last executing test programs: 8m53.376757085s ago: executing program 4 (id=84): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x160, 0x4c, 0x1a, 0x160, 0x2d, 0x2c0, 0x258, 0x258, 0x2c0, 0x258, 0x3, 0x0, {[{{@ipv6={@local, @local, [], [], 'wg2\x00', 'macvlan1\x00'}, 0x0, 0x100, 0x160, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x1, 0xc}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@loopback}}}, {{@uncond, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@icmp6={{0x28}, {0x0, "e1f6"}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0) 8m53.040634378s ago: executing program 4 (id=89): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000040)={0x18, 0x140e, 0xb3b, 0x70bd2d, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x8014}, 0x9ee9fd74460f2f8e) 8m52.769082779s ago: executing program 4 (id=93): open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80) mount(0x0, &(0x7f0000000500)='./bus\x00', &(0x7f0000000540)='virtiofs\x00', 0x80c000, &(0x7f0000000580)='dax=always') 8m52.494364455s ago: executing program 4 (id=97): syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x1000400, &(0x7f0000000280)={[{@quota}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@iocharset={'iocharset', 0x3d, 'none'}}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@usrquota}, {@nodiscard}, {@uid}, {@uid={'uid', 0x3d, 0xee01}}]}, 0x21, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo") mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000100)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 8m50.0244454s ago: executing program 4 (id=124): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x54, 0x10, 0x401, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x2000, 0x10850}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x8, 0x20c04}}}}}}, @IFLA_ADDRESS={0xa, 0x1, @broadcast}]}, 0x54}}, 0x0) 8m48.655686098s ago: executing program 4 (id=141): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0x82, &(0x7f00000000c0)={0x7, 0xfff, 0x8003, 0x0, 0x3, 0xb3, 0x7, 0x3}, &(0x7f0000000180)=0x20) 8m48.093943969s ago: executing program 32 (id=141): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0x82, &(0x7f00000000c0)={0x7, 0xfff, 0x8003, 0x0, 0x3, 0xb3, 0x7, 0x3}, &(0x7f0000000180)=0x20) 4.277049188s ago: executing program 3 (id=5771): r0 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x3dcc, 0x40, 0x0, 0xf7}) io_uring_register$IORING_REGISTER_FILES(r0, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1) 3.750795229s ago: executing program 3 (id=5779): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newtaction={0x70, 0x30, 0x871a15abc695f30d, 0x5, 0x25dfdbfc, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x72, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x184}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xffffffff, 0xd, 0x6, 0x7f, 0x4}}, @TCA_SAMPLE_RATE={0x0, 0x3, 0xe19f}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4}, 0x0) 3.190531317s ago: executing program 3 (id=5785): r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='auxv\x00') preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000040)=""/3, 0x3}, {0x0, 0x3}], 0x2, 0x0, 0x0) 2.950517296s ago: executing program 6 (id=5789): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x40) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000040)={{0x0, 0x1}, 0x0, 0x0, 0x401, {0x0, 0x8}}) 2.774097766s ago: executing program 3 (id=5791): r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0) write$nbd(r0, &(0x7f0000000240)={0x1000000, 0x0, 0x1, 0x0, 0x200000, "82b0cfc4337965941538be02000000000000000000007400a391793ba7f40000000000fdf700"/48}, 0x40) 2.444086726s ago: executing program 3 (id=5796): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="600000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c000000080012400000000013000300686173683a6e65742c696661636500000500050002000000050004"], 0x60}}, 0x0) 2.443899459s ago: executing program 6 (id=5797): r0 = syz_open_dev$loop(&(0x7f0000000080), 0x40000047ffffe, 0x1a2c42) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) 2.443450366s ago: executing program 1 (id=5798): r0 = io_uring_setup(0x4126, &(0x7f00000007c0)={0x0, 0x0, 0x800, 0x0, 0x1000000}) io_uring_register$IORING_REGISTER_RING_FDS(r0, 0x13, &(0x7f0000001bc0), 0x0) 2.17011614s ago: executing program 2 (id=5800): r0 = socket$inet_sctp(0x2, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000180)={'gretap0\x00', &(0x7f00000002c0)=@ethtool_cmd={0x2b, 0x6, 0x4, 0xff, 0x2, 0x3, 0x7, 0x9, 0x0, 0xfe, 0x1ff, 0x0, 0x7f, 0xe, 0x5, 0x1, [0x8, 0x5]}}) 2.127383823s ago: executing program 6 (id=5801): r0 = socket(0x10, 0x2, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newqdisc={0x68, 0x14, 0xf0b, 0x0, 0xfffffffc, {0x2, 0x0, 0x0, 0x0, {0xd, 0x3}, {0xb, 0x1}, {0x4, 0x8}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0xfc, 0x4, 0xa, 0x1, 0x0, 0x7c}}, {0x4}}, {{0x1c, 0x1, {0x6, 0x4a, 0x6, 0x1, 0x2, 0x10001, 0x7f}}, {0x4}}]}]}, 0x68}}, 0x0) 2.122668475s ago: executing program 5 (id=5802): r0 = openat$audio1(0xffffff9c, &(0x7f0000000240), 0x80100, 0x0) ioctl$SNDCTL_DSP_GETBLKSIZE(r0, 0xc0045004, &(0x7f00000001c0)) 2.086435894s ago: executing program 3 (id=5803): r0 = syz_usb_connect(0x5, 0x59, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ec13b2106c04e814280b0102030109024700010000000009046900000e010000182402010202", @ANYRES16], 0x0) syz_usb_control_io(r0, &(0x7f0000000580)={0x2c, 0x0, &(0x7f0000000340)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0) 1.967889891s ago: executing program 0 (id=5804): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1c, 0x0, 0x0) 1.867275329s ago: executing program 1 (id=5805): r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000680)={0xb, @win={{0x2, 0xb5, 0x8, 0x3}, 0xd, 0x401, 0x0, 0x0, 0x0, 0x4}}) 1.733460666s ago: executing program 2 (id=5806): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000808000400", @ANYRES32=r0, @ANYBLOB="06001500070000000c0016"], 0x38}}, 0x10) 1.699265037s ago: executing program 6 (id=5807): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x4, 0x2}) 1.624450454s ago: executing program 0 (id=5808): r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 1.509298267s ago: executing program 1 (id=5809): mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x81c0, 0x0) execve(&(0x7f0000000140)='./file2\x00', &(0x7f0000000300)={[&(0x7f0000000180)='&\x00', &(0x7f00000001c0)='&\x00']}, &(0x7f0000000480)={[&(0x7f0000000380)='gre0\x00']}) 1.508560074s ago: executing program 5 (id=5810): syz_mount_image$squashfs(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="00815fcb6c17c68f239cbc53c40972fb43da14f217bd93e6ebfde5585f63f1c1d8473fe39327852107a2489fc75846dd58657945c3ce4bed7d1452c74577e678a02e6b62c48846f9fea8ff6fd7f9a819961a1a6e18917f75cf633eaefe0fdd4f1aee50a725d2029d5d4b697ca0de784bd4fd4ee47740fafc2d46c7aa1279d7172ac4ec4b9cbe890200000075117934859797825acb3e8e4a67ae59d5e367af500cea3eee7b6bf3bfe9c4ae7b0f7fb33d5f1f72070000000e72da1075d5b83f93f03711b9e9ae0621abdf15468f20abaff376fd6ddaa87651396da731adf6214f92888f896d3f3d60f5fb009d365da32dd89b8589c3a08956a8ff185ef14e956b950f801b511c6d876127757678102f7b8851a569c0f6bc340fe0dbc1b5b828d9401d0ea1e86a43ececf69580430a29ade4f88535749e90b4d3391e03934cae898a63dad6cacaf559a55ab4b7810337d89efda43d160065705aec490f6ba91096230e5d45f2e74ed77d83f616047a6c6bfad569119396123ec0b842342c7494412ed535df4dcb2d18873b2df25b5fe02a5b29da44b90b2d52726e6886ac84ed4d6d164fd23d9525b8898ad3031c496ccb69d0f06bc00c5b3f19269c81f34c480b5cedce8125337c5aa57ae15d525b9dcc4edce1327f2d3d3eda95cbcf1bd1b362b7b6de289c8380a70035aac04f2641fd37e02c0bde93087f0c42d287d33387b200f3976a9fba9dddeba00ba4b561b767cfc5c9bb1b1572055f052e2f7694e39e1fca3719374528800e43da9a11fd3aede29bdbaf2d8b89c42fca3c29583457346c37d6453c7c7116b7b1baf5a20373e64e32b2cb85c9f49c171ff4bda620067f86c40d646765a898af54efa5e07ae841ecf5e5dafcbe9a6b17b03eb46a01eb2e1f5482ae3ec70224ffc8eec42d9a75adcef93380d0e54eec2214cf7a888a8d28f5e28438924af21dd1d5c09c75e46343a8c4"], 0x5, 0x1a9, &(0x7f0000000800)="$eJzsVb1qG0EQ/vbudKdLEVIHQYqokIpIp1MS0iVVUJknCBHSJRE5JbFOYEuokCu9hxu9iN/BhY0b2WAMLuTerNnd2fUZ2RiMwD/sB6dvZr6Z3b0VN/M728gCABfLSQdfIOHiJfYZgwfgDVOxr4HiU19xjfwTT3GV4jvEB8TZaPynnabJQBhFkGEiazHWv+KjNL7fKvHgZikE7n3jIKxKJfOnhqs5OnTHFsffVNrD36o1nrFx5X7ednAme9nectIRxg8AnHMuYl31sHyOC2A3l/Pakw9zwU2OaH7CEQn1Yf9/PRuN3/X67TD5lfyN4+bH6H0UfYjrP3tpEqlfltvCoY9FcBWA6KlhTi8AOKQG+wIGPf2R6aORzvK1fq45V97iGhzmmVrNRdJELfV2RuVS25zSJIC4mLI8tQf5Si0wuOQ0dI3K5nBQlEKt8y/tzsAg5goPgGgOz6zRWKCgHVFqnKT5aaqPPSMuE7eI58QLYj2z9Czy5ApH5FWmgI+t9nA4aIiQskwsNrH4ldnZoV3P/fzLAaUAFhYWFhYWFhZPDJcBAAD//3TkUUc=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x103042, 0x0) 1.327097628s ago: executing program 2 (id=5811): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x20, 0x7, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x20000000) 1.205181613s ago: executing program 0 (id=5812): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x118, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x108, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1", @typed={0x4, 0xe9}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0) 1.202535031s ago: executing program 6 (id=5813): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0) ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0x8004510b, &(0x7f0000000180)) 1.065397722s ago: executing program 5 (id=5814): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x21, &(0x7f0000000000)='/proc/4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) 1.064171671s ago: executing program 1 (id=5815): r0 = socket(0x8000000010, 0x2, 0x0) write(r0, &(0x7f00000002c0)="fc00000015000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc) 923.576225ms ago: executing program 2 (id=5816): r0 = syz_open_dev$media(&(0x7f0000000080), 0x0, 0x0) ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000f00), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 883.235583ms ago: executing program 6 (id=5817): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000088000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d44001280340001800a0001006c696d6974000000240002800c00024000000000000010000c000140000000000000000108000440000000010c000180080001006475700008000340000001"], 0xd0}, 0x1, 0x0, 0x0, 0x410}, 0x0) 815.016713ms ago: executing program 0 (id=5818): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="680000001200050926bd7000fedbdf2521050b004e224e26fcffffff23090000000000000600000001040000040000000600000002000000", @ANYRES32=0x0, @ANYBLOB="040001000520000006000000040000001a000100091414"], 0x68}, 0x1, 0x0, 0x0, 0x6042014}, 0x20000000) 709.016077ms ago: executing program 1 (id=5819): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000000)={0x28, 0x20, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000001}) 703.084405ms ago: executing program 5 (id=5820): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x24, 0x7, 0x6, 0x801, 0x0, 0x0, {0x7, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x58040}, 0x0) 579.223271ms ago: executing program 0 (id=5821): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000a40)={{0x2, 0x0, 0x0, 0x5, 'syz0\x00', 0x3}, 0x0, [0x0, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xffffffffffffff52, 0x53ad, 0x1, 0x0, 0x8, 0x0, 0x4000000000000, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xc5a, 0x2, 0x0, 0x0, 0x85, 0x4000000000000000, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffb, 0x6, 0x2, 0x0, 0x0, 0x5e, 0x1, 0x100000000000000, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x200000000000, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000001, 0xffffffffffffffff, 0xfffffffffffffffc, 0x0, 0x0, 0x7, 0x0, 0xcb, 0xfffffffffffffffc, 0x0, 0x0, 0x9, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x7, 0x0, 0x0, 0x10001, 0xebc, 0x0, 0x0, 0x750, 0x5, 0x0, 0x66, 0x7, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10008001, 0x5, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0xf32, 0x3, 0x2, 0x0, 0x0, 0x8, 0xa563, 0x0, 0x5, 0x4, 0x0, 0x6, 0x8, 0x1, 0x0, 0x2, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0, 0x0, 0x2c80000000000000, 0x0, 0x20000000, 0x0, 0x1553, 0x40, 0x0, 0x1, 0x0, 0xf65]}) 546.667647ms ago: executing program 2 (id=5822): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x3, 0x0, 0x7ffc0002}]}) clock_getres(0x0, 0x0) 389.70088ms ago: executing program 1 (id=5823): syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x201049e, &(0x7f00000001c0)=ANY=[], 0x1, 0x640, &(0x7f0000000400)="$eJzs3c1vHGcdB/DvbDZONpTUTZM2oEq1GgkQFolf5IK5EBBCPlSoKgfOVuI0VjZpsV3kVoia92sP/QPKwTdOSNwjlQsXuPXqYyUkLr1gTotmdna98VvtNvGu288nmn2eZ5+ZZ37Pb3Z2dteKJsCX1sJkmg9TZGHylfWyvbU5297anL3fqyc5l2QjaSZpJCn+2+l0PkxuJkV/mGJXucf7y/OvffTJ1sfdVrNeqvUbh213NBv1kokkZ+rycY1363OPV/RneDPJtbqEoTubpPOIX/zjqX7PgNZ+W58/kRiBJ6voXjf3GE8u1Cd6+Tmge1XsXrNPtY1hBwAAAAAn4OntbGe9uDjsOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC02Ni5/39dre7vXxQbyUSK3v3/x+q+1PXR8uLxVn/4pOIAAAAAAAAAgBP04na2s56LvXanqP7m/1LVuFw9fiVvZTVLWcn1rGcxa1nLSqaTjA8MNLa+uLa2Mn2ELWf23XLmUwI9V5etxzNvAAAAAAAAAPiC+W0Wdv7+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo6BIznSLarncq4+n0UxyPslYud5G8q9e/TR7OOwAAAAA4AQ8vZ3trOdir90pqu/8z1Xf+8/nrTzIWpazlnaWcrv6LaD7rb+xtTnb3tqcvV8ue8f94X+OFUY1Yrq/Pey/56vVGq3cyXL1zPXcyhtp53Ya1Zalq3U8vVF3xfWbMqbiB7UjRna7LsuZv1eXe7x7rMke5Jg/poxXGTnbz8hUHVuZjWd6R2b/I3TMo7N7T9Np9IO9vGtPuybxmXJ+oS7L+fzxoJwPxe5MzAy8+p47POfJN//2l5/fbT+4d/fO6uToTOloztRlp3ps7c3E7EAmnv8iZ2KPqSoTV/rthfwkP8tkJvJqVrKcX2Yxa1nKRH5c1Rbr13MxcMofkKmbj7Re/bRIxupXaPdgHS+ml6ptL2Y5P80buZ2lvFz9m8l0vpu5zGV+4AhfOfwIV2d944CzvvPVfYO/9q260kryp7ocDWVenxnI6+B77njVN/jMTpYuHSFLx3xvbH69rpT7+F1djobdmZgeyMSzh2fiz9Xbymr7wb2Vu4tvHm13l96rK+V59IeRukqUr5dL5cGqWo++Osq+Z/ftm676Lvf7Gnv6rvT7umfqxoFn6lj9GW7vSDNV3/P79s1WfVcH+vb7vAXAyLvw7QtjrX+3/tn6oPX71t3WK+d/dO57514Yy9m/n/1+c+rMNxovFH/NB/n1zvd/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgs1t9+517i+320squSqfTefeArtNc6d3O7AR3+rWnkpGY+1Ar/+t0OvUzxSjEc3ilUxuVeIZRGfIbE/DE3Vi7/+aN1bff+c7y/cXXl15fejA/Nzc/NT/38uyNO8vtpanu47CjBJ6EnYt+1TzmragBAAAAAAAAAACAYTiJ/04w7DkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9vCZJoPU2R66vpU2d7anG2XS6++s2YzSSNJ8auk+DC5me6S8YHhioP28/7y/GsffbL18c5Yzd76jcO2O5qNeslEkjN1+bjGu/W5xyv6MywTdq2XOBi2/wcAAP//fTAP4A==") removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=@random={'security.', 'system.sock\xf0\x95\xa6\xa7proton/\x1flDv\x80\xb2\xee\xa6I\xe7\xb2\x84\xe3%U\x10[\x82\xc98J\xa3\xce\x96\xad+7\x13\x0fq\x84T7\x05.^G\xebS\xb6\xead\x96`\xad\x8a\xa5O\xd5\xf9\xee\xf7\xbf^\xeb\x13\x17J?z_\xa8W1Y\xb9\xca\t\xa7\xeb\x7f\'*\b\x80\xfc\xc1G\xbd\x1c\x8bn\xce\xda\xac\xb4\xef\x1f\xcbf\xcb\x1dSa/o\x04B\x81\xdd\xce\xad8\x1ep\x83\xcd\xf2\xb2_\x0f\x84\x1dB\xb1s\x1a\xf1]\x10\x18\x80\xaf\"\x8d\xca\x83\v,<\x91\xa9\xa1l\x1b\x85\x00\xb0\xfd\xfe\x10\x82\xbe_\xf9\xf5\xa8\xed]\xacX\xf48S\"\x97\x14Dj\xe2\xbe1\x7f}\x14\x9b\x16MY\xb5\x98\xe7\xa3]\xb34\x86\xd1\xb9Ze\xec.#\xaf\xe9\xc5\x81\xaa\x8f~\xa5h\ts\xe6\xa8\x9a\v\x87\xea\x92\xdc\x8a\xafu\x8b\xd6\x9fZ\f\xe1\xc7\xc3\xa9\x93\x86!