last executing test programs: 2m35.448570324s ago: executing program 0 (id=76): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000240)='./bus\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c646174615f666c7573682c66617374626f6f742c6a71666d743d76667376312c6e6f696e6c696e655f64656e7472792c7573726a71756f74613d66326673002c00ff371013587045d0d273e856ce75c2b11120ece6d6a76856a2cdd8c835ef14aa3aea583b7f3affd12ff9abc9b21098874a75607f009920ad1a283ce7b8b528e239692ab156e30dd8365f708e6c98cfcd0b30d5304dd70f87da026e2d4e4df1ad07ba72683f43d76541d455d1fa118f0900000009fe28bfded255e7c5806f05b80ec0e186b4f72759eb096a1fe6793e734fe61555f01ff9f23bc11370aa247215e8f1410ea4728bb2a2c2d20bc5e61b0a4c7ddb25da21c75f35f711581d1f5b8db3be07c80000000000000000"], 0x1, 0x54f4, &(0x7f0000005600)="$eJzs3M1rI2UYAPBn2u1+uxbx4G0HFqGFTdj0Y9Fb1V38wC7Fj4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJmZ6tYvhKaNtb8fTJ6ZN2+eed5QCs9MmADOrfn0px+SuBFXImI2Iq5H5PtJueXWivBMRNyMiJnHtqQc/23gYkRcjYgb4+RFzqR865Pbo1ur37/245dfX7pw7dMvvpneqoFpezYietvF/l6viFm7iA/L8fqok8feyqiMxRu9R+VxVsS91maeYa9+OK+ex+V2MT/b3h2MY5LUG+PY7mzl49v94oSDUfswT/6Bh/Wd/LjZ2sxjZ5DlsX1Q1LV/UPxvOxgMizzNMt/7efoYDg9jMd7abxXr2X6Ux0Z/WI4XebNma38cR2UsTxeNrNvM69g8zjf93/Z6p7+7n45aO4NO1k9Xq7XnqrW7ldpO1mwNWyuVeq95dyVdaHfH0yrDVr231s6ydrdVbWS9xXSh3WhUarV04V5rs1Pvp7Vadbl6p7K6WO7dTl9+8HbabaYL4/hip7877HQH6Va2kxafWEyXqsvPL6a3aumb6xvpxhv3769vvPXuvXcevLD+6kvlpD+VlS4s3VlaqtTuVJZqi+do/R+WRU9w/XAsybQLADh79P/ANEyj/9/qTq7/D/3/RJyp/ve89/8nsH44Fv0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC59e3cZ6/kO/PF8bVy/ImIm+Ohp8rjJCJmIuKXvzAbF4/knC3zzP3N/Lk/1PBVEnmG8TkuldvViFgrt5+fPOlvAQAAAP6/Pv/g5sdFt168zE+7IE5TcdFm5vp7E8qXRMTc/HcTyjYzfnl6Qsnyv+8LsT+hbPkFrMsTSlZccrswqWz/yuyRcPmxkBRh5lTLAQAATsXRTuB0uxAAAABO00fTLoDpSOLwVubhveD8l/e/3xC8cuQIAAAAOIOSaRcAAAAAnLi8//+H5/+F5/8BAADA2Vc8/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiVnfvJSR2K4gB8Wuh7vD9GYpy7FWewDJfg0KFhAW6CJeAW3ABrwJlLMGBoS7QGE5PetpF8X9JebkN+nBIm515SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJzsZo/3l89tM3Z7tpJczcAAADAMZtiNS9fTKv5v/r6WX3pop5nEZFHxLHefRS/GpmjOqf44v3FpxqeIsqE/Wf8ro+/EXFdH6/nXX8LAAAAcLrWi+Ws6tar03ToguhTtWiT/79JlJdFRDF9SZSW70+XicLK3/c47hKllQtYk0Rh1ZLbOFXat4waw+TDkFVD3ms5AABAL5qdQL9dCAAAAH26HboAhpHFYSvzsBdc/vP+fUPwT2MGAAAA/EDZ0AUAAAAAnSv7f8//AwAAgNNWPf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALm2K1Xy9WM7a5mx37aS5GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgjf15R4EQCIMw2Lu+M5n7H1YaNDU1qQLh428MBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7nNY4qDgD4d2Z2trYqxig5RETBg17sdlNbe/WgBA/+CUJItzW69Ueagy1FyMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnmmkacLV0Zpt8PvD2fWcY5n3fJIR8570EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2eW8vzoqPhWmcVudu3b+2XvS39/WFGzt3lotWxEmbST8dXm0eJEvdJQIAAMDRkdX1fUTczXdXiz5dKOv/vL6mqPl/eH4a1/X8/rq/7uvav2i//3bv5QcDLUzHKW56YWM8OvVoKr0nN8v59sK/XtErn3z57iUrvyDph9svTfLyeSbf3bz5fr8Mj7WRLQDwf5ys+yqofx8q+mGXiQFwZPQahXdd/2cL3eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IbJdjxbx0lELPf24sLt+9fWD+pv7NxZrtvZ69d3mvcsbpFHxIWN8ehUi3OZd5evXP1sbTwebbYfvBYR3Y1eBR/PcE1ElxkKHjdIq+/1ecnn6Qg6/sEEAMChk1etqOvv5rurxblkMeLvHx+u/99sxDFj/X/vk7O3mmM16/9hazOcf4OtS18OLl+5+vbGpbWLo4ujz99ZGb47PH3uzJlzg/JdycAbEwAAAB5PP4no76v/08VH1/9PNOKYsf7/6vvhN82xMvX/gfYW/brOBAAA4Gh78fW//kwOOJ/0+/H12tbW5nD6WR3H5kp5vNJBqv/Zsao16/9sseusAAAAgDZMtpOH1v/PN+KYcf3/uZ9e+aV5zywijlfr/yfXvxifb286c62NPyfueo4AAAB063jVmuv/ebn/P32w5SGNiLfemMbVvwGcqf7PPvj25+ZYzf3/p9ub4lxKl6bPo+yXInpLXWcEAADAYfZM1Ypi/498d/XTX0981Lf/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBt/wQAAP//K8ZAQg==") socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) bind$unix(r0, &(0x7f00000002c0)=@file={0x1, './file0\x00'}, 0x6e) 2m34.076669976s ago: executing program 0 (id=87): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) listen(r0, 0x9) connect$netrom(r0, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xa}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) 2m33.21795109s ago: executing program 0 (id=94): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x14) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x30) 2m32.888628755s ago: executing program 0 (id=96): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x42fb384493bcfca9) 2m32.480665942s ago: executing program 0 (id=98): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) 2m32.321215794s ago: executing program 0 (id=100): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x20, r1, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x4, 0x2, 0x8}]}]}, 0x20}}, 0x0) 2m17.244854705s ago: executing program 32 (id=100): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x20, r1, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x4, 0x2, 0x8}]}]}, 0x20}}, 0x0) 1.144220862s ago: executing program 1 (id=1429): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001400)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x53}]}, &(0x7f0000000980)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x25}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.105578042s ago: executing program 2 (id=1431): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x4d4, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x3c, 0x0, 0x0, @in={0x2, 0x0, @private=0xa010101}}]}, 0x50}}, 0x7fad2b3262a63e68) 1.032190054s ago: executing program 3 (id=1432): write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x9, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x8, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0x5, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x7, 0x1, 0x407, 0x5, 0x3e, 0x8, 0x4006, 0x6, 0x0, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e2, 0x1, 0xf9, 0xe, 0x10, 0x6c7, 0x9, 0xfffffffc, 0x80000003, 0x203, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xa1, 0x4, 0x7, 0x7fff, 0x5a7c, 0x7ff, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x101, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x250, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x2, 0x5, 0x8, 0x401, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x6, 