKKmU0ipQ+VR+FaMKqILqGhWrrlWF1HUqoq5XceoGVVjdqIqooqqYKq7iVQlVUhmFyipSoSqlSquoukmVUTerBFVWlVPllVMVVCIIIdStqpK6TVVWt6sq6g5VVVVT1VUNdaeqqe5StVRtVUfdreqqeqq+aqDuUQ3VvaqRuk81VverJuoB1VQ9qJqph1Rz9bBqoR5RLdWjqpV6TLVWbVRb1U61V4+rDuoJ1VF1Up3Vk6qLekp1VU+rJPWM6qaeVd3Vc6qHel71VC+oXupF1Vv1UX3VJXVZedVfDVDJaqAapF5Rg9UQNVQNU8PVq2qEek2NVK+rFDVKjVZvqDHqTTVWvaXGqfFqgnpbTVST1GQ1RU1V01SqekdNV++qGeo9NVPNUrPVHJWm5qqhf6u08D+Q/+5v8nOvWG7+yF+ffbvaoT5VO9UutVvtUXvVPrVf7VcH1AF1UB1U2SpbHVKH1GF1WB1RR1SOylFH1VF1TB1Tx9VxdUKdUCfVKfWz+lGdUT+ps+qcOqd+VhfUBXXxb9dAaNBSK611oPPp/DpGF9AF9TU6Vl+rC+nrdERfr+P0DbqwvlEX0UV1MV1cx+sSuqQ2GrXVpENdSpfWUX2TLqNv1gm6rC6ny2unK+hEfcs/nf9H/bXX7XUH3UF31B11Z91Zd9FddFfdVSfpJN1Nd9PddXfdQ/fQPXVP3Uv30r1zr7Duq/vpfrq/7q+TdbIepF/Rg/UQPVQP08P1q3qEHqFH6pE6Rafo0Xq0HqPH6LF6rB6nx+kJeoKeqCfqyXqynqqn6lSdqqfr6XqGnqFn6pl6tp6t03Sanqfn6fl6vl6oF+pFepFerBfrpXqpTtfpOkNn6EydqVfoFTpLr9Qr9Wq9Wq/Va/V6vV5v1Bv1Zr1Zb9VbdZbeoXfonXqn3q136716r96v9+sD+oA+qA/qbJ2tD+lD+rA+rI/oIzpH5+ij+qg+po/p4/q4PqFP6JP6pD6tT+sz+ow+q8/q8/q8vqAv6Iv6or6sL+e+7QtkIAMd6CBfkC+ICWKCgkHBIDaIDQoFhYJIEAnigrigcHBjUCQoGhQLigfxQYmgZGACDGxAQRiUCkoH0eCmoExwc5AQlA3KBeUDF1QIEoNbgorBrUGl4LagcnB7UCW4I6gaVAuqBzWCO4OawV1BraB2UCe4O6gb1AvqBw2Ce4KGwb1Bo+C+oHFwf9AkeCBoGjwYNAseCpoHDwctgkeClsGjQavgsaB10CZoG7QL2v+p9b0/W/QJ198MMMlmoBlkXjGDzRAz1Awzw82rZoR5zYw0r5sUM8qMNm+YMeZNM9a8ZcaZ8WaCedtMNJPMZDPFTDXTTKp5x0w375oZ5j0z08wys80ck2bmmnnmfTPfLDALzQdmkfnQLDZLzFKzzKSbj0yGWW4yzcdmhfnEZJmVZpVZbdaYtWadWW82mI1mk9lstpitZpvZbnaYT81Os8vsNnvMXrPP7DefmQPmc3PQfGGyzZfmkPmLOWy+MkfM1ybHfGOOmm/NMfOdOW6+NyfMD+akOWVOmx/NGfOTOWvOmfPmZ3PB/GIumkvmsvG5b+5zX95Ro8Z8mA9jMAYLYkGMxVgshIUwghGMwzgsjIWxCBbBYlgM4zEeS2JJzEVIWApLYRSjWAbLYAImYDkshw4dJmIiVsSKWAkrYWWsjFWwClbFqlgdq+OdeCfehXdhbayNd+PdWA/rYQNsgA2xITbCRtgYG2MTbIJNsSk2w2bYHJtjC2yBLbEltsJW2BpbY1tsi+2xPXbADtgRO2Jn7IxdsAt2xa6YhEnYDbthd+yOPbAH9sSe2At7YW/sjX2xL/bDftgf+2MyJuMgHISDcTAOxaE4HIfjCByBI3EkpmAKjsbROAbH4Fgci+NwPE7At3EiTsLJOAWn4jRMxVScjtNxBs7AmTgTZ+NsTMM0nIfzcD7Ox4W4EBfhIlyMi3EpLsV0TMcMzMBMzMQVuAKzMAtX4Spcg2twHa7DDbgBN+Em3IJbcBtuwx24A3fiTtyNu3Ev7sX9uB8P4AE8iAcxG7PxEB7Cw3gYj+ARzMEcPIpH8Rgew+N4HE/gCTyJJ/E0nsYzeAbP4lk8j+fxAv6CF/ESXkaPMVaKgvYaG2uvtYXsdTbGFrC/jYvZ4jbelrAlrbFFbNF/iNFam2DL2nK2vHW2gk20t/wurmqr2eq2hr3T1rR32Vq/ixvae20je59tbO+3Dew9/xA3sQ/YpvZR28w+ZpvbNraFbWdb2kdtK/uYbW3b2La2ne1in7Jd7dM2yT5ju9lnfxdn2OV2g91oN9nN9oD93J63P9tj9jt7wf5i+9sBdrh91Y6wr9mR9nWbYkf9Lp5g37YT7SQ72U6xU+2038Wz7RybZufaefZ9O98u+F2cbj+yi2ymXWyX2KV22a9xbk+Z9mO7wn5is+xKu8qutmvsWrvOrv//va62W+02u93ut5/ZnXaX3W332L12369x7nkctF/YbPulPWq/tYftV/aIPW5z7De/xrnnd9x+b0/YH+xJe8qetj/aM/Yne9ae+/X8c8/9R3vJXrbeCgKSpEhTQPkoP8VQASpI11AsXUuF6DqK0PUURzdQYbqRilBRKkbFKZ5KUEkyhGSJKKRSVJqidBOVoZspgcpSOSpPjipQIt1CFelWqkS3UWW6narQHVSVqlF1qkF3Uk26i2pRbapDd1Ndqkf1qQHdQw3pXmpE91Fjup+a0APUlB6kZvQQNaeHqQU9Qi3pUWpFj1FrakNtqR21p8epAz1BHakTdaYnqQs9RV3paUqiZ6gbPUvd6TnqQc9TT3qBetGL1Jv6UF96ifrRy9SfBlAyDaRB9AoNpiE0lIbRcHqVRtBrNJJepxQaRaPpDRpDb9JYeovG0XiaQG/TRJpEk2kKTaVplErv0HR6l2bQezSTZtFsmkNpNJfm0fs0nxbQQvqAFtGHtJiW0FJaRun0EWXQcsqkj2kFfUJZtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttpx30Ke2kXbSb9tBe2kf76TM6QJ/TQfqCsulLOkR/ocP0FR2hrymHvqGj9C0do+/oOH1PJ+gHOkmn6DT9SGfoJzpL5+g8/UwX6Be6SJfoMnkSIYQyVKEOgzBfmD+MCQuEBcNrwtjw2rBQeF0YCa8P48IbwsLhjWGRsGhYLCwexoclwpKhCTG0IYVhWCosHUbDm8Iy4c1hQlg2LBeWD11YIUwMbwkrhreGlcLbwsrh7WGV8I6walgtfPT+GuGdYc3wrrBWWDusE94d1g3rhfXDBuE9YcPw3rBReF/YOLw/rBQ+EDYNHwybhQ+FzcOHwxbhI2HL8NGwVfhY2DpsE7YN24Xtw8fDDuETYcewU9g5fDLsEj4Vdg2fDpPCZ8Ju4bN/eDw5HBgOCl8JXwm9v08tjS6Lpkc/imZEl0czox9HV0Q/iWZFV0ZXRVdH10TXRtdF10c3RDdGN0U3R7dEt0a3RbdHvW+QXzhw0imnXeDyufwuxhVwBd01LtZd6wq561zEXe/i3A2usLvRFXFFXTFX3MW7Eq6kMw6ddeRCV8qVdlF3kyvjbnYJrqwr58o75yq4RNfOtXftXQf3hOvoOrnO7kn3pHvKPeWedk+7Z1w396zr7p5zPdzzrqd7wb3gXnS9XR/X173k+rmXXX83wCW7ZDfIDXKD3WA31A11w91wN8KNcCPdSJfiUtxoN9qNcWPcWDfWjXPj3AQ3wU10E91kN9lNdVNdqkt10910N8PNcDPdTDfbzXZpLs3Nc/PcfDffLXQL3aKERW6xW+yWuqUu3aW7DJfhMl2mW+FWuCyX5Va5VW6NW+PWuXVug9vgNrlNbovb4ra5bW6H2+F2up1ut9vt9rq9br/b7w64A+6gO+iyXbY75A65w+6wO+K+djnuG3fUfeuOue/ccfe9O+F+cCfdKXfa/ejOuJ/cWXfOnXc/uwvuF3fRXXKXnXepkXci0yPvRmZE3ovMjMyKzI7MiaRF5kbmRd6PzI8siCyMfBBZFPkwsjiyJLI0siySHvkokhFZHsmMfBxZEfkkkhVZGVkVWR1ZE1kb8b7EztCX8qV91N/ky/ibfYIv68v58t75Cj7R3+Ir+lt9JX+br+xv91X8Hb6qr+ar+8d8a9/Gt/XtfHv/uO/gn/AdfSff2T/pu/infFf/tE/yz/hu/lnf3T/ne/jnfU//gu/lX/S9fR/f17/k+/mXfX8/wCf7gX6Qf8UP9kP8UD/MD/ev+hH+NT/Sv+5T/Cg/2r/hx/g3/Vj/lh/nx/sJ/m0/0U/yk/0UP9VP86n+HT/dv+tn+Pf8TD/Lz/ZzfJqf6+f59/18v8Av9B/4Rf5Dv9gv8Uv9Mp/uP/IZfrnP9B/7Ff4Tn+VX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u9/hP/U7/S6/2+/xe/0+v99/5g/4z/1B/4XP9l/6Q/4v/rD/yh/xX/sc/40/6r/1x/x3/rj/3p/wP/iT/pQ/7X/0Z/xP/qw/58/7n/0F/4u/6C/5y/w3a4wxxhhj/yHqD44P/Fe+J/+2cg0SQly7q3jOv6y5pchf90NkfJeIEOKZAb0e/vuqWzc5Oflvj81SIii9RAgRuZKfT1yJV4rO4imRJDqJiv9qf0Nknwv0B/WjtwtR8Dc5MeLvcfCb+rf+G/Uff3JCRpXwfNy/U3+JEAmlr+QUEFfiK/Ur/Rv1i3b4g/4LfJUqRMff5MSKK/GV+oniCfGsSPqHRzLGGGOMMcYYY381RFbv8Uf3z7n35/H6Sk5+cSX+o/tzxhhjjDHGGGOMXX3P9+n79ONJSZ168Oa/dZN7rf8XtMGb/+rmmv8dbfzPba72bybGGGOMMcbYn+3Km/6r3QljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZZ3/U/8O7GrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbY1fb/AgAA//+vyTdR") chmod(&(0x7f0000000180)='./file0\x00', 0x2d7) 12.058639697s ago: executing program 0 (id=6426): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000005000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newtaction={0x74, 0x30, 0xeaa3ef926154e70d, 0x0, 0x0, {}, [{0x60, 0x1, [@m_vlan={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x2}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0) 11.66140702s ago: executing program 0 (id=6431): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0x40) 11.355472556s ago: executing program 0 (id=6436): syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000003c0)={[{@errors_remount}, {@gid}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@fmask={'fmask', 0x3d, 0x8c1}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@errors_continue}, {@keep_last_dots}, {@errors_remount}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@namecase}]}, 0x1, 0x1531, &(0x7f0000001f80)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL9zzu/0O86neb6fz/5Yz+z9rP287/Ne1t6YbzoOqtageuV6RAT/FrzwRxIAxAJAPwC4BgACACgdVzru/P7sEpP+vZOwP9fDqVe6AnYlcf+zNu5/1sb9z9q4/1kb9z9r4/5nbdz/rI37z1hWtnFq/mt5y7ob3///66vzh3v4+/8vJLPE6C9Wl7i+E0DMP5vC/c/auP9/WcE/cxD3P2vj/mdVsVe6APZfgN//f0lNfh1m+8MDuf9ZG/efsazsSt9/vtIbRLL2c3ClX3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxrKGU/6i0+AVAFwKr3RdjDHGGGOMMcYY+/P4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/Yv7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFc1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiTDOl/If5b/9O/oCfz75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/Sr4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufPLvkAEIlCBCmKCmCA2iA1yBDmCnEHOIFeQK4gEkSAuiAtyB9cHeYK8Qb4gfxAfFAgKBjowgQ3ExaZHgxuCIsGNQdHgpqBYUDxwQYkgIbg5KBncEpQKbg1KB7cFZYLbg7JBuaB8UCG4I6gY3BlUCu4KKgd3B1WCqkG1oHpwT1AjuDeoGdwX1AruD2oHDwR1ggeDusFDQb3g4aB+8EjQIHg0aBg8FjQKGgdNgqZBsz91fu9P5H3CddPddZLuoXvql3Uv3Vv30X11P/2K7q9f1QP0azpZD9SD9Ot6sH5DD9Fv6qF6mB6u39Ij9Eg9So/WY/RYnaLH6fH6bT1Bv6Mn6kl6sp6iU/VUPU2/q6frGXqmfk/P0u/r2XqOnqvn6TT9gZ6vF+h0/aFeqD/SGXqRXqyX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepverj/WO/QneqfepXfrT/Ue/Zneqz/X+/QXer/+Umfqr/QB/bU+qL/Rh/S3+rD+Th/RR/Ux/b0+rn/QJ/RJfUqf1mf0j/qs/kmf0/784v7817tRRpkYE2NiTazJYXKYnCanyWVymYiJmDgTZ3Kb3CaPyWPymXwm3sSbgqagOY8MmUKmkImaqCliipiipqgpZooZZ5xJMAmmpClpSplSprQpbcqYMqasKWvKm/LmDnOHudPcae4yd5m7zd2mqqlqqpvqpoapYWqamqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkmpgmpplpZpqb5qaFaWFamVamtWlt2pg2JtEkmramrWln2pn2pr3pYDqYjqaj6WQ6mS6mi+lquppupptJMkmmp+lpeplepo/pY/qZfqa/6W8GmAEm2SSbQWaQGWwGmyFmiBlqhpnh5xeqZqQZZUZ/O8aMNSkmxYw3480EM8FMNBPNZDPZpJpUM81MM9PNdDPTzDSzzCwz28w2c81ck2bSzHwz36SbdLPQLDQZJsMsNovNUrPULDfLzUqz0qw2q81aWGvWm/Vmo9loNpvNZqvZarab7WaH2WF2mp1mt9lt9pg9Zq/Za/aZfWa/2W8yTaY5YA6Yg+agOWQOmcPmsDlijphj5pg5bo6bE+aEOWVOmTMm78XvS29ibXabw15lc9qrbS57jf37OJ/Nb+NtAVvQapvH5v1VbKy1Re1Ntpgtbp0tYRPszb+Jy9pytrytYO+wFe2dttJv4hr2XlvT3mdr2fttdXvPr+La9gFbxz5q6yIC2Ma2vm1qG9hHbUP7mG1kG9smtqltbZ+ybezTNtE+Y9vaZ38Tz7cL7Eq7yq62a+xOu8uesqftQfuNPWN/tN1sd9vPvmL721ftAPuaTbYDfxMPt2/ZEXakHWVH2zF27G/iyXaKTbVT7TT7rp1uZ/wmTrMf2Fk23c62c+xcO+/n+HxN6fZDu9B+ZDNsAIvtErvULrPL7Yr/X+sSu86utxvsDvuJ3Wy32K12m91+aSFsd9nd9lO7x35mD9iv7T77hd1vD9lM+9XP8fnHd8h+aw/b7+wRe9Qes9/b4/YH9XPuyF4A9kf7vf3JnrPeAiEBSVIUUAxlo1jKTjnoKspJV1MuuoYidC3F0XWUm66nPJSX8lF+iqcCVJA0GbJEFFIhKkxRuoEulVeMipOjEpRAN1NJuoVK0a1Umm6jMnQ7laVyVJ4q0B1Uke6kSnQXVaa7qQpVpWpUne6hGnQv1aT7qBbdT7XpAapDD1Jdeojq0cNUnx6hBvQoNaTHqBE1pibUlJrR49ScnqAW1JJa0ZPUmp6iNvQ0JdIz1JaepXb0N2pPz1EHep460gvUiTpTF3qRutJL1I26UxL1oJ70MvWi3tSH+lI/eoX606s0gF6jZBpIg+h1Gkxv0BB6k4bSMBpOb9EIGkmjaDSNobGUQuNoPL1NE+gdmkiTaDJNoVSaStPoXZpOM2gmvUez6H2aTXNoLs2jNPqA5tMCSqcPaSF9RBm0iBbTElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDt9TDvoE9pJu2g3fUp76DPaS5/TPvqC9tOXlElf0QH6mg7SN3SIvvXd6Ts6QkfpGH1Px+kHOkEn6RSdpjP0I52ln+gceYIQQxHKUIVBGBNmC2PD7GGO8KowZ3h1mCu8JoyE14Zx4XVh7vD6ME+YN8wX5g/jwwJhwVCHJrQhhWFYKCwcRsMbwiLhjWHREMNiYfHQhSXChPDmsGR4S1gqvDUsHd4WlglvD8uG5cJH768Q3hFWDO8MK4V3hZXDu8MqYdWwWlg9vCesEd4b1gzvC2uF94elwgfCOuGDYd3wobBe+HBYP3wkbBA+GjYMHwsbhY3DJmHTsFn4eNg8fCJsEbYMW4VPhq3Dp8I24dNhYvhM2DZ89uf9Dyz44/1JYY+wZ/hy+HLo/X1ybnReNC36QXR+dEE0PfphdGH0o2hGdFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRD1Pvq2cChE0465QIX47K5WJfd5XBXuZzuapfLXeMi7loX565zud31Lo/L6/K5/C7eFXAFnXbGWUcudIVcYRd1N7gi7kZX1N3kirnizrkSLsE1dc1cM9fcPeFauJaulXvSPemeck+5p93T7hnX1j3r2rm/ufbuOdfBPe+edy+4Tq6z6+JedF3duFwX3pNJrqfr6Xq5Xq6P6+P6uX6uv+vvBrgBLtklu0FukBvsBrshbogb6oa64W64G+FGuFFulBvjxrgUl+LGu/FugpvgJrqJbrKb7FJdqpvmprnpbrqrOOPCWWa72W6um+vSXJqb786vGdPdQrfQZbgMt9gtdkvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt9Nfc2FSt8ftdXvdPrfP7Xdfukz3lTvgvnYH3TfukPvWHXbfuSPuqDvmvnfH3Q/uhDvpTrnT7oz70Z11P7lzzruUyLjI+MjbkQmRdyITI5MikyNTIqmRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF9gc+gL+cI+6m/wRfyNvqi/yRfzxb3zJXyCv9mX9Lf4Uv5WX9rf5sv4231ZX86X94/5Rr6xb+Kb+mb+cd/cP+Fb+Ja+lX/St/ZP+Tb+aZ/on/Ft/bO+nf+bb++f8x38876jf8F38p19F/+i7+pf8t18d5/ke/ie/mXfy/f2fXxf38+/4vv7V/0A/5pP9gP9IP+6H+zf8EP8m36oH+aHx7zlR1y6RIaxPsWP8+P9236Cf8dP9JP8ZD/Fp/qpfpp/10/3M/xM/56f5d/3s/0cP9fP82n+Az/fL/Dp/kO/0H/kM/yiSzeV/XK/wq/0q/xqv8av9ev8er/Bb/Sb/Ga/xW/12/x2/7Hf4T/xO/0uv9t/6vf4z/xe/7nf57/w+/2XPtN/5Q/4r/1B/40/5L/1h/13/og/6o/57/1x/4M/4U/6U/60P+N/9Gf9T/4c/581xhhjjLF/yrjLQ/HrPRdu5/f4nRzxi4N7AsDVW/Jn/nL/+RXl2jwXxr1FfOsIADzTvePDl7YqVZKSki4emyEhKDwH4NLfBJ0XA5fjRdAKnoJEaAklf7f+3qLzGfoH80dvA8jxi5xYuBxfnv9zAEz6nfkff3L4/DLhqbj/Yf45AEULX87JDpfjRdDq5/srLaHUH9Sft/kv64/97fzZv0gBaPGLnJxwOb5cfwI8Ac9C4q+OZIwxxhhjjDHGLugtyre/dP156V98/t71eby6nJMNLsf/6PqcMcYYY4wxxhhjV95znbs8/XhiYsv2//qg0v8q658eNIT/q5l58LsD7wEu/UQBwL85IcD5gfxPPopN/5FzJV986/z9rqWnfQD/Ha38MwZX+IOJMcYYY4wx9qe7vOj/9c/VlSqIMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLgv4Tv07sSj9GxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Er7fwEAAP//nXwDKg==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) 10.50834972s ago: executing program 0 (id=6447): r0 = socket$isdn_base(0x22, 0x3, 0x0) ioctl$IMSETDEVNAME(r0, 0x80184947, &(0x7f0000000040)={0x0, 'syz1\x00'}) 9.794880269s ago: executing program 0 (id=6452): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000b00)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f00ff0f00000000000050375ed08a56331dbf9ed78105001ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010004080c00bdad01409bbc7a46e39a54cbbda812176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0x7}, 0x0) 9.158280358s ago: executing program 32 (id=6452): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000b00)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f00ff0f00000000000050375ed08a56331dbf9ed78105001ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010004080c00bdad01409bbc7a46e39a54cbbda812176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0x7}, 0x0) 4.407197383s ago: executing program 2 (id=6516): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2010004, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c756e695f786c6174653d312c696f636861727365743d63703836352c73686f72746e616d653d77696e39352c636f6465706167653d3836392c726f6469722c616c6c6f775f7574696d653d30303030303030303030303030303030303137373737372c73686f72746e616d653d6d697865642c757466383d312c636865636b3d7374726963742c73686f72746e616d653d6c6f7765722c696f636861727365743d6d61636761656c69632c009fe7a64148646d78b2352fb82c3564f8d2296b6f8512835d329176768472a65dd4d0804d842d71bb377c"], 0x25, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) 3.264998759s ago: executing program 2 (id=6525): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0xcd20}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044081}, 0x0) 2.804882669s ago: executing program 2 (id=6530): r0 = socket$inet6(0xa, 0x2, 0x3a) sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x80000006}, 0x1c, &(0x7f0000000540)=[{&(0x7f0000000100)="8000102e75243301", 0x8}], 0x1, &(0x7f0000000300)=[@dstopts_2292={{0x10}}], 0x18}}], 0x1, 0x40000000) 2.547929937s ago: executing program 2 (id=6534): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000000)={&(0x7f0000000140)=""/116, 0x108000, 0x800, 0xa, 0x3}, 0x1c) 2.37174623s ago: executing program 5 (id=6536): r0 = socket$qrtr(0x2a, 0x2, 0x0) bind$qrtr(r0, &(0x7f0000005d00)={0x2a, 0x2}, 0xc) 2.164310344s ago: executing program 2 (id=6538): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@ipv6_newroute={0x20, 0x18, 0x1, 0x70bd28, 0x25dfdbff, {0xa, 0x14, 0x0, 0x5, 0x0, 0x1, 0x0, 0x8, 0x1500}, [@RTA_METRICS={0x4, 0x1e}]}, 0x20}}, 0x404c040) 2.098445644s ago: executing program 1 (id=6539): r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000a40)=""/39, 0x27) 2.035363448s ago: executing program 5 (id=6541): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x8002, 0x0) ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000500)={0x14, 0x27, 0x13, 0x1b, 0xb, 0x10, 0x4, 0xf5, 0x1}) 1.912227242s ago: executing program 2 (id=6542): r0 = syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f0000000180)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c6865617274626561743d6e6f6e652c67727071756f74612c696e6f646536342c61636c2c6c6f63616c666c6f636b732c005ea7501d3984f30800000034dd9b5f52523eb71133652077aca5d26b513822020aa04ceba373f5ce95c0d1d4d8d88b077307143bab05b944c8717fae9043000a828674b0cdb1a82528e59e857c2049a73f8389f4eb91af6e2f93e4894cc0e776da52222dc59219"], 0x0, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000000), 0x0, 0x0, 0x0) 1.7789687s ago: executing program 1 (id=6543): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000440)="1ffebd2629cb68371c779b9d00e7", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 1.684266048s ago: executing program 5 (id=6545): r0 = syz_open_dev$video4linux(&(0x7f0000000240), 0x4, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000000)={0x1, 0x0, {0x0, 0x6, 0x1013, 0x7}}) 1.569461972s ago: executing program 4 (id=6546): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000040)="6b1690bb8dc095ebae95baccdce177a97389ae7df65487e3996df64c35efa6e159bd2f2180", 0xfdef}], 0x1, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @dev}}}, @ip_retopts={{0x16, 0x0, 0x7, {[@ra={0x94, 0x4}, @generic={0x0, 0x2}]}}}], 0x38}, 0x0) 1.364604231s ago: executing program 5 (id=6548): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="120000001a00010001000000000000000a"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x0) 1.301453138s ago: executing program 1 (id=6549): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x40080, 0x0) ioctl$SNDCTL_DSP_POST(r0, 0x5008, 0x0) 1.259431892s ago: executing program 4 (id=6550): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x8, &(0x7f0000000600)=0x1, 0x4) 1.026949908s ago: executing program 5 (id=6552): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_DELLINK(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000000414010028bd7000fedbdf25080001000100000008000180"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x8044) 1.002944805s ago: executing program 4 (id=6553): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x2}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x94}}, 0x0) 942.907331ms ago: executing program 3 (id=6554): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSSOFTCAR(r0, 0x541a, 0x0) 937.996248ms ago: executing program 1 (id=6555): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, 0x0, &(0x7f0000000200)=0x15) 792.366415ms ago: executing program 5 (id=6556): r0 = socket(0x40000000015, 0x5, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000440)={'ip_vti0\x00', &(0x7f0000000500)={'gre0\x00', 0x0, 0x700, 0x7fd1f0909632d272, 0x9, 0x5, {{0x5, 0x4, 0x3, 0x9, 0x14, 0x68, 0x0, 0x3, 0x4, 0x0, @private=0xa010102, @broadcast}}}}) 746.548306ms ago: executing program 3 (id=6557): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b00)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x34, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x108}}, 0x0) 708.196023ms ago: executing program 1 (id=6558): r0 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x7fffffff, 0x400) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000240)={0xf000000, 0x9, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0xa4b6b538dfe0ee53, 0xd1, '\x00', @ptr}}) 707.720552ms ago: executing program 4 (id=6559): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x3c, 0x3e, 0xd07, 0xfffffffe, 0x0, {0x1, 0x7c}, [@typed={0x4, 0x8e}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\x1a'}]}, @nested={0x18, 0x2, 0x0, 0x1, [@nested={0x11, 0x14, 0x0, 0x1, [@nested={0x4, 0x18}, @typed={0x8, 0x18, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2a}}, @generic="b7"]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4048011}, 0x4044000) 510.326691ms ago: executing program 3 (id=6560): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="6c01000010001307fefffffffcdbdf256401010100000000000000060000000020010000000000000000000000020a0000006c00"/64, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000000fe32000000200100000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000525a0000000000000000000000000000000000000000000043050000000000000400000000000000ffffffffffffff7f0000000000000000000000000000000002fdffffff000000000000002cbd70000035000002000400500000000000000060001200726663343130362867636d28616573292900000000000000000000000000000000000000000d0000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c5dec7cb7a1c00040002", @ANYRES64=r0], 