\xbb9\xeak\v\xef\x8fyX\x1c\xb6\x04U\x9ci\xfb\x04\xab\x9ev\xec\x18\xa9\x0e\xa6g\xd77\xd9\xe4\xb4\xee\x8a\r\x8b5\xdfe\x15\xad\xf8g\xd70\xf5\xf9\x90\x91\x85\xc16\xc9\xb4mP\xfa\x1a\xe2\xaa\x98x\xccgj\x1bD\x84\xd8\xf1\x18],\xf4\xd9\x9bg\xb9\xd7\xb7L\x97\xaa\xb2*\xc7\xce\x19{\"$;Hu\x8b\x04b\xc6[\x95K\xadO:,\xc3\x1a\xf7c\xc33e:\xdd\xefIR\x86E\f%{\xecD\x8b\xba\xaadT]P\xf7z'}) 384.649463ms ago: executing program 5 (id=5824): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x54, 0x10, 0x401, 0x4000, 0x0, {0x0, 0x0, 0xffff, 0x0, 0xd108}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0xc, 0x20}}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'vlan1\x00'}]}, 0x54}}, 0x804) 204.751919ms ago: executing program 0 (id=5825): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) 2.151675ms ago: executing program 5 (id=5826): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f00000004c0)='./file1\x00', 0x0, &(0x7f0000000080)={[{}, {@type={'type', 0x3d, "5ed07ee6"}}, {@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@codepage={'codepage', 0x3d, 'iso8859-15'}}]}, 0x2, 0x342, &(0x7f0000000100)="$eJzs3T1rFEEcBvBn9uWyZ0Jck0jASqIBq5DEQrExSLDxC1hIMCYXCFkjaAQNiNFaxE4QLO2sRb+CNuIX0CqFWGkTLFyZ2Z19u9nN5XLJ5sjzA4+93Zmd/9zM7M0kxAERHVvX5r+/u7gt/wkXgA3gCmAB8AAHwGmMew/XN9pzDuTf2smRQJRTtGVZWm+ZYvAQ54j58p2Doew5OhhhGIY/dk31+1BiofqI7AjOsKKB7ugR7h16ZAdjq+0BdgxkWljsYAePMFxnOEREVL/4+9+KvyWG4vm7ZQGT8Ty837//c/ObnfriOBKS738reh8K+fmcVJfkem91I2gtR0s42fqWXiWa7mXsE2H6cTcQ9Sx7MDPlypRipmKxmiurQWtqS93gOa7GMsnG1OsydEWUsmgbUaoJw9q0QlXdqw2qOriyDrMl8Y9WlWhcAH/6idfm4ha+mM4W6io+i69iQfh4g+Vk/ueEQjaTaim/MFSi+KcraqnDDFrTuVqm4Z9ShZyJS8DH92ktm2WfqwdbxpLXSOtRnL/7Os5XDfMN1ekR5H+sENVuprx2Ktco4Ai1asjmmk0S/TXmGiuW1Vxxg9bU0r2grNP3lnFFJ16Km2ICv/AB85n5vyVTT6J8ZOZGuVAp455RWR9HpWxrRwM1NO/uaWSScj0/XjvK8wJ3cBnDDx5vri0GQet+/Qd6qHSZ/WyP44k6Ytwd5RmoJ1ySBp48cAH0rNB/YRgaLzk4jCZwVVUvvU2rvLm2KOJn3v6KkE/OwqW58sQA5gDEZ/QToZvSnya5BtIb7pLLV2X9ka2tzuQ6pKsPdFTqku66B9M6uqjcJRsDHY2UZheF3niythh09SSiPpM2OsZv1R0M1UHOF0S0/susV6bVU0e++BXrHzf/ttmWIHPHmZIV0Ih6PdHZCi65bek8cVAf7LLmOncBOF8o0YIu8Vnxtn4cJ47ibyX3/qsMMY9vuM2f/xMRERERERERERERERERERERERER9Zu9/jVCN39OkC9x+xj+xxtERERERERERERERERERERERERERERERPuT2f8XsNWOMQ3T/r9VOzUpdrRDjNeL/X/tDvb/FVv9vBcZ0ZHwPwAA//+ekVe5") llistxattr(&(0x7f0000000280)='./file1\x00', 0x0, 0x7) 0s ago: executing program 2 (id=5838): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000e40)=0xfffffffa, 0x4) kernel console output (not intermixed with test programs): t version = 48b305e5 [ 506.232741][T15513] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36d2a6b4, utbl_chksum : 0xe619d30d) [ 506.252196][ T5927] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x87 has invalid maxpacket 65535, setting to 8 [ 506.320222][ T5927] usb 2-1: config 179 interface 65 altsetting 0 has an endpoint descriptor with address 0x46, changing to 0x6 [ 506.401302][ T5927] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x6 has invalid maxpacket 41618, setting to 8 [ 506.424015][T15459] F2FS-fs (loop5): Stopped filesystem due to reason: 0 [ 506.462266][ T5927] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 506.560578][ T5927] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 506.620565][ T5927] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 506.695659][T15502] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 506.736042][T15502] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 507.089154][T15527] x_tables: duplicate underflow at hook 4 [ 507.197279][T15530] loop0: detected capacity change from 0 to 736 [ 507.261866][T14892] usb 2-1: USB disconnect, device number 26 [ 507.261877][ C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 507.261937][ C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 507.817099][T15543] netlink: 'syz.6.4060': attribute type 2 has an invalid length. [ 507.871399][T15543] netlink: 'syz.6.4060': attribute type 1 has an invalid length. [ 508.240259][T15552] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4064'. [ 508.320589][T15552] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 508.351222][ T5947] usb 40-1: device descriptor read/8, error -110 [ 508.490907][ T5947] usb usb40-port1: attempt power cycle [ 508.670723][ T5947] usb 40-1: SetAddress Request (4) to port 0 [ 508.676925][ T5947] usb 40-1: new SuperSpeed USB device number 4 using vhci_hcd [ 509.115675][T15575] loop1: detected capacity change from 0 to 4096 [ 509.345481][T15587] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 509.374943][T15590] loop6: detected capacity change from 0 to 64 [ 509.389873][T15589] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4083'. [ 509.498916][T15590] Trying to free block not in datazone [ 509.881267][T15601] xt_TPROXY: Can be used only with -p tcp or -p udp [ 509.981226][T15596] loop2: detected capacity change from 0 to 4096 [ 510.112170][T15596] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 510.374118][T15613] loop5: detected capacity change from 0 to 64 [ 510.751997][T15622] netlink: 'syz.3.4097': attribute type 1 has an invalid length. [ 510.808759][T15622] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4097'. [ 511.000060][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.009275][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.183919][T15634] loop6: detected capacity change from 0 to 1024 [ 511.358815][T15634] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 511.388058][T15646] openvswitch: netlink: Missing key (keys=40, expected=100) [ 511.446762][T15634] ext4 filesystem being mounted at /620/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 511.510524][ T5948] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 511.700867][ T5948] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 511.711508][ T5948] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.737995][ T6330] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.761320][ T5948] usb 6-1: config 0 descriptor?? [ 512.221817][ T5948] ath6kl: Failed to submit usb control message: -71 [ 512.231630][T15665] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4119'. [ 512.265464][ T5948] ath6kl: unable to send the bmi data to the device: -71 [ 512.297251][ T5948] ath6kl: Unable to send get target info: -71 [ 512.308792][T15665] netlink: 43 bytes leftover after parsing attributes in process `syz.1.4119'. [ 512.348615][ T5948] ath6kl: Failed to init ath6kl core: -71 [ 512.360687][T15665] netlink: 'syz.1.4119': attribute type 6 has an invalid length. [ 512.391032][ T5948] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 512.400673][T15665] netlink: 'syz.1.4119': attribute type 5 has an invalid length. [ 512.426449][T15665] netlink: 43 bytes leftover after parsing attributes in process `syz.1.4119'. [ 512.464854][ T5948] usb 6-1: USB disconnect, device number 15 [ 512.659842][T15676] afs: Bad value for 'source' [ 513.245654][T15694] loop1: detected capacity change from 0 to 1024 [ 513.260694][T15696] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4134'. [ 513.320998][T15698] kAFS: No cell specified [ 513.631557][ T4422] hfsplus: b-tree write err: -5, ino 4 [ 513.786490][T15712] loop2: detected capacity change from 0 to 512 [ 513.790671][ T5947] usb 40-1: device descriptor read/8, error -110 [ 513.892476][T15715] autofs4:pid:15715:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e) [ 513.910793][T15712] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.4142: casefold flag without casefold feature [ 513.932108][ T5949] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 514.001567][ T5948] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 514.025396][T15712] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4142: couldn't read orphan inode 15 (err -117) [ 514.072376][ T5947] usb 40-1: SetAddress Request (5) to port 0 [ 514.078541][ T5947] usb 40-1: new SuperSpeed USB device number 5 using vhci_hcd [ 514.122658][T15712] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 514.139933][ T5949] usb 7-1: Using ep0 maxpacket: 16 [ 514.170035][ T5949] usb 7-1: config 0 has an invalid interface number: 132 but max is 0 [ 514.181675][ T5948] usb 4-1: Using ep0 maxpacket: 8 [ 514.192498][ T5949] usb 7-1: config 0 has no interface number 0 [ 514.210790][T15712] EXT4-fs error (device loop2): ext4_add_entry:2417: inode #2: comm syz.2.4142: Directory hole found for htree leaf block 0 [ 514.212070][ T5948] usb 4-1: config 0 has an invalid interface number: 31 but max is 0 [ 514.258802][ T5949] usb 7-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 514.268257][ T5949] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.285502][ T5948] usb 4-1: config 0 has no interface number 0 [ 514.294221][ T5949] usb 7-1: Product: syz [ 514.298760][ T5949] usb 7-1: Manufacturer: syz [ 514.309480][ T5949] usb 7-1: SerialNumber: syz [ 514.345325][ T5948] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 514.377169][ T5948] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.388600][ T5949] usb 7-1: config 0 descriptor?? [ 514.405387][ T5949] hub 7-1:0.132: bad descriptor, ignoring hub [ 514.413708][ T5948] usb 4-1: Product: syz [ 514.417905][ T5948] usb 4-1: Manufacturer: syz [ 514.427611][ T5949] hub 7-1:0.132: probe with driver hub failed with error -5 [ 514.440109][ T5948] usb 4-1: SerialNumber: syz [ 514.454112][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 514.469773][ T5948] usb 4-1: config 0 descriptor?? [ 514.480982][ T5949] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.132/input/input29 [ 514.654906][ T5949] usb 7-1: USB disconnect, device number 16 [ 514.747908][ T5948] usb 4-1: Found UVC 0.04 device syz (046d:08c3) [ 514.765546][ T5948] usb 4-1: No valid video chain found. [ 514.813119][ T5948] usb 4-1: USB disconnect, device number 17 [ 515.045025][T15741] loop0: detected capacity change from 0 to 24 [ 515.745933][T15751] loop1: detected capacity change from 0 to 4096 [ 515.950758][T15760] netlink: 72 bytes leftover after parsing attributes in process `syz.6.4164'. [ 515.990194][T15760] netlink: 72 bytes leftover after parsing attributes in process `syz.6.4164'. [ 516.054087][T15761] loop3: detected capacity change from 0 to 2048 [ 516.072749][T15751] ntfs3(loop1): try to read out of volume at offset 0x3fffffc7000 [ 516.110271][T15761] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 516.140672][T15751] ntfs3(loop1): ino=21, The size of extended attributes must not exceed 64KiB [ 516.229564][T15764] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 516.268246][T15733] loop2: detected capacity change from 0 to 32768 [ 516.344517][T15733] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4150 (15733) [ 516.444518][T15733] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 516.510809][T15733] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm [ 516.519705][T15733] BTRFS info (device loop2): using free-space-tree [ 517.030578][ T5927] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 517.063474][ T5850] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 517.230903][ T5927] usb 7-1: Using ep0 maxpacket: 32 [ 517.260296][ T5927] usb 7-1: config 0 has an invalid interface number: 61 but max is 1 [ 517.283204][ T5927] usb 7-1: config 0 has an invalid interface number: 98 but max is 1 [ 517.320279][ T5927] usb 7-1: config 0 has no interface number 0 [ 517.351324][ T5927] usb 7-1: config 0 has no interface number 1 [ 517.383532][T15753] loop0: detected capacity change from 0 to 32768 [ 517.395727][ T5927] usb 7-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6 [ 517.445626][ T5927] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 517.503797][ T5927] usb 7-1: Product: syz [ 517.542136][ T5927] usb 7-1: Manufacturer: syz [ 517.546805][ T5927] usb 7-1: SerialNumber: syz [ 517.622041][ T5927] usb 7-1: config 0 descriptor?? [ 517.781377][ T5927] viperboard 7-1:0.61: version 0.00 found at bus 007 address 017 [ 518.021083][ T5927] viperboard-i2c viperboard-i2c.2.auto: error -EIO: failure setting i2c_bus_freq to 100 [ 518.051758][ T5927] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5 [ 518.249893][ T5927] viperboard 7-1:0.98: version 0.00 found at bus 007 address 017 [ 518.392975][ T5927] viperboard-i2c viperboard-i2c.5.auto: error -EIO: failure setting i2c_bus_freq to 100 [ 518.460766][ T5927] viperboard-i2c viperboard-i2c.5.auto: probe with driver viperboard-i2c failed with error -5 [ 518.631656][ T5927] usb 7-1: USB disconnect, device number 17 [ 519.136945][T15776] loop1: detected capacity change from 0 to 32768 [ 519.160594][ T5947] usb 40-1: device descriptor read/8, error -110 [ 519.251679][T15832] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4188'. [ 519.288609][ T5947] usb usb40-port1: unable to enumerate USB device [ 519.881069][T15847] loop3: detected capacity change from 0 to 764 [ 519.908361][T15852] loop0: detected capacity change from 0 to 512 [ 519.920244][T15850] ipt_REJECT: TCP_RESET invalid for non-tcp [ 519.932680][T15847] rock: directory entry would overflow storage [ 519.938879][T15847] rock: sig=0x5245, size=8, remaining=5 [ 520.107089][T15852] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 520.190914][T15852] ext4 filesystem being mounted at /701/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 520.303915][T15860] netlink: 'syz.5.4198': attribute type 5 has an invalid length. [ 520.343801][T15852] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 520.376090][T15860] netlink: 'syz.5.4198': attribute type 7 has an invalid length. [ 520.482820][T15852] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 520.527701][T15860] : entered promiscuous mode [ 520.540681][T15852] EXT4-fs error (device loop0): ext4_acquire_dquot:6931: comm syz.0.4197: Failed to acquire dquot type 1 [ 520.822942][ T5847] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 521.021239][T15871] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4203'. [ 521.069793][T15871] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4203'. [ 521.170623][T15871] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4203'. [ 521.323283][T15878] loop0: detected capacity change from 0 to 512 [ 521.434485][T15878] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.4202: bad orphan inode 11862016 [ 521.487720][T15878] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 521.504074][T15878] ext4 filesystem being mounted at /702/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 521.680952][ T55] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 521.708588][T15889] netlink: 'syz.1.4209': attribute type 6 has an invalid length. [ 521.762817][T15853] loop6: detected capacity change from 0 to 32768 [ 521.798150][T15853] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4194 (15853) [ 521.872563][ T5847] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 521.890741][ T55] usb 6-1: New USB device found, idVendor=0dba, idProduct=3000, bcdDevice=26.ea [ 521.913530][T15853] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 521.917446][ T55] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 521.991152][T15853] BTRFS info (device loop6): using sha256 (sha256-x86_64) checksum algorithm [ 522.035089][ T55] usb 6-1: config 0 descriptor?? [ 522.060809][T15853] BTRFS info (device loop6): using free-space-tree [ 522.074947][ T55] usb 6-1: Invalid firmware size=18. [ 522.340803][T15853] BTRFS info (device loop6): rebuilding free space tree [ 522.369975][ T5948] usb 6-1: USB disconnect, device number 16 [ 522.908263][ T6330] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 522.981762][T15929] loop3: detected capacity change from 0 to 2048 [ 523.101549][T15929] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 523.280110][T15935] loop1: detected capacity change from 0 to 64 [ 523.390706][T15935] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 523.565690][T15935] minix_free_inode: bit 4 already cleared [ 524.861349][ T30] audit: type=1400 audit(1753722706.021:113): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B706212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD503EAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C68502F7F549FA66F30E7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE16559268A265EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 525.380289][T15975] loop3: detected capacity change from 0 to 8192 [ 526.672166][T16015] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4263'. [ 526.700599][T16015] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4263'. [ 526.754050][T16015] netlink: 'syz.1.4263': attribute type 4 has an invalid length. [ 526.774323][T16018] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4262'. [ 526.871434][T16018] syz_tun: entered allmulticast mode [ 526.889625][T16018] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4262'. [ 527.144082][T16026] sit1: entered allmulticast mode [ 527.534454][T16035] loop1: detected capacity change from 0 to 512 [ 527.664193][T16035] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #2: block 3: comm syz.1.4273: lblock 0 mapped to illegal pblock 3 (length 1) [ 527.826241][T16035] EXT4-fs (loop1): Remounting filesystem read-only [ 527.880606][T16035] EXT4-fs warning (device loop1): dx_probe:791: inode #2: lblock 0: comm syz.1.4273: error -117 reading directory block [ 527.960757][T16035] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 528.027709][T16035] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 528.323329][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 528.420116][T16055] loop0: detected capacity change from 0 to 1764 [ 528.604497][T16061] loop3: detected capacity change from 0 to 64 [ 528.631869][T16055] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 528.845419][T14892] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 529.024620][T14892] usb 2-1: config 0 interface 0 altsetting 3 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 529.090753][T14892] usb 2-1: config 0 interface 0 altsetting 3 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 529.150738][T14892] usb 2-1: config 0 interface 0 altsetting 3 endpoint 0x8F has invalid wMaxPacketSize 0 [ 529.180539][T14892] usb 2-1: config 0 interface 0 has no altsetting 0 [ 529.203854][T14892] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice=1c.08 [ 529.232410][T14892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 529.256148][T14892] usb 2-1: Product: syz [ 529.260379][T14892] usb 2-1: Manufacturer: syz [ 529.305841][T14892] usb 2-1: SerialNumber: syz [ 529.362786][T14892] usb 2-1: config 0 descriptor?? [ 529.367923][T16085] loop0: detected capacity change from 0 to 256 [ 529.416147][T16085] exfat: Deprecated parameter 'utf8' [ 529.515995][T16085] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdf1ac56c, utbl_chksum : 0xe619d30d) [ 529.658165][T16091] netlink: 'syz.6.4300': attribute type 1 has an invalid length. [ 529.690719][T14892] usbtest 2-1:0.0: Linux user mode ISO test driver [ 529.697370][T14892] usbtest 2-1:0.0: high-speed {control iso-in} tests (+alt) [ 529.938065][ T55] usb 2-1: USB disconnect, device number 27 [ 529.939351][T16098] tmpfs: Bad value for 'mpol' [ 530.893079][T16125] loop6: detected capacity change from 0 to 512 [ 530.987770][T16125] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 531.020672][T16125] EXT4-fs (loop6): orphan cleanup on readonly fs [ 531.057825][T16125] Quota error (device loop6): v2_read_file_info: Block with free entry 1 out of range (1, 6). [ 531.144481][T16125] EXT4-fs warning (device