0x40, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x7, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0xfffffff9, 0xc8, 0x9, 0xfffff000, 0x7, 0x3, 0x7e, 0x100, 0x9602, 0x1, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x7, 0x8, 0x30b1d693, 0xa21, 0x1000f40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0xffff, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x40fff]}, 0x45c) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 975.261925ms ago: executing program 1 (id=1433): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@call={0x85, 0x0, 0x0, 0xd0}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 946.898565ms ago: executing program 4 (id=1434): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r0) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x30, r1, 0x60b, 0x70bd2d, 0x0, {}, [@IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x30}}, 0x0) 903.613886ms ago: executing program 2 (id=1435): r0 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000080)=0x2) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000040)={0x9, 0x100, 0x0, {0x400e802, 0x1, 0x7, 0xfff}}) 836.308357ms ago: executing program 3 (id=1436): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x2) ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, 0x0) 795.336347ms ago: executing program 1 (id=1437): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0xd0f, 0x1, 0x80800, {0x60, 0x0, 0x0, r1, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_INTERVAL={0x8, 0x3, 0x9a}, @TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0x8001}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840) 768.882918ms ago: executing program 3 (id=1438): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401) ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000040)={0x2, 0x3, 0xe6d, 0x8, 0x0, 0x80000001, 0x0}) 768.613178ms ago: executing program 4 (id=1439): r0 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc) connect$qrtr(r0, &(0x7f0000000e40)={0x2a, 0x0, 0x1}, 0xc) 708.302999ms ago: executing program 2 (id=1440): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000180)={0x7, 0x8, 0xfa00, {r1, 0xffffffef}}, 0x10) 624.73269ms ago: executing program 2 (id=1441): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, 0xfffffffffffffffe, 0x29) 583.738201ms ago: executing program 1 (id=1442): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x8, 0x13, 0x0, {0x0, 0x0, 0x0, 0x0, {0x4, 0xd}, {0xe, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0x1000}, @TCA_FQ_PIE_MEMORY_LIMIT={0x8, 0x8, 0x3}]}}]}, 0x44}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840) 532.225282ms ago: executing program 4 (id=1443): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) 525.436982ms ago: executing program 3 (id=1444): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x21041, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe) ioctl$TCFLSH(r0, 0x540b, 0xfffffffffffeffff) 461.340423ms ago: executing program 2 (id=1445): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x6, 0xb}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r1}, 0xc) 308.147045ms ago: executing program 3 (id=1446): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380100001"], 0x44}}, 0x0) 307.866665ms ago: executing program 4 (id=1447): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0) 258.918566ms ago: executing program 2 (id=1448): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000680)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100cc9a, &(0x7f0000000080)=ANY=[@ANYRES32=0x0], 0x1, 0x2af, &(0x7f0000000240)="$eJzs3UFr1E4Yx/HfJNvt/v8tNbYVQTxVBU+lrRcRRJF9B148idrdQnGpoBXUi9Vz8eCxd9+CL8KTeBa8efIFFDxEZpI0yW6S3XbZxq3fD3TJJvMk83SyyTwLSwTgn3Wv/ePTjZ/2z0i+fKkpyZPUkhqSLuhi6+XO7vZur9up2pHvIuyfURRpBtps7nSLQm2ci4gF9l1D85l1zeIgjKv1/dghPv/8s8eEYRgWrPek2exon5WR36u7AzUzhzrUbN29AADUzc3+o4m/L/nz8fzd86Rr8W3fbk/v/9N7A/0dRuruR63c/f+VFpLKKzR2fM+5TWm950o4u91LqsTKnXrFq5vxNj/XgWFVpeuL99/Wdq+7uvms1/H0XndimWbL7rWTP3i2t+8Gd71SUJtWGCn3I28zJ9acy2HG5rBR0v+l8Y/ozJRu6RsV88V8NQ9NoAN13PhbjdDYYXIjFfSNVNT/NeWL9AyXZRC1KsnyvIu+lC/kK7P01deNrGa8z0Y2+SDtZ0XUYl8WUXbrQ6KWCqM2hkQt90elZ3N55KSZD+aBWdEvfVb7aPztWeJHl/rhn0zbxrWMz4zKfBquZeDuJ/Gnbu9yYcuSqwcmYl9PdFMLL16/efq41+s+Z2G0heQ6+7f050QLyUlw6kf33cJHSXXkvr96e8um7dYonuJO9KAazNTXiOGNcY6e3HdO3vkarkk4demgHzOweCqI6eO5r/9d/ZepV9bcZM2+BBXz9KFFdGaP6yW1waJ7/b+8gssx7quHufIKbtSa68p16WrJEdsHA7sN4n5OtbtKvsIxbX3To8z8HwAAAAAAAAAAAAAAAAAAAFNhvJ83hGH684aWyhrXnSMAAAAAAAAAAAAAAAAAAAAAANNu8Pm/ulXr83/vK3qXf/4vgAn4EwAA////Xngs") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x69000}], 0x1) 241.854777ms ago: executing program 1 (id=1449): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_OIF={0x8, 0x1c}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044810}, 0x0) 140.243988ms ago: executing program 4 (id=1450): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x208800) cachestat(r0, 0x0, 0x0, 0x0) 140.001228ms ago: executing program 3 (id=1451): mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x902r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x80, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000001800090000000000000000001c140000fe000001"], 0x28}}, 0x0) 58.63378ms ago: executing program 1 (id=1452): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x102, 0x48001050, r0, 0x0) 0s ago: executing program 4 (id=1453): syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000200)='./file0\x00', 0x10, &(0x7f0000000480)=ANY=[], 0x5, 