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0) 509.749414ms ago: executing program 1 (id=6561): r0 = socket$inet(0xa, 0x801, 0x84) setsockopt$MRT_INIT(r0, 0x0, 0xc8, 0x0, 0x0) 393.676663ms ago: executing program 4 (id=6562): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='numa_maps\x00') mmap$snddsp_control(&(0x7f0000002000/0x1000)=nil, 0x1000000000000, 0x1000000, 0x12, r0, 0x83000000) 301.552658ms ago: executing program 3 (id=6563): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000016c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe40400000056bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a05cbee30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c3157f00000000000000a06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c3630000000002232017810e743bdaf879946547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e6dafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e097585ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb50409fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4d8521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060fd2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3bca426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db00000000000001f915268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde000006c06d4d551e81ee73459cf1c00000000000000000000628a663ed417be6ff5b172cba4a1ec629a39ec253c087b1e9ce84e25b8717ae8581bf28c16a8bbda8d69358e885ddf5387e419c64847b8953070cdefe7d6a35197638e929f8f3c005f9de3fe351def9ed5"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r0, 0x0, 0x62, 0xfffffffffffffe74, &(0x7f0000000140)="cb74445b7d4c0b24676c6c71ae37efcedaf40242309766deb4e793f90000000000000000dbc856cbc664650634231454ca2d8034c4ca29e0d99c3b6615e91835a600c08f989af45438a54981be310aad92ae545b1c961e5f3762a51fe4c736edec6f", &(0x7f0000000cc0)=""/265, 0xcb95, 0x0, 0xff, 0x194, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a938d38503d064da82d5dbf395ad47ed3932669168d324ed0f6de8360d499042ddc7d02b6c0772128257702bfe6d0971f00fea85da062cdc", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5deda7ddd3bd1d384d64ec980187e8b64a0696571a49e847db79349c9b3c3fab5f1f977bde4d802d9026ae0c11744eb1525c5195fd215d7a432497f35c2f2cfcd2b6336b26dfef0cb968c910ea2af5cdd4d58cc08535d5514", 0x2, 0x0, 0x3ff}, 0x24) 171.586412ms ago: executing program 4 (id=6564): madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x66) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 77.487572ms ago: executing program 3 (id=6565): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0xa00, &(0x7f0000000080)={&(0x7f0000000040)=@flushpolicy={0x1c, 0x1d, 0x1, 0x0, 0x10000000, "", [@policy_type={0xa, 0x10, {0x1}}]}, 0x1c}}, 0x0) 0s ago: executing program 3 (id=6566): r0 = syz_usb_connect$cdc_ecm(0x0, 0x77, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x65, 0x1, 0x1, 0x0, 0x20, 0x1, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, [@mdlm={0x15, 0x24, 0x12, 0xa}, @mdlm={0x15, 0x24, 0x12, 0x4}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}]}}]}}, 0x0) syz_usb_ep_write(r0, 0x82, 0x0, 0x0) kernel console output (not intermixed with test programs): d-cd80a5b93e5d [ 626.908196][T17785] loop2: detected capacity change from 0 to 32768 [ 627.060162][T17860] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5100'. [ 627.116282][T17785] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 627.135681][T17848] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode [ 627.211883][T17848] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 627.532565][T17785] XFS (loop2): Ending clean mount [ 627.542655][T17810] loop5: detected capacity change from 0 to 32768 [ 627.594913][T17785] XFS (loop2): Quotacheck needed: Please wait. [ 627.631636][T17810] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5088 (17810) [ 627.766398][T17810] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 627.796080][T17785] XFS (loop2): Quotacheck: Done. [ 627.836094][T17810] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm [ 628.204448][ T5857] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 628.243386][T17903] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5109'. [ 628.327590][T17810] BTRFS info (device loop5): enabling ssd optimizations [ 628.355954][T17810] BTRFS info (device loop5): enabling free space tree [ 628.706385][ T5871] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 628.894870][T17920] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.952843][T17946] loop4: detected capacity change from 0 to 256 [ 629.969095][T17904] loop1: detected capacity change from 0 to 32768 [ 630.040135][T17944] loop0: detected capacity change from 0 to 4096 [ 630.049680][T17946] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d) [ 630.097777][T17944] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 630.168652][T17946] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 630.249995][T17914] loop3: detected capacity change from 0 to 32768 [ 630.320307][T17914] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.5113 (17914) [ 630.333174][T17944] ntfs3(loop0): ino=19, mi_enum_attr [ 630.333210][T17944] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 630.406124][T17944] ntfs3(loop0): failed to convert "c46c" to cp932 [ 630.429904][T17914] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 630.455622][T17944] ntfs3(loop0): ino=20, mi_enum_attr [ 630.494678][T17914] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 630.696249][ T5947] usb 6-1: new high-speed USB device number 92 using dummy_hcd [ 630.768937][T17914] BTRFS info (device loop3): enabling ssd optimizations [ 630.804964][T17914] BTRFS info (device loop3): enabling free space tree [ 630.882586][ T5947] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 630.936134][ T5947] usb 6-1: config 0 interface 0 has no altsetting 0 [ 630.970793][ T5947] usb 6-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce [ 631.001911][ T5947] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 631.086026][ T5947] usb 6-1: Product: syz [ 631.090246][ T5947] usb 6-1: Manufacturer: syz [ 631.132989][ T5947] usb 6-1: SerialNumber: syz [ 631.167080][ T5947] usb 6-1: config 0 descriptor?? [ 631.187681][ T5859] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 631.243878][ T30] audit: type=1326 audit(2000000193.125:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17988 comm="syz.2.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 631.256005][ T5947] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state. [ 631.376244][ T30] audit: type=1326 audit(2000000193.125:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17988 comm="syz.2.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 631.402209][ T5947] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 631.436820][ T30] audit: type=1326 audit(2000000193.185:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17988 comm="syz.2.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 631.481375][ T5947] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0) [ 631.501993][ T5947] usb 6-1: media controller created [ 631.535480][ T30] audit: type=1326 audit(2000000193.185:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17988 comm="syz.2.5140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 631.646090][ T5947] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 631.782910][T18004] netlink: 'syz.3.5141': attribute type 7 has an invalid length. [ 631.868179][T18004] netlink: 'syz.3.5141': attribute type 8 has an invalid length. [ 631.909285][T17998] loop4: detected capacity change from 0 to 4096 [ 631.975826][ T5947] DVB: Unable to find symbol tda10046_attach() [ 632.012898][ T5947] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0' [ 632.038498][T17998] ntfs3(loop4): ino=3, Correct links count -> 2. [ 632.063594][ T5947] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected. [ 632.374265][ T5947] dvb_usb_m920x 6-1:0.0: probe with driver dvb_usb_m920x failed with error -71 [ 632.456339][ T5947] usb 6-1: USB disconnect, device number 92 [ 632.870749][T18031] netlink: 'syz.4.5156': attribute type 1 has an invalid length. [ 632.876012][ T6023] usb 2-1: new high-speed USB device number 99 using dummy_hcd [ 632.893995][T18031] netlink: 224 bytes leftover after parsing attributes in process `syz.4.5156'. [ 633.072893][ T6023] usb 2-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 633.105660][T18036] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5161'. [ 633.114732][ T6023] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 633.155755][ T6023] usb 2-1: Product: syz [ 633.186000][ T6023] usb 2-1: Manufacturer: syz [ 633.190643][ T6023] usb 2-1: SerialNumber: syz [ 633.224258][ T6023] usb 2-1: config 0 descriptor?? [ 633.248823][ T6023] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 633.416191][T18046] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5166'. [ 633.657165][ T6023] gspca_sunplus: reg_r err -71 [ 633.674871][ T6023] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 633.732019][ T6023] usb 2-1: USB disconnect, device number 99 [ 633.797424][T18060] loop0: detected capacity change from 0 to 64 [ 633.829077][T18059] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5174'. [ 633.848397][ T43] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 633.871904][T18059] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5174'. [ 633.985085][T18064] batadv0: entered promiscuous mode [ 634.001005][T18064] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 634.028600][ T43] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 634.076064][ T43] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 634.098817][ T43] usb 4-1: config 220 has no interface number 2 [ 634.117567][T18069] netlink: 'syz.0.5177': attribute type 21 has an invalid length. [ 634.125828][T18069] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5177'. [ 634.155820][T18069] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5177'. [ 634.160870][ T43] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 634.206048][ T43] usb 4-1: config 220 interface 0 has no altsetting 0 [ 634.212978][ T43] usb 4-1: config 220 interface 76 has no altsetting 0 [ 634.265240][ T43] usb 4-1: config 220 interface 1 has no altsetting 0 [ 634.307121][ T43] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 634.328616][ T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 634.374548][ T43] usb 4-1: Product: syz [ 634.406456][ T43] usb 4-1: Manufacturer: syz [ 634.411115][ T43] usb 4-1: SerialNumber: syz [ 634.703922][ T43] usb 4-1: selecting invalid altsetting 0 [ 634.727486][ T43] usb 4-1: Found UVC 7.01 device syz (8086:0b07) [ 634.733878][ T43] usb 4-1: No valid video chain found. [ 634.848205][ T43] usb 4-1: selecting invalid altsetting 0 [ 634.853983][ T43] usbtest 4-1:220.1: probe with driver usbtest failed with error -22 [ 634.916448][ T43] usb 4-1: USB disconnect, device number 89 [ 635.448287][T18111] netlink: 'syz.4.5198': attribute type 1 has an invalid length. [ 635.516630][T18111] netlink: 216 bytes leftover after parsing attributes in process `syz.4.5198'. [ 635.895426][T18129] loop3: detected capacity change from 0 to 8 [ 635.918926][T18119] loop2: detected capacity change from 0 to 4096 [ 635.937662][T18129] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 635.976904][T18119] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 636.011053][ T6477] udevd[6477]: incorrect cramfs checksum on /dev/loop3 [ 636.048177][T18129] cramfs: Error -3 while decompressing! [ 636.054075][T18129] cramfs: ffffffff99bf96a8(26)->ffff8880891df000(4096) [ 636.131110][T18129] cramfs: Error -3 while decompressing! [ 636.143269][T18091] loop5: detected capacity change from 0 to 32768 [ 636.160924][T18129] cramfs: ffffffff99bf96c2(26)->ffff88808b341000(4096) [ 636.161555][T18134] loop4: detected capacity change from 0 to 512 [ 636.176109][T18129] cramfs: Error -3 while decompressing! [ 636.192093][T18129] cramfs: ffffffff99bf96dc(16)->ffff88808b349000(4096) [ 636.243641][T18129] cramfs: Error -3 while decompressing! [ 636.293288][T18091] read_mapping_page failed! [ 636.307483][T18129] cramfs: ffffffff99bf96a8(26)->ffff8880891df000(4096) [ 636.324571][T18091] ialloc: diAlloc returned -5! [ 636.337987][T18134] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 636.406129][T18134] ext4 filesystem being mounted at /883/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 636.716829][ T5860] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 636.886575][T18151] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5216'. [ 637.204936][T18164] loop2: detected capacity change from 0 to 256 [ 637.327027][T18167] loop5: detected capacity change from 0 to 2048 [ 637.437702][T18167] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 637.442414][T18164] FAT-fs (loop2): Directory bread(block 64) failed [ 637.463504][T18164] FAT-fs (loop2): Directory bread(block 65) failed [ 637.488882][T18164] FAT-fs (loop2): Directory bread(block 66) failed [ 637.512564][T18164] FAT-fs (loop2): Directory bread(block 67) failed [ 637.552918][ T30] audit: type=1800 audit(2000000199.435:121): pid=18167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.5224" name="file1" dev="loop5" ino=1367 res=0 errno=0 [ 637.590114][T18164] FAT-fs (loop2): Directory bread(block 68) failed [ 637.624856][T18164] FAT-fs (loop2): Directory bread(block 69) failed [ 637.665468][T18164] FAT-fs (loop2): Directory bread(block 70) failed [ 637.737977][T18164] FAT-fs (loop2): Directory bread(block 71) failed [ 637.744661][T18164] FAT-fs (loop2): Directory bread(block 72) failed [ 637.804985][T18164] FAT-fs (loop2): Directory bread(block 73) failed [ 638.356934][T18197] netlink: 'syz.5.5240': attribute type 1 has an invalid length. [ 638.386084][T18197] netlink: 224 bytes leftover after parsing attributes in process `syz.5.5240'. [ 638.513238][T18205] loop1: detected capacity change from 0 to 8 [ 638.836553][ T5947] usb 1-1: new high-speed USB device number 97 using dummy_hcd [ 639.056389][ T5947] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 639.073043][ T5947] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 639.155151][ T5947] usb 1-1: Product: syz [ 639.167791][ T5947] usb 1-1: Manufacturer: syz [ 639.193157][ T5947] usb 1-1: SerialNumber: syz [ 639.217921][ T5947] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 639.366382][ T10] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 639.630020][ C0] usb 1-1: ath: unknown panic pattern! [ 639.741542][T18238] : entered promiscuous mode [ 641.336244][T18268] netlink: 'syz.5.5275': attribute type 210 has an invalid length. [ 641.520928][T18271] loop2: detected capacity change from 0 to 256 [ 641.916324][T18271] FAT-fs (loop2): Directory bread(block 64) failed [ 641.922894][T18271] FAT-fs (loop2): Directory bread(block 65) failed [ 642.006867][T18278] netlink: 'syz.5.5279': attribute type 10 has an invalid length. [ 642.025263][ T5955] usb 1-1: USB disconnect, device number 97 [ 642.038309][ T10] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 642.052214][ T10] ath9k_htc: Failed to initialize the device [ 642.066742][ T5955] usb 1-1: ath9k_htc: USB layer deinitialized [ 642.076431][T18271] FAT-fs (loop2): Directory bread(block 66) failed [ 642.126087][T18278] : entered allmulticast mode [ 642.148677][T18271] FAT-fs (loop2): Directory bread(block 67) failed [ 642.155346][T18271] FAT-fs (loop2): Directory bread(block 68) failed [ 642.218366][T18271] FAT-fs (loop2): Directory bread(block 69) failed [ 642.225023][T18271] FAT-fs (loop2): Directory bread(block 70) failed [ 642.247755][T18278] : left promiscuous mode [ 642.268748][T18278] : entered promiscuous mode [ 642.319008][T18271] FAT-fs (loop2): Directory bread(block 71) failed [ 642.325694][T18271] FAT-fs (loop2): Directory bread(block 72) failed [ 642.333514][T18278] team0: Device  failed to register rx_handler [ 642.416253][T18271] FAT-fs (loop2): Directory bread(block 73) failed [ 642.820754][T18294] loop5: detected capacity change from 0 to 256 [ 642.979915][T18294] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xc2dc8e67, utbl_chksum : 0xe619d30d) [ 643.178055][T18261] loop4: detected capacity change from 0 to 32768 [ 643.360679][T18261] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 643.606170][T18261] XFS (loop4): Ending clean mount [ 643.832784][ T5860] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 644.250885][T18284] loop0: detected capacity change from 0 to 32768 [ 644.336954][T18284] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.5282 (18284) [ 644.566091][ T30] audit: type=1326 audit(2000000206.445:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18345 comm="syz.2.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 644.646021][ T30] audit: type=1326 audit(2000000206.445:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18345 comm="syz.2.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 644.668562][ T30] audit: type=1326 audit(2000000206.485:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18345 comm="syz.2.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 644.683252][T18284] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 644.853028][T18284] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm [ 645.141967][T18284] BTRFS info (device loop0): enabling ssd optimizations [ 645.155981][T18284] BTRFS info (device loop0): enabling free space tree [ 645.220325][ T30] audit: type=1326 audit(2000000207.105:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18345 comm="syz.2.