loop6): ext4_enable_quotas:7164: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 531.250667][T16125] EXT4-fs (loop6): Cannot turn on quotas: error -117 [ 531.280641][T16125] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #16: comm syz.6.4317: casefold flag without casefold feature [ 531.365398][T16125] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.4317: couldn't read orphan inode 16 (err -117) [ 531.401414][T16141] SET target dimension over the limit! [ 531.465290][T16125] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 531.496328][ T30] audit: type=1326 audit(1753722712.661:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16143 comm="syz.3.4326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 531.600604][ T30] audit: type=1326 audit(1753722712.711:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16143 comm="syz.3.4326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 531.697675][ T30] audit: type=1326 audit(1753722712.711:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16143 comm="syz.3.4326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 531.730835][T16148] binder: BC_ACQUIRE_RESULT not supported [ 531.750678][T16125] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 531.758818][T16148] binder: 16147:16148 ioctl c0306201 200000000480 returned -22 [ 531.820928][ T30] audit: type=1326 audit(1753722712.711:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16143 comm="syz.3.4326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 531.975624][ T6330] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 532.278199][T16166] netlink: 92 bytes leftover after parsing attributes in process `syz.6.4334'. [ 533.314439][T16180] loop3: detected capacity change from 0 to 4096 [ 533.390375][T16193] ip6gre1: entered allmulticast mode [ 533.477404][T16195] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 533.538874][T16197] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4352'. [ 534.162722][T16212] loop1: detected capacity change from 0 to 2048 [ 534.203788][ T5947] usb 4-1: new full-speed USB device number 18 using dummy_hcd [ 534.253438][T16212] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 534.290820][T16218] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.4363'. [ 534.374149][ T5947] usb 4-1: config 0 has an invalid interface number: 138 but max is 0 [ 534.392766][ T5947] usb 4-1: config 0 has no interface number 0 [ 534.429488][ T5947] usb 4-1: config 0 interface 138 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1 [ 534.490523][ T5947] usb 4-1: config 0 interface 138 altsetting 0 has an endpoint descriptor with address 0x97, changing to 0x87 [ 534.545923][ T5947] usb 4-1: config 0 interface 138 altsetting 0 endpoint 0x87 has invalid maxpacket 1696, setting to 64 [ 534.608729][ T5947] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice= f.66 [ 534.632787][T16225] loop6: detected capacity change from 0 to 64 [ 534.649727][ T5947] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 534.700110][ T5947] usb 4-1: config 0 descriptor?? [ 534.762709][T16206] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 535.023111][ T5947] usb 4-1: string descriptor 0 read error: -71 [ 535.034307][ T5947] usbtest 4-1:0.138: Linux gadget zero [ 535.083342][ T5947] usbtest 4-1:0.138: full-speed {control in/out bulk-out int-in} tests (+alt) [ 535.130966][ T5947] usb 4-1: USB disconnect, device number 18 [ 535.483360][T16239] loop5: detected capacity change from 0 to 4096 [ 535.503933][T16239] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 535.510978][T16246] netlink: 236 bytes leftover after parsing attributes in process `syz.2.4376'. [ 535.527723][T16239] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 4096) [ 535.552296][T16239] NILFS (loop5): mounting unchecked fs [ 535.589975][T16246] netlink: 236 bytes leftover after parsing attributes in process `syz.2.4376'. [ 535.610398][T16239] NILFS (loop5): recovery complete [ 535.653664][T16250] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 535.744691][T16252] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4379'. [ 535.791945][T16252] syz_tun: entered allmulticast mode [ 535.830042][T16252] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4379'. [ 536.343956][T16264] loop0: detected capacity change from 0 to 1024 [ 536.386284][T16264] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 536.450509][T16264] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 536.460282][T16264] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 536.530624][ T5927] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 536.541252][T16270] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4388'. [ 536.551756][T16264] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #3: comm syz.0.4385: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 536.587106][T16270] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4388'. [ 536.660820][T16264] EXT4-fs (loop0): no journal found [ 536.680575][T16264] EXT4-fs (loop0): can't get journal size [ 536.696039][T16264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 536.736775][ T5927] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 536.746233][ T5927] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 536.760525][ T5927] usb 6-1: Product: syz [ 536.764770][ T5927] usb 6-1: Manufacturer: syz [ 536.769396][ T5927] usb 6-1: SerialNumber: syz [ 536.798538][ T5927] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 536.853762][T16264] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #16: comm syz.0.4385: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 1796(4), depth 0(0) [ 536.891344][ T55] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 537.142989][ T5847] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 537.471403][ T5948] usb 6-1: USB disconnect, device number 17 [ 537.514860][T16281] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4394'. [ 537.586921][T16283] loop0: detected capacity change from 0 to 256 [ 537.620717][T16283] exfat: Deprecated parameter 'utf8' [ 537.650740][T16283] exfat: Deprecated parameter 'namecase' [ 537.656587][T16283] exfat: Deprecated parameter 'namecase' [ 537.733818][T16283] exfat: Deprecated parameter 'utf8' [ 537.824780][T16283] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffad0, utbl_chksum : 0xe619d30d) [ 537.874827][T16256] loop3: detected capacity change from 0 to 32768 [ 537.920593][T16283] exFAT-fs (loop0): start_clu is invalid cluster(0x400) [ 537.957127][ T55] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 537.963118][T16294] sit2: entered allmulticast mode [ 537.993344][T16256] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 538.010989][ T55] ath9k_htc: Failed to initialize the device [ 538.035570][ T5948] usb 6-1: ath9k_htc: USB layer deinitialized [ 538.319742][T16256] XFS (loop3): Ending clean mount [ 538.712631][ T5860] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 539.065164][T16322] loop6: detected capacity change from 0 to 256 [ 539.122826][T16319] loop1: detected capacity change from 0 to 4096 [ 539.396046][T16319] ntfs3(loop1): ino=1e, mi_enum_attr [ 539.427775][ T30] audit: type=1326 audit(1753722720.591:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16328 comm="syz.2.4414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 539.440534][T16319] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 539.540096][ T30] audit: type=1326 audit(1753722720.591:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16328 comm="syz.2.4414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 539.602041][T16334] loop0: detected capacity change from 0 to 512 [ 539.625280][ T30] audit: type=1326 audit(1753722720.591:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16328 comm="syz.2.4414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 539.758040][ T30] audit: type=1326 audit(1753722720.591:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16328 comm="syz.2.4414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 539.865631][T16334] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 539.870624][ T30] audit: type=1326 audit(1753722720.591:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16328 comm="syz.2.4414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 539.900978][T16334] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 539.995065][T16334] EXT4-fs error (device loop0): ext4_acquire_dquot:6931: comm syz.0.4417: Failed to acquire dquot type 1 [ 540.146367][T16334] EXT4-fs (loop0): 1 truncate cleaned up [ 540.178709][T16334] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 540.192728][T16334] ext4 filesystem being mounted at /738/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 540.565876][ T5847] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 541.326954][T16376] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4436'. [ 541.476664][T16342] loop2: detected capacity change from 0 to 32768 [ 541.552784][T16342] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4418 (16342) [ 541.606762][T16342] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 541.679113][T16342] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm [ 541.695661][T16385] ipt_REJECT: TCP_RESET invalid for non-tcp [ 541.696487][T16378] loop3: detected capacity change from 0 to 4096 [ 541.732298][T16342] BTRFS info (device loop2): disk space caching is enabled [ 541.742997][T16342] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 542.121684][T16378] ntfs3(loop3): ino=5, "/" indx_read [ 542.127744][T16342] BTRFS info (device loop2): rebuilding free space tree [ 542.328240][T16342] BTRFS info (device loop2): disabling free space tree [ 542.335835][T16417] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4447'. [ 542.372339][T16342] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 542.480630][T16342] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 542.661670][T16421] loop5: detected capacity change from 0 to 2048 [ 542.782430][T16421] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 542.942765][ T5850] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 543.013399][T16431] netlink: 'syz.0.4453': attribute type 21 has an invalid length. [ 543.086058][T16434] loop6: detected capacity change from 0 to 1024 [ 543.158232][T16434] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 543.258780][T16434] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 543.321084][T16434] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 543.350855][T16434] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #3: comm syz.6.4455: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 543.425613][T16438] netlink: 'syz.3.4459': attribute type 17 has an invalid length. [ 543.438826][T16438] netlink: 5 bytes leftover after parsing attributes in process `syz.3.4459'. [ 543.462934][T16434] EXT4-fs (loop6): no journal found [ 543.468172][T16434] EXT4-fs (loop6): can't get journal size [ 543.494556][T16438] macvtap0: entered allmulticast mode [ 543.499978][T16438] veth0_macvtap: entered allmulticast mode [ 543.548584][T16434] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 543.591888][T16438] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check. [ 543.692564][T16434] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #16: comm syz.6.4455: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 1796(4), depth 0(0) [ 544.042332][ T6330] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 544.371059][T16466] netlink: 'syz.6.4467': attribute type 1 has an invalid length. [ 544.438367][T16475] netlink: 'syz.2.4470': attribute type 1 has an invalid length. [ 544.900800][T16484] loop1: detected capacity change from 0 to 4096 [ 544.986491][T16484] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 545.020618][T16484] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096) [ 545.057386][T16484] NILFS (loop1): mounting unchecked fs [ 545.110858][T16500] netlink: 'syz.3.4480': attribute type 2 has an invalid length. [ 545.118650][T16500] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4480'. [ 545.191559][T16484] NILFS (loop1): recovery complete [ 545.239056][T16507] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 545.281256][T16500] : entered promiscuous mode [ 545.569609][T16517] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4483'. [ 545.606582][T16517] unsupported nlmsg_type 40 [ 546.048863][T16536] netlink: 'syz.3.4490': attribute type 2 has an invalid length. [ 546.110034][T16536] netlink: 'syz.3.4490': attribute type 8 has an invalid length. [ 546.138039][T16536] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4490'. [ 546.189515][T16545] loop1: detected capacity change from 0 to 64 [ 546.257972][T16477] loop0: detected capacity change from 0 to 32768 [ 546.434455][T16477] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 546.698177][T16477] XFS (loop0): Ending clean mount [ 546.759047][T16477] XFS (loop0): Quotacheck needed: Please wait. [ 546.974491][T16477] XFS (loop0): Quotacheck: Done. [ 547.340599][ T5847] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 547.739201][ T30] audit: type=1326 audit(1753722728.901:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16607 comm="syz.1.4509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 547.834795][ T30] audit: type=1326 audit(1753722728.901:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16607 comm="syz.1.4509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 547.928720][ T30] audit: type=1326 audit(1753722728.941:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16607 comm="syz.1.4509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 547.990295][ T30] audit: type=1326 audit(1753722728.941:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16607 comm="syz.1.4509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 548.100579][ T30] audit: type=1326 audit(1753722728.941:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16607 comm="syz.1.4509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 548.505884][ T55] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 548.571476][T16639] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4518'. [ 548.590845][T16576] infiniband syz!: set active [ 548.595620][T16576] infiniband syz!: added team_slave_0 [ 548.650840][T16576] syz!: rxe_create_cq: returned err = -12 [ 548.656702][T16576] infiniband syz!: Couldn't create ib_mad CQ [ 548.691689][ T55] usb 3-1: Using ep0 maxpacket: 8 [ 548.701271][T16576] infiniband syz!: Couldn't open port 1 [ 548.712281][ T55] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 548.754425][ T55] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 548.817137][ T55] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 548.846618][ T55] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e [ 548.880556][ T55] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 548.916723][T16576] RDS/IB: syz!: added [ 548.923963][ T55] usb 3-1: Product: syz [ 548.928166][ T55] usb 3-1: Manufacturer: syz [ 548.952451][T16576] smc: adding ib device syz! with port count 1 [ 548.958776][ T55] usb 3-1: SerialNumber: syz [ 548.987688][ T55] usb 3-1: config 0 descriptor?? [ 548.993111][T16576] smc: ib device syz! port 1 has pnetid [ 549.033882][ T55] streamzap 3-1:0.0: streamzap_probe: endpoint Max Packet Size is 0!?! [ 549.297531][T16669] loop5: detected capacity change from 0 to 256 [ 549.333376][ T55] usb 3-1: USB disconnect, device number 19 [ 549.358616][T16669] exfat: Deprecated parameter 'utf8' [ 549.381440][T16669] exfat: Deprecated parameter 'namecase' [ 549.388583][T16669] exfat: Deprecated parameter 'namecase' [ 549.417052][T16669] exfat: Deprecated parameter 'utf8' [ 549.449801][T16669] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffad0, utbl_chksum : 0xe619d30d) [ 549.528022][T16669] exFAT-fs (loop5): start_clu is invalid cluster(0x400) [ 550.196590][T16710] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4537'. [ 550.500697][T14892] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 550.575191][T16728] loop1: detected capacity change from 0 to 1024 [ 550.671354][T14892] usb 6-1: Using ep0 maxpacket: 32 [ 550.702869][T14892] usb 6-1: unable to get BOS descriptor or descriptor too short [ 550.743157][T14892] usb 6-1: config 255 has an invalid interface number: 81 but max is 0 [ 550.779445][T14892] usb 6-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 550.810318][T14892] usb 6-1: config 255 has no interface number 0 [ 550.829982][T14892] usb 6-1: config 255 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83 [ 550.897593][T14892] usb 6-1: config 255 interface 81 altsetting 3 endpoint 0x83 has invalid wMaxPacketSize 0 [ 550.907886][T16738] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.4544'. [ 550.907967][T16738] netlink: zone id is out of range [ 550.908064][T16738] netlink: get zone limit has 8 unknown bytes [ 551.021087][T14892] usb 6-1: config 255 interface 81 has no altsetting 0 [ 551.070329][T14892] usb 6-1: string descriptor 0 read error: -22 [ 551.088654][T14892] usb 6-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac [ 551.120386][ T30] audit: type=1326 audit(1753722732.281:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16743 comm="syz.1.4546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 