0xa5a, &(0x7f0000001b40)="$eJzs3U1sHFcBAOA3a6/z22ZTHGrS0CYU2vJTu3FM+ImAVM2FqKm4Vaq4RElaIpyASCVI1UOSEzdaVeHK76mX8qNK5IKinrhUopG49FQ4cCAKUiUO0JC48vq99e7zbmbt2J6s9/uk2bdv3tt9b3ZnZmdn5r0XgKFVaz7OzEwUIVy+8saRfz32zy0hXBlfzNFoPo62xeohhCLGR7P3+2BkIbz14asnuoVFmG4+pnh47kbrtdtCCBfC3nA1NMLuy9def3f62WMXj17a996bh66vzdIDAMBw+c7VQzO7/v7Xh3Z+9NbDh8Om1vx0fN6I8e3xuP9wPPBPx/+10Bkv2qZ2Y1m+0TjVsnwjXfK1l1PP8o32KH8se996j3ybSsofaZvXbblhkKX1uBGK2mRHvFabnFz4Tx6a/+vHismzp2dfPFdRRYFV959HQgh7Taahny42N4jq67Gu09yOqvdAAAvy64VLXMjPLNyd1ruN9lf+jadr3V8Pq2C913/lD1b5v71oj8Pq2ahrU1qutB1tj/G26whnQpf7l/Ltby5/42z7T++XX4+o91nPXtcRBuX6Qq96jqxzPVaqV/3z9WKj+kYM0+fwzSy9ffvJv9NB+Y6B7v7r/L/JNLTTkuPbO8jvlQE2tvy+ubkopef39eXpm0rSN5ekbylJ39qRa2n6tpLXwzD748s/C68Vi//z8//0yz0fns6z3RfD+5dZn/x85HLLH7tDbD3Kd4zEIPnT8edPffXkC9cW7v8vWuv/7bi+743xRtyarsYM6Xxhfl69de9/o7OcWo98D2T1ua9L/ubz8c58xfji+4S2/cySekx0vm5Hr3x7OvM1snxb4rQ5q29+fLI1e106/kj71fR5jWbLW8+WYyyrR9qv7IxhXg9YibQ+9rr/P62fE6FevHh69tRTMZ7W07+M1DfNz99fXtTvVrvuwN3pt/3PROhs/7O9Nb9ea98v7FicX7TvFxrZ/Oke8w/EePqd+97Ilub8yRM/mD252gsPQ+7c+Ve+f3x29tSPPPHEE09aT6reMwFrberlMz+cOnf+lSdPnzn+0qmXTp09cPDggenpg187MDPVPK6faj+6BzaSxR/9qmsCAAAAAAAAAAAA9OvHR49c+9s7X3l/of3/Yvu/1P4/3fmb2v//tFho615rmx+6jAOY2gHu7JLezJN1sDqW5avH6RNZfcezcnZlr/tkDFvj+MX2/6m4vF/XVJ8Hs/l5/70pX9adwJL+UsayXkfy8QI/E8NLMfx1gAoVW7rPjmFZ/9ZpXU/9UyyjX4ruBVOJ9L2lLyX1Y5Laf/fq1ynt/3euQx1ZfevRnLDqZQS6+/cQ9//dPHZZw/f/zf3VL+Pm3mmbqq6bqfppbs4oHsC9oerxP9N5zxSe/fO3N89PKduNpzv3l3n/pXA37vXxJ5W/scb/bI1/19f+7+bS0RMaKyv3f7+4/n5bsWF3v/vffPlTP9DjeQl3PhP90Xz5NxcX5fHQX/lzv8rKzy8I9elmXP70+W/ts/wly7+nrKTzb3eb+/9YfvrYnni03/IXalzUOuuRnzdO1//y88bJrWz5T650+Vc4UOPtWD4Ms0EZZ3a5+hj/t6ls/N8lVnn8317y+zC+HONpR5juc8hHOFlm/VuR9DuwK3v/ouT3zfi/g+3rMSzbHtL4v2l9bHSJ19ri9S6f7Ubd18Cg+uDevf63+ENVfV1M/X5f1dfDtIxpbm5ubU9olai0cCr//Kv+n1B1+VV//mXy8X/zY/h8/N88PR//N0/Px//N0/Px9fL0rVl6/nnm4//m6Q9m75uPDzyR/cHO0z9V8vrdJekPlaTvKUn/dEn6vpL0h0vSHylJf6Ak/dGS9M+WpH+uJP2xkvQnStI/X5K+0aX2KMO6/DDM8vZ5tn8YHql9ba/tf7wkHRhcP39r/zMv/OG7jYX2/2Ot8yHpOt7hGK/H/84/ifH8undoi8+nvRPj/8jS7/XzHTBM8v4z8t/3x0vSgcGV7vOyfcMQKrq3k+i336pex/kMli/E8Isx/FIMn4zhZAynYrg/htPrVD/WxjO/f/vQa8Xi//0dWXq/95Pn7YHyfqIO9Fmf/PzAcu/Hz/vxW667LX+FzcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqU2s+zsxMFCFcvvLGkeePnZ6an/OtVo5G83G0LVZvvS6Ep2I4EsNfxie3Pnz1RHt4O4ZFmA5FKFrzw3M3WiVtCyFcCHvD1dAIuy9fe/3d6WePXTx6ad97bx66vnafAAAAAGx8HwcAAP//V88c0Q==") link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0) kernel console output (not intermixed with test programs): syz.1.522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764378e929 code=0x7ffc0000 [ 134.072488][ T7437] RSP: 002b:00007fd56ffbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 134.072510][ T7437] RAX: ffffffffffffffda RBX: 00007fd56f3b5fa0 RCX: 00007fd56f18e929 [ 134.072523][ T7437] RDX: 0000000000000000 RSI: 0000000000000182 RDI: 00002000000000c0 [ 134.072534][ T7437] RBP: 00007fd56f210b39 R08: 0000000000000000 R09: 0000000000000000 [ 134.072544][ T7437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.134297][ T7437] R13: 0000000000000000 R14: 00007fd56f3b5fa0 R15: 00007ffda30d2f88 [ 134.142310][ T7437] [ 134.198948][ T7437] bread failed! [ 134.202586][ T7437] jfs_lookup: dtSearch returned -5 [ 134.231147][ T6357] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 134.328272][ T7468] loop1: detected capacity change from 0 to 1024 [ 134.335830][ T7468] hfsplus: unable to parse mount options [ 134.501450][ T7470] tipc: Enabling not permitted [ 134.530698][ T7470] tipc: Enabling of bearer rejected, failed to enable media [ 134.729123][ T7474] loop4: detected capacity change from 0 to 512 [ 134.758225][ T7474] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 134.777112][ T7476] loop3: detected capacity change from 0 to 1024 [ 134.799931][ T7474] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 134.838788][ T7474] EXT4-fs (loop4): 1 truncate cleaned up [ 134.855856][ T7474] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.886085][ T7481] mmap: syz.1.533 (7481) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 134.900328][ T27] audit: type=1800 audit(134.855:40): pid=7474 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.528" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 135.370190][ T6357] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.498834][ T7495] usb usb8: usbfs: process 7495 (syz.2.539) did not claim interface 0 before use [ 135.697574][ T7501] netlink: 44 bytes leftover after parsing attributes in process `syz.3.542'. [ 135.722962][ T7501] netlink: 8 bytes leftover after parsing attributes in process `syz.3.542'. [ 135.904535][ T7513] netlink: 24 bytes leftover after parsing attributes in process `syz.4.547'. [ 136.031465][ T7517] capability: warning: `syz.3.551' uses 32-bit capabilities (legacy support in use) [ 136.397751][ T7533] loop2: detected capacity change from 0 to 128 [ 136.416173][ T7533] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 136.452306][ T7533] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 136.662973][ T7540] loop4: detected capacity change from 0 to 2048 [ 136.730976][ T7540] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.873722][ T6357] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.707532][ T7582] vlan2: entered allmulticast mode [ 137.712700][ T7582] bond0: entered allmulticast mode [ 137.749119][ T7582] bond_slave_0: entered allmulticast mode [ 137.770679][ T7582] bond_slave_1: entered allmulticast mode [ 137.875236][ T5810] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 138.090469][ T5810] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 138.138994][ T5810] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 138.158372][ T5810] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.175670][ T5810] usb 3-1: config 0 descriptor?? [ 138.184133][ T5810] pwc: Askey VC010 type 2 USB webcam detected. [ 138.811357][ T5810] pwc: recv_control_msg error -71 req 02 val 2700 [ 138.832860][ T5810] pwc: recv_control_msg error -71 req 02 val 2c00 [ 138.877206][ T5810] pwc: recv_control_msg error -71 req 04 val 1000 [ 138.890063][ T5810] pwc: recv_control_msg error -71 req 04 val 1300 [ 138.906502][ T5810] pwc: recv_control_msg error -71 req 04 val 1400 [ 138.913510][ T5810] pwc: recv_control_msg error -71 req 02 val 2000 [ 138.929384][ T5810] pwc: recv_control_msg error -71 req 02 val 2100 [ 138.965352][ T5810] pwc: recv_control_msg error -71 req 04 val 1500 [ 139.014765][ T5810] pwc: recv_control_msg error -71 req 02 val 2500 [ 139.026535][ T5810] pwc: recv_control_msg error -71 req 02 val 2400 [ 139.064325][ T5810] pwc: recv_control_msg error -71 req 02 val 2600 [ 139.114983][ T5810] pwc: recv_control_msg error -71 req 02 val 2900 [ 139.126905][ T5810] pwc: recv_control_msg error -71 req 02 val 2800 [ 139.178130][ T5810] pwc: recv_control_msg error -71 req 04 val 1100 [ 139.206962][ T5810] pwc: recv_control_msg error -71 req 04 val 1200 [ 139.242867][ T5810] pwc: Registered as video103. [ 139.302688][ T5810] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input16 [ 139.384869][ T5810] usb 3-1: USB disconnect, device number 9 [ 140.329851][ T7628] loop1: detected capacity change from 0 to 32768 [ 140.364814][ T7628] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 scanned by syz.1.591 (7628) [ 140.442091][ T7628] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 140.491417][ T7628] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 140.500102][ T7652] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.600'. [ 140.542131][ T7628] BTRFS info (device loop1): using free space tree [ 140.685111][ T7628] BTRFS info (device loop1): enabling ssd optimizations [ 140.692608][ T7628] BTRFS info (device loop1): auto enabling async discard [ 140.902159][ T5765] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 140.915099][ T5808] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 141.125361][ T5808] usb 3-1: Using ep0 maxpacket: 16 [ 141.176021][ T7230] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 9 /dev/loop1 scanned by udevd (7230) [ 141.216872][ T5808] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.258252][ T5808] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 141.294899][ T5808] usb 3-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00 [ 141.325181][ T5808] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.364300][ T5808] usb 3-1: config 0 descriptor?? [ 141.577606][ T5797] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 141.655693][ T7696] netlink: 2384 bytes leftover after parsing attributes in process `syz.1.613'. [ 141.783221][ T5797] usb 5-1: Using ep0 maxpacket: 16 [ 141.790643][ T5797] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.823590][ T5797] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 141.843910][ T5797] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 141.852974][ T5808] logitech 0003:046D:C623.000B: unknown main item tag 0x6 [ 141.875166][ T5797] usb 5-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 141.880907][ T5808] logitech 0003:046D:C623.000B: collection stack underflow [ 141.892142][ T5797] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.905009][ T5808] logitech 0003:046D:C623.000B: item 0 4 0 12 parsing failed [ 141.915921][ T5808] logitech 0003:046D:C623.000B: parse failed [ 141.934041][ T5808] logitech: probe of 0003:046D:C623.000B failed with error -22 [ 141.938859][ T5797] usb 5-1: config 0 descriptor?? [ 142.004811][ T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 142.139352][ T28] usb 3-1: USB disconnect, device number 10 [ 142.162879][ T7704] netlink: 32 bytes leftover after parsing attributes in process `syz.1.617'. [ 142.206381][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 142.220305][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.246095][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 142.264829][ T9] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 142.290234][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.311898][ T9] usb 4-1: config 0 descriptor?? [ 142.400737][ T5797] ryos 0003:1E7D:31CE.000C: unbalanced delimiter at end of report description [ 142.436044][ T5797] ryos 0003:1E7D:31CE.000C: parse failed [ 142.464889][ T5797] ryos: probe of 0003:1E7D:31CE.000C failed with error -22 [ 142.650837][ T28] usb 5-1: USB disconnect, device number 3 [ 142.743805][ T9] appleir 0003:05AC:8241.000D: global environment stack underflow [ 142.763258][ T9] appleir 0003:05AC:8241.000D: item 0 0 1 11 parsing failed [ 142.772667][ T9] appleir 0003:05AC:8241.000D: parse failed [ 142.780716][ T9] appleir: probe of 0003:05AC:8241.000D failed with error -22 [ 142.890227][ T7716] loop1: detected capacity change from 0 to 256 [ 143.006442][ T9] usb 4-1: USB disconnect, device number 8 [ 143.142483][ T7718] loop2: detected capacity change from 0 to 8192 [ 143.230048][ T7718] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 143.261826][ T7718] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 143.271602][ T7718] REISERFS (device loop2): using ordered data mode [ 143.278216][ T7718] reiserfs: using flush barriers [ 143.295168][ T7718] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 143.337902][ T7718] REISERFS (device loop2): checking transaction log (loop2) [ 143.387295][ T7718] REISERFS (device loop2): Using r5 hash to sort names [ 143.420171][ T7718] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 143.546592][ T9] IPVS: starting estimator thread 0... [ 143.644877][ T7731] IPVS: using max 21 ests per chain, 50400 per kthread [ 143.774176][ T7736] netlink: 8 bytes leftover after parsing attributes in process `syz.4.632'. [ 143.854877][ T7739] netlink: 'syz.1.634': attribute type 4 has an invalid length. [ 143.862563][ T7739] netlink: 17 bytes leftover after parsing attributes in process `syz.1.634'. [ 144.114095][ T7748] bridge0: entered promiscuous mode [ 144.120572][ T7748] macvlan2: entered promiscuous mode [ 144.144140][ T7748] bridge0: port 3(macvlan2) entered blocking state [ 144.172504][ T7748] bridge0: port 3(macvlan2) entered disabled state [ 144.196465][ T7748] macvlan2: entered allmulticast mode [ 144.231534][ T7748] bridge0: entered allmulticast mode [ 144.251311][ T7748] macvlan2: left allmulticast mode [ 144.263923][ T7748] bridge0: left allmulticast mode [ 144.285946][ T7748] bridge0: left promiscuous mode [ 144.381795][ T7759] loop3: detected capacity change from 0 to 512 [ 144.415437][ T7759] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.642: bg 0: block 393: padding at end of block bitmap is not set [ 144.473481][ T7759] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6642: Corrupt filesystem [ 144.487010][ T7759] EXT4-fs (loop3): 2 truncates cleaned up [ 144.504800][ T7759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.720252][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.844979][ T9] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 144.914063][ T27] audit: type=1326 audit(144.865:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7776 comm="syz.1.650" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f764378e929 code=0x0 [ 145.027297][ T7784] loop4: detected capacity change from 0 to 256 [ 145.046886][ T9] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 145.056236][ T7784] FAT-fs (loop4): Directory bread(block 64) failed [ 145.065396][ T7784] FAT-fs (loop4): Directory bread(block 65) failed [ 145.074348][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.083207][ T7784] FAT-fs (loop4): Directory bread(block 66) failed [ 145.095189][ T7784] FAT-fs (loop4): Directory bread(block 67) failed [ 145.100939][ T9] usb 3-1: config 0 descriptor?? [ 145.114389][ T7784] FAT-fs (loop4): Directory bread(block 68) failed [ 145.117910][ T9] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 145.134562][ T7784] FAT-fs (loop4): Directory bread(block 69) failed [ 145.160580][ T7784] FAT-fs (loop4): Directory bread(block 70) failed [ 145.180093][ T7784] FAT-fs (loop4): Directory bread(block 71) failed [ 145.202136][ T7784] FAT-fs (loop4): Directory bread(block 72) failed [ 145.213734][ T7784] FAT-fs (loop4): Directory bread(block 73) failed [ 145.341578][ T9] gp8psk: usb in 128 operation failed. [ 145.491046][ T7782] loop3: detected capacity change from 0 to 32768 [ 145.521397][ T7782] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 145.557208][ T9] gp8psk: usb in 146 operation failed. [ 145.573503][ T9] gp8psk: failed to get FW version [ 145.581284][ T9] gp8psk: usb in 149 operation failed. [ 145.587263][ T9] gp8psk: failed to get FPGA version [ 145.593743][ T9] gp8psk: usb in 138 operation failed. [ 145.599509][ T9] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 145.610638][ T9] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 145.624574][ T7786] loop4: detected capacity change from 0 to 4096 [ 145.640452][ T9] usb 3-1: USB disconnect, device number 11 [ 145.654804][ T7782] XFS (loop3): Ending clean mount [ 145.671757][ T7782] XFS (loop3): Quotacheck needed: Please wait. [ 145.757871][ T7786] ntfs3: loop4: Failed to initialize $Extend/$ObjId. [ 145.786154][ T7782] XFS (loop3): Quotacheck: Done. [ 146.019343][ T5770] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 146.765403][ T7825] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 146.772392][ T7825] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 146.781162][ T7825] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 146.787658][ T7825] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 146.813210][ T7825] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 146.819718][ T7825] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 146.829126][ T7825] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 146.835629][ T7825] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 146.843169][ T7825] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 146.849648][ T7825] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 146.986293][ T7831] loop2: detected capacity change from 0 to 1764 [ 147.110789][ T7833] loop2: detected capacity change from 0 to 512 [ 147.118091][ T7833] EXT4-fs: Ignoring removed i_version option [ 147.141250][ T7833] EXT4-fs (loop2): orphan cleanup on readonly fs [ 147.148573][ T7833] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.671: bg 0: block 131: padding at end of block bitmap is not set [ 147.166358][ T7833] EXT4-fs (loop2): Remounting filesystem read-only [ 147.177861][ T7833] EXT4-fs (loop2): 1 truncate cleaned up [ 147.186555][ T7833] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 147.235961][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.505382][ T7836] loop1: detected capacity change from 0 to 32768 [ 147.542381][ T7836] ialloc: diAlloc returned -5! [ 148.005503][ T5767] Bluetooth: hci4: link tx timeout [ 148.011418][ T5767] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 148.023136][ T5772] Bluetooth: hci4: link tx timeout [ 148.028693][ T5772] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 148.104795][ T5810] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 148.232286][ T7860] program syz.2.683 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 148.336227][ T5810] usb 2-1: Using ep0 maxpacket: 16 [ 148.348065][ T5810] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 148.373883][ T5810] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 148.410723][ T5810] usb 2-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00 [ 148.415429][ T7845] loop3: detected capacity change from 0 to 32768 [ 148.438493][ T7845] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.677 (7845) [ 148.441044][ T5810] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.479300][ T7866] loop4: detected capacity change from 0 to 64 [ 148.479463][ T7845] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 148.508321][ T5810] usb 2-1: config 0 descriptor?? [ 148.518684][ T7845] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 148.564332][ T7845] BTRFS info (device loop3): enabling auto defrag [ 148.592931][ T7868] netlink: 'syz.2.687': attribute type 8 has an invalid length. [ 148.594875][ T7845] BTRFS info (device loop3): doing ref verification [ 148.624903][ T7845] BTRFS info (device loop3): use no compression [ 148.631214][ T7845] BTRFS info (device loop3): force clearing of disk cache [ 148.656365][ T7845] BTRFS info (device loop3): setting nodatacow, compression disabled [ 148.667161][ T7845] BTRFS info (device loop3): disabling free space tree [ 148.764921][ T5772] Bluetooth: hci4: command tx timeout [ 148.861689][ T7845] BTRFS info (device loop3): enabling