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 645.346708][ T30] audit: type=1326 audit(2000000207.105:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18345 comm="syz.2.5309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 645.503988][T18378] netlink: 'syz.2.5316': attribute type 1 has an invalid length. [ 645.649797][ T5858] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 645.906003][ T43] usb 2-1: new high-speed USB device number 100 using dummy_hcd [ 646.026679][ T5909] usb 3-1: new full-speed USB device number 95 using dummy_hcd [ 646.063750][T18391] loop4: detected capacity change from 0 to 64 [ 646.098816][T18344] loop3: detected capacity change from 0 to 32768 [ 646.113809][ T43] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 646.176701][ T43] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 646.193814][T18344] BTRFS info: device /dev/loop3 (7:3) using temp-fsid ed1a65c6-b106-4b7d-bc49-7e80b6c7c8c8 [ 646.216842][ T5909] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 646.229616][ T5909] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 646.263455][T18344] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.5307 (18344) [ 646.267196][ T43] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 646.325738][ T5909] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 646.362091][ T5909] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 646.370040][T18344] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 646.394945][ T43] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 646.404944][ T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 646.426026][ T5909] usb 3-1: SerialNumber: syz [ 646.433588][T18344] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 646.456030][ T43] usb 2-1: Product: syz [ 646.486879][ T43] usb 2-1: Manufacturer: syz [ 646.494576][ T5909] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22 [ 646.513892][ T43] usb 2-1: SerialNumber: syz [ 646.564860][ T5909] usb-storage 3-1:1.0: USB Mass Storage device detected [ 646.578723][ T43] usb 2-1: config 0 descriptor?? [ 646.597554][T18385] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 646.605065][T18385] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 646.616710][ T43] usb 2-1: ucan: probing device on interface #0 [ 646.627655][ T5909] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 646.654627][ T5909] scsi host1: usb-storage 3-1:1.0 [ 646.756516][T18344] BTRFS info (device loop3): enabling ssd optimizations [ 646.763514][T18344] BTRFS info (device loop3): enabling free space tree [ 647.036410][ T5859] BTRFS info (device loop3): last unmount of filesystem ed1a65c6-b106-4b7d-bc49-7e80b6c7c8c8 [ 647.053869][ T43] usb 2-1: ucan: failed to retrieve device info [ 647.086036][ T43] usb 2-1: ucan: probe failed; try to update the device firmware [ 647.138436][ T43] usb 2-1: USB disconnect, device number 100 [ 647.616191][T18424] loop5: detected capacity change from 0 to 4096 [ 647.629430][T18424] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 647.774285][T18432] netlink: 'syz.3.5330': attribute type 2 has an invalid length. [ 647.821414][T18432] netlink: 'syz.3.5330': attribute type 1 has an invalid length. [ 647.830678][T18424] ntfs3(loop5): Failed to initialize $Extend/$Reparse. [ 647.891359][T18435] netlink: 'syz.1.5334': attribute type 3 has an invalid length. [ 648.588474][T18453] netlink: 'syz.4.5345': attribute type 3 has an invalid length. [ 648.628867][T18453] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.5345'. [ 648.846451][ T10] usb 3-1: USB disconnect, device number 95 [ 649.078546][T18472] loop4: detected capacity change from 0 to 512 [ 649.094901][T18473] netlink: 'syz.5.5353': attribute type 32 has an invalid length. [ 649.122986][T18473] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5353'. [ 649.284644][T18472] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 649.369193][T18472] ext4 filesystem being mounted at /908/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 649.685242][ T5860] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 649.873398][T18502] loop1: detected capacity change from 0 to 1024 [ 649.882132][T18504] loop2: detected capacity change from 0 to 128 [ 649.912107][T18502] EXT4-fs: Ignoring removed orlov option [ 649.978757][T18502] EXT4-fs: Ignoring removed nomblk_io_submit option [ 649.992806][T18504] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 650.131331][T18502] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 650.166326][T18504] ext4 filesystem being mounted at /881/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 650.330772][T18512] loop0: detected capacity change from 0 to 4096 [ 650.386655][T18512] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 650.471439][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 650.492172][T18512] ntfs3(loop0): ino=1a, mi_enum_attr [ 650.509566][T18512] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 650.524600][ T5857] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 650.552521][T18512] ntfs3(loop0): ino=1a, mi_enum_attr [ 650.558621][T18512] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 650.620418][T18524] loop4: detected capacity change from 0 to 256 [ 650.807736][T18524] FAT-fs (loop4): Directory bread(block 64) failed [ 650.814299][T18524] FAT-fs (loop4): Directory bread(block 65) failed [ 650.892469][T18531] netlink: 'syz.2.5372': attribute type 10 has an invalid length. [ 650.896218][T18524] FAT-fs (loop4): Directory bread(block 66) failed [ 650.946439][T18524] FAT-fs (loop4): Directory bread(block 67) failed [ 650.955542][T18531] team0: Device ipvlan1 failed to register rx_handler [ 650.969191][T18524] FAT-fs (loop4): Directory bread(block 68) failed [ 651.011940][T18524] FAT-fs (loop4): Directory bread(block 69) failed [ 651.066077][T18524] FAT-fs (loop4): Directory bread(block 70) failed [ 651.111160][T18524] FAT-fs (loop4): Directory bread(block 71) failed [ 651.136141][T18524] FAT-fs (loop4): Directory bread(block 72) failed [ 651.173049][T18524] FAT-fs (loop4): Directory bread(block 73) failed [ 651.432079][T18543] bridge_slave_0: left allmulticast mode [ 651.460660][T18543] bridge_slave_0: left promiscuous mode [ 651.468208][T18543] bridge0: port 1(bridge_slave_0) entered disabled state [ 651.532425][T18543] bridge_slave_1: left allmulticast mode [ 651.544747][T18543] bridge_slave_1: left promiscuous mode [ 651.570980][T18543] bridge0: port 2(bridge_slave_1) entered disabled state [ 651.644426][T18543] bond0: (slave bond_slave_0): Releasing backup interface [ 651.671098][T18555] binder: 18554:18555 ioctl c0306201 2000000001c0 returned -22 [ 651.705172][T18543] bond0: (slave bond_slave_1): Releasing backup interface [ 651.731018][T18559] loop3: detected capacity change from 0 to 64 [ 651.773475][T18543] team0: Port device team_slave_0 removed [ 651.799955][T18543] team0: Port device team_slave_1 removed [ 651.822466][T18543] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 651.847965][T18543] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 651.890825][T18543] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 651.909191][T18543] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 651.977251][T18549] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5384'. [ 652.302675][T18575] loop0: detected capacity change from 0 to 64 [ 652.333055][T18574] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5397'. [ 652.412852][T18577] netlink: 'syz.1.5398': attribute type 5 has an invalid length. [ 652.518698][T18580] bridge0: port 3(dummy0) entered disabled state [ 652.602819][T18585] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 652.638983][T18580] bridge0: port 1(bridge_slave_0) entered disabled state [ 652.685384][T18580] bridge0: port 2(bridge_slave_1) entered disabled state [ 652.903357][T18588] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5404'. [ 653.061073][T18597] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5408'. [ 653.112037][T18597] vlan0: entered promiscuous mode [ 653.424375][T18610] loop1: detected capacity change from 0 to 256 [ 653.550983][T18610] FAT-fs (loop1): Directory bread(block 64) failed [ 653.576098][ T5909] usb 1-1: new high-speed USB device number 98 using dummy_hcd [ 653.606087][T18610] FAT-fs (loop1): Directory bread(block 65) failed [ 653.612741][T18610] FAT-fs (loop1): Directory bread(block 66) failed [ 653.670394][T18610] FAT-fs (loop1): Directory bread(block 67) failed [ 653.710948][T18610] FAT-fs (loop1): Directory bread(block 68) failed [ 653.741062][T18610] FAT-fs (loop1): Directory bread(block 69) failed [ 653.756633][T18610] FAT-fs (loop1): Directory bread(block 70) failed [ 653.777775][ T5909] usb 1-1: Using ep0 maxpacket: 8 [ 653.785091][ T5909] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 653.815674][T18610] FAT-fs (loop1): Directory bread(block 71) failed [ 653.828355][ T5909] usb 1-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54 [ 653.847907][T18610] FAT-fs (loop1): Directory bread(block 72) failed [ 653.854462][T18610] FAT-fs (loop1): Directory bread(block 73) failed [ 653.865975][ T5909] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 653.894033][ T5909] usb 1-1: Product: syz [ 653.908521][ T5909] usb 1-1: Manufacturer: syz [ 653.914447][ T5909] usb 1-1: SerialNumber: syz [ 653.958807][ T5909] usb 1-1: config 0 descriptor?? [ 653.997517][ T5909] cdc_phonet 1-1:0.0: probe with driver cdc_phonet failed with error -22 [ 654.202845][ T5909] usb 1-1: USB disconnect, device number 98 [ 654.906101][ T24] usb 2-1: new high-speed USB device number 101 using dummy_hcd [ 655.122315][ T24] usb 2-1: Using ep0 maxpacket: 32 [ 655.155306][ T24] usb 2-1: config 0 has an invalid interface number: 239 but max is 0 [ 655.197445][ T24] usb 2-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config [ 655.246114][ T24] usb 2-1: config 0 has no interface number 0 [ 655.266598][ T24] usb 2-1: config 0 interface 239 altsetting 4 bulk endpoint 0x2 has invalid maxpacket 8 [ 655.288831][T18673] loop4: detected capacity change from 0 to 64 [ 655.295983][ T24] usb 2-1: config 0 interface 239 altsetting 4 endpoint 0x8 has invalid maxpacket 1023, setting to 64 [ 655.307869][ T24] usb 2-1: config 0 interface 239 altsetting 4 has an endpoint descriptor with address 0xA9, changing to 0x89 [ 655.375733][ T24] usb 2-1: config 0 interface 239 altsetting 4 endpoint 0x89 has invalid maxpacket 28648, setting to 1024 [ 655.431823][ T24] usb 2-1: config 0 interface 239 altsetting 4 bulk endpoint 0x89 has invalid maxpacket 1024 [ 655.433154][T18677] loop3: detected capacity change from 0 to 256 [ 655.484369][ T24] usb 2-1: config 0 interface 239 altsetting 4 has an endpoint descriptor with address 0xD5, changing to 0x85 [ 655.507701][ T24] usb 2-1: config 0 interface 239 altsetting 4 endpoint 0x85 has an invalid bInterval 118, changing to 10 [ 655.545563][ T24] usb 2-1: config 0 interface 239 altsetting 4 endpoint 0x85 has invalid maxpacket 25956, setting to 1024 [ 655.563684][ T24] usb 2-1: config 0 interface 239 has no altsetting 0 [ 655.583882][ T24] usb 2-1: New USB device found, idVendor=105b, idProduct=1799, bcdDevice=36.e9 [ 655.605297][T18677] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x44396dfa, utbl_chksum : 0xe619d30d) [ 655.634268][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 655.676867][ T24] usb 2-1: Product: syz [ 655.681100][ T24] usb 2-1: Manufacturer: syz [ 655.717039][ T24] usb 2-1: SerialNumber: syz [ 655.765622][ T24] usb 2-1: config 0 descriptor?? [ 655.808181][T18651] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 655.826217][T18651] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 655.866184][T18651] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 656.093258][T18655] loop5: detected capacity change from 0 to 32768 [ 656.161410][T18655] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5436 (18655) [ 656.229967][ T5880] Bluetooth: hci6: BCM: Reset failed (-71) [ 656.238314][ T10] usb 2-1: USB disconnect, device number 101 [ 656.300540][T18693] loop2: detected capacity change from 0 to 4096 [ 656.322615][T18693] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 656.326327][T18655] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 656.383283][T18693] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 656.404360][T18655] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm [ 656.410638][T18693] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 656.461550][T18697] loop4: detected capacity change from 0 to 1024 [ 656.497852][T18693] ntfs3(loop2): ino=5, "/" indx_read [ 656.532116][T18697] syz.4.5457: attempt to access beyond end of device [ 656.532116][T18697] loop4: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 656.576670][T18697] Buffer I/O error on dev loop4, logical block 100663296, async page read [ 656.611585][T18655] BTRFS info (device loop5): enabling ssd optimizations [ 656.653818][T18697] hfsplus: unable to mark blocks free: error -5 [ 656.672279][T18697] hfsplus: can't free extent [ 656.677108][T18655] BTRFS info (device loop5): enabling free space tree [ 656.755088][ T13] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 656.787735][ T5857] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 656.835067][ T5857] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 656.857604][ T5857] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 656.866805][T11710] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 657.038105][ T5871] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 657.197123][T18729] netlink: 260 bytes leftover after parsing attributes in process `syz.4.5464'. [ 657.206340][ T973] usb 1-1: new high-speed USB device number 99 using dummy_hcd [ 657.370324][ T973] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 657.414973][ T973] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 657.463323][ T973] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 657.548344][ T973] usb 1-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 657.565572][T18735] loop5: detected capacity change from 0 to 2048 [ 657.584195][ T973] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 657.642531][T18735] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 657.666325][T18741] netlink: 'syz.2.5471': attribute type 21 has an invalid length. [ 657.667279][ T973] usb 1-1: config 0 descriptor?? [ 657.674274][T18741] netlink: 'syz.2.5471': attribute type 1 has an invalid length. [ 657.707503][T18741] netlink: 144 bytes leftover after parsing attributes in process `syz.2.5471'. [ 657.804385][ T973] em28xx 1-1:0.0: New device @ 480 Mbps (2040:1605, interface 0, class 0) [ 657.854546][ T973] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class) [ 658.046422][ T973] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 658.071116][ T973] em28xx 1-1:0.0: Config register raw data: 0xfffffffb [ 658.098061][ T973] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 658.119635][ T973] em28xx 1-1:0.0: No AC97 audio processor [ 658.177851][ T973] usb 1-1: USB disconnect, device number 99 [ 658.234388][ T973] em28xx 1-1:0.0: Disconnecting em28xx [ 658.256496][ T10] usb 3-1: new high-speed USB device number 96 using dummy_hcd [ 658.317649][ T973] em28xx 1-1:0.0: Freeing device [ 658.414446][T18763] loop1: detected capacity change from 0 to 512 [ 658.454462][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 658.466625][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 658.472729][T18763] EXT4-fs: Ignoring removed nobh option [ 658.507054][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 658.553084][T18763] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 658.575254][ T10] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 658.585083][T18763] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 658.635211][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 658.668393][T18762] loop3: detected capacity change from 0 to 4096 [ 658.677298][T18763] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.5482: Corrupt directory, running e2fsck is recommended [ 658.714260][T18762] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 658.737913][ T10] usb 3-1: config 0 descriptor?? [ 658.738045][T18763] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 658.751842][ T10] hub 3-1:0.0: USB hub found [ 658.874622][T18762] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 658.906157][T18763] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.5482: corrupted in-inode xattr: invalid ea_ino [ 658.917671][T18762] ntfs3(loop3): ino=19, mi_enum_attr [ 658.981787][T18763] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.5482: couldn't read orphan inode 15 (err -117) [ 658.989231][T18762] ntfs3(loop3): failed to convert "c46c" to macgaelic [ 659.004912][ T10] hub 3-1:0.0: 31 ports detected [ 659.028310][ T10] hub 3-1:0.0: insufficient power available to use all downstream ports [ 659.044658][T18762] ntfs3(loop3): ino=20, mi_enum_attr [ 659.065738][T18763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 659.243310][ T10] hub 3-1:0.0: hub_hub_status failed (err = -71) [ 659.259808][T18763] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 659.265582][ T10] hub 3-1:0.0: config failed, can't get hub status (err -71) [ 659.326543][ T10] usbhid 3-1:0.0: can't add hid device: -71 [ 659.332745][ T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 659.345369][T18763] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 659.392559][T18787] netlink: 'syz.4.5493': attribute type 19 has an invalid length. [ 659.416522][T18763] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.5482: Corrupt directory, running e2fsck is recommended [ 659.428796][T18787] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5493'. [ 659.441981][ T10] usb 3-1: USB disconnect, device number 96 [ 659.648309][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 659.654381][T18792] block device autoloading is deprecated and will be removed. [ 660.081550][ T30] audit: type=1800 audit(2000000221.955:127): pid=18796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.4.5497" name="/" dev="sockfs" ino=45993 res=0 errno=0 [ 660.407832][T18822] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5509'. [ 660.736675][T18827] loop0: detected capacity change from 0 to 4096 [ 660.982847][T18838] loop2: detected capacity change from 0 to 512 [ 661.022794][T18838] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 661.099802][T18836] loop4: detected capacity change from 0 to 4096 [ 661.106602][T18838] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.5517: casefold flag without casefold feature [ 661.128828][T18838] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5517: couldn't read orphan inode 15 (err -117) [ 661.202870][T18845] raw_sendmsg: syz.1.5519 forgot to set AF_INET. Fix it! [ 661.232829][T18838] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 661.258409][T18836] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 661.355885][T18838] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 