551.124336][T14892] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 551.217437][ T30] audit: type=1326 audit(1753722732.281:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16743 comm="syz.1.4546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 551.324684][T14892] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:255.81/input/input33 [ 551.338466][ T30] audit: type=1326 audit(1753722732.341:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16743 comm="syz.1.4546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 551.460593][ T30] audit: type=1326 audit(1753722732.341:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16743 comm="syz.1.4546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 551.577772][T16762] loop1: detected capacity change from 0 to 64 [ 551.580855][ T30] audit: type=1326 audit(1753722732.341:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16743 comm="syz.1.4546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 551.901371][ T55] usb 6-1: USB disconnect, device number 18 [ 552.381837][T16794] loop1: detected capacity change from 0 to 4096 [ 552.455337][T16794] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 552.520785][T16794] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 552.528721][T16794] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 552.554011][T16807] bridge0: port 1(bridge_slave_0) entered disabled state [ 552.617905][T16794] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 552.670206][T16794] ntfs3(loop1): try to read out of volume at offset 0x3fffffc1c00 [ 552.691139][T16794] ntfs3(loop1): try to read out of volume at offset 0x3fffffc2c00 [ 552.699128][T16794] ntfs3(loop1): try to read out of volume at offset 0x3fffffc4c00 [ 552.707392][T16794] ntfs3(loop1): try to read out of volume at offset 0x3fffffc8c00 [ 552.715861][T16794] ntfs3(loop1): try to read out of volume at offset 0x3fffffd0c00 [ 552.724993][T16794] ntfs3(loop1): try to read out of volume at offset 0x3fffffe0c00 [ 552.840101][T16816] CIFS mount error: No usable UNC path provided in device string! [ 552.840101][T16816] [ 552.903161][T16816] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 552.946253][T16807] bridge_slave_0 (unregistering): left allmulticast mode [ 552.969091][T16807] bridge_slave_0 (unregistering): left promiscuous mode [ 553.010887][T16807] bridge0: port 1(bridge_slave_0) entered disabled state [ 553.045487][T16821] loop2: detected capacity change from 0 to 512 [ 553.185275][T16821] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 553.208832][T16821] ext4 filesystem being mounted at /775/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 553.572395][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 553.661720][T16836] loop1: detected capacity change from 0 to 4096 [ 553.673340][T14892] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 553.720617][T16836] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 553.783363][T16853] binder: 16851:16853 ioctl c018620b 0 returned -14 [ 553.863897][T14892] usb 7-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 553.893714][T14892] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 553.941843][T14892] usb 7-1: Product: syz [ 553.943637][T16836] ntfs3(loop1): ino=19, mi_enum_attr [ 553.950503][T14892] usb 7-1: Manufacturer: syz [ 553.978470][T14892] usb 7-1: SerialNumber: syz [ 553.988422][T16836] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 554.009345][T14892] usb 7-1: config 0 descriptor?? [ 554.097765][T16836] ntfs3(loop1): failed to convert "c46c" to cp862 [ 554.141533][T16836] ntfs3(loop1): ino=20, mi_enum_attr [ 554.472210][T14892] usb 7-1: f81604_write: reg: 105 data: ba failed: -EPROTO [ 554.497762][T14892] f81604 7-1:0.0: Setting termination of CH#0 failed: -EPROTO [ 554.531005][T14892] f81604 7-1:0.0: probe with driver f81604 failed with error -71 [ 554.595126][T14892] usb 7-1: USB disconnect, device number 18 [ 555.332489][T16913] netlink: 'syz.1.4584': attribute type 3 has an invalid length. [ 555.413523][T16913] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4584'. [ 555.702259][ T30] audit: type=1326 audit(1753722736.871:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16923 comm="syz.6.4588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 555.784163][ T30] audit: type=1326 audit(1753722736.901:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16923 comm="syz.6.4588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 555.904405][ T30] audit: type=1326 audit(1753722736.901:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16923 comm="syz.6.4588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 555.995032][ T30] audit: type=1326 audit(1753722736.901:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16923 comm="syz.6.4588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 556.097653][ T30] audit: type=1326 audit(1753722736.901:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16923 comm="syz.6.4588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 556.421908][ T24] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 556.600904][ T24] usb 2-1: Using ep0 maxpacket: 8 [ 556.624094][ T24] usb 2-1: config 0 interface 0 has no altsetting 0 [ 556.663916][ T24] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=bc.76 [ 556.699074][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 556.730885][ T24] usb 2-1: Product: syz [ 556.735127][ T24] usb 2-1: Manufacturer: syz [ 556.740600][T16899] loop0: detected capacity change from 0 to 40427 [ 556.758404][ T24] usb 2-1: SerialNumber: syz [ 556.786701][ T24] usb 2-1: config 0 descriptor?? [ 556.803107][T16899] F2FS-fs (loop0): build fault injection rate: 690 [ 556.809795][T16899] F2FS-fs (loop0): heap/no_heap options were deprecated [ 556.879694][T16899] F2FS-fs (loop0): invalid crc value [ 556.888323][ T24] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found [ 557.067990][ T24] snd_usb_toneport 2-1:0.0: cannot get proper max packet size [ 557.109298][T16972] loop5: detected capacity change from 0 to 2048 [ 557.118877][ T24] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected [ 557.154036][ T24] snd_usb_toneport 2-1:0.0: probe with driver snd_usb_toneport failed with error -22 [ 557.194828][T16980] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 557.237653][T16972] NILFS error (device loop5): nilfs_lookup: deleted inode referenced: 12 [ 557.279897][T16972] Remounting filesystem read-only [ 557.358238][ T5949] usb 2-1: USB disconnect, device number 28 [ 557.415694][T16899] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 557.427137][T16975] netlink: set zone limit has 4 unknown bytes [ 558.298790][T17023] 9p: Unknown access argument A: -22 [ 559.086364][T17052] bridge0: port 1(bridge_slave_0) entered disabled state [ 559.255597][T17059] netlink: 'syz.1.4626': attribute type 8 has an invalid length. [ 559.313144][T17052] bridge_slave_0 (unregistering): left allmulticast mode [ 559.326022][T17063] loop5: detected capacity change from 0 to 512 [ 559.351138][T17052] bridge_slave_0 (unregistering): left promiscuous mode [ 559.381348][T17052] bridge0: port 1(bridge_slave_0) entered disabled state [ 559.439794][T17063] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 559.491346][T17063] ext4 filesystem being mounted at /758/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 559.896338][ T5857] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 560.370796][T14892] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 560.562373][T14892] usb 7-1: Using ep0 maxpacket: 32 [ 560.591669][T14892] usb 7-1: unable to get BOS descriptor or descriptor too short [ 560.624561][T14892] usb 7-1: config 255 has an invalid interface number: 81 but max is 0 [ 560.640819][T14892] usb 7-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 560.703764][T14892] usb 7-1: config 255 has no interface number 0 [ 560.723078][T14892] usb 7-1: config 255 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83 [ 560.736044][T14892] usb 7-1: config 255 interface 81 altsetting 3 endpoint 0x83 has invalid wMaxPacketSize 0 [ 560.746379][T14892] usb 7-1: config 255 interface 81 has no altsetting 0 [ 560.763668][T14892] usb 7-1: string descriptor 0 read error: -22 [ 560.772673][T14892] usb 7-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac [ 560.830557][T14892] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 560.853782][T17135] loop2: detected capacity change from 0 to 256 [ 560.889105][T14892] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:255.81/input/input34 [ 561.053178][T17135] FAT-fs (loop2): Directory bread(block 64) failed [ 561.064733][T17135] FAT-fs (loop2): Directory bread(block 65) failed [ 561.102246][T17135] FAT-fs (loop2): Directory bread(block 66) failed [ 561.159981][T17135] FAT-fs (loop2): Directory bread(block 67) failed [ 561.194100][T17135] FAT-fs (loop2): Directory bread(block 68) failed [ 561.225916][T17135] FAT-fs (loop2): Directory bread(block 69) failed [ 561.247347][T17135] FAT-fs (loop2): Directory bread(block 70) failed [ 561.277076][T17135] FAT-fs (loop2): Directory bread(block 71) failed [ 561.321226][T17135] FAT-fs (loop2): Directory bread(block 72) failed [ 561.344359][T14892] usb 7-1: USB disconnect, device number 19 [ 561.348130][T17135] FAT-fs (loop2): Directory bread(block 73) failed [ 561.361803][T17160] bridge0: port 1(bridge_slave_0) entered disabled state [ 561.682630][T17160] bridge_slave_0 (unregistering): left allmulticast mode [ 561.740669][T17160] bridge_slave_0 (unregistering): left promiscuous mode [ 561.771126][T17160] bridge0: port 1(bridge_slave_0) entered disabled state [ 561.916763][T17182] 9pnet: Could not find request transport: xen [ 562.537640][T17217] loop3: detected capacity change from 0 to 1024 [ 562.602152][T17217] EXT4-fs: inline encryption not supported [ 562.606662][T17220] loop6: detected capacity change from 0 to 16 [ 562.659603][T17217] EXT4-fs: Ignoring removed i_version option [ 562.661019][T17220] erofs (device loop6): mounted with root inode @ nid 36. [ 562.753607][T17230] netlink: 'syz.1.4667': attribute type 30 has an invalid length. [ 562.768792][T17217] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 562.771602][T17220] erofs (device loop6): invalid tail-packing pclustersize 32768 [ 562.863619][T17220] erofs (device loop6): invalid tail-packing pclustersize 32768 [ 562.890122][T17217] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.4663: lblock 2 mapped to illegal pblock 2 (length 1) [ 562.947032][T17220] erofs (device loop6): read error -117 @ 32811 of nid 36 [ 562.992643][T17217] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 563.025184][T17217] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.4663: lblock 0 mapped to illegal pblock 48 (length 1) [ 563.090595][T17217] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 563.134984][T17217] EXT4-fs error (device loop3): ext4_acquire_dquot:6931: comm syz.3.4663: Failed to acquire dquot type 0 [ 563.176266][T17217] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 563.263640][T17217] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.4663: mark_inode_dirty error [ 563.334135][T17217] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117) [ 563.370682][T17217] EXT4-fs (loop3): 1 orphan inode deleted [ 563.390827][ T13] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1) [ 563.432747][T17217] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 563.459231][ T13] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 563.493693][ T13] EXT4-fs error (device loop3): ext4_release_dquot:6967: comm kworker/u8:1: Failed to release dquot type 0 [ 563.619200][T17217] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm syz.3.4663: lblock 1 mapped to illegal pblock 1 (length 1) [ 563.688363][T17217] Quota error (device loop3): find_next_id: Can't read quota tree block 1 [ 563.739680][T17222] loop5: detected capacity change from 0 to 32768 [ 563.808008][T17222] (syz.5.4665,17222,1):ocfs2_initialize_super:2092 ERROR: couldn't mount RDWR because of unsupported optional features (ffffff00). [ 563.868673][T17222] (syz.5.4665,17222,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 563.960601][ T5949] usb 1-1: new full-speed USB device number 22 using dummy_hcd [ 563.968065][ T5860] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.038148][ T5860] EXT4-fs error (device loop3): __ext4_get_inode_loc:4791: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 564.101261][ T5860] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 564.168973][ T5949] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 564.185135][ T5860] EXT4-fs error (device loop3): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 564.213723][ T5949] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 564.286781][ T5949] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 564.320762][ T5949] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 564.328831][ T5949] usb 1-1: Product: syz [ 564.391645][ T5949] usb 1-1: Manufacturer: syz [ 564.396320][ T5949] usb 1-1: SerialNumber: syz [ 564.710594][ T10] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 564.733132][ T5949] usb 1-1: 0:2 : does not exist [ 564.757194][ T5949] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 564.888767][ T5949] usb 1-1: USB disconnect, device number 22 [ 564.925465][ T10] usb 4-1: config 0 has an invalid interface number: 146 but max is 0 [ 564.927969][T17305] loop5: detected capacity change from 0 to 4096 [ 564.962662][ T10] usb 4-1: config 0 has no interface number 0 [ 564.989722][ T10] usb 4-1: New USB device found, idVendor=14ea, idProduct=ab11, bcdDevice=cf.a5 [ 565.015087][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 565.024209][T17305] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 565.059898][ T10] usb 4-1: config 0 descriptor?? [ 565.139180][ T6878] udevd[6878]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 565.276976][T17305] ntfs3(loop5): ino=19, mi_enum_attr [ 565.300493][T17305] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 565.363957][ T10] asix 4-1:0.146 (unnamed net_device) (uninitialized): invalid hw address, using random [ 565.380741][T17305] ntfs3(loop5): failed to convert "c46c" to macroman [ 565.402914][T17338] netlink: 248 bytes leftover after parsing attributes in process `syz.2.4691'. [ 565.440595][T17305] ntfs3(loop5): ino=20, mi_enum_attr [ 565.569822][ T10] asix 4-1:0.146 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 565.628048][ T10] asix 4-1:0.146 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 565.668110][ T10] asix 4-1:0.146: probe with driver asix failed with error -71 [ 565.747727][ T10] usb 4-1: USB disconnect, device number 19 [ 566.375022][ T30] audit: type=1326 audit(1753722747.541:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17380 comm="syz.0.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ccd8e9a9 code=0x7ffc0000 [ 566.488870][ T30] audit: type=1326 audit(1753722747.541:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17380 comm="syz.0.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ccd8e9a9 code=0x7ffc0000 [ 566.631781][ T30] audit: type=1326 audit(1753722747.541:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17380 comm="syz.0.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7f65ccd8e9a9 code=0x7ffc0000 [ 566.754632][ T30] audit: type=1326 audit(1753722747.541:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17380 comm="syz.0.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ccd8e9a9 code=0x7ffc0000 [ 566.843482][ T30] audit: type=1326 audit(1753722747.541:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17380 comm="syz.0.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ccd8e9a9 code=0x7ffc0000 [ 567.157238][T17415] netlink: 'syz.0.4715': attribute type 5 has an invalid length. [ 567.439162][T17424] loop1: detected capacity change from 0 to 16 [ 567.503106][T17424] erofs (device loop1): mounted with root inode @ nid 36. [ 567.565479][T17424] erofs (device loop1): invalid tail-packing pclustersize 32768 [ 567.605781][T17424] erofs (device loop1): invalid tail-packing pclustersize 32768 [ 567.653633][T17424] erofs (device loop1): read error -117 @ 32811 of nid 36 [ 567.766895][T17440] loop5: detected capacity change from 0 to 1024 [ 568.700691][ T24] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 568.871484][ T24] usb 7-1: Using ep0 maxpacket: 8 [ 568.889519][ T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 568.933216][ T24] usb 7-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 568.980350][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 569.034301][ T24] usb 7-1: config 0 descriptor?? [ 569.064454][T17503] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 569.067014][ T24] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 569.485860][ T24] gspca_vc032x: reg_w err -71 [ 569.503474][ T24] vc032x 7-1:0.0: probe with driver vc032x failed with error -71 [ 569.548488][ T24] usb 7-1: USB disconnect, device number 20 [ 569.695338][T17527] batadv2: entered promiscuous mode [ 569.889135][T17545] loop3: detected capacity change from 0 to 64 [ 569.964544][T17545] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 570.436059][T17563] x_tables: unsorted underflow at hook 3 [ 570.561735][T17558] loop2: detected capacity change from 0 to 4096 [ 571.017704][T17585] program syz.0.4763 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 571.546917][T17603] loop3: detected capacity change from 0 to 512 [ 571.604804][ C1] sd 0:0:1:0: [sda] tag#2218 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 571.615492][ C1] sd 0:0:1:0: [sda] tag#2218 CDB: Read(6) 08 00 9f d1 fe de [ 571.632906][T17603] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 571.642178][T17608] loop6: detected capacity change from 0 to 256 [ 571.773547][T17550] loop1: detected capacity change from 0 to 32768 [ 571.790252][T17603] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 571.870900][T17550] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4754 (17550) [ 571.890807][T17603] ext4 filesystem being mounted at /814/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 572.000603][T17550] BTRFS info (device loop1): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 572.070924][T17550] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm [ 572.079814][T17550] BTRFS info (device loop1): using free-space-tree [ 572.177487][T17603] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 572.368793][T17650] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4780'. [ 572.378359][T17650] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4780'. [ 572.387534][T17650] netlink: 3 bytes leftover after parsing attributes in process `syz.6.4780'. [ 572.437795][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 572.447082][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 572.621827][ T5860] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.684601][T17665] netlink: 'syz.2.4784': attribute type 33 has an invalid length. [ 572.725108][T17665] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.4784'. [ 572.770792][ T5844] BTRFS info (device loop1): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 573.502983][T17697] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4793'. [ 573.640928][T17703] new mount options do not match the existing superblock, will be ignored [ 574.291703][T17726] batadv1: entered promiscuous mode [ 574.503908][T17742] loop6: detected capacity change from 0 to 128 [ 574.527712][T17743] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4807'. [ 574.624464][T17742] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 574.695319][T17742] ext4 filesystem being mounted at /739/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 574.811709][T17742] EXT4-fs error (device loop6): ext4_validate_block_bitmap:423: comm syz.6.4806: bg 0: bad block bitmap checksum [ 574.991139][ T10] usb 6-1: new full-speed USB device number 19 using dummy_hcd [ 575.099936][ T6330] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 575.205539][ T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 575.225705][T17775] loop3: detected capacity change from 0 to 256 [ 575.230583][ T10] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 575.286653][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 575.330601][T17775] FAT-fs (loop3): Directory bread(block 64) failed [ 575.337426][T17775] FAT-fs (loop3): Directory bread(block 65) failed [ 575.339568][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 575.350203][T17775] FAT-fs (loop3): Directory bread(block 66) failed [ 575.355550][T17783] loop2: detected capacity change from 0 to 256 [ 575.381211][T17775] FAT-fs (loop3): Directory bread(block 67) failed [ 575.387919][T17775] FAT-fs (loop3): Directory bread(block 68) failed [ 575.404667][ T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 575.440819][T17775] FAT-fs (loop3): Directory bread(block 69) failed [ 575.447550][T17775] FAT-fs (loop3): Directory bread(block 70) failed [ 575.468631][ T10] usb 6-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 575.478324][T17775] FAT-fs (loop3): Directory bread(block 71) failed [ 575.478474][T17775] FAT-fs (loop3): Directory bread(block 72) failed [ 575.478519][T17775] FAT-fs (loop3): Directory bread(block 73) failed [ 575.598314][T17783] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 575.599972][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 575.640797][T17783] FAT-fs (loop2): Filesystem has been set read-only [ 575.660609][ T10] usb 6-1: Product: syz [ 575.675217][ T10] usb 6-1: Manufacturer: syz [ 575.679909][ T10] usb 6-1: SerialNumber: syz [ 575.699413][ T10] usb 6-1: config 0 descriptor?? [ 575.944814][ T10] radio-si470x 6-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 575.977605][ T10] radio-si470x 6-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 576.136054][ T10] radio-si470x 6-1:0.0: si470x_get_report: usb_control_msg returned -71 [ 576.168722][ T10] radio-si470x 6-1:0.0: si470x_get_scratch: si470x_get_report returned -71 [ 576.194792][ T10] radio-si470x 6-1:0.0: probe with driver radio-si470x failed with error -5 [ 576.257252][ T10] usb 6-1: USB disconnect, device number 19 [ 577.936457][T17893] 8021q: adding VLAN 0 to HW filter on device bond0 [ 577.986393][T17916] loop6: detected capacity change from 0 to 2048 [ 578.042286][T17932] netlink: 'syz.2.4855': attribute type 1 has an invalid length. [ 578.050083][T17932] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4855'. [ 578.060603][T17916] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 578.161335][T17932] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4855'. [ 578.225591][T17938] netlink: 'syz.3.4857': attribute type 1 has an invalid length. [ 578.290240][T17938] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4857'. [ 578.334756][T17940] netlink: 'syz.1.4858': attribute type 1 has an invalid length. [ 578.613819][T17953] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4862'. [ 578.683882][T17953] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4862'. [ 578.918118][T17968] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4866'. [ 578.981667][T17968] batadv_slave_1: entered promiscuous mode [ 579.484965][T17996] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 579.580839][ T5947] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 579.780592][ T5947] usb 7-1: Using ep0 maxpacket: 8 [ 579.809012][ T5947] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 579.821269][T18008] xt_connbytes: Forcing CT accounting to be enabled [ 579.847258][ T5947] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 579.861030][T18008] --map-set only usable from mangle table [ 579.883107][T18005] loop5: detected capacity change from 0 to 4096 [ 579.886622][ T5947] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 579.941081][ T5947] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 579.988505][T18005] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 579.988806][ T5947] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 580.083794][ T5857] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.140979][ T5948] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 580.170556][ T5947] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 580.218545][ T5947] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.361597][ T5948] usb 3-1: Using ep0 maxpacket: 16 [ 580.387517][ T5948] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 580.428591][ T5948] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 580.458481][ T5948] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 580.458607][ T30] audit: type=1326 audit(1753722761.621:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18037 comm="syz.5.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ca78e9a9 code=0x7ff00000 [ 580.486434][ T5948] usb 3-1: config 1 interface 0 has no altsetting 1 [ 580.501647][ T5949] usb 4-1: new full-speed USB device number 20 using dummy_hcd [ 580.535314][ T30] audit: type=1326 audit(1753722761.621:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18037 comm="syz.5.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ca78e9a9 code=0x7ff00000 [ 580.572409][ T30] audit: type=1326 audit(1753722761.621:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18037 comm="syz.5.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ca78e9a9 code=0x7ff00000 [ 580.600298][ T5948] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 580.628841][ T5948] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 580.639480][ T5948] usb 3-1: Product: syz [ 580.648091][ T5948] usb 3-1: Manufacturer: syz [ 580.655720][ T30] audit: type=1326 audit(1753722761.621:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18037 comm="syz.5.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ca78e9a9 code=0x7ff00000 [ 580.690991][ T5948] usb 3-1: SerialNumber: syz [ 580.699747][ T30] audit: type=1326 audit(1753722761.621:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18037 comm="syz.5.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ca78e9a9 code=0x7ff00000 [ 580.720339][ T24] usb 7-1: USB disconnect, device number 21 [ 580.750205][ T5948] cdc_ncm 3-1:1.0: skipping garbage [ 580.757993][ T5948] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found [ 580.765005][ T5949] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 580.775388][ T5949] usb 4-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3 [ 580.784468][ T5948] cdc_ncm 3-1:1.0: bind() failure [ 580.793511][ T5949] usb 4-1: Product: syz [ 580.797725][ T5949] usb 4-1: Manufacturer: syz [ 580.809582][ T30] audit: type=1326 audit(1753722761.621:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18037 comm="syz.5.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ca78e9a9 code=0x7ff00000 [ 580.836918][ T5949] usb 4-1: SerialNumber: syz [ 580.845181][ T30] audit: type=1326 audit(1753722761.621:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18037 comm="syz.5.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ca78e9a9 code=0x7ff00000 [ 580.896914][ T5949] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 580.925203][ T30] audit: type=1326 audit(1753722761.621:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18037 comm="syz.5.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ca78e9a9 code=0x7ff00000 [ 580.978065][ T30] audit: type=1326 audit(1753722761.621:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18037 comm="syz.5.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ca78e9a9 code=0x7ff00000 [ 581.009444][ T30] audit: type=1326 audit(1753722761.621:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18037 comm="syz.5.4883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ca78e9a9 code=0x7ff00000 [ 581.028897][ T5948] usb 3-1: USB disconnect, device number 20 [ 581.302009][ T5949] vp7045: USB control message 'in' went wrong. [ 581.312794][ T5949] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 581.342707][ T5949] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 581.383281][ T5949] usb 4-1: USB disconnect, device number 20 [ 581.581506][T18094] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4893'. [ 581.910918][T18108] overlayfs: cannot append lower layer [ 582.312107][T18128] netlink: 'syz.2.4903': attribute type 11 has an invalid length. [ 582.346274][T18128] netlink: 'syz.2.4903': attribute type 4 has an invalid length. [ 582.356154][T18131] loop6: detected capacity change from 0 to 8 [ 582.380886][T18128] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4903'. [ 582.477212][T18137] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 582.789600][T18150] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4910'. [ 583.166682][T18169] comedi comedi0: dmm32at: I/O port conflict (0xee,16) [ 583.498634][T18188] Device name not specified. [ 583.498634][T18188] [ 583.517044][T18186] netlink: 'syz.3.4923': attribute type 3 has an invalid length. [ 583.551394][T18186] netlink: 'syz.3.4923': attribute type 1 has an invalid length. [ 583.559196][T18186] netlink: 216 bytes leftover after parsing attributes in process `syz.3.4923'. [ 583.597872][T18186] NCSI netlink: No device for ifindex 33022 [ 584.400687][ T10] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 584.600793][ T10] usb 7-1: Using ep0 maxpacket: 32 [ 584.613017][ T10] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 584.644526][ T10] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 584.666759][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 584.685852][ T10] usb 7-1: Product: syz [ 584.690233][ T10] usb 7-1: Manufacturer: syz [ 584.711043][ T10] usb 7-1: SerialNumber: syz [ 584.738838][ T10] usb 7-1: config 0 descriptor?? [ 584.748869][T18237] bad cache= option: no%e [ 584.748869][T18237] [ 584.773367][ T10] quatech2 7-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected [ 584.805238][T18237] CIFS: VFS: bad cache= option: no%e [ 584.847281][T18244] overlayfs: unescaped trailing colons in lowerdir mount option. [ 585.001693][ T10] usb 7-1: qt2_setup_urbs - submit read urb failed -8 [ 585.008804][ T10] quatech2 7-1:0.0: probe with driver quatech2 failed with error -8 [ 585.246433][T18261] netlink: 'syz.1.4947': attribute type 9 has an invalid length. [ 585.250087][ T55] usb 7-1: USB disconnect, device number 22 [ 585.290744][T18261] netlink: 'syz.1.4947': attribute type 9 has an invalid length. [ 585.901173][T18289] wireguard0: entered promiscuous mode [ 585.943095][T18289] wireguard0: entered allmulticast mode [ 586.099932][T18300] loop1: detected capacity change from 0 to 2048 [ 586.168853][T18300] NILFS (loop1): invalid segment: Checksum error in segment payload [ 586.200341][T18300] NILFS (loop1): trying rollback from an earlier position [ 586.342979][T18300] NILFS (loop1): norecovery option specified, skipping roll-forward recovery [ 586.495777][T18300] NILFS (loop1): couldn't remount because the filesystem is in an incomplete recovery state [ 586.951122][T18334] netlink: 'syz.1.4971': attribute type 11 has an invalid length. [ 586.980203][T18336] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 588.005392][T18374] sctp: [Deprecated]: syz.3.4985 (pid 18374) Use of int in max_burst socket option deprecated. [ 588.005392][T18374] Use struct sctp_assoc_value instead [ 588.332139][ T55] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 588.580622][ T55] usb 3-1: config 0 has an invalid interface number: 69 but max is 0 [ 588.588788][ T55] usb 3-1: config 0 has no interface number 0 [ 588.640378][ T55] usb 3-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 588.709267][ T55] usb 3-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 588.759183][ T55] usb 3-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 588.799666][ T55] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 588.828451][ T55] usb 3-1: Product: syz [ 588.843449][ T55] usb 3-1: Manufacturer: syz [ 588.848109][ T55] usb 3-1: SerialNumber: syz [ 588.911968][ T55] usb 3-1: config 0 descriptor?? [ 588.951112][T18377] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 588.967732][ T55] cyberjack 3-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 589.084630][T18417] netlink: 52 bytes leftover after parsing attributes in process `syz.1.4998'. [ 589.121400][ T55] usb 3-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 589.410537][ T5948] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 589.490839][ T10] usb 3-1: USB disconnect, device number 21 [ 589.524729][ T10] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 589.581491][ T10] cyberjack 3-1:0.69: device disconnected [ 589.609388][ T5948] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 589.632930][ T5948] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 589.650888][ T5948] usb 4-1: Product: syz [ 589.662229][ T5948] usb 4-1: Manufacturer: syz [ 589.672209][ T5948] usb 4-1: SerialNumber: syz [ 589.773653][ T5948] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 589.817000][ T5949] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 589.933363][T18464] xt_cgroup: invalid path, errno=-2 [ 589.974896][T18467] netlink: 164 bytes leftover after parsing attributes in process `syz.1.5007'. [ 590.397002][ T55] usb 4-1: USB disconnect, device number 21 [ 590.654610][T18490] loop6: detected capacity change from 0 to 1024 [ 590.730914][ T24] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 590.797605][T18490] __quota_error: 62 callbacks suppressed [ 590.797633][T18490] Quota error (device loop6): do_check_range: Getting block 64 out of range 1-5 [ 590.862496][T18490] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0 [ 590.884381][T18490] EXT4-fs error (device loop6): ext4_acquire_dquot:6931: comm syz.6.5015: Failed to acquire dquot type 0 [ 590.915919][ T5949] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 590.918798][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 590.943808][T18490] EXT4-fs error (device loop6): mb_free_blocks:1945: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 590.944403][ T5949] ath9k_htc: Failed to initialize the device [ 590.975916][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7 [ 590.988164][T18490] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #13: comm syz.6.5015: corrupted inode contents [ 591.000058][ T24] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 591.000101][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 