4: comm syz.2.5517: lblock 0 mapped to illegal pblock 4 (length 1) [ 661.398196][T18836] ntfs3(loop4): ino=1a, mi_enum_attr [ 661.420183][T18836] ntfs3(loop4): ino=1a, mi_enum_attr [ 661.479053][T18836] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 661.569539][T18836] ntfs3(loop4): ino=5, "/" indx_read [ 661.733500][ T5857] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 661.780944][T18855] tmpfs: Bad value for 'mpol' [ 662.069766][T18821] loop3: detected capacity change from 0 to 32768 [ 662.122273][T18821] [ 662.122273][T18821] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 662.122273][T18821] [ 662.180705][T18821] ERROR: (device loop3): dtSearch: stack overrun! [ 662.180705][T18821] [ 662.247453][T18821] btstack dump: [ 662.251019][T18821] bn = 0, index = 0 [ 662.254944][T18821] bn = 0, index = 0 [ 662.260069][T18821] bn = 0, index = 0 [ 662.270874][T18821] bn = 0, index = 0 [ 662.283977][T18821] bn = 0, index = 0 [ 662.313086][T18821] bn = 0, index = 0 [ 662.328329][T18821] bn = 0, index = 0 [ 662.357205][T18821] bn = 0, index = 0 [ 662.393464][T18821] jfs_lookup: dtSearch returned -5 [ 662.398822][ T10] usb 5-1: new high-speed USB device number 92 using dummy_hcd [ 662.482323][ T5859] [ 662.482323][ T5859] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 662.482323][ T5859] [ 662.545225][ T5859] [ 662.545225][ T5859] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 662.545225][ T5859] [ 662.580751][ T10] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 662.606479][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 662.620707][T18879] loop2: detected capacity change from 0 to 1024 [ 662.656967][ T9] usb 1-1: new high-speed USB device number 100 using dummy_hcd [ 662.664749][ T10] usb 5-1: Product: syz [ 662.685770][ T10] usb 5-1: Manufacturer: syz [ 662.708462][ T10] usb 5-1: SerialNumber: syz [ 662.742037][ T10] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 662.778781][ T973] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 662.796262][T18883] netlink: 'syz.5.5539': attribute type 6 has an invalid length. [ 662.846277][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 662.870933][ T9] usb 1-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config [ 662.908998][ T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 662.955635][ T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 662.996031][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 663.030198][ T9] usb 1-1: Product: syz [ 663.034459][ T9] usb 1-1: Manufacturer: syz [ 663.069931][ T9] usb 1-1: SerialNumber: syz [ 663.097662][T18887] netlink: 'syz.2.5541': attribute type 12 has an invalid length. [ 663.156133][ T5955] usb 2-1: new full-speed USB device number 102 using dummy_hcd [ 663.350853][ T10] usb 5-1: USB disconnect, device number 92 [ 663.371704][ T9] usb 1-1: 0:2 : does not exist [ 663.384270][ T9] usb 1-1: unit 97 not found! [ 663.416998][ T9] usb 1-1: USB disconnect, device number 100 [ 663.437700][ T5955] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 663.446981][ T5955] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 663.460471][ T5955] usb 2-1: config 0 descriptor?? [ 663.513281][ T5955] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 663.542394][ T8237] udevd[8237]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 663.710034][T18904] netlink: 666 bytes leftover after parsing attributes in process `syz.3.5548'. [ 663.720384][T18902] loop2: detected capacity change from 0 to 2048 [ 663.772432][T18906] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 663.814180][T18902] CPU: 1 UID: 0 PID: 18902 Comm: syz.2.5547 Not tainted syzkaller #0 PREEMPT(full) [ 663.814215][T18902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 663.814231][T18902] Call Trace: [ 663.814242][T18902] [ 663.814253][T18902] dump_stack_lvl+0x189/0x250 [ 663.814287][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.814317][T18902] ? rcu_is_watching+0x15/0xb0 [ 663.814352][T18902] ? __pfx_dump_stack_lvl+0x10/0x10 [ 663.814379][T18902] ? kmem_cache_alloc_noprof+0x21a/0x3c0 [ 663.814417][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.814445][T18902] ? __asan_memset+0x22/0x50 [ 663.814475][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.814502][T18902] ? nilfs_btree_alloc_path+0x5e5/0x610 [ 663.814544][T18902] nilfs_btree_last_key+0x491/0x620 [ 663.814583][T18902] nilfs_bmap_last_key+0x7a/0x130 [ 663.814625][T18902] nilfs_truncate_bmap+0xfe/0x340 [ 663.814646][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.814678][T18902] ? __pfx_nilfs_truncate_bmap+0x10/0x10 [ 663.814700][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.814734][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.814762][T18902] ? nilfs_transaction_begin+0x52a/0x710 [ 663.814790][T18902] ? __pfx_nilfs_get_block+0x10/0x10 [ 663.814829][T18902] nilfs_truncate+0x279/0x4e0 [ 663.814873][T18902] ? __pfx_nilfs_truncate+0x10/0x10 [ 663.814920][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.814947][T18902] ? truncate_setsize+0xcf/0xf0 [ 663.814984][T18902] nilfs_setattr+0x206/0x2b0 [ 663.815013][T18902] ? __pfx_nilfs_setattr+0x10/0x10 [ 663.815046][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.815074][T18902] ? try_break_deleg+0x79/0x130 [ 663.815105][T18902] ? __pfx_nilfs_setattr+0x10/0x10 [ 663.815131][T18902] notify_change+0xb36/0xe40 [ 663.815176][T18902] do_truncate+0x1a4/0x220 [ 663.815216][T18902] ? __pfx_do_truncate+0x10/0x10 [ 663.815247][T18902] ? apparmor_file_truncate+0x23e/0x2d0 [ 663.815308][T18902] path_openat+0x306c/0x3830 [ 663.815338][T18902] ? arch_stack_walk+0xfc/0x150 [ 663.815418][T18902] ? __pfx_path_openat+0x10/0x10 [ 663.815446][T18902] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 663.815498][T18902] do_filp_open+0x1fa/0x410 [ 663.815527][T18902] ? __lock_acquire+0xab9/0xd20 [ 663.815567][T18902] ? __pfx_do_filp_open+0x10/0x10 [ 663.815626][T18902] ? _raw_spin_unlock+0x28/0x50 [ 663.815664][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.815692][T18902] ? alloc_fd+0x64c/0x6c0 [ 663.815743][T18902] do_sys_openat2+0x121/0x1c0 [ 663.815770][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.815798][T18902] ? __se_sys_futex+0x36f/0x400 [ 663.815832][T18902] ? __pfx_do_sys_openat2+0x10/0x10 [ 663.815868][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.815899][T18902] ? rcu_is_watching+0x15/0xb0 [ 663.815931][T18902] __x64_sys_open+0x11e/0x150 [ 663.815964][T18902] do_syscall_64+0xfa/0x3b0 [ 663.815992][T18902] ? lockdep_hardirqs_on+0x9c/0x150 [ 663.816019][T18902] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 663.816043][T18902] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.816071][T18902] ? exc_page_fault+0x9f/0xf0 [ 663.816099][T18902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 663.816123][T18902] RIP: 0033:0x7f2d2e18eec9 [ 663.816145][T18902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 663.816167][T18902] RSP: 002b:00007f2d2efa4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 663.816193][T18902] RAX: ffffffffffffffda RBX: 00007f2d2e3e5fa0 RCX: 00007f2d2e18eec9 [ 663.816212][T18902] RDX: 0000000000000194 RSI: 0000000000106241 RDI: 00002000000006c0 [ 663.816230][T18902] RBP: 00007f2d2e211f91 R08: 0000000000000000 R09: 0000000000000000 [ 663.816246][T18902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 663.816261][T18902] R13: 00007f2d2e3e6038 R14: 00007f2d2e3e5fa0 R15: 00007fff97f57498 [ 663.816301][T18902] [ 664.195099][ T973] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 664.202248][ T973] ath9k_htc: Failed to initialize the device [ 664.209136][ T10] usb 5-1: ath9k_htc: USB layer deinitialized [ 664.254944][ T5955] gp8psk: usb out operation failed. [ 664.274428][T18902] NILFS (loop2): btree level mismatch (ino=16): 1 != 7 [ 664.281460][T18902] NILFS error (device loop2): nilfs_bmap_last_key: broken bmap (inode number=16) [ 664.300061][ T5955] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 664.327466][T18902] Remounting filesystem read-only [ 664.332615][T18902] NILFS (loop2): error -5 truncating bmap (ino=16) [ 664.406351][ T5955] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 664.477848][ T5857] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 664.526203][ T5955] usb 2-1: USB disconnect, device number 102 [ 664.712493][T18924] netlink: 'syz.0.5557': attribute type 4 has an invalid length. [ 665.006852][T18941] loop4: detected capacity change from 0 to 16 [ 665.014097][T18941] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 665.134678][T18941] cramfs: Error -3 while decompressing! [ 665.182098][T18941] cramfs: ffffffff99bf56a8(27)->ffff88806cd15000(4096) [ 665.224687][T18941] cramfs: Error -3 while decompressing! [ 665.246602][T18941] cramfs: ffffffff99bf56c3(16)->ffff88806b775000(4096) [ 665.253537][T18941] cramfs: Error -3 while decompressing! [ 665.296976][T18941] cramfs: ffffffff99bf56a8(27)->ffff88806cd15000(4096) [ 665.316164][ T30] audit: type=1800 audit(2000000227.195:128): pid=18941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.5564" name="file2" dev="loop4" ino=348 res=0 errno=0 [ 665.435837][T18951] loop0: detected capacity change from 0 to 4096 [ 665.561948][T18951] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 665.639102][T18951] ntfs3(loop0): Failed to load $Extend (-22). [ 665.645332][T18951] ntfs3(loop0): Failed to initialize $Extend. [ 666.133012][T18979] loop0: detected capacity change from 0 to 64 [ 666.199608][T18949] loop5: detected capacity change from 0 to 32768 [ 666.234414][T18981] netlink: 'syz.4.5585': attribute type 10 has an invalid length. [ 666.256234][T18949] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5570 (18949) [ 666.303985][T18981] team0: Device ipvlan1 failed to register rx_handler [ 666.394789][T18949] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 666.483533][T18983] netlink: 'syz.2.5586': attribute type 1 has an invalid length. [ 666.503491][T18949] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm [ 666.787263][T18987] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 666.883126][T18949] BTRFS info (device loop5): allowing degraded mounts [ 666.902878][T18973] loop3: detected capacity change from 0 to 16384 [ 666.925949][T18949] BTRFS info (device loop5): enabling ssd optimizations [ 666.932951][T18949] BTRFS info (device loop5): enabling free space tree [ 666.958290][T19009] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5590'. [ 666.996049][T19009] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5590'. [ 667.005758][T18949] BTRFS info (device loop5): force clearing of disk cache [ 667.039152][T18949] BTRFS info (device loop5): enabling auto defrag [ 667.045632][T18949] BTRFS info (device loop5): ignoring unknown super block flags [ 667.063201][T19009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5590'. [ 667.480334][ T5871] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 667.528457][T18973] bcachefs (loop3): starting version 1.13: inode_has_child_snapshots opts=errors=continue,metadata_checksum=none,data_checksum=xxhash,erasure_code,grpquota,prjquota,norecovery,reconstruct_alloc,version_upgrade=none,nocow [ 667.528492][T18973] features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 667.575842][T19031] netlink: 'syz.2.5596': attribute type 5 has an invalid length. [ 667.726212][T18973] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0 [ 667.784158][T18973] bcachefs (loop3): invalid journal entry, version=1.13: inode_has_child_snapshots type=clock in superblock: bad size, fixing [ 667.829284][T18973] bcachefs (loop3): recovering from clean shutdown, journal seq 18 [ 667.869067][T18973] bcachefs (loop3): dropping and reconstructing all alloc info [ 667.957323][T19042] comedi comedi0: rti802: I/O port conflict (0xfffffffffffffbff,4) [ 667.965864][T18973] bcachefs (loop3): accounting_read... [ 668.006127][ T43] usb 5-1: new high-speed USB device number 93 using dummy_hcd [ 668.058162][T18973] done [ 668.061596][T18973] bcachefs (loop3): alloc_read... done [ 668.095521][T18973] bcachefs (loop3): snapshots_read... done [ 668.103389][T19044] libceph: resolve '4' (ret=-3): failed [ 668.132537][T18973] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean [ 668.170324][T18973] bcachefs (loop3): reading quotas [ 668.202574][T18973] bcachefs (loop3): quotas done [ 668.223322][T18973] bcachefs (loop3): done starting filesystem [ 668.228995][ T43] usb 5-1: too many configurations: 41, using maximum allowed: 8 [ 668.258082][ T43] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 668.326471][ T43] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 668.376537][ T43] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 668.413707][ T43] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 668.477590][ T43] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 668.487948][ T43] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 668.567987][ T43] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 668.607736][ T43] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 668.648467][ T5859] bcachefs (loop3): shutting down [ 668.658404][ T43] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 668.714475][ T43] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 668.749090][ T43] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 668.766044][ T43] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 668.824321][ T43] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 668.865531][ T43] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 668.881475][ T5859] bcachefs (loop3): shutdown complete [ 668.907584][ T43] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 668.961541][ T43] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 668.999298][T19060] loop0: detected capacity change from 0 to 512 [ 669.028452][ T43] usb 5-1: New USB device found, idVendor=187f, idProduct=211d, bcdDevice=f6.a7 [ 669.054270][ T43] usb 5-1: New USB device strings: Mfr=35, Product=230, SerialNumber=33 [ 669.062942][ T24] usb 3-1: new high-speed USB device number 97 using dummy_hcd [ 669.072324][T19060] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 669.087679][ T43] usb 5-1: Product: syz [ 669.098962][ T43] usb 5-1: Manufacturer: syz [ 669.113312][ T43] usb 5-1: SerialNumber: syz [ 669.124852][ T43] usb 5-1: config 0 descriptor?? [ 669.125152][T19060] EXT4-fs (loop0): 1 truncate cleaned up [ 669.224761][T19060] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 669.238994][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 669.246253][ T24] usb 3-1: config 0 has an invalid interface number: 52 but max is 0 [ 669.264573][ T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 669.286108][ T24] usb 3-1: config 0 has no interface number 0 [ 669.292436][ T24] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 669.326057][ T24] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 669.396010][ T24] usb 3-1: config 0 interface 52 has no altsetting 0 [ 669.409686][T19037] loop1: detected capacity change from 0 to 32768 [ 669.427632][ T43] usb 5-1: USB disconnect, device number 93 [ 669.450505][ T24] usb 3-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 669.451814][ T5858] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 669.483101][ T24] usb 3-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 669.492589][T19068] netlink: 'syz.5.5615': attribute type 3 has an invalid length. [ 669.516518][ T24] usb 3-1: Manufacturer: syz [ 669.547527][ T24] usb 3-1: config 0 descriptor?? [ 669.572011][ T24] hub 3-1:0.52: bad descriptor, ignoring hub [ 669.626571][ T24] hub 3-1:0.52: probe with driver hub failed with error -5 [ 669.797587][ T24] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.52/input/input51 [ 670.001458][ T30] audit: type=1326 audit(2000000231.885:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19075 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38798eec9 code=0x7ffc0000 [ 670.090552][ T30] audit: type=1326 audit(2000000231.885:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19075 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7fe38798eec9 code=0x7ffc0000 [ 670.146509][ T24] usb 3-1: USB disconnect, device number 97 [ 670.167650][ T30] audit: type=1326 audit(2000000231.885:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19075 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38798eec9 code=0x7ffc0000 [ 670.281673][T19080] veth3: entered promiscuous mode [ 670.305079][ T30] audit: type=1326 audit(2000000231.885:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19075 comm="syz.5.5619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38798eec9 code=0x7ffc0000 [ 670.614046][T19088] loop4: detected capacity change from 0 to 4096 [ 670.667853][T19093] loop0: detected capacity change from 0 to 1024 [ 670.728508][T19095] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 670.856749][T19088] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 670.976100][T19088] Remounting filesystem read-only [ 671.079713][T19101] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5632'. [ 671.333797][T19109] loop0: detected capacity change from 0 to 256 [ 671.640074][T19109] FAT-fs (loop0): Directory bread(block 64) failed [ 671.655671][T19109] FAT-fs (loop0): Directory bread(block 65) failed [ 671.708589][T19109] FAT-fs (loop0): Directory bread(block 66) failed [ 671.715162][T19109] FAT-fs (loop0): Directory bread(block 67) failed [ 671.776140][T19109] FAT-fs (loop0): Directory bread(block 68) failed [ 671.782723][T19109] FAT-fs (loop0): Directory bread(block 69) failed [ 671.846521][T19109] FAT-fs (loop0): Directory bread(block 70) failed [ 671.853114][T19109] FAT-fs (loop0): Directory bread(block 71) failed [ 671.884050][T19122] loop5: detected capacity change from 0 to 256 [ 671.926124][T19109] FAT-fs (loop0): Directory bread(block 72) failed [ 671.970435][T19109] FAT-fs (loop0): Directory bread(block 73) failed [ 672.008219][T19090] loop1: detected capacity change from 0 to 32768 [ 672.604029][T19141] netlink: 'syz.3.5650': attribute type 1 has an invalid length. [ 672.696675][T19145] loop4: detected capacity change from 0 to 1024 [ 673.397529][T19168] loop1: detected capacity change from 0 to 8 [ 673.496968][T19168] SQUASHFS error: lzo decompression failed, data