591.000147][ T24] usb 1-1: Product: syz [ 591.000174][ T24] usb 1-1: Manufacturer: syz [ 591.000202][ T24] usb 1-1: SerialNumber: syz [ 591.004545][ T24] usb 1-1: config 0 descriptor?? [ 591.020742][T18507] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5019'. [ 591.058181][ T55] usb 4-1: ath9k_htc: USB layer deinitialized [ 591.087892][T18490] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #13: comm syz.6.5015: mark_inode_dirty error [ 591.185341][T18490] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #13: comm syz.6.5015: corrupted inode contents [ 591.201967][T18490] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #13: comm syz.6.5015: mark_inode_dirty error [ 591.228898][T18490] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #13: comm syz.6.5015: corrupted inode contents [ 591.255074][T18490] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem [ 591.295725][T18490] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #13: comm syz.6.5015: corrupted inode contents [ 591.339711][T18490] EXT4-fs error (device loop6): ext4_truncate:4597: inode #13: comm syz.6.5015: mark_inode_dirty error [ 591.387176][T18490] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem [ 591.485427][T18490] EXT4-fs (loop6): 1 truncate cleaned up [ 591.500767][ T24] usb 1-1: USB disconnect, device number 23 [ 591.595417][T18490] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 591.816777][ T5906] udevd[5906]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 591.832558][T18490] Quota error (device loop6): do_check_range: Getting block 64 out of range 1-5 [ 591.870613][T18490] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0 [ 591.894059][T18490] EXT4-fs error (device loop6): ext4_acquire_dquot:6931: comm syz.6.5015: Failed to acquire dquot type 0 [ 592.139382][T18567] netlink: 'syz.3.5031': attribute type 2 has an invalid length. [ 592.175763][T18567] netlink: 'syz.3.5031': attribute type 1 has an invalid length. [ 592.225774][ T6330] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 592.755892][T18595] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5042'. [ 592.801632][T18595] netlink: 'syz.0.5042': attribute type 5 has an invalid length. [ 592.811003][T18595] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5042'. [ 592.875743][T18603] netlink: 'syz.3.5044': attribute type 10 has an invalid length. [ 592.901732][T18595] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 592.905321][ T30] audit: type=1326 audit(1753722774.071:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18601 comm="syz.1.5043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 592.946467][T18595] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 592.955365][T18595] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 592.964301][T18595] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 592.973570][T18595] geneve2: entered promiscuous mode [ 592.978964][ T30] audit: type=1326 audit(1753722774.141:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18601 comm="syz.1.5043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 592.981492][T18595] geneve2: entered allmulticast mode [ 593.002436][ T30] audit: type=1326 audit(1753722774.141:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18601 comm="syz.1.5043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 593.040489][ T30] audit: type=1326 audit(1753722774.201:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18601 comm="syz.1.5043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 593.127560][ T30] audit: type=1326 audit(1753722774.201:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18601 comm="syz.1.5043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 593.220677][ T30] audit: type=1326 audit(1753722774.201:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18601 comm="syz.1.5043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf7e98e9a9 code=0x7ffc0000 [ 593.630864][ T55] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 593.820700][ T55] usb 2-1: Using ep0 maxpacket: 32 [ 593.842223][ T55] usb 2-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 593.873149][ T55] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 593.923370][ T55] usb 2-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0 [ 593.957587][ T55] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 593.997005][ T55] usb 2-1: Product: syz [ 594.030741][ T55] usb 2-1: Manufacturer: syz [ 594.050528][ T55] usb 2-1: SerialNumber: syz [ 594.094275][ T55] usb 2-1: config 0 descriptor?? [ 594.125785][ T55] qmi_wwan 2-1:0.0: bogus CDC Union: master=0, slave=247 [ 594.157756][ T55] qmi_wwan 2-1:0.0: probe with driver qmi_wwan failed with error -22 [ 594.184916][T18654] loop5: detected capacity change from 0 to 1024 [ 594.430108][ T55] usb 2-1: USB disconnect, device number 29 [ 594.451608][T18664] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5064'. [ 594.519497][ T4422] hfsplus: b-tree write err: -5, ino 4 [ 595.106035][T18689] loop6: detected capacity change from 0 to 4096 [ 595.170071][T18689] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 595.283257][T18689] ntfs3(loop6): Failed to initialize $Extend/$Reparse. [ 595.313498][T18706] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5077'. [ 595.860729][ T55] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 596.050775][ T5948] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 596.060844][ T55] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 596.088931][ T55] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 596.112471][ T55] usb 2-1: Product: syz [ 596.128618][ T55] usb 2-1: Manufacturer: syz [ 596.139069][ T55] usb 2-1: SerialNumber: syz [ 596.182001][ T55] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 596.203506][ T5948] usb 7-1: Using ep0 maxpacket: 8 [ 596.206903][ T24] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 596.233006][ T5948] usb 7-1: unable to get BOS descriptor or descriptor too short [ 596.253837][ T5948] usb 7-1: config 4 interface 0 has no altsetting 0 [ 596.268704][ T5948] usb 7-1: string descriptor 0 read error: -22 [ 596.279833][ T5948] usb 7-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 596.309550][ T5948] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 596.389773][ T5948] usb 7-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 596.429559][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 596.429585][ T30] audit: type=1326 audit(1753722777.591:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18744 comm="syz.0.5087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ccd8e9a9 code=0x7ffc0000 [ 596.499857][ T30] audit: type=1326 audit(1753722777.591:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18744 comm="syz.0.5087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ccd8e9a9 code=0x7ffc0000 [ 596.523176][ T30] audit: type=1326 audit(1753722777.631:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18744 comm="syz.0.5087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f65ccd8e9a9 code=0x7ffc0000 [ 596.546757][ T30] audit: type=1326 audit(1753722777.631:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18744 comm="syz.0.5087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ccd8e9a9 code=0x7ffc0000 [ 596.567485][ T5948] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 596.570174][ T30] audit: type=1326 audit(1753722777.631:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18744 comm="syz.0.5087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ccd8e9a9 code=0x7ffc0000 [ 596.651446][ T5948] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 596.670982][ T5948] usb 7-1: media controller created [ 596.766798][T18713] loop3: detected capacity change from 0 to 32768 [ 596.773575][ T5948] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 596.818285][ T10] usb 2-1: USB disconnect, device number 30 [ 597.124252][T18728] loop5: detected capacity change from 0 to 32768 [ 597.204217][ T5947] usb 7-1: USB disconnect, device number 23 [ 597.391219][ T24] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 597.426120][ T24] ath9k_htc: Failed to initialize the device [ 597.470517][ T10] usb 2-1: ath9k_htc: USB layer deinitialized [ 597.666533][T18796] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5096'. [ 597.941256][T18804] random: crng reseeded on system resumption [ 598.024159][T18804] Restarting kernel threads ... [ 598.055425][T18804] Done restarting kernel threads. [ 598.125734][ T30] audit: type=1326 audit(1753722779.291:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18810 comm="syz.6.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 598.175505][T18817] loop2: detected capacity change from 0 to 256 [ 598.246812][ T30] audit: type=1326 audit(1753722779.291:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18810 comm="syz.6.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 598.360592][ T30] audit: type=1326 audit(1753722779.321:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18810 comm="syz.6.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 598.493378][ T30] audit: type=1326 audit(1753722779.321:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18810 comm="syz.6.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 599.093122][T18850] loop1: detected capacity change from 0 to 16 [ 599.131588][T18850] erofs (device loop1): mounted with root inode @ nid 36. [ 599.191028][T18850] erofs (device loop1): read error -95 @ 8200 of nid 36 [ 599.349808][T18862] netlink: 'syz.0.5119': attribute type 33 has an invalid length. [ 599.420853][T18862] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.5119'. [ 599.555211][T18869] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5121'. [ 599.963166][T18888] loop3: detected capacity change from 0 to 128 [ 600.022143][T18891] netlink: 'syz.1.5129': attribute type 3 has an invalid length. [ 600.811956][T18929] netlink: 'syz.3.5142': attribute type 4 has an invalid length. [ 601.330611][ T24] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 601.367808][T18952] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5148'. [ 601.499566][ T24] usb 3-1: config 0 has an invalid interface number: 11 but max is 0 [ 601.541603][ T24] usb 3-1: config 0 has no interface number 0 [ 601.547833][ T24] usb 3-1: config 0 interface 11 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 8 [ 601.594477][ T24] usb 3-1: config 0 interface 11 altsetting 0 endpoint 0xE has invalid maxpacket 1023, setting to 64 [ 601.670571][ T24] usb 3-1: config 0 interface 11 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 1024 [ 601.713033][ T24] usb 3-1: New USB device found, idVendor=0f3d, idProduct=68aa, bcdDevice=b4.ca [ 601.728634][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 601.758339][ T24] usb 3-1: Product: syz [ 601.770670][T14892] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 601.779005][ T24] usb 3-1: Manufacturer: syz [ 601.807282][ T24] usb 3-1: SerialNumber: syz [ 601.835399][ T24] usb 3-1: config 0 descriptor?? [ 601.864409][T18938] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 601.891497][T18938] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 601.950649][T14892] usb 1-1: Using ep0 maxpacket: 16 [ 601.969312][T14892] usb 1-1: config 0 has an invalid interface number: 126 but max is 0 [ 601.992634][T14892] usb 1-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config [ 602.030737][T14892] usb 1-1: config 0 has no interface number 0 [ 602.050865][T14892] usb 1-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87 [ 602.083991][T14892] usb 1-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024 [ 602.141399][T14892] usb 1-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64 [ 602.165060][T18938] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 602.185637][T14892] usb 1-1: config 0 interface 126 altsetting 0 endpoint 0x4 has invalid maxpacket 29797, setting to 1024 [ 602.211103][T18938] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 602.248747][T14892] usb 1-1: config 0 interface 126 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024 [ 602.272489][ T24] usb 3-1: No status endpoint found [ 602.297978][T14892] usb 1-1: config 0 interface 126 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 602.370706][T14892] usb 1-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88 [ 602.420802][T14892] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 602.462815][T14892] usb 1-1: config 0 descriptor?? [ 602.482760][T18959] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 602.491687][T18959] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 602.535032][T14892] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 602.549506][ T5948] usb 3-1: USB disconnect, device number 22 [ 602.581856][T18939] loop6: detected capacity change from 0 to 32768 [ 602.617191][T18939] (syz.6.5143,18939,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 602.660894][T19013] loop3: detected capacity change from 0 to 16 [ 602.679712][T18939] (syz.6.5143,18939,0):ocfs2_block_check_validate:400 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 602.691357][T19013] erofs (device loop3): mounted with root inode @ nid 36. [ 602.767657][T19013] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 602.797872][T18939] JBD2: Ignoring recovery information on journal [ 602.832899][T19013] erofs (device loop3): read error -117 @ 43 of nid 36 [ 602.881386][T18939] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 602.950958][ T55] usb 1-1: USB disconnect, device number 24 [ 603.130276][ T6148] udevd[6148]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.126/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 603.526109][T19039] loop3: detected capacity change from 0 to 4096 [ 603.549326][T19039] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 603.574544][ T6330] ocfs2: Unmounting device (7,6) on (node local) [ 603.762659][T19039] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 603.800760][T19061] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5170'. [ 603.844089][T19065] macsec0: entered promiscuous mode [ 603.849612][T19065] macsec0: entered allmulticast mode [ 603.902625][T19065] veth1_macvtap: entered allmulticast mode [ 604.351004][T19082] netlink: 48 bytes leftover after parsing attributes in process `syz.6.5175'. [ 604.493283][T19089] netlink: 'syz.3.5176': attribute type 1 has an invalid length. [ 605.539739][T19126] tmpfs: Bad value for 'mpol' [ 605.663101][T19131] loop3: detected capacity change from 0 to 1024 [ 605.699576][T19131] EXT4-fs: Ignoring removed oldalloc option [ 605.758461][T19131] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 605.789679][T19131] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 605.927262][T19131] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 605.967868][T19088] loop5: detected capacity change from 0 to 32768 [ 606.035385][T19131] fscrypt (loop3, inode 15): Error -61 getting encryption context [ 606.080686][T19156] netlink: 'syz.2.5197': attribute type 1 has an invalid length. [ 606.086178][T19088] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 606.177014][T19160] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3) [ 606.183611][T19160] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 606.252984][T19166] vhci_hcd vhci_hcd.0: pdev(6) rhport(1) sockfd(6) [ 606.259587][T19166] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 606.269208][ T5860] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 606.272535][T19160] vhci_hcd vhci_hcd.0: Device attached [ 606.340219][T19166] vhci_hcd vhci_hcd.0: Device attached [ 606.442658][T19088] XFS (loop5): Ending clean mount [ 606.466687][T19167] vhci_hcd: connection closed [ 606.471481][ T5948] vhci_hcd: vhci_device speed not set [ 606.476921][ T12] vhci_hcd: stop threads [ 606.483845][T19164] vhci_hcd: connection closed [ 606.541220][ T12] vhci_hcd: release socket [ 606.578418][ T12] vhci_hcd: disconnect device [ 606.580558][ T5948] usb 45-1: new full-speed USB device number 2 using vhci_hcd [ 606.591263][ T12] vhci_hcd: stop threads [ 606.598659][ T12] vhci_hcd: release socket [ 606.611198][ T12] vhci_hcd: disconnect device [ 606.650526][ T5948] usb 45-1: enqueue for inactive port 0 [ 606.751941][ T5948] vhci_hcd: vhci_device speed not set [ 606.810193][ T5857] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 607.440319][T19208] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 607.651257][T19200] loop2: detected capacity change from 0 to 8192 [ 608.155413][T19237] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5221'. [ 608.948809][T19268] netlink: 'syz.6.5233': attribute type 5 has an invalid length. [ 608.999242][T19271] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 609.620603][ T55] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 609.733681][T19302] loop3: detected capacity change from 0 to 4096 [ 609.788454][ T55] usb 3-1: Using ep0 maxpacket: 8 [ 609.813746][ T55] usb 3-1: unable to get BOS descriptor or descriptor too short [ 609.861237][ T55] usb 3-1: config 4 interface 0 has no altsetting 0 [ 609.880260][ T55] usb 3-1: string descriptor 0 read error: -22 [ 609.905455][ T55] usb 3-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 