probably corrupt [ 673.557992][T19170] loop0: detected capacity change from 0 to 512 [ 673.565396][T19170] EXT4-fs: Ignoring removed oldalloc option [ 673.569576][T19168] SQUASHFS error: Failed to read block 0x91: -5 [ 673.617662][T19168] SQUASHFS error: Unable to read metadata cache entry [8f] [ 673.646958][T19168] SQUASHFS error: Unable to read inode 0x11f [ 673.662603][T19170] EXT4-fs: inline encryption not supported [ 673.702669][T19170] EXT4-fs: Ignoring removed mblk_io_submit option [ 673.738393][T19170] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 673.806187][ T24] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 673.839270][T19170] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5665: bg 0: block 64: padding at end of block bitmap is not set [ 673.895700][T19136] loop5: detected capacity change from 0 to 32768 [ 673.914960][T19170] Quota error (device loop0): write_blk: dquota write failed [ 673.924087][T19170] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 673.934560][T19170] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.5665: Failed to acquire dquot type 0 [ 673.957257][T19170] EXT4-fs (loop0): 1 truncate cleaned up [ 673.971988][T19136] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 673.995860][T19170] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 674.006001][ T24] usb 4-1: Using ep0 maxpacket: 8 [ 674.031506][ T24] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 674.050547][ T24] usb 4-1: config 179 has no interface number 0 [ 674.066130][ T24] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 674.077556][ T24] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 674.090297][ T24] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 674.101721][ T24] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 674.130884][ T24] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 674.156119][T19170] Quota error (device loop0): do_check_range: Getting block 144 out of range 0-5 [ 674.161000][T19136] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 674.167327][ T24] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 674.224987][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 674.262668][ T5858] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 674.273811][T19174] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 674.431194][T19191] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5672'. [ 674.436577][ T6023] usb 2-1: new high-speed USB device number 103 using dummy_hcd [ 674.678877][ T6023] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 674.726109][ T6023] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 674.747700][ T24] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input52 [ 674.786190][ T6023] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 674.801644][ T5871] ocfs2: Unmounting device (7,5) on (node local) [ 674.850097][ T6023] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 674.907304][ T5955] usb 4-1: USB disconnect, device number 90 [ 674.907310][ C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 674.907450][ C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 674.946278][ T6023] usb 2-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16 [ 674.955402][ T6023] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 674.973155][ T6023] usb 2-1: Product: syz [ 674.978178][ T6023] usb 2-1: Manufacturer: syz [ 674.983355][ T6023] usb 2-1: SerialNumber: syz [ 675.048686][ T6023] usb 2-1: config 0 descriptor?? [ 675.066927][ T6023] kvaser_usb 2-1:0.0: CMD_MAP_CHANNEL_REQ failed for CAN0 [ 675.095645][ T6023] kvaser_usb 2-1:0.0: error -EMSGSIZE: Failed to initialize card [ 675.111146][ T6023] kvaser_usb 2-1:0.0: probe with driver kvaser_usb failed with error -90 [ 675.137368][T19172] loop4: detected capacity change from 0 to 32768 [ 675.216515][T19172] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 675.376268][T19172] XFS (loop4): Ending clean mount [ 675.383799][ T6023] usb 2-1: USB disconnect, device number 103 [ 675.405305][T19172] XFS (loop4): Quotacheck needed: Please wait. [ 675.839142][T19215] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 675.904552][T19172] XFS (loop4): Quotacheck: Done. [ 676.242161][ T5860] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 676.441291][T19231] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5689'. [ 676.501201][T19235] loop1: detected capacity change from 0 to 8 [ 677.138584][T19247] ip6erspan0: entered allmulticast mode [ 677.214371][T19250] loop4: detected capacity change from 0 to 1024 [ 677.240895][T19252] loop5: detected capacity change from 0 to 1024 [ 677.282279][T19252] syz.5.5698: attempt to access beyond end of device [ 677.282279][T19252] loop5: rw=2057, sector=262, nr_sectors = 65274 limit=1024 [ 677.307363][T19250] EXT4-fs: inline encryption not supported [ 677.313388][T19250] EXT4-fs: Ignoring removed bh option [ 677.374476][T19250] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 677.594577][ T5860] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 677.785772][T19269] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5706'. [ 678.014490][T19238] loop3: detected capacity change from 0 to 32768 [ 678.116542][T19280] netlink: 'syz.0.5710': attribute type 2 has an invalid length. [ 678.156774][T19238] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 678.165482][T19287] netlink: 348 bytes leftover after parsing attributes in process `syz.2.5713'. [ 678.176289][T19280] netlink: 'syz.0.5710': attribute type 1 has an invalid length. [ 678.428755][T19297] loop5: detected capacity change from 0 to 512 [ 678.466307][T19302] netlink: 232 bytes leftover after parsing attributes in process `syz.2.5715'. [ 678.499178][T19296] bond2: entered allmulticast mode [ 678.521313][T19238] XFS (loop3): Ending clean mount [ 678.521554][T19304] loop0: detected capacity change from 0 to 512 [ 678.596731][T19304] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 678.623044][T19297] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 678.650015][T19304] EXT4-fs (loop0): 1 truncate cleaned up [ 678.668738][T19309] loop4: detected capacity change from 0 to 256 [ 678.678074][T19238] XFS (loop3): Quotacheck needed: Please wait. [ 678.696593][T19297] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 678.704720][T19297] System zones: 0-1, 15-15, 18-18, 34-34 [ 678.712817][T19304] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 678.717070][T19297] EXT4-fs (loop5): orphan cleanup on readonly fs [ 678.734163][T19297] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0 [ 678.836848][T19297] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 678.861256][T19304] EXT4-fs error (device loop0): ext4_append:79: inode #2: comm syz.0.5718: Logical block already allocated [ 678.921664][T19297] EXT4-fs (loop5): Cannot turn on quotas: error -22 [ 678.933434][T19297] EXT4-fs (loop5): 1 truncate cleaned up [ 678.946159][T19238] XFS (loop3): Quotacheck: Done. [ 678.959189][T19304] EXT4-fs (loop0): Remounting filesystem read-only [ 678.994567][T19297] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 679.106236][T19297] fscrypt (loop5, inode 16): Error -61 getting encryption context [ 679.168890][ T5858] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 679.218815][ T5859] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 679.279041][ T5871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 679.563921][T19322] loop4: detected capacity change from 0 to 4096 [ 679.685659][T19331] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 679.720776][T19322] NILFS (loop4): unable to set label with more than 80 bytes [ 679.884122][ T30] audit: type=1326 audit(2000000241.765:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19337 comm="syz.2.5734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 679.976080][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 679.994727][ T30] audit: type=1326 audit(2000000241.765:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19337 comm="syz.2.5734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 680.110420][ T30] audit: type=1326 audit(2000000241.845:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19337 comm="syz.2.5734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=300 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 680.148908][T19342] comedi comedi0: s526: a I/O base address must be specified [ 680.214629][T19348] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5735'. [ 680.216137][ T30] audit: type=1326 audit(2000000241.845:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19337 comm="syz.2.5734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 680.230261][T19345] loop3: detected capacity change from 0 to 1024 [ 680.376455][T19350] loop2: detected capacity change from 0 to 512 [ 680.414014][ T30] audit: type=1326 audit(2000000241.845:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19337 comm="syz.2.5734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 680.444353][T19350] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 680.863439][T19360] loop1: detected capacity change from 0 to 2048 [ 680.967687][T19370] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 681.341162][T19378] geneve2: entered promiscuous mode [ 681.387394][T19378] geneve2: entered allmulticast mode [ 681.491700][T19387] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5757'. [ 681.820947][T19400] loop0: detected capacity change from 0 to 256 [ 681.890822][T19400] exfat: Deprecated parameter 'utf8' [ 682.102289][T19400] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 682.342050][T19419] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5773'. [ 682.483392][T19395] loop2: detected capacity change from 0 to 16384 [ 682.879925][T19395] bcachefs (loop2): starting version 1.13: inode_has_child_snapshots opts=metadata_checksum=xxhash,data_checksum=none,recovery_pass_last=scan_for_btree_nodes,read_only,reconstruct_alloc,version_upgrade=incompatible,nocow [ 682.879960][T19395] features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 682.882663][T19432] loop5: detected capacity change from 0 to 512 [ 682.901368][ C0] vkms_vblank_simulate: vblank timer overrun [ 682.966990][T19432] EXT4-fs: Ignoring removed bh option [ 682.969651][T19395] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 683.026163][T19432] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 683.026215][T19395] bcachefs (loop2): recovering from clean shutdown, journal seq 18 [ 683.085997][T19432] EXT4-fs (loop5): invalid journal inode [ 683.111928][T19432] EXT4-fs (loop5): can't get journal size [ 683.135510][T19395] bcachefs (loop2): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive [ 683.135510][T19395] running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes [ 683.181927][T19432] EXT4-fs (loop5): 1 truncate cleaned up [ 683.187958][T19395] bcachefs (loop2): Now allowing incompatible features up to 1.28: inode_has_case_insensitive, previously allowed up to 1.13: inode_has_child_snapshots [ 683.187958][T19395] [ 683.244355][T19432] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 683.286760][T19395] bcachefs (loop2): dropping and reconstructing all alloc info [ 683.362783][T19432] Device name not specified. [ 683.362783][T19432] [ 683.371286][T19395] bcachefs (loop2): done starting filesystem [ 683.405575][T19425] loop0: detected capacity change from 0 to 32768 [ 683.617947][ T5871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 683.786447][ T5857] bcachefs (loop2): shutting down [ 683.828655][T19448] netlink: 268 bytes leftover after parsing attributes in process `syz.5.5785'. [ 683.895053][T19448] unsupported nla_type 65024 [ 683.909337][ T5857] bcachefs (loop2): shutdown complete [ 683.977808][T19450] vim2m vim2m.0: Fourcc format (0x31384142) invalid. [ 684.482686][T19457] bridge0: port 2(bridge_slave_1) entered disabled state [ 684.531315][T19463] loop5: detected capacity change from 0 to 256 [ 684.587311][T19463] FAT-fs (loop5): Directory bread(block 64) failed [ 684.620927][T19463] FAT-fs (loop5): Directory bread(block 65) failed [ 684.664821][T19463] FAT-fs (loop5): Directory bread(block 66) failed [ 684.687198][T19463] FAT-fs (loop5): Directory bread(block 67) failed [ 684.716551][T19463] FAT-fs (loop5): Directory bread(block 68) failed [ 684.723567][T19463] FAT-fs (loop5): Directory bread(block 69) failed [ 684.766169][T19463] FAT-fs (loop5): Directory bread(block 70) failed [ 684.801929][T19463] FAT-fs (loop5): Directory bread(block 71) failed [ 684.824921][T19463] FAT-fs (loop5): Directory bread(block 72) failed [ 684.886276][T19463] FAT-fs (loop5): Directory bread(block 73) failed [ 684.973522][T19471] loop1: detected capacity change from 0 to 512 [ 684.980285][T19446] loop4: detected capacity change from 0 to 32768 [ 685.010522][T19446] XFS: attr2 mount option is deprecated. [ 685.047654][T19471] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 685.066456][T19472] loop3: detected capacity change from 0 to 4096 [ 685.088716][T19471] ext4 filesystem being mounted at /985/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 685.099893][T19472] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 685.105060][T19472] ntfs3(loop3): ino=3, mi_enum_attr [ 685.124859][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.131882][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.203342][T19446] XFS (loop4): DAX unsupported by block device. Turning off DAX. [ 685.265360][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 685.285652][T19446] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 685.496019][T19446] XFS (loop4): Ending clean mount [ 685.596918][T19446] XFS (loop4): Quotacheck needed: Please wait. [ 685.808566][T19446] XFS (loop4): Quotacheck: Done. [ 685.845872][T19493] loop1: detected capacity change from 0 to 256 [ 686.058947][ T5860] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 686.342500][T19505] loop1: detected capacity change from 0 to 16 [ 687.005251][T19521] netlink: 'syz.4.5807': attribute type 30 has an invalid length. [ 687.035657][T19521] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5807'. [ 687.073614][T19505] erofs (device loop1): mounted with root inode @ nid 36. [ 687.093070][T19521] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode 802.3ad(4) [ 687.108675][T19525] IPv6: Can't replace route, no match found [ 687.640383][T19543] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5828'. [ 687.696584][T19545] __vm_enough_memory: pid: 19545, comm: syz.5.5827, bytes: 4503599627366400 not enough memory for the allocation [ 687.908748][T19549] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5831'. [ 688.757821][T19590] overlayfs: conflicting options: nfs_export=on,index=off [ 689.096117][T19601] loop5: detected capacity change from 0 to 64 [ 689.146229][T19603] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5856'. [ 689.378469][T19605] loop1: detected capacity change from 0 to 4096 [ 689.425145][T19605] ntfs3(loop1): ino=0, mi_enum_attr [ 689.583680][T19605] ntfs3(loop1): ino=0, mi_enum_attr [ 689.639417][T19605] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 689.852023][T19618] loop3: detected capacity change from 0 to 4096 [ 689.898414][T19618] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 690.302689][T19641] CIFS: iocharset name too long [ 690.589060][T19650] loop0: detected capacity change from 0 to 128 [ 690.675465][T19650] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 690.741208][T19650] FAT-fs (loop0): Filesystem has been set read-only [ 690.953536][ T5858] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 691.095707][T19665] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5888'. [ 691.159954][T19622] loop2: detected capacity change from 0 to 32768 [ 691.392699][ T2954] read_mapping_page failed! [ 691.422374][ T2954] ERROR: (device loop2): txCommit: [ 691.422374][ T2954] [ 691.485785][ T2954] jfs_write_inode: jfs_commit_inode failed! [ 692.266314][T19713] netlink: 'syz.4.5911': attribute type 3 has an invalid length. [ 692.396285][T19715] loop2: detected capacity change from 0 to 1024 [ 692.503354][T19721] loop0: detected capacity change from 0 to 128 [ 692.541286][T19715] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 692.541500][T19721] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 692.656843][T19721] ext4 filesystem being mounted at /953/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 692.786214][T19732] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 692.816314][T19721] EXT4-fs warning (device loop0): verify_group_input:137: Cannot add at group 25 (only 1 groups) [ 692.836507][ T5857] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.094343][ T5858] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 693.133033][T19744] loop4: detected capacity change from 0 to 256 [ 693.206889][T19744] exfat: Deprecated parameter 'namecase' [ 693.354459][T19744] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 693.404254][T19753] loop0: detected capacity change from 0 to 8 [ 693.478293][T19753] SQUASHFS error: Failed to read block 0x636: -5 [ 693.536025][T19753] SQUASHFS error: Unable to read metadata cache entry [634] [ 693.586136][T19753] SQUASHFS error: Unable to read metadata cache entry [634] [ 693.626052][T19753] SQUASHFS error: Unable to read directory block [629:0] [ 693.976625][T19773] netlink: 'syz.3.5939': attribute type 39 has an invalid length. [ 694.336009][ T973] usb 6-1: new full-speed USB device number 93 using dummy_hcd [ 694.397731][T19791] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5947'. [ 694.446011][T19791] netlink: 'syz.4.5947': attribute type 1 has an invalid length. [ 694.482736][T19791] netlink: 'syz.4.5947': attribute type 2 has an invalid length. [ 694.506275][T19791] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5947'. [ 694.527051][ T973] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 694.551928][ T973] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 694.607447][ T973] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 694.637439][ T973] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 694.689033][ T973] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 694.777142][ T973] usb 6-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 694.787676][ T973] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 694.805769][ T973] usb 6-1: Product: syz [ 694.811293][ T973] usb 6-1: Manufacturer: syz [ 694.824252][ T973] usb 6-1: SerialNumber: syz [ 694.863643][T19811] netlink: 'syz.1.5957': attribute type 64 has an invalid length. [ 694.893871][T19811] netlink: 'syz.1.5957': attribute type 4 has an invalid length. [ 694.905038][ T973] usb 6-1: config 0 descriptor?? [ 694.943118][T19811] netlink: 152 bytes leftover after parsing attributes in process `syz.1.5957'. [ 695.141778][ T973] radio-si470x 6-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 695.187002][ T973] radio-si470x 6-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 695.343359][ T973] radio-si470x 6-1:0.0: si470x_get_report: usb_control_msg returned -71 [ 695.405000][ T973] radio-si470x 6-1:0.0: si470x_get_scratch: si470x_get_report returned -71 [ 695.424534][ T973] radio-si470x 6-1:0.0: probe with driver radio-si470x failed with error -5 [ 695.448688][ T973] usb 6-1: USB disconnect, device number 93 [ 695.557486][T19832] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5967'. [ 695.562706][T19828] loop1: detected capacity change from 0 to 1024 [ 695.570657][T19833] loop0: detected capacity change from 0 to 8 [ 695.595475][T19828] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 695.675607][T19828] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 695.790233][T19828] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000] [ 695.862115][T19828] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.5965: Freeing blocks not in datazone - block = 0, count = 4096 [ 695.952644][T19828] EXT4-fs (loop1): Remounting filesystem read-only [ 695.969332][T19840] loop4: detected capacity change from 0 to 1024 [ 695.983494][T19828] EXT4-fs (loop1): 1 orphan inode deleted [ 695.998192][ T2971] EXT4-fs (loop1): Quota write (off=3072, len=1024) cancelled because transaction is not started [ 696.035003][ T2971] Quota error (device loop1): write_blk: dquota write failed [ 696.038007][T19828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 696.057095][ T2971] Quota error (device loop1): free_dqentry: Can't move quota data block (2) to free list [ 696.227886][ T2971] hfsplus: b-tree write err: -5, ino 4 [ 696.259402][T19848] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5974'. [ 696.357977][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 696.424157][T19809] loop3: detected capacity change from 0 to 32768 [ 696.497727][T19809] XFS: attr2 mount option is deprecated. [ 696.529968][T19854] loop5: detected capacity change from 0 to 512 [ 696.571117][T19854] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 696.592356][T19859] loop2: detected capacity change from 0 to 64 [ 696.628748][T19809] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 696.652206][T19854] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 696.671130][T19809] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 696.767606][T19854] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 696.866472][T19854] EXT4-fs (loop5): 1 truncate cleaned up [ 696.927099][T19854] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 696.947899][T19809] XFS (loop3): Ending clean mount [ 696.983220][T19809] XFS (loop3): Quotacheck needed: Please wait. [ 697.114012][T19809] XFS (loop3): Quotacheck: Done. [ 697.136527][T19854] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. [ 697.340059][ T5859] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 697.507748][ T5871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 697.608312][T19899] loop4: detected capacity change from 0 to 1024 [ 697.775419][T19899] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 697.864383][T19899] EXT4-fs error (device loop4): __ext4_new_inode:1073: comm syz.4.5997: reserved inode found cleared - inode=2 [ 697.901448][T19899] EXT4-fs (loop4): Remounting filesystem read-only [ 698.190244][ T5860] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 698.203979][T19919] loop2: detected capacity change from 0 to 16 [ 698.213482][ T5880] Bluetooth: hci1: unexpected event for opcode 0x0c6d [ 698.247264][T19920] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 698.253869][T19920] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 698.262335][T19918] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5993'. [ 698.278178][T19919] erofs (device loop2): mounted with root inode @ nid 36. [ 698.286334][T19920] vhci_hcd vhci_hcd.0: Device attached [ 698.304970][T19921] vhci_hcd: connection closed [ 698.329648][T19918] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5993'. [ 698.343883][ T59] vhci_hcd: stop threads [ 698.359166][ T59] vhci_hcd: release socket [ 698.363640][ T59] vhci_hcd: disconnect device [ 698.590382][T19928] loop5: detected capacity change from 0 to 256 [ 698.903198][T19937] loop3: detected capacity change from 0 to 256 [ 698.955424][T19937] vfat: Deprecated parameter 'posix' [ 699.019201][T19937] FAT-fs: "posix" option is obsolete, not supported now [ 699.343498][T19953] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6019'. [ 699.488933][T19908] loop0: detected capacity change from 0 to 32768 [ 699.495613][T19958] netlink: 'syz.2.6022': attribute type 1 has an invalid length. [ 699.518880][T19947] loop4: detected capacity change from 0 to 4096 [ 699.545790][T19958] netlink: 'syz.2.6022': attribute type 1 has an invalid length. [ 699.554591][T19908] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.6000 (19908) [ 699.604776][T19908] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 699.680852][T19908] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm [ 699.728733][T19947] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 699.758209][T19947] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 699.848845][T19947] ntfs3(loop4): ino=1e, "file1" The size of extended attributes must not exceed 64KiB [ 699.947915][T19908] BTRFS info (device loop0): enabling ssd optimizations [ 699.958327][T19908] BTRFS info (device loop0): enabling free space tree [ 700.310343][ T5858] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 700.713102][T20006] loop4: detected capacity change from 0 to 256 [ 700.861278][T20006] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012c80, chksum : 0x0ff561db, utbl_chksum : 0xe619d30d) [ 700.963379][T20006] exFAT-fs (loop4): start_clu is invalid cluster(0xffffffff) [ 701.110423][ T30] audit: type=1800 audit(2000000262.955:138): pid=20006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.6037" name="file0" dev="loop4" ino=1048640 res=0 errno=0 [ 701.258487][T20020] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6041'. [ 701.267644][T20020] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6041'. [ 702.249559][T20054] loop4: detected capacity change from 0 to 512 [ 702.343922][T20054] fscrypt (loop4, inode 2): Error -61 getting encryption context [ 702.446086][T20054] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61 [ 702.488641][T20054] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.6058: iget: bad i_size value: 12154757448730 [ 702.556499][T20060] netlink: 'syz.0.6062': attribute type 1 has an invalid length. [ 702.557879][T20054] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.6058: couldn't read orphan inode 13 (err -117) [ 702.564270][T20060] netlink: 'syz.0.6062': attribute type 2 has an invalid length. [ 702.648191][T20064] loop2: detected capacity change from 0 to 512 [ 702.766375][T20054] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 702.913103][T20054] fscrypt (loop4, inode 2): Error -61 getting encryption context [ 702.994451][T20026] loop3: detected capacity change from 0 to 32768 [ 703.016674][ T6023] usb 3-1: new high-speed USB device number 98 using dummy_hcd [ 703.067258][T20067] loop1: detected capacity change from 0 to 4096 [ 703.106987][ T5860] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 703.143396][T20073] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6069'. [ 703.205825][T20026] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 703.244971][ T6023] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 703.296381][T20026] (syz.3.6046,20026,1):ocfs2_find_entry:1094 ERROR: status = -117 [ 703.316043][ T6023] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 218, changing to 7 [ 703.346896][T20026] (syz.3.6046,20026,1):ocfs2_find_entry:1094 ERROR: status = -117 [ 703.388424][ T6023] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid maxpacket 32945, setting to 1024 [ 703.399746][T20026] (syz.3.6046,20026,1):ocfs2_mknod:505 ERROR: status = -117 [ 703.416068][T20026] (syz.3.6046,20026,1):ocfs2_mkdir:661 ERROR: status = -117 [ 703.440517][ T6023] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 703.462326][T20067] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 703.490365][ T6023] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 703.529101][T20085] @0: renamed from bond_slave_1 (while UP) [ 703.544319][ T6023] usb 3-1: Product: syz [ 703.554751][ T6023] usb 3-1: Manufacturer: syz [ 703.585497][ T6023] usb 3-1: SerialNumber: syz [ 703.613304][ T6023] usb 3-1: config 0 descriptor?? [ 703.631456][ T6023] usb 3-1: 0:0 : invalid sync pipe. bmAttributes e5, bLength 9, bSynchAddress 2f [ 703.689978][ T5859] (syz-executor,5859,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 76 [ 703.785319][ T5859] ocfs2: Unmounting device (7,3) on (node local) [ 703.930189][ T6023] usb 3-1: USB disconnect, device number 98 [ 703.965543][T20093] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6077'. [ 704.016728][T20091] loop0: detected capacity change from 0 to 4096 [ 704.098931][ T5932] udevd[5932]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 704.936118][ T30] audit: type=1326 audit(2000000266.815:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20120 comm="syz.0.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959778eec9 code=0x7ffc0000 [ 704.958494][ C1] vkms_vblank_simulate: vblank timer overrun [ 705.106952][ T30] audit: type=1326 audit(2000000266.815:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20120 comm="syz.0.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959778eec9 code=0x7ffc0000 [ 705.206030][ T30] audit: type=1326 audit(2000000266.885:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20120 comm="syz.0.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f959778eec9 code=0x7ffc0000 [ 705.251984][T20135] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6096'. [ 705.308509][ T30] audit: type=1326 audit(2000000266.885:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20120 comm="syz.0.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959778eec9 code=0x7ffc0000 [ 705.449327][ T30] audit: type=1326 audit(2000000266.885:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20120 comm="syz.0.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f959778eec9 code=0x7ffc0000 [ 705.816551][T20157] netlink: 'syz.3.6108': attribute type 21 has an invalid length. [ 705.855160][T20157] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6108'. [ 705.913169][T20157] netlink: 'syz.3.6108': attribute type 1 has an invalid length. [ 706.479009][T20177] bridge1: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms) [ 706.490650][T20180] netlink: 92 bytes leftover after parsing attributes in process `syz.2.6121'. [ 706.746173][ T5955] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 706.754957][ T10] usb 5-1: new high-speed USB device number 94 using dummy_hcd [ 706.884186][ T30] audit: type=1326 audit(2000000268.765:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20196 comm="syz.2.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 706.906764][ C1] vkms_vblank_simulate: vblank timer overrun [ 706.949419][ T5955] usb 4-1: Using ep0 maxpacket: 32 [ 706.985817][ T10] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 706.994590][ T30] audit: type=1326 audit(2000000268.765:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20196 comm="syz.2.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 707.005282][ T5955] usb 4-1: config 0 has an invalid interface number: 242 but max is 0 [ 707.050761][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 707.077563][ T5955] usb 4-1: config 0 has no interface number 0 [ 707.103783][ T30] audit: type=1326 audit(2000000268.765:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20196 comm="syz.2.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 707.108785][ T5955] usb 4-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=eb.4e [ 707.126162][ C1] vkms_vblank_simulate: vblank timer overrun [ 707.185387][ T10] usb 5-1: config 0 descriptor?? [ 707.226171][ T30] audit: type=1326 audit(2000000268.765:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20196 comm="syz.2.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 707.228665][ T10] cp210x 5-1:0.0: cp210x converter detected [ 707.300229][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 707.326341][ T5955] usb 4-1: Product: syz [ 707.326520][ T30] audit: type=1326 audit(2000000268.765:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20196 comm="syz.2.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 707.345931][ T5955] usb 4-1: Manufacturer: syz [ 707.406025][ T5955] usb 4-1: SerialNumber: syz [ 707.446204][ T5955] usb 4-1: config 0 descriptor?? [ 707.645323][ T10] usb 5-1: cp210x converter now attached to ttyUSB0 [ 707.673142][ T5955] cdc_subset 4-1:0.242: probe with driver cdc_subset failed with error -22 [ 707.732550][ T10] usb 5-1: USB disconnect, device number 94 [ 707.750342][T20217] loop1: detected capacity change from 0 to 64 [ 707.886779][ T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 707.963621][ T10] cp210x 5-1:0.0: device disconnected [ 707.984025][ T6023] usb 4-1: USB disconnect, device number 91 [ 708.158478][T20227] loop2: detected capacity change from 0 to 256 [ 708.176191][T20227] exfat: Deprecated parameter 'namecase' [ 708.203542][T20227] exfat: Deprecated parameter 'namecase' [ 708.334590][T20227] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 708.403587][T20207] loop0: detected capacity change from 0 to 32768 [ 708.431147][T20227] exFAT-fs (loop2): error, data size is invalid(16777215) [ 708.461652][T20207] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.6133 (20207) [ 708.555000][T20207] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 708.585789][T20207] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm [ 709.046619][T20207] BTRFS info (device loop0): enabling ssd optimizations [ 709.054057][T20207] BTRFS info (device loop0): enabling free space tree [ 709.188149][T20207] BTRFS error: failed to open device for path 8K\,@Rn0=S9r(aG='6BnѦ7ё)Re1P1D!Y6TN0t=`]JOiuqB*,/ʆ]%ه7c Wє9(:_ŠEK"6U^INS[f}3p3+S&c6J**P\%ڴz1xSoPꓻ֛&e8oxٔm6veꂮ#&0ۙBǕ:޽g?t Qy with flags 0x1: -2 [ 709.222177][ C1] vkms_vblank_simulate: vblank timer overrun [ 709.296365][ T10] usb 2-1: new full-speed USB device number 104 using dummy_hcd [ 709.394139][ T5858] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 709.536018][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 709.558280][ T10] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 709.625702][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 709.662927][T20223] loop5: detected capacity change from 0 to 32768 [ 709.677542][ T10] usb 2-1: config 0 descriptor?? [ 709.699187][T20257] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 709.846762][T20223] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 710.019428][ T10] usbhid 2-1:0.0: can't add hid device: -71 [ 710.045172][ T10] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 710.109588][ T10] usb 2-1: USB disconnect, device number 104 [ 710.301740][T20223] XFS (loop5): Ending clean mount [ 710.400782][T20264] loop4: detected capacity change from 0 to 32768 [ 710.490794][T20264] (syz.4.6152,20264,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 710.578025][T20264] (syz.4.6152,20264,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 710.639283][ T5871] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 710.821133][T20264] JBD2: Ignoring recovery information on journal [ 711.064038][T20264] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 711.465312][ T30] audit: type=1326 audit(2000000273.345:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20322 comm="syz.3.6178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f522598eec9 code=0x7ffc0000 [ 711.577997][ T30] audit: type=1326 audit(2000000273.345:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20322 comm="syz.3.6178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f522598eec9 code=0x7ffc0000 [ 711.579338][ T5860] ocfs2: Unmounting device (7,4) on (node local) [ 711.683623][ T30] audit: type=1326 audit(2000000273.385:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20322 comm="syz.3.6178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f522598eec9 code=0x7ffc0000 [ 711.710305][ T30] audit: type=1326 audit(2000000273.385:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20322 comm="syz.3.6178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f522598eec9 code=0x7ffc0000 [ 711.788209][ T30] audit: type=1326 audit(2000000273.385:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20322 comm="syz.3.6178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f522598eec9 code=0x7ffc0000 [ 711.897823][T20338] netlink: 156 bytes leftover after parsing attributes in process `syz.0.6185'. [ 712.206404][T20347] netlink: 'syz.0.6190': attribute type 1 has an invalid length. [ 712.246078][T20347] netlink: 184 bytes leftover after parsing attributes in process `syz.0.6190'. [ 712.395999][ T5909] usb 4-1: new high-speed USB device number 92 using dummy_hcd [ 712.431043][T20357] netlink: 252 bytes leftover after parsing attributes in process `syz.5.6194'. [ 712.452913][T20357] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6194'. [ 712.589315][ T5909] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 712.605624][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 712.663955][ T5909] usb 4-1: config 0 descriptor?? [ 712.703333][ T5909] cp210x 4-1:0.0: cp210x converter detected [ 712.947107][ T5909] usb 4-1: cp210x converter now attached to ttyUSB0 [ 713.026875][ T5955] usb 3-1: new high-speed