609.948085][ T55] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 609.998647][T19302] ntfs3(loop3): ino=1f, mi_enum_attr [ 610.015695][ T55] usb 3-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 610.028055][T19302] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 610.081625][ T55] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 610.148312][ T55] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 610.200643][ T55] usb 3-1: media controller created [ 610.325997][ T55] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 610.334601][T19334] overlayfs: conflicting options: userxattr,redirect_dir=on [ 610.666906][T19348] loop1: detected capacity change from 0 to 2048 [ 610.683134][T19355] binder: 19347:19355 ioctl c018620c 200000001300 returned -1 [ 610.775112][T19348] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 610.841516][ T5948] usb 3-1: USB disconnect, device number 23 [ 611.780333][T19405] netlink: 180 bytes leftover after parsing attributes in process `syz.5.5272'. [ 611.911153][T19409] xt_TCPMSS: Only works on TCP SYN packets [ 612.255009][T19428] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 612.261610][T19428] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 612.350550][T19428] vhci_hcd vhci_hcd.0: Device attached [ 612.400856][T19432] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(6) [ 612.407461][T19432] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 612.480825][ T10] vhci_hcd: vhci_device speed not set [ 612.499127][T19432] vhci_hcd vhci_hcd.0: Device attached [ 612.540595][ T10] usb 35-1: new full-speed USB device number 2 using vhci_hcd [ 612.590566][T19433] vhci_hcd: connection closed [ 612.593929][T19429] vhci_hcd: connection reset by peer [ 612.604282][ T1141] vhci_hcd: stop threads [ 612.608616][ T1141] vhci_hcd: release socket [ 612.631453][ T1141] vhci_hcd: disconnect device [ 612.690793][ T13] vhci_hcd: stop threads [ 612.695114][ T13] vhci_hcd: release socket [ 612.710074][ T13] vhci_hcd: disconnect device [ 612.898189][T19459] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 613.014590][T19464] loop2: detected capacity change from 0 to 128 [ 613.114888][T19464] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 613.232052][T19464] ext4 filesystem being mounted at /909/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 613.455617][T19481] xt_HMARK: proto mask must be zero with L3 mode [ 613.543189][ T5850] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 613.699442][T19457] orangefs_mount: mount request failed with -4 [ 613.768392][T19492] netlink: 52 bytes leftover after parsing attributes in process `syz.0.5300'. [ 615.638261][T19576] netlink: 'syz.6.5329': attribute type 10 has an invalid length. [ 615.684184][T19576] team0: Cannot enslave team device to itself [ 616.501058][ T55] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 616.732522][ T55] usb 4-1: Using ep0 maxpacket: 8 [ 616.751442][ T55] usb 4-1: unable to get BOS descriptor or descriptor too short [ 616.814049][ T55] usb 4-1: config 4 interface 0 has no altsetting 0 [ 616.839834][ T55] usb 4-1: string descriptor 0 read error: -22 [ 616.856829][ T55] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 616.897356][ T55] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 616.968135][T19560] loop5: detected capacity change from 0 to 32768 [ 616.972560][ T55] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 617.037185][ T55] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 617.105893][ T55] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 617.110796][T19560] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 617.143907][ T55] usb 4-1: media controller created [ 617.203947][ T55] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 617.307632][T19653] loop6: detected capacity change from 0 to 1764 [ 617.410809][T19560] XFS (loop5): Ending clean mount [ 617.410863][T19653] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 617.461240][T19560] XFS (loop5): Quotacheck needed: Please wait. [ 617.506297][T19666] xt_policy: too many policy elements [ 617.612256][T19560] XFS (loop5): Quotacheck: Done. [ 617.689785][ T55] usb 4-1: USB disconnect, device number 22 [ 617.704215][ T10] vhci_hcd: vhci_device speed not set [ 617.961715][ T5857] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 618.234333][T19695] netlink: 132 bytes leftover after parsing attributes in process `syz.6.5355'. [ 619.066281][T19723] netlink: 'syz.3.5362': attribute type 8 has an invalid length. [ 619.453900][T19741] loop3: detected capacity change from 0 to 64 [ 619.593108][T19745] ceph: No source [ 619.647024][T19670] loop1: detected capacity change from 0 to 40427 [ 619.687323][T19670] F2FS-fs (loop1): build fault injection rate: 771 [ 619.791800][T19670] F2FS-fs (loop1): invalid crc value [ 620.240331][T19670] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 620.294525][T19773] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5377'. [ 620.450657][T19783] netlink: 'syz.5.5380': attribute type 10 has an invalid length. [ 620.525187][T19783] : (slave dummy0): Enslaving as an active interface with an up link [ 620.734247][T19795] netlink: 'syz.3.5385': attribute type 2 has an invalid length. [ 621.882150][T19843] netlink: 'syz.0.5401': attribute type 1 has an invalid length. [ 621.922877][T19843] netlink: 'syz.0.5401': attribute type 1 has an invalid length. [ 622.970651][T19900] netlink: 9280 bytes leftover after parsing attributes in process `syz.5.5418'. [ 623.151219][ T24] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 623.360620][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 623.377457][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 623.414594][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 623.451759][ T24] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 623.507366][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 623.567644][ T24] usb 1-1: config 0 descriptor?? [ 623.606961][ T24] hub 1-1:0.0: USB hub found [ 623.769669][T19931] netlink: 164 bytes leftover after parsing attributes in process `syz.5.5429'. [ 623.823353][ T24] hub 1-1:0.0: 2 ports detected [ 623.854620][T19934] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5430'. [ 624.036091][ T24] hub 1-1:0.0: hub_hub_status failed (err = -71) [ 624.060501][ T24] hub 1-1:0.0: config failed, can't get hub status (err -71) [ 624.140187][ T24] usbhid 1-1:0.0: can't add hid device: -71 [ 624.146611][ T24] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 624.240246][ T24] usb 1-1: USB disconnect, device number 25 [ 624.377886][T19904] loop1: detected capacity change from 0 to 32768 [ 624.444674][T19904] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 624.493522][T19956] loop2: detected capacity change from 0 to 4096 [ 624.542150][ T30] audit: type=1326 audit(1753722805.711:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.6.5436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 624.569656][ T30] audit: type=1326 audit(1753722805.711:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.6.5436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 624.598755][T19904] XFS (loop1): Ending clean mount [ 624.665992][ T30] audit: type=1326 audit(1753722805.771:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.6.5436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 624.803958][ T30] audit: type=1326 audit(1753722805.771:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.6.5436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 624.942890][ T30] audit: type=1326 audit(1753722805.771:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19970 comm="syz.6.5436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6c898e9a9 code=0x7ffc0000 [ 625.041198][T19982] QAT: Invalid ioctl 21531 [ 625.151322][ T5844] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 625.239802][T19989] program syz.5.5442 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 625.242308][T19984] geneve3: entered promiscuous mode [ 625.314130][T19984] geneve3: entered allmulticast mode [ 625.658394][T20007] tmpfs: Group quota inode hardlimit too large. [ 625.930695][T20012] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5448'. [ 626.353407][ T30] audit: type=1326 audit(1753722807.521:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20033 comm="syz.2.5454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 626.392892][ T30] audit: type=1326 audit(1753722807.521:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20033 comm="syz.2.5454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 626.488490][ T30] audit: type=1326 audit(1753722807.521:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20033 comm="syz.2.5454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 626.623333][ T30] audit: type=1326 audit(1753722807.521:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20033 comm="syz.2.5454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 626.780850][T20048] loop6: detected capacity change from 0 to 256 [ 626.816287][T20048] exfat: Deprecated parameter 'namecase' [ 626.883755][T20048] exfat: Deprecated parameter 'utf8' [ 626.973584][T20048] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf4419509, utbl_chksum : 0xe619d30d) [ 627.429705][T20080] netlink: 'syz.1.5469': attribute type 10 has an invalid length. [ 627.498668][T20080] 8021q: adding VLAN 0 to HW filter on device team0 [ 627.511112][T20080] bond0: (slave team0): Enslaving as an active interface with an up link [ 627.590726][T20083] loop6: detected capacity change from 0 to 256 [ 627.785319][T20093] tmpfs: Bad value for 'mpol' [ 628.265377][T20116] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5481'. [ 628.573371][T20133] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5487'. [ 628.701340][ T5947] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 628.890678][T20147] netlink: 696 bytes leftover after parsing attributes in process `syz.2.5490'. [ 628.914547][ T5947] usb 7-1: Using ep0 maxpacket: 8 [ 628.933363][ T5947] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 62432, setting to 1024 [ 628.975073][ T5947] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 629.020765][ T5947] usb 7-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 629.029879][ T5947] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 629.088650][ T5947] usb 7-1: config 0 descriptor?? [ 629.101663][T20122] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 629.112367][ T5947] hso 7-1:0.0: Can't find BULK OUT endpoint [ 629.242849][ T30] audit: type=1326 audit(1753722810.411:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.5496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 629.319387][T20162] loop3: detected capacity change from 0 to 1764 [ 629.372605][ T10] usb 7-1: USB disconnect, device number 24 [ 629.866596][T20227] loop5: detected capacity change from 0 to 512 [ 630.012266][T20227] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 630.073281][T20227] System zones: 1-12 [ 630.088248][T20227] EXT4-fs error (device loop5): dx_probe:791: inode #2: comm syz.5.5504: Directory hole found for htree index block 0 [ 630.159911][T20227] EXT4-fs (loop5): Remounting filesystem read-only [ 630.168732][T20227] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -117 [ 630.180588][T20227] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 630.241288][T20227] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 630.514595][T20248] bridge0: port 1(bridge_slave_0) entered disabled state [ 630.544117][T20248] bridge0: port 2(bridge_slave_1) entered disabled state [ 630.588278][ T5857] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 630.670161][T20251] loop3: detected capacity change from 0 to 4096 [ 630.728117][T20251] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 630.753463][T20258] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2 [ 630.801618][T20258] netdevsim netdevsim0: Falling back to sysfs fallback for: ./file0 [ 630.850747][T20251] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 630.871007][T20251] ntfs3(loop3): ino=19, mi_enum_attr [ 630.930259][T20251] ntfs3(loop3): failed to convert "c46c" to cp1251 [ 630.957602][T20251] ntfs3(loop3): ino=20, mi_enum_attr [ 630.988896][T20272] netlink: 830 bytes leftover after parsing attributes in process `syz.6.5516'. [ 631.573334][T20294] loop5: detected capacity change from 0 to 2048 [ 631.615693][T20294] udf: Unknown parameter 'shortan$uid˝forget' [ 631.681441][T20294] cifs: Unknown parameter 'anchor' [ 632.238648][T20323] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5532'. [ 632.484355][T20339] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5537'. [ 632.530584][T20339] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5537'. [ 632.590645][ T55] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 632.794652][ T55] usb 6-1: Using ep0 maxpacket: 8 [ 632.836888][ T55] usb 6-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 632.857514][ T55] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 632.887847][ T55] usb 6-1: Product: syz [ 632.926272][ T55] usb 6-1: Manufacturer: syz [ 632.941702][ T55] usb 6-1: SerialNumber: syz [ 632.982296][ T55] usb 6-1: config 0 descriptor?? [ 633.013349][ T55] gspca_main: sq905-2.14.0 probing 2770:9120 [ 633.449900][ T55] gspca_sq905: sq905_command: usb_control_msg failed 2 (-71) [ 633.478486][ T55] sq905 6-1:0.0: probe with driver sq905 failed with error -71 [ 633.535666][T20390] netlink: 240 bytes leftover after parsing attributes in process `syz.1.5551'. [ 633.553868][ T55] usb 6-1: USB disconnect, device number 20 [ 633.877147][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 633.887192][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 634.191983][T20419] netlink: 'syz.2.5560': attribute type 12 has an invalid length. [ 634.283562][T20426] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5563'. [ 634.460106][T20433] netlink: 72 bytes leftover after parsing attributes in process `syz.5.5564'. [ 634.623074][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 634.623100][ T30] audit: type=1326 audit(1753722815.791:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20440 comm="syz.3.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 634.783967][ T30] audit: type=1326 audit(1753722815.831:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20440 comm="syz.3.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 634.806362][ C0] vkms_vblank_simulate: vblank timer overrun [ 634.910792][ T30] audit: type=1326 audit(1753722815.841:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20440 comm="syz.3.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 634.949751][T20453] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5572'. [ 634.992041][ T30] audit: type=1326 audit(1753722815.841:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20440 comm="syz.3.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 635.090591][ T30] audit: type=1326 audit(1753722815.841:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20440 comm="syz.3.5567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 635.413683][T20472] netlink: 256 bytes leftover after parsing attributes in process `syz.1.5579'. [ 635.682136][ T5947] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 635.872045][ T5947] usb 4-1: Using ep0 maxpacket: 32 [ 635.894625][ T5947] usb 4-1: config 0 has an invalid interface number: 196 but max is 0 [ 635.931697][ T5947] usb 4-1: config 0 has no interface number 0 [ 635.959353][ T5947] usb 4-1: config 0 interface 196 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 636.021456][ T5947] usb 4-1: config 0 interface 196 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 636.071768][ T5947] usb 4-1: config 0 interface 196 has no altsetting 0 [ 636.092922][ T5947] usb 4-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 636.141509][ T5947] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 636.149564][ T5947] usb 4-1: Product: syz [ 636.200179][ T5947] usb 4-1: Manufacturer: syz [ 636.215779][ T5947] usb 4-1: SerialNumber: syz [ 636.251872][ T5947] usb 4-1: config 0 descriptor?? [ 636.300867][ T5948] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 636.469420][ T5947] ipheth 4-1:0.196: Unable to find endpoints [ 636.480683][ T5948] usb 6-1: Using ep0 maxpacket: 16 [ 636.504331][ T5948] usb 6-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 636.536942][ T5948] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 636.558537][ T5947] usb 4-1: USB disconnect, device number 23 [ 636.640867][ T5948] usb 6-1: config 0 descriptor?? [ 636.684162][ T5948] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 637.077539][ T5948] gspca_sonixj: reg_r err -71 [ 637.096242][ T5948] sonixj 6-1:0.0: probe with driver sonixj failed with error -71 [ 637.155453][ T5948] usb 6-1: USB disconnect, device number 21 [ 637.434811][T20578] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 637.690509][ T30] audit: type=1326 audit(1753722818.841:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20582 comm="syz.3.5609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 637.805237][ T30] audit: type=1326 audit(1753722818.841:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20582 comm="syz.3.5609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 637.843031][T20590] loop1: detected capacity change from 0 to 1024 [ 637.916163][T20590] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 637.925875][ T30] audit: type=1326 audit(1753722818.881:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20582 comm="syz.3.5609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 638.027917][ T30] audit: type=1326 audit(1753722818.881:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20582 comm="syz.3.5609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5b0d8e9a9 code=0x7ffc0000 [ 638.084008][T20590] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 638.239079][T20597] loop5: detected capacity change from 0 to 4096 [ 638.244148][T20590] EXT4-fs warning (device loop1): empty_inline_dir:1773: bad inline directory (dir #12) - no `..' [ 638.472187][T20610] loop6: detected capacity change from 0 to 4096 [ 638.557544][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 638.674595][T14892] usb 4-1: new full-speed USB device number 24 using dummy_hcd [ 638.689474][T20597] ntfs3(loop5): ino=1e, "file1" attr_set_size [ 638.738701][T20597] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 638.904900][T14892] usb 4-1: unable to get BOS descriptor or descriptor too short [ 638.928418][T14892] usb 4-1: no configurations [ 638.943966][T14892] usb 4-1: can't read configurations, error -22 [ 639.622377][T20659] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 639.740228][T20659] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 639.788161][T20671] netlink: 'syz.1.5635': attribute type 13 has an invalid length. [ 639.803900][T20671] netlink: 152 bytes leftover after parsing attributes in process `syz.1.5635'. [ 639.833219][T20671] syz_tun: refused to change device tx_queue_len [ 639.871045][T20671] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 642.183889][T20782] netlink: 'syz.3.5672': attribute type 12 has an invalid length. [ 642.232306][T20783] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 10802, id = 0 [ 642.368925][T20790] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 642.816184][T20806] loop1: detected capacity change from 0 to 512 [ 643.016933][T20806] EXT4-fs error (device loop1): ext4_orphan_get:1419: comm syz.1.5681: bad orphan inode 4 [ 643.107983][T20806] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 643.164376][T20806] ext4 filesystem being mounted at /961/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 643.185195][T20822] netlink: 'syz.0.5684': attribute type 49 has an invalid length. [ 643.278644][T20759] loop6: detected capacity change from 0 to 32768 [ 643.422830][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 643.485817][T20759] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode. [ 643.534706][T20837] loop2: detected capacity change from 0 to 4096 [ 643.892465][ T6330] ocfs2: Unmounting device (7,6) on (node local) [ 644.244254][T20866] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 645.940698][ T24] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 646.130631][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 646.155760][ T24] usb 3-1: unable to get BOS descriptor or descriptor too short [ 646.175979][ T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E [ 646.220005][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 646.263583][T20949] loop5: detected capacity change from 0 to 4096 [ 646.290638][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 646.300362][ T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1 [ 646.358924][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 646.400981][ T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 50 [ 646.446827][T20949] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 646.457340][ T24] usb 3-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 646.470292][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 646.500116][ T24] usb 3-1: Product: syz [ 646.510115][ T24] usb 3-1: Manufacturer: syz [ 646.521679][ T24] usb 3-1: SerialNumber: syz [ 646.582960][ T24] usb 3-1: config 0 descriptor?? [ 646.590236][T20926] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 646.616406][T20926] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 646.703808][ T24] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 646.785339][ T5857] ntfs3(loop5): ino=9, ntfs_sync_fs failed, -22. [ 646.958821][ T24] usb 3-1: USB disconnect, device number 24 [ 647.425829][T21017] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5737'. [ 647.591595][T21022] PM: Enabling pm_trace changes system date and time during resume. [ 647.591595][T21022] PM: Correct system time has to be restored manually after resume. [ 648.739124][T21071] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5756'. [ 649.012194][T21078] veth5: entered promiscuous mode [ 649.136319][T21100] loop5: detected capacity change from 0 to 8 [ 649.245665][T21099] erspan1: entered promiscuous mode [ 649.303223][T21099] erspan1: entered allmulticast mode [ 649.540803][T21043] loop3: detected capacity change from 0 to 32768 [ 649.663369][T21043] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode. [ 649.846176][T21125] ieee802154 phy0 wpan0: encryption failed: -90 [ 650.043384][ T5860] ocfs2: Unmounting device (7,3) on (node local) [ 650.193682][T21138] loop2: detected capacity change from 0 to 64 [ 650.736584][T21163] netlink: 72 bytes leftover after parsing attributes in process `syz.3.5779'. [ 650.770893][T21163] netlink: 72 bytes leftover after parsing attributes in process `syz.3.5779'. [ 651.914587][T21202] veth5: entered promiscuous mode [ 652.560545][ T24] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 652.691368][T21256] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5806'. [ 652.760525][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 652.768379][ T24] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 652.797372][ T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 652.851098][ T24] usb 4-1: config 0 has no interface number 0 [ 652.901425][ T24] usb 4-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28 [ 652.904763][T21264] loop5: detected capacity change from 0 to 8 [ 652.941355][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 652.969888][ T24] usb 4-1: Product: syz [ 652.996673][ T24] usb 4-1: Manufacturer: syz [ 653.010542][ T24] usb 4-1: SerialNumber: syz [ 653.104437][ T24] usb 4-1: config 0 descriptor?? [ 653.187169][T21277] netlink: 'syz.0.5812': attribute type 1 has an invalid length. [ 653.218488][T21277] netlink: 228 bytes leftover after parsing attributes in process `syz.0.5812'. [ 653.363379][ T24] usb 4-1: Found UVC 0.00 device syz (046c:14e8) [ 653.388528][ T24] usb 4-1: No valid video chain found. [ 653.398025][T21284] netlink: 228 bytes leftover after parsing attributes in process `syz.1.5815'. [ 653.643012][ T10] usb 4-1: USB disconnect, device number 26 [ 653.884686][ T30] audit: type=1326 audit(1753722835.051:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21311 comm="syz.2.5822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 653.968320][ T30] audit: type=1326 audit(1753722835.051:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21311 comm="syz.2.5822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 654.051434][ T30] audit: type=1326 audit(1753722835.101:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21311 comm="syz.2.5822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 654.099769][T21318] loop1: detected capacity change from 0 to 1024 [ 654.106642][ T30] audit: type=1326 audit(1753722835.101:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21311 comm="syz.2.5822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 654.149278][ T30] audit: type=1326 audit(1753722835.101:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21311 comm="syz.2.5822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41dd78e9a9 code=0x7ffc0000 [ 654.275489][T21318] [ 654.277871][T21318] ====================================================== [ 654.284998][T21318] WARNING: possible circular locking dependency detected [ 654.292032][T21318] 6.16.0-syzkaller #0 Not tainted [ 654.297071][T21318] ------------------------------------------------------ [ 654.304102][T21318] syz.1.5823/21318 is trying to acquire lock: [ 654.310181][T21318] ffff888079cd48f8 (&sbi->alloc_mutex){+.+.}-{4:4}, at: hfsplus_block_allocate+0xe5/0xa40 [ 654.320292][T21318] [ 654.320292][T21318] but task is already holding lock: [ 654.327674][T21318] ffff888058b1a2c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1ca/0x10f0 [ 654.338797][T21318] [ 654.338797][T21318] which lock already depends on the new lock. [ 654.338797][T21318] [ 654.349211][T21318] [ 654.349211][T21318] the existing dependency chain (in reverse order) is: [ 654.358270][T21318] [ 654.358270][T21318] -> #1 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}: [ 654.367391][T21318] __mutex_lock+0x199/0xb90 [ 654.372630][T21318] hfsplus_get_block+0x272/0x9d0 [ 654.378147][T21318] block_read_full_folio+0x457/0x850 [ 654.384165][T21318] filemap_read_folio+0xc8/0x2a0 [ 654.389830][T21318] do_read_cache_folio+0x263/0x5c0 [ 654.395517][T21318] read_cache_page+0x5b/0x160 [ 654.400771][T21318] hfsplus_block_allocate+0x144/0xa40 [ 654.406715][T21318] hfsplus_file_extend+0x459/0x10f0 [ 654.412463][T21318] hfsplus_get_block+0x1a9/0x9d0 [ 654.417958][T21318] __block_write_begin_int+0x4f4/0x16d0 [ 654.424194][T21318] block_write_begin+0x9a/0x1d0 [ 654.429608][T21318] cont_write_begin+0x61b/0x950 [ 654.435024][T21318] hfsplus_write_begin+0x64/0x120 [ 654.440628][T21318] page_symlink+0x3fc/0x4c0 [ 654.445795][T21318] hfsplus_symlink+0xd3/0x2b0 [ 654.451028][T21318] vfs_symlink+0x403/0x680 [ 654.455998][T21318] do_symlinkat+0x261/0x310 [ 654.461066][T21318] __x64_sys_symlink+0x75/0x90 [ 654.466395][T21318] do_syscall_64+0xcd/0x4c0 [ 654.471448][T21318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.477894][T21318] [ 654.477894][T21318] -> #0 (&sbi->alloc_mutex){+.+.}-{4:4}: [ 654.485777][T21318] __lock_acquire+0x126f/0x1c90 [ 654.491207][T21318] lock_acquire+0x179/0x350 [ 654.496255][T21318] __mutex_lock+0x199/0xb90 [ 654.501317][T21318] hfsplus_block_allocate+0xe5/0xa40 [ 654.507177][T21318] hfsplus_file_extend+0x459/0x10f0 [ 654.512931][T21318] hfsplus_bmap_reserve+0x31f/0x420 [ 654.518692][T21318] hfsplus_delete_attr+0x1ac/0x300 [ 654.524374][T21318] __hfsplus_setxattr+0x88a/0x2210 [ 654.530053][T21318] hfsplus_setxattr+0x10c/0x180 [ 654.535479][T21318] __vfs_removexattr+0x155/0x1c0 [ 654.541121][T21318] __vfs_removexattr_locked+0x166/0x480 [ 654.547236][T21318] vfs_removexattr+0xd1/0x270 [ 654.552471][T21318] path_removexattrat+0x38e/0x5e0 [ 654.558053][T21318] __x64_sys_removexattr+0x5b/0x80 [ 654.563733][T21318] do_syscall_64+0xcd/0x4c0 [ 654.568788][T21318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.575233][T21318] [ 654.575233][T21318] other info that might help us debug this: [ 654.575233][T21318] [ 654.585485][T21318] Possible unsafe locking scenario: [ 654.585485][T21318] [ 654.592951][T21318] CPU0 CPU1 [ 654.598328][T21318] ---- ---- [ 654.603709][T21318] lock(&HFSPLUS_I(inode)->extents_lock); [ 654.609543][T21318] lock(&sbi->alloc_mutex); [ 654.616689][T21318] lock(&HFSPLUS_I(inode)->extents_lock); [ 654.625053][T21318] lock(&sbi->alloc_mutex); [ 654.629670][T21318] [ 654.629670][T21318] *** DEADLOCK *** [ 654.629670][T21318] [ 654.637823][T21318] 5 locks held by syz.1.5823/21318: [ 654.643035][T21318] #0: ffff88807b99a428 (sb_writers#30){.+.+}-{0:0}, at: path_removexattrat+0x20d/0x5e0 [ 654.652880][T21318] #1: ffff88807775bfb8 (&type->i_mutex_dir_key#21){++++}-{4:4}, at: vfs_removexattr+0xbd/0x270 [ 654.663418][T21318] #2: ffff8880538d60b0 (&tree->tree_lock#2){+.+.}-{4:4}, at: hfsplus_find_init+0x17b/0x1f0 [ 654.673611][T21318] #3: ffff8880538d20b0 (&tree->tree_lock#2/2){+.+.}-{4:4}, at: hfsplus_find_init+0x17b/0x1f0 [ 654.683988][T21318] #4: ffff888058b1a2c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1ca/0x10f0 [ 654.695547][T21318] [ 654.695547][T21318] stack backtrace: [ 654.701460][T21318] CPU: 1 UID: 0 PID: 21318 Comm: syz.1.5823 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 654.701500][T21318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 654.701521][T21318] Call Trace: [ 654.701535][T21318] [ 654.701549][T21318] dump_stack_lvl+0x116/0x1f0 [ 654.701594][T21318] print_circular_bug+0x275/0x350 [ 654.701649][T21318] check_noncircular+0x14c/0x170 [ 654.701706][T21318] __lock_acquire+0x126f/0x1c90 [ 654.701763][T21318] ? add_lock_to_list+0x9d/0x130 [ 654.701810][T21318] lock_acquire+0x179/0x350 [ 654.701839][T21318] ? hfsplus_block_allocate+0xe5/0xa40 [ 654.701889][T21318] ? __pfx___might_resched+0x10/0x10 [ 654.702039][T21318] __mutex_lock+0x199/0xb90 [ 654.702073][T21318] ? hfsplus_block_allocate+0xe5/0xa40 [ 654.702121][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.702163][T21318] ? hfsplus_block_allocate+0xe5/0xa40 [ 654.702209][T21318] ? __pfx___might_resched+0x10/0x10 [ 654.702253][T21318] ? __pfx___mutex_lock+0x10/0x10 [ 654.702287][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.702325][T21318] ? trace_contention_end+0xdd/0x130 [ 654.702357][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.702395][T21318] ? __mutex_lock+0x1ca/0xb90 [ 654.702431][T21318] ? hfsplus_file_extend+0x1ca/0x10f0 [ 654.702463][T21318] ? __lock_acquire+0xb8a/0x1c90 [ 654.702515][T21318] ? __pfx___mutex_lock+0x10/0x10 [ 654.702552][T21318] ? hfsplus_block_allocate+0xe5/0xa40 [ 654.702605][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.702644][T21318] hfsplus_block_allocate+0xe5/0xa40 [ 654.702692][T21318] ? __mutex_trylock_common+0xe9/0x250 [ 654.702723][T21318] ? __pfx___mutex_trylock_common+0x10/0x10 [ 654.702760][T21318] hfsplus_file_extend+0x459/0x10f0 [ 654.702798][T21318] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 654.702839][T21318] ? rcu_is_watching+0x12/0xc0 [ 654.702937][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.702976][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.703018][T21318] hfsplus_bmap_reserve+0x31f/0x420 [ 654.703063][T21318] hfsplus_delete_attr+0x1ac/0x300 [ 654.703113][T21318] ? __pfx_hfsplus_delete_attr+0x10/0x10 [ 654.703162][T21318] ? rcu_is_watching+0x12/0xc0 [ 654.703214][T21318] __hfsplus_setxattr+0x88a/0x2210 [ 654.703266][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.703306][T21318] ? bpf_ksym_find+0x124/0x1c0 [ 654.703386][T21318] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 654.703485][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.703524][T21318] ? is_bpf_text_address+0x94/0x1a0 [ 654.703557][T21318] ? __pfx___hfsplus_setxattr+0x10/0x10 [ 654.703613][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.703653][T21318] ? __kernel_text_address+0xd/0x40 [ 654.703711][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.703761][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.703800][T21318] ? stack_trace_save+0x8e/0xc0 [ 654.703884][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.703927][T21318] hfsplus_setxattr+0x10c/0x180 [ 654.703979][T21318] ? __pfx_hfsplus_security_setxattr+0x10/0x10 [ 654.704033][T21318] __vfs_removexattr+0x155/0x1c0 [ 654.704078][T21318] ? __pfx___vfs_removexattr+0x10/0x10 [ 654.704122][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.704161][T21318] ? evm_inode_removexattr+0x4a/0x60 [ 654.704244][T21318] __vfs_removexattr_locked+0x166/0x480 [ 654.704291][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.704334][T21318] vfs_removexattr+0xd1/0x270 [ 654.704380][T21318] ? __pfx_vfs_removexattr+0x10/0x10 [ 654.704424][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.704463][T21318] ? mnt_get_write_access+0x20c/0x300 [ 654.704500][T21318] path_removexattrat+0x38e/0x5e0 [ 654.704547][T21318] ? __pfx_path_removexattrat+0x10/0x10 [ 654.704595][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.704654][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.704692][T21318] ? xfd_validate_state+0x61/0x180 [ 654.704780][T21318] ? srso_alias_return_thunk+0x5/0xfbef5 [ 654.704823][T21318] __x64_sys_removexattr+0x5b/0x80 [ 654.704877][T21318] do_syscall_64+0xcd/0x4c0 [ 654.704914][T21318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.704948][T21318] RIP: 0033:0x7fcf7e98e9a9 [ 654.704978][T21318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 654.705010][T21318] RSP: 002b:00007fcf7f713038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5 [ 654.705041][T21318] RAX: ffffffffffffffda RBX: 00007fcf7ebb5fa0 RCX: 00007fcf7e98e9a9 [ 654.705064][T21318] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000200000000040 [ 654.705085][T21318] RBP: 00007fcf7ea10d69 R08: 0000000000000000 R09: 0000000000000000 [ 654.705105][T21318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 654.705125][T21318] R13: 0000000000000000 R14: 00007fcf7ebb5fa0 R15: 00007ffdc44db3e8 [ 654.705156][T21318] [ 654.705236][ C1] vkms_vblank_simulate: vblank timer overrun [ 655.177757][ C1] vkms_vblank_simulate: vblank timer overrun [ 655.259262][T21330] loop5: detected capacity change from 0 to 64