USB device number 99 using dummy_hcd [ 713.131260][ T6023] usb 4-1: USB disconnect, device number 92 [ 713.164901][ T6023] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 713.173038][ T30] audit: type=1326 audit(2000000275.035:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20380 comm="syz.5.6206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38798eec9 code=0x7ffc0000 [ 713.226783][ T6023] cp210x 4-1:0.0: device disconnected [ 713.241934][ T5955] usb 3-1: config 27 interface 0 altsetting 0 has an endpoint descriptor with address 0x98, changing to 0x88 [ 713.264456][ T30] audit: type=1326 audit(2000000275.045:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20380 comm="syz.5.6206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38798eec9 code=0x7ffc0000 [ 713.305859][ T5955] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 713.340660][ T5955] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11 [ 713.360387][ T30] audit: type=1326 audit(2000000275.045:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20380 comm="syz.5.6206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7fe38798eec9 code=0x7ffc0000 [ 713.385999][ T5955] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024 [ 713.399073][T20387] loop0: detected capacity change from 0 to 256 [ 713.427971][T20388] netlink: 68 bytes leftover after parsing attributes in process `syz.5.6209'. [ 713.435953][T20387] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 713.458131][ T5955] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 713.467770][T20388] netlink: 68 bytes leftover after parsing attributes in process `syz.5.6209'. [ 713.482448][ T30] audit: type=1326 audit(2000000275.045:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20380 comm="syz.5.6206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38798eec9 code=0x7ffc0000 [ 713.505631][T20387] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 713.512733][ T5955] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 713.517451][T20388] netlink: 10 bytes leftover after parsing attributes in process `syz.5.6209'. [ 713.534518][ T30] audit: type=1326 audit(2000000275.045:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20380 comm="syz.5.6206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38798eec9 code=0x7ffc0000 [ 713.563693][T20387] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 713.596414][T20369] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 713.635764][ T5955] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 713.928207][ T5947] usb 3-1: USB disconnect, device number 99 [ 714.156026][ T5909] usb 4-1: new high-speed USB device number 93 using dummy_hcd [ 714.346034][ T5909] usb 4-1: Using ep0 maxpacket: 16 [ 714.364882][ T5909] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 714.390228][ T5909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 714.411119][ T5909] usb 4-1: Product: syz [ 714.418951][ T5909] usb 4-1: Manufacturer: syz [ 714.423562][ T5909] usb 4-1: SerialNumber: syz [ 714.447054][ T5909] r8152-cfgselector 4-1: Unknown version 0x0000 [ 714.485619][ T5909] r8152-cfgselector 4-1: config 0 descriptor?? [ 714.547227][T20390] loop1: detected capacity change from 0 to 32768 [ 714.564347][T20409] loop5: detected capacity change from 0 to 1024 [ 714.597665][T20390] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 714.700637][T20412] loop0: detected capacity change from 0 to 64 [ 714.714975][T20390] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 714.798189][ T2954] (kworker/u8:6,2954,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214 [ 714.876606][ T1160] hfsplus: b-tree write err: -5, ino 4 [ 714.958885][ T10] usb 3-1: new high-speed USB device number 100 using dummy_hcd [ 714.977652][ T5909] r8152-cfgselector 4-1: USB disconnect, device number 93 [ 715.071431][ T5856] ocfs2: Unmounting device (7,1) on (node local) [ 715.136180][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 715.156052][ T10] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9 [ 715.195318][ T10] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 715.227288][ T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 715.281674][ T10] usb 3-1: Product: syz [ 715.292566][ T10] usb 3-1: Manufacturer: syz [ 715.305942][ T10] usb 3-1: SerialNumber: syz [ 715.370476][ T10] usb 3-1: config 0 descriptor?? [ 715.400334][T20417] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 715.468972][ T10] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input54 [ 715.646105][T20435] netlink: 'syz.0.6231': attribute type 1 has an invalid length. [ 715.716088][T20435] netlink: 224 bytes leftover after parsing attributes in process `syz.0.6231'. [ 715.783111][T20441] overlayfs: missing 'lowerdir' [ 715.850198][T20437] loop5: detected capacity change from 0 to 1024 [ 715.868047][ T43] usb 3-1: USB disconnect, device number 100 [ 715.868143][ C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 715.945143][T20437] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 716.002120][T20437] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 716.046047][T20437] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869) [ 716.055710][T20437] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 716.129153][T20437] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 716.441305][T20460] loop3: detected capacity change from 0 to 256 [ 716.490964][ T5871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 716.545014][T20460] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 716.646103][T20466] ieee802154 phy0 wpan0: encryption failed: -90 [ 716.781367][T20472] overlayfs: cannot append lower layer [ 716.872497][ T36] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 717.450336][T20501] loop2: detected capacity change from 0 to 764 [ 717.481048][T20502] mmap: syz.5.6264 (20502): VmData 37482496 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 717.532559][T20501] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 717.588144][T20501] Symlink component flag not implemented [ 717.614959][T20501] Symlink component flag not implemented (7) [ 717.658360][ T30] audit: type=1326 audit(2000000279.535:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20507 comm="syz.4.6267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2ab78eec9 code=0x7ffc0000 [ 717.680727][ C1] vkms_vblank_simulate: vblank timer overrun [ 717.826153][ T30] audit: type=1326 audit(2000000279.535:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20507 comm="syz.4.6267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2ab78eec9 code=0x7ffc0000 [ 717.932899][ T30] audit: type=1326 audit(2000000279.575:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20507 comm="syz.4.6267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fa2ab78eec9 code=0x7ffc0000 [ 718.041658][ T30] audit: type=1326 audit(2000000279.575:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20507 comm="syz.4.6267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2ab78eec9 code=0x7ffc0000 [ 718.098488][T20512] loop0: detected capacity change from 0 to 4096 [ 718.156159][ T30] audit: type=1326 audit(2000000279.575:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20507 comm="syz.4.6267" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2ab78eec9 code=0x7ffc0000 [ 718.348729][ T30] audit: type=1326 audit(2000000280.235:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20525 comm="syz.2.6276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 718.471412][ T30] audit: type=1326 audit(2000000280.235:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20525 comm="syz.2.6276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 718.634594][ T30] audit: type=1326 audit(2000000280.255:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20525 comm="syz.2.6276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 718.765996][ T30] audit: type=1326 audit(2000000280.255:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20525 comm="syz.2.6276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 718.768503][ T10] IPVS: starting estimator thread 0... [ 718.866007][ T30] audit: type=1326 audit(2000000280.255:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20525 comm="syz.2.6276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d2e18eec9 code=0x7ffc0000 [ 718.922136][T20543] loop0: detected capacity change from 0 to 256 [ 718.966362][T20540] IPVS: using max 25 ests per chain, 60000 per kthread [ 719.430754][T20510] loop1: detected capacity change from 0 to 32768 [ 719.473451][T20510] XFS: ikeep mount option is deprecated. [ 719.565076][T20510] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 719.900660][T20510] XFS (loop1): Ending clean mount [ 719.987183][T20510] XFS (loop1): Quotacheck needed: Please wait. [ 720.155517][T20593] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 720.156057][T20510] XFS (loop1): Quotacheck: Done. [ 720.468113][T20604] loop3: detected capacity change from 0 to 512 [ 720.532185][T20604] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 720.596792][T20604] EXT4-fs (loop3): 1 truncate cleaned up [ 720.618219][ T5856] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 720.667014][T20604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 721.151843][ T5859] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 721.218994][T20631] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6324'. [ 721.743003][T20650] cgroup: No subsys list or none specified [ 722.003599][T20663] openvswitch: netlink: Tunnel attr 5 has unexpected len 4 expected 0 [ 722.588944][T20690] netlink: 'syz.5.6352': attribute type 5 has an invalid length. [ 722.712407][T20695] netlink: 'syz.4.6354': attribute type 12 has an invalid length. [ 722.757209][T20695] netlink: 132 bytes leftover after parsing attributes in process `syz.4.6354'. [ 723.343143][T20718] loop4: detected capacity change from 0 to 256 [ 723.401559][T20720] loop0: detected capacity change from 0 to 512 [ 723.482418][T20720] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 723.559791][T20718] FAT-fs (loop4): Directory bread(block 64) failed [ 723.620647][T20720] ext4 filesystem being mounted at /1037/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 723.635395][T20718] FAT-fs (loop4): Directory bread(block 65) failed [ 723.682412][T20718] FAT-fs (loop4): Directory bread(block 66) failed [ 723.719548][T20718] FAT-fs (loop4): Directory bread(block 67) failed [ 723.746346][T20718] FAT-fs (loop4): Directory bread(block 68) failed [ 723.765332][T20720] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 723.774316][T20718] FAT-fs (loop4): Directory bread(block 69) failed [ 723.786994][T20718] FAT-fs (loop4): Directory bread(block 70) failed [ 723.803719][T20718] FAT-fs (loop4): Directory bread(block 71) failed [ 723.836160][T20720] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 723.854796][T20718] FAT-fs (loop4): Directory bread(block 72) failed [ 723.886827][T20720] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.6366: Failed to acquire dquot type 0 [ 723.900849][T20718] FAT-fs (loop4): Directory bread(block 73) failed [ 724.119722][ T5858] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 724.358960][T20748] loop4: detected capacity change from 0 to 8 [ 724.401593][T20748] unable to read fragment index table [ 724.480518][T20748] cgroup: release_agent respecified [ 724.769723][T20756] netlink: 424 bytes leftover after parsing attributes in process `syz.4.6382'. [ 724.781044][T20727] loop3: detected capacity change from 0 to 32768 [ 724.804661][T20756] netlink: 'syz.4.6382': attribute type 1 has an invalid length. [ 724.881906][T20727] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 724.982650][T20727] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 725.298727][T20747] loop1: detected capacity change from 0 to 32768 [ 725.331617][ T5859] ocfs2: Unmounting device (7,3) on (node local) [ 725.339154][T20747] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.6379 (20747) [ 725.433739][T20747] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 725.465562][T20777] netlink: 248 bytes leftover after parsing attributes in process `syz.4.6390'. [ 725.481161][ T5955] usb 1-1: new high-speed USB device number 101 using dummy_hcd [ 725.490592][T20747] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm [ 725.676045][ T5955] usb 1-1: Using ep0 maxpacket: 32 [ 725.683171][ T5955] usb 1-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice=30.46 [ 725.714854][ T5955] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 725.774456][T20799] syz.2.6394 uses obsolete (PF_INET,SOCK_PACKET) [ 725.799185][ T5955] usb 1-1: config 0 descriptor?? [ 725.807452][T20747] BTRFS info (device loop1): enabling ssd optimizations [ 725.837553][T20747] BTRFS info (device loop1): enabling free space tree [ 725.842061][T20802] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6395'. [ 725.920519][T20802] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6395'. [ 726.032073][T20808] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 726.147296][ T5856] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 726.158103][ T5955] usb 1-1: USB disconnect, device number 101 [ 726.499987][T20819] loop4: detected capacity change from 0 to 512 [ 726.618099][T20819] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 726.691415][T20819] ext4 filesystem being mounted at /1074/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 726.705189][T20819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 726.803739][T20829] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 726.846155][ T6023] usb 4-1: new full-speed USB device number 94 using dummy_hcd [ 726.872629][T20832] loop5: detected capacity change from 0 to 256 [ 726.957971][T20832] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 727.076692][ T6023] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 727.085776][ T6023] usb 4-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3 [ 727.100652][T20832] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 727.112832][T20832] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 727.187240][ T6023] usb 4-1: Product: syz [ 727.219689][ T6023] usb 4-1: Manufacturer: syz [ 727.251272][ T6023] usb 4-1: SerialNumber: syz [ 727.288394][T20844] loop2: detected capacity change from 0 to 512 [ 727.343654][ T6023] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 727.374790][T20844] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e018, mo2=0002] [ 727.389594][T20847] loop4: detected capacity change from 0 to 16 [ 727.434629][T20844] System zones: 1-12 [ 727.442955][T20847] erofs (device loop4): mounted with root inode @ nid 36. [ 727.543376][T20844] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 33261: comm syz.2.6409: invalid block [ 727.640242][T20844] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.6409: invalid indirect mapped block 8 (level 2) [ 727.723465][ T6023] vp7045: USB control message 'in' went wrong. [ 727.747058][ T6023] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 727.750725][T20844] EXT4-fs (loop2): 1 truncate cleaned up [ 727.791337][T20844] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 727.809238][ T6023] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 727.867793][ T6023] usb 4-1: USB disconnect, device number 94 [ 728.124222][T20864] loop5: detected capacity change from 0 to 512 [ 728.154364][T20864] EXT4-fs: Ignoring removed mblk_io_submit option [ 728.223770][ T5857] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 728.228156][T20864] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 728.352360][T20864] EXT4-fs (loop5): 1 truncate cleaned up [ 728.436786][T20864] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 728.603817][T20864] EXT4-fs error (device loop5): ext4_find_extent:903: inode #15: comm syz.5.6415: inode has invalid extent depth: 25964 [ 728.689937][T20864] fs-verity (loop5, inode 15): Error -117 getting verity descriptor size [ 728.710858][T20876] loop0: detected capacity change from 0 to 256 [ 728.809649][T20876] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x18a9357c, utbl_chksum : 0xe619d30d) [ 728.938155][ T5871] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 728.955177][T20852] loop1: detected capacity change from 0 to 32768 [ 729.143104][T20852] JBD2: Ignoring recovery information on journal [ 729.402002][T20852] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 729.604513][T20858] loop4: detected capacity change from 0 to 32768 [ 729.696320][T20858] debugfs: 'B1DE653C5FFC4D88B33B244AAB9EB3E9' already exists in 'ocfs2' [ 729.729353][ T5856] ocfs2: Unmounting device (7,1) on (node local) [ 729.769236][T20858] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 730.012575][T20923] loop0: detected capacity change from 0 to 256 [ 730.101816][T20923] exfat: Deprecated parameter 'namecase' [ 730.203782][T20923] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d) [ 730.354896][ T5860] ocfs2: Unmounting device (7,4) on (node local) [ 730.652045][T20942] netlink: 'syz.2.6445': attribute type 21 has an invalid length. [ 730.763621][T20942] netlink: 164 bytes leftover after parsing attributes in process `syz.2.6445'. [ 731.011588][T20943] loop1: detected capacity change from 0 to 4096 [ 731.179157][T20943] ntfs3(loop1): ino=1a, mi_enum_attr [ 731.196509][T20943] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 731.674546][ T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 731.878460][ T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 732.012701][T20972] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6460'. [ 732.039590][T20969] netlink: 'syz.5.6461': attribute type 5 has an invalid length. [ 732.061650][T20973] dlm: Unknown command passed to DLM device : 11 [ 732.061650][T20973] [ 732.158031][ T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 732.558300][ T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 732.624354][T20989] loop3: detected capacity change from 0 to 1024 [ 732.744480][T20993] loop2: detected capacity change from 0 to 256 [ 732.903482][T20993] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x76dfe2a7, utbl_chksum : 0xe619d30d) [ 733.013876][T20993] exFAT-fs (loop2): failed to load alloc-bitmap [ 733.061768][T20993] exFAT-fs (loop2): failed to recognize exfat type [ 733.440935][T14554] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 733.452859][T14554] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 733.462500][T14554] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 733.477496][T14554] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 733.486426][T14554] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 733.642549][T21018] program syz.1.6481 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 733.653232][T21018] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 733.708346][T21013] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 733.826195][ T36] bridge_slave_1: left allmulticast mode [ 733.856106][ T36] bridge_slave_1: left promiscuous mode [ 733.864238][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 733.911311][ T36] bridge_slave_0: left allmulticast mode [ 733.930094][ T36] bridge_slave_0: left promiscuous mode [ 733.935964][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 733.974657][T21024] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6484'. [ 734.023107][T20998] loop5: detected capacity change from 0 to 32768 [ 734.530235][T21040] loop5: detected capacity change from 0 to 256 [ 734.667080][T21040] FAT-fs (loop5): Directory bread(block 64) failed [ 734.696960][T21040] FAT-fs (loop5): Directory bread(block 65) failed [ 734.705006][T21040] FAT-fs (loop5): Directory bread(block 66) failed [ 734.715350][T21044] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 734.743420][T21040] FAT-fs (loop5): Directory bread(block 67) failed [ 734.766176][T21040] FAT-fs (loop5): Directory bread(block 68) failed [ 734.772760][T21040] FAT-fs (loop5): Directory bread(block 69) failed [ 734.816152][T21040] FAT-fs (loop5): Directory bread(block 70) failed [ 734.822723][T21040] FAT-fs (loop5): Directory bread(block 71) failed [ 734.830901][T21040] FAT-fs (loop5): Directory bread(block 72) failed [ 734.876452][T21040] FAT-fs (loop5): Directory bread(block 73) failed [ 735.605181][ T5880] Bluetooth: hci2: command tx timeout [ 735.717538][T21067] loop5: detected capacity change from 0 to 4096 [ 736.023533][T21074] loop2: detected capacity change from 0 to 8 [ 736.770770][T21091] loop2: detected capacity change from 0 to 256 [ 736.842716][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 736.881950][ T36] bond0 (unregistering): (slave c@0): Releasing backup interface [ 736.943446][ T36] bond0 (unregistering): Released all slaves [ 736.985149][T21091] FAT-fs (loop2): Directory bread(block 64) failed [ 736.999124][T21091] FAT-fs (loop2): Directory bread(block 65) failed [ 737.015635][T21091] FAT-fs (loop2): Directory bread(block 66) failed [ 737.066061][T21091] FAT-fs (loop2): Directory bread(block 67) failed [ 737.091893][T21026] mac80211_hwsim hwsim3 wlan0: entered promiscuous mode [ 737.103543][T21091] FAT-fs (loop2): Directory bread(block 68) failed [ 737.164871][T21091] FAT-fs (loop2): Directory bread(block 69) failed [ 737.204376][T21091] FAT-fs (loop2): Directory bread(block 70) failed [ 737.248122][T21091] FAT-fs (loop2): Directory bread(block 71) failed [ 737.270398][T21079] loop4: detected capacity change from 0 to 32768 [ 737.291690][T21091] FAT-fs (loop2): Directory bread(block 72) failed [ 737.323581][T21091] FAT-fs (loop2): Directory bread(block 73) failed [ 737.330415][T21079] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.6510 (21079) [ 737.465996][T21079] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 737.513920][T21079] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm [ 737.656375][ T5880] Bluetooth: hci2: command tx timeout [ 737.751611][T21121] loop3: detected capacity change from 0 to 512 [ 737.771023][T21079] BTRFS info (device loop4): enabling ssd optimizations [ 737.788128][T21121] ext4: Unknown parameter 'fsuuid' [ 737.796539][T21079] BTRFS info (device loop4): enabling free space tree [ 737.823690][T21121] tmpfs: Bad value for 'mpol' [ 738.122596][ T5860] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 739.074314][T21162] netlink: 'syz.2.6538': attribute type 30 has an invalid length. [ 739.536021][ T36] hsr_slave_0: left promiscuous mode [ 739.599850][ T36] hsr_slave_1: left promiscuous mode [ 739.616201][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 739.644645][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 739.699014][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 739.708039][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 739.737382][ T5880] Bluetooth: hci2: command tx timeout [ 739.953725][ T36] veth1_macvtap: left promiscuous mode [ 739.997099][ T36] veth0_macvtap: left promiscuous mode [ 740.026851][ T36] veth0_vlan: left promiscuous mode [ 740.500676][T21210] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 740.645618][T21173] loop2: detected capacity change from 0 to 32768 [ 740.687448][T21173] (syz.2.6542,21173,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 740.735357][T21173] (syz.2.6542,21173,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 740.813606][T21173] JBD2: Ignoring recovery information on journal [ 740.922303][T21173] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 741.090643][T21173] [ 741.093005][T21173] ====================================================== [ 741.100012][T21173] WARNING: possible circular locking dependency detected [ 741.107023][T21173] syzkaller #0 Not tainted [ 741.111429][T21173] ------------------------------------------------------ [ 741.118435][T21173] syz.2.6542/21173 is trying to acquire lock: [ 741.124579][T21173] ffff888057eeed80 (&ocfs2_sysfile_lock_key[TRUNCATE_LOG_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_xattr_set+0xadd/0x11f0 [ 741.136967][T21173] [ 741.136967][T21173] but task is already holding lock: [ 741.144313][T21173] ffff888057f84e38 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0 [ 741.153807][T21173] [ 741.153807][T21173] which lock already depends on the new lock. [ 741.153807][T21173] [ 741.164189][T21173] [ 741.164189][T21173] the existing dependency chain (in reverse order) is: [ 741.173185][T21173] [ 741.173185][T21173] -> #2 (&oi->ip_xattr_sem){++++}-{4:4}: [ 741.181264][T21173] lock_acquire+0x120/0x360 [ 741.186291][T21173] down_read+0x46/0x2e0 [ 741.190962][T21173] ocfs2_init_acl+0x2f9/0x720 [ 741.196153][T21173] ocfs2_mknod+0x1321/0x2050 [ 741.201254][T21173] vfs_mknod+0x37f/0x3c0 [ 741.206009][T21173] do_mknodat+0x385/0x4d0 [ 741.210850][T21173] __x64_sys_mknod+0x8c/0xa0 [ 741.215957][T21173] do_syscall_64+0xfa/0x3b0 [ 741.220973][T21173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.227374][T21173] [ 741.227374][T21173] -> #1 (jbd2_handle){++++}-{0:0}: [ 741.234671][T21173] lock_acquire+0x120/0x360 [ 741.239693][T21173] jbd2_journal_lock_updates+0xaa/0x360 [ 741.245760][T21173] __ocfs2_flush_truncate_log+0x2ba/0x10e0 [ 741.252089][T21173] ocfs2_truncate_log_shutdown+0x141/0x2f0 [ 741.258415][T21173] ocfs2_dismount_volume+0x209/0x8d0 [ 741.264223][T21173] generic_shutdown_super+0x135/0x2c0 [ 741.270109][T21173] kill_block_super+0x44/0x90 [ 741.275306][T21173] deactivate_locked_super+0xbc/0x130 [ 741.281196][T21173] cleanup_mnt+0x425/0x4c0 [ 741.286122][T21173] task_work_run+0x1d4/0x260 [ 741.291231][T21173] exit_to_user_mode_loop+0xec/0x110 [ 741.297035][T21173] do_syscall_64+0x2bd/0x3b0 [ 741.302139][T21173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.308547][T21173] [ 741.308547][T21173] -> #0 (&ocfs2_sysfile_lock_key[TRUNCATE_LOG_SYSTEM_INODE]){+.+.}-{4:4}: [ 741.319244][T21173] validate_chain+0xb9b/0x2140 [ 741.324536][T21173] __lock_acquire+0xab9/0xd20 [ 741.329744][T21173] lock_acquire+0x120/0x360 [ 741.334781][T21173] down_write+0x96/0x1f0 [ 741.339625][T21173] ocfs2_xattr_set+0xadd/0x11f0 [ 741.344997][T21173] __vfs_setxattr+0x43c/0x480 [ 741.350196][T21173] __vfs_setxattr_noperm+0x12d/0x660 [ 741.356001][T21173] vfs_setxattr+0x16b/0x2f0 [ 741.361022][T21173] file_setxattr+0x1da/0x2b0 [ 741.366123][T21173] path_setxattrat+0x327/0x3a0 [ 741.371414][T21173] __x64_sys_fsetxattr+0xbc/0xe0 [ 741.376861][T21173] do_syscall_64+0xfa/0x3b0 [ 741.381879][T21173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.388289][T21173] [ 741.388289][T21173] other info that might help us debug this: [ 741.388289][T21173] [ 741.398500][T21173] Chain exists of: [ 741.398500][T21173] &ocfs2_sysfile_lock_key[TRUNCATE_LOG_SYSTEM_INODE] --> jbd2_handle --> &oi->ip_xattr_sem [ 741.398500][T21173] [ 741.414419][T21173] Possible unsafe locking scenario: [ 741.414419][T21173] [ 741.421864][T21173] CPU0 CPU1 [ 741.427216][T21173] ---- ---- [ 741.432574][T21173] lock(&oi->ip_xattr_sem); [ 741.437151][T21173] lock(jbd2_handle); [ 741.443728][T21173] lock(&oi->ip_xattr_sem); [ 741.450832][T21173] lock(&ocfs2_sysfile_lock_key[TRUNCATE_LOG_SYSTEM_INODE]); [ 741.458275][T21173] [ 741.458275][T21173] *** DEADLOCK *** [ 741.458275][T21173] [ 741.466399][T21173] 3 locks held by syz.2.6542/21173: [ 741.471607][T21173] #0: ffff88807c932428 (sb_writers#22){.+.+}-{0:0}, at: mnt_want_write_file+0x60/0x200 [ 741.481378][T21173] #1: ffff888057f85100 (&type->i_mutex_dir_key#21){+.+.}-{4:4}, at: vfs_setxattr+0x144/0x2f0 [ 741.491675][T21173] #2: ffff888057f84e38 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0 [ 741.501616][T21173] [ 741.501616][T21173] stack backtrace: [ 741.507492][T21173] CPU: 0 UID: 0 PID: 21173 Comm: syz.2.6542 Not tainted syzkaller #0 PREEMPT(full) [ 741.507516][T21173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 741.507530][T21173] Call Trace: [ 741.507539][T21173] [ 741.507549][T21173] dump_stack_lvl+0x189/0x250 [ 741.507582][T21173] ? __pfx_dump_stack_lvl+0x10/0x10 [ 741.507608][T21173] ? __pfx__printk+0x10/0x10 [ 741.507638][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.507664][T21173] ? print_lock_name+0xde/0x100 [ 741.507694][T21173] print_circular_bug+0x2ee/0x310 [ 741.507722][T21173] check_noncircular+0x134/0x160 [ 741.507748][T21173] validate_chain+0xb9b/0x2140 [ 741.507783][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.507807][T21173] ? look_up_lock_class+0x74/0x170 [ 741.507831][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.507855][T21173] ? register_lock_class+0x51/0x320 [ 741.507889][T21173] __lock_acquire+0xab9/0xd20 [ 741.507923][T21173] ? ocfs2_xattr_set+0xadd/0x11f0 [ 741.507952][T21173] lock_acquire+0x120/0x360 [ 741.507982][T21173] ? ocfs2_xattr_set+0xadd/0x11f0 [ 741.508013][T21173] ? ocfs2_xattr_block_find+0x153/0x4c0 [ 741.508045][T21173] down_write+0x96/0x1f0 [ 741.508071][T21173] ? ocfs2_xattr_set+0xadd/0x11f0 [ 741.508099][T21173] ? __pfx_down_write+0x10/0x10 [ 741.508123][T21173] ? ocfs2_xattr_ibody_find+0xcb/0x7c0 [ 741.508153][T21173] ? ocfs2_xattr_set+0x334/0x11f0 [ 741.508183][T21173] ocfs2_xattr_set+0xadd/0x11f0 [ 741.508223][T21173] ? __pfx_ocfs2_xattr_set+0x10/0x10 [ 741.508261][T21173] ? __lock_acquire+0xab9/0xd20 [ 741.508293][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.508318][T21173] ? look_up_lock_class+0x74/0x170 [ 741.508339][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.508364][T21173] ? register_lock_class+0x51/0x320 [ 741.508396][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.508422][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.508447][T21173] ? posix_xattr_acl+0x93/0xc0 [ 741.508476][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.508500][T21173] ? evm_protect_xattr+0x4d4/0xa90 [ 741.508528][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.508555][T21173] ? __pfx_evm_protect_xattr+0x10/0x10 [ 741.508581][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.508607][T21173] ? __pfx_ocfs2_xattr_trusted_set+0x10/0x10 [ 741.508637][T21173] __vfs_setxattr+0x43c/0x480 [ 741.508675][T21173] __vfs_setxattr_noperm+0x12d/0x660 [ 741.508711][T21173] vfs_setxattr+0x16b/0x2f0 [ 741.508741][T21173] ? mnt_get_write_access+0x68/0x2a0 [ 741.508775][T21173] ? __pfx_vfs_setxattr+0x10/0x10 [ 741.508807][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.508832][T21173] ? mnt_want_write_file+0x172/0x200 [ 741.508858][T21173] file_setxattr+0x1da/0x2b0 [ 741.508879][T21173] path_setxattrat+0x327/0x3a0 [ 741.508910][T21173] ? __pfx_path_setxattrat+0x10/0x10 [ 741.508932][T21173] ? do_futex+0x333/0x420 [ 741.508975][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.508999][T21173] ? rcu_is_watching+0x15/0xb0 [ 741.509023][T21173] __x64_sys_fsetxattr+0xbc/0xe0 [ 741.509045][T21173] do_syscall_64+0xfa/0x3b0 [ 741.509069][T21173] ? lockdep_hardirqs_on+0x9c/0x150 [ 741.509090][T21173] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.509111][T21173] ? srso_alias_return_thunk+0x5/0xfbef5 [ 741.509135][T21173] ? exc_page_fault+0x9f/0xf0 [ 741.509157][T21173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.509178][T21173] RIP: 0033:0x7f2d2e18eec9 [ 741.509198][T21173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 741.509217][T21173] RSP: 002b:00007f2d2efa4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 741.509239][T21173] RAX: ffffffffffffffda RBX: 00007f2d2e3e5fa0 RCX: 00007f2d2e18eec9 [ 741.509256][T21173] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 741.509270][T21173] RBP: 00007f2d2e211f91 R08: 0000000000000000 R09: 0000000000000000 [ 741.509284][T21173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 741.509297][T21173] R13: 00007f2d2e3e6038 R14: 00007f2d2e3e5fa0 R15: 00007fff97f57498 [ 741.509322][T21173] [ 741.910245][ T6023] usb 4-1: new high-speed USB device number 95 using dummy_hcd [ 741.944596][ T5880] Bluetooth: hci2: command tx timeout [ 742.020906][ T5857] ocfs2: Unmounting device (7,2) on (node local) [ 742.091546][ T6023] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 742.113661][ T6023] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 742.128670][ T6023] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 742.139271][ T6023] usb 4-1: SerialNumber: syz [ 742.151406][ T6023] usb 4-1: bad CDC descriptors [ 742.396872][ T36] team0 (unregistering): Port device team_slave_1 removed [ 742.434987][ T36] team0 (unregistering): Port device team_slave_0 removed [ 742.557247][ T973] usb 4-1: USB disconnect, device number 95 [ 742.833629][T21006] chnl_net:caif_netlink_parms(): no params data found [ 742.951568][T21006] bridge0: port 1(bridge_slave_0) entered blocking state [ 742.967875][T21006] bridge0: port 1(bridge_slave_0) entered disabled state [ 742.975232][T21006] bridge_slave_0: entered allmulticast mode [ 742.982636][T21006] bridge_slave_0: entered promiscuous mode [ 742.992851][T21006] bridge0: port 2(bridge_slave_1) entered blocking state [ 743.019462][T21006] bridge0: port 2(bridge_slave_1) entered disabled state [ 743.041174][T21006] bridge_slave_1: entered allmulticast mode [ 743.063655][T21006] bridge_slave_1: entered promiscuous mode [ 743.122146][T21006] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 743.138757][T21006] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 743.175479][T21006] team0: Port device team_slave_0 added [ 743.184999][T21006] team0: Port device team_slave_1 added [ 743.217962][T21006] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 743.224988][T21006] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 743.254940][T21006] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 743.272572][T21006] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 743.279708][T21006] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 743.309732][T21006] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 743.354935][T21006] hsr_slave_0: entered promiscuous mode [ 743.361849][T21006] hsr_slave_1: entered promiscuous mode [ 743.370669][T21006] debugfs: 'hsr0' already exists in 'hsr' [ 743.376920][T21006] Cannot create hsr debugfs directory [ 743.499410][T21006] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 743.509330][T21006] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 743.523865][T21006] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 743.533982][T21006] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 743.564792][T21006] bridge0: port 2(bridge_slave_1) entered blocking state [ 743.571972][T21006] bridge0: port 2(bridge_slave_1) entered forwarding state [ 743.579396][T21006] bridge0: port 1(bridge_slave_0) entered blocking state [ 743.586599][T21006] bridge0: port 1(bridge_slave_0) entered forwarding state [ 743.639864][T21006] 8021q: adding VLAN 0 to HW filter on device bond0 [ 743.655440][T11710] bridge0: port 1(bridge_slave_0) entered disabled state [ 743.669498][T11710] bridge0: port 2(bridge_slave_1) entered disabled state [ 743.687954][T21006] 8021q: adding VLAN 0 to HW filter on device team0 [ 743.704768][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 743.711950][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 743.730407][T11710] bridge0: port 2(bridge_slave_1) entered blocking state [ 743.737555][T11710] bridge0: port 2(bridge_slave_1) entered forwarding state [ 743.779629][T21006] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 743.960692][T21006] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 744.218933][T21006] veth0_vlan: entered promiscuous mode [ 744.234087][T21006] veth1_vlan: entered promiscuous mode [ 744.264661][T21006] veth0_macvtap: entered promiscuous mode [ 744.280334][T21006] veth1_macvtap: entered promiscuous mode [ 744.301566][T21006] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 744.319971][T21006] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 744.338049][T11710] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 744.355396][T11710] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 744.380385][ T2971] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 744.392461][ T2971] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 744.404184][T21006] ieee80211 phy43: Selected rate control algorithm 'minstrel_ht' [ 744.438333][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 744.448017][T21006] ieee80211 phy44: Selected rate control algorithm 'minstrel_ht' [ 744.456997][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 744.490329][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 744.499770][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.539125][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 746.545497][ T1295] ieee802154 phy1 wpan1: encryption failed: -22