ssd optimizations [ 148.872162][ T7884] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode [ 148.886008][ T7845] BTRFS info (device loop3): auto enabling async discard [ 148.907327][ T7845] BTRFS info (device loop3): rebuilding free space tree [ 148.928083][ T7884] mac80211_hwsim hwsim8 wlan0: left promiscuous mode [ 148.944075][ T5810] apple 0003:05AC:024B.000E: unknown main item tag 0x6 [ 148.952385][ T5810] apple 0003:05AC:024B.000E: ignoring exceeding usage max [ 148.960545][ T5810] apple 0003:05AC:024B.000E: invalid report_size 18680 [ 148.968187][ T5810] apple 0003:05AC:024B.000E: item 0 2 1 7 parsing failed [ 148.976118][ T5810] apple 0003:05AC:024B.000E: parse failed [ 148.982087][ T5810] apple: probe of 0003:05AC:024B.000E failed with error -22 [ 149.002258][ T7845] BTRFS info (device loop3): disabling free space tree [ 149.024188][ T7845] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 149.034704][ T7845] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 149.039396][ T7887] tipc: Invalid UDP bearer configuration [ 149.045807][ T7887] tipc: Enabling of bearer rejected, failed to enable media [ 149.283432][ T5797] usb 2-1: USB disconnect, device number 9 [ 149.360314][ T5770] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 149.992470][ T7907] loop1: detected capacity change from 0 to 512 [ 150.054482][ T7907] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.296077][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.437504][ T7920] loop2: detected capacity change from 0 to 64 [ 150.457517][ T7920] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing [ 150.835052][ T5767] Bluetooth: hci4: command 0x0406 tx timeout [ 151.581220][ T7953] loop3: detected capacity change from 0 to 4096 [ 151.649968][ T7953] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 151.702464][ T7953] ntfs3: loop3: Failed to load $Extend (-22). [ 151.740201][ T7953] ntfs3: loop3: Failed to initialize $Extend. [ 151.795082][ T7961] vivid-000: ================= START STATUS ================= [ 151.802775][ T7961] vivid-000: Generate PTS: true [ 151.838611][ T7961] vivid-000: Generate SCR: true [ 151.843542][ T7961] tpg source WxH: 640x360 (Y'CbCr) [ 151.868840][ T7961] tpg field: 1 [ 151.872270][ T7961] tpg crop: 640x360@0x0 [ 151.880633][ T7961] tpg compose: 640x360@0x0 [ 151.894284][ T7961] tpg colorspace: 8 [ 151.898555][ T7961] tpg transfer function: 0/0 [ 151.903299][ T7961] tpg Y'CbCr encoding: 0/0 [ 151.913088][ T7961] tpg quantization: 0/0 [ 151.917746][ T7961] tpg RGB range: 0/2 [ 151.921875][ T7961] vivid-000: ================== END STATUS ================== [ 152.608588][ T7964] loop2: detected capacity change from 0 to 32768 [ 152.665274][ T7964] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 152.880536][ T5776] ocfs2: Unmounting device (7,2) on (node local) [ 154.182829][ T8021] loop2: detected capacity change from 0 to 40427 [ 154.189388][ T6558] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 154.197279][ T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 154.197637][ T8021] F2FS-fs (loop2): Wrong NAT boundary, start(2560) end(3584) blocks(83968) [ 154.220565][ T8021] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 154.231275][ T8021] F2FS-fs (loop2): Fix alignment : done, start(4096) end(16896) block(12288) [ 154.243475][ T8021] F2FS-fs (loop2): invalid crc value [ 154.252462][ T8021] F2FS-fs (loop2): Found nat_bits in checkpoint [ 154.300391][ T8021] F2FS-fs (loop2): Start checkpoint disabled! [ 154.311364][ T8021] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 154.318778][ T8021] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 154.400158][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 154.417877][ T6558] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 154.431798][ T9] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 154.441184][ T6558] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 154.454602][ T9] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 154.462829][ T9] usb 2-1: Product: syz [ 154.469379][ T6558] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.477715][ T9] usb 2-1: Manufacturer: syz [ 154.482324][ T9] usb 2-1: SerialNumber: syz [ 154.489399][ T6558] usb 5-1: config 0 descriptor?? [ 154.498041][ T6558] pwc: Askey VC010 type 2 USB webcam detected. [ 154.506558][ T9] usb 2-1: config 0 descriptor?? [ 154.509299][ T42] kworker/u4:2: attempt to access beyond end of device [ 154.509299][ T42] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 154.532328][ T42] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 154.541558][ T42] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 154.554324][ T42] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 154.785074][ T9] usb 2-1: USB disconnect, device number 10 [ 155.075906][ T5767] Bluetooth: hci4: command 0x0406 tx timeout [ 155.107314][ T6558] pwc: recv_control_msg error -71 req 02 val 2700 [ 155.114084][ T6558] pwc: recv_control_msg error -71 req 02 val 2c00 [ 155.121995][ T6558] pwc: recv_control_msg error -71 req 04 val 1000 [ 155.129434][ T6558] pwc: recv_control_msg error -71 req 04 val 1300 [ 155.136469][ T6558] pwc: recv_control_msg error -71 req 04 val 1400 [ 155.143278][ T6558] pwc: recv_control_msg error -71 req 02 val 2000 [ 155.150110][ T6558] pwc: recv_control_msg error -71 req 02 val 2100 [ 155.161427][ T6558] pwc: recv_control_msg error -71 req 04 val 1500 [ 155.168342][ T6558] pwc: recv_control_msg error -71 req 02 val 2500 [ 155.175386][ T6558] pwc: recv_control_msg error -71 req 02 val 2400 [ 155.182120][ T6558] pwc: recv_control_msg error -71 req 02 val 2600 [ 155.188987][ T6558] pwc: recv_control_msg error -71 req 02 val 2900 [ 155.195891][ T6558] pwc: recv_control_msg error -71 req 02 val 2800 [ 155.202696][ T6558] pwc: recv_control_msg error -71 req 04 val 1100 [ 155.209565][ T6558] pwc: recv_control_msg error -71 req 04 val 1200 [ 155.217006][ T6558] pwc: Registered as video103. [ 155.223585][ T6558] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input18 [ 155.257808][ T6558] usb 5-1: USB disconnect, device number 4 [ 155.674892][ T28] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 155.787684][ T8033] loop1: detected capacity change from 0 to 32768 [ 155.850920][ T8033] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 155.884811][ T28] usb 4-1: Using ep0 maxpacket: 8 [ 155.894542][ T28] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 155.929216][ T28] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 155.987975][ T28] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 156.010471][ T8033] XFS (loop1): Ending clean mount [ 156.022204][ T28] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 156.046231][ T8033] XFS (loop1): Quotacheck needed: Please wait. [ 156.052409][ T8037] loop2: detected capacity change from 0 to 40427 [ 156.056496][ T28] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 156.079664][ T8037] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x7ffff [ 156.088997][ T28] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 156.107666][ T8037] F2FS-fs (loop2): invalid crc value [ 156.113074][ T8033] XFS (loop1): Quotacheck: Done. [ 156.113666][ T28] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.131998][ T8037] F2FS-fs (loop2): Found nat_bits in checkpoint [ 156.290633][ T8037] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 156.370743][ T28] usb 4-1: GET_CAPABILITIES returned 0 [ 156.386383][ T5765] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 156.397128][ T28] usbtmc 4-1:16.0: can't read capabilities [ 156.397211][ T5776] syz-executor: attempt to access beyond end of device [ 156.397211][ T5776] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 156.420271][ T5776] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 156.637748][ T8] usb 4-1: USB disconnect, device number 9 [ 156.963256][ T8059] loop4: detected capacity change from 0 to 64 [ 157.349359][ T8053] loop1: detected capacity change from 0 to 32768 [ 157.453500][ T8064] loop3: detected capacity change from 0 to 4096 [ 157.457327][ T8053] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 157.778815][ T5765] ocfs2: Unmounting device (7,1) on (node local) [ 158.031316][ T8081] loop4: detected capacity change from 0 to 512 [ 158.069911][ T8081] EXT4-fs: Ignoring removed bh option [ 158.091945][ T8083] loop1: detected capacity change from 0 to 1024 [ 158.115830][ T8081] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 158.162635][ T8081] EXT4-fs (loop4): 1 truncate cleaned up [ 158.171441][ T8081] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.304983][ T8081] overlayfs: upper fs needs to support d_type. [ 158.498438][ T6357] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0) [ 158.527733][ T6357] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1) [ 158.547145][ T6357] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2) [ 158.574473][ T6357] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.861323][ T8097] loop2: detected capacity change from 0 to 512 [ 158.861725][ T8087] loop3: detected capacity change from 0 to 32768 [ 158.882204][ T8097] EXT4-fs: Ignoring removed bh option [ 158.915497][ T8097] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 158.965523][ T8097] EXT4-fs (loop2): 1 truncate cleaned up [ 159.006807][ T8097] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.158212][ T8097] overlayfs: upper fs needs to support d_type. [ 159.282612][ T5776] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0) [ 159.335131][ T5776] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1) [ 159.370892][ T5776] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2) [ 159.396009][ T8099] loop4: detected capacity change from 0 to 32768 [ 159.410480][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.502591][ T8099] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 159.664356][ T8108] loop3: detected capacity change from 0 to 512 [ 159.687688][ T6357] ocfs2: Unmounting device (7,4) on (node local) [ 159.705861][ T8108] EXT4-fs: Ignoring removed bh option [ 159.713587][ T8108] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 159.779548][ T8108] EXT4-fs (loop3): 1 truncate cleaned up [ 159.781866][ T8108] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.887626][ T8108] overlayfs: upper fs needs to support d_type. [ 160.027616][ T5770] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0) [ 160.057543][ T5770] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1) [ 160.122175][ T5770] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2) [ 160.149139][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.375675][ T8123] loop2: detected capacity change from 0 to 4096 [ 160.413313][ T8129] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 160.548528][ T8123] NILFS (loop2): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 160.571683][ T8123] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=12) [ 160.602442][ T8123] Remounting filesystem read-only [ 160.610413][ T8123] NILFS (loop2): error -5 truncating bmap (ino=12) [ 160.720882][ T5776] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 160.750785][ T5776] NILFS (loop2): discard dirty page: offset=0, ino=18 [ 160.778613][ T5776] NILFS (loop2): discard dirty block: blocknr=0, size=4096 [ 160.795072][ T5776] NILFS (loop2): discard dirty page: offset=0, ino=2 [ 160.806097][ T5776] NILFS (loop2): discard dirty block: blocknr=14, size=4096 [ 160.817740][ T5776] NILFS (loop2): discard dirty page: offset=0, ino=6 [ 160.824564][ T5776] NILFS (loop2): discard dirty block: blocknr=23, size=4096 [ 160.841960][ T5776] NILFS (loop2): discard dirty page: offset=4096, ino=6 [ 160.851304][ T5776] NILFS (loop2): discard dirty block: blocknr=24, size=4096 [ 160.864214][ T5776] NILFS (loop2): discard dirty page: offset=8192, ino=6 [ 160.885659][ T5776] NILFS (loop2): discard dirty block: blocknr=25, size=4096 [ 160.905267][ T5776] NILFS (loop2): discard dirty page: offset=0, ino=3 [ 160.913310][ T5776] NILFS (loop2): discard dirty block: blocknr=28, size=4096 [ 160.924138][ T5776] NILFS (loop2): discard dirty page: offset=4096, ino=3 [ 160.933272][ T5776] NILFS (loop2): discard dirty block: blocknr=29, size=4096 [ 160.944057][ T5776] NILFS (loop2): discard dirty page: offset=270336, ino=3 [ 160.973846][ T5776] NILFS (loop2): discard dirty block: blocknr=0, size=4096 [ 161.130569][ T8138] loop2: detected capacity change from 0 to 512 [ 161.209739][ T8138] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.372447][ T8143] loop3: detected capacity change from 0 to 512 [ 161.390925][ T8143] EXT4-fs: Ignoring removed bh option [ 161.400428][ T8143] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 161.423181][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.450574][ T8143] EXT4-fs (loop3): 1 truncate cleaned up [ 161.461826][ T8143] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.592570][ T8143] overlayfs: upper fs needs to support d_type. [ 161.701309][ T8136] loop4: detected capacity change from 0 to 32768 [ 161.750726][ T5770] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0) [ 161.789818][ T8136] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 161.803859][ T8146] loop2: detected capacity change from 0 to 4096 [ 161.823162][ T8146] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 161.845258][ T5770] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1) [ 161.868201][ T5770] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2) [ 161.891840][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.983406][ T8146] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 162.122744][ T6357] ocfs2: Unmounting device (7,4) on (node local) [ 162.567235][ T27] audit: type=1326 audit(162.515:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.2.794" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd56f18e929 code=0x0 [ 162.675135][ T8162] loop3: detected capacity change from 0 to 4096 [ 162.713579][ T8164] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 162.780034][ T8162] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 162.790495][ T8162] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=12) [ 162.813327][ T8162] Remounting filesystem read-only [ 162.821413][ T8162] NILFS (loop3): error -5 truncating bmap (ino=12) [ 162.895874][ T5770] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 162.909029][ T5770] NILFS (loop3): discard dirty page: offset=0, ino=18 [ 162.936412][ T5770] NILFS (loop3): discard dirty block: blocknr=0, size=4096 [ 162.951804][ T5770] NILFS (loop3): discard dirty page: offset=0, ino=2 [ 162.969270][ T5770] NILFS (loop3): discard dirty block: blocknr=14, size=4096 [ 162.989781][ T5770] NILFS (loop3): discard dirty page: offset=0, ino=6 [ 163.009727][ T5770] NILFS (loop3): discard dirty block: blocknr=23, size=4096 [ 163.034762][ T5770] NILFS (loop3): discard dirty page: offset=4096, ino=6 [ 163.044693][ T5770] NILFS (loop3): discard dirty block: blocknr=24, size=4096 [ 163.059722][ T5770] NILFS (loop3): discard dirty page: offset=8192, ino=6 [ 163.076800][ T5770] NILFS (loop3): discard dirty block: blocknr=25, size=4096 [ 163.092392][ T5770] NILFS (loop3): discard dirty page: offset=0, ino=3 [ 163.102244][ T5770] NILFS (loop3): discard dirty block: blocknr=28, size=4096 [ 163.110715][ T5770] NILFS (loop3): discard dirty page: offset=4096, ino=3 [ 163.135888][ T5770] NILFS (loop3): discard dirty block: blocknr=29, size=4096 [ 163.160094][ T5770] NILFS (loop3): discard dirty page: offset=270336, ino=3 [ 163.167443][ T5770] NILFS (loop3): discard dirty block: blocknr=0, size=4096 [ 163.513466][ T8174] net_ratelimit: 66 callbacks suppressed [ 163.513484][ T8174] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 163.525666][ T8174] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 163.563617][ T8174] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 163.570137][ T8174] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 163.596947][ T8174] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 163.603443][ T8174] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 163.622866][ T8174] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 163.629359][ T8174] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 163.680997][ T8174] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 163.687502][ T8174] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 163.750191][ T8168] loop4: detected capacity change from 0 to 32768 [ 163.845304][ T8168] ialloc: diAlloc returned -5! [ 164.077080][ T8178] loop3: detected capacity change from 0 to 4096 [ 164.165091][ T5810] IPVS: starting estimator thread 0... [ 164.173412][ T8178] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 164.274027][ T8185] IPVS: using max 20 ests per chain, 48000 per kthread [ 164.524131][ T8193] loop4: detected capacity change from 0 to 256 [ 164.585811][ T8196] loop2: detected capacity change from 0 to 256 [ 164.714279][ T8196] FAT-fs (loop2): Directory bread(block 64) failed [ 164.735861][ T8196] FAT-fs (loop2): Directory bread(block 65) failed [ 164.745266][ T8196] FAT-fs (loop2): Directory bread(block 66) failed [ 164.765603][ T8196] FAT-fs (loop2): Directory bread(block 67) failed [ 164.805635][ T8196] FAT-fs (loop2): Directory bread(block 68) failed [ 164.812215][ T8196] FAT-fs (loop2): Directory bread(block 69) failed [ 164.851716][ T8196] FAT-fs (loop2): Directory bread(block 70) failed [ 164.870925][ T8196] FAT-fs (loop2): Directory bread(block 71) failed [ 164.889140][ T8196] FAT-fs (loop2): Directory bread(block 72) failed [ 164.895773][ T8196] FAT-fs (loop2): Directory bread(block 73) failed [ 164.974496][ T8200] loop1: detected capacity change from 0 to 4096 [ 165.015202][ T8200] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 165.119795][ T8200] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 165.263138][ T9] IPVS: starting estimator thread 0... [ 165.365161][ T8210] IPVS: using max 20 ests per chain, 48000 per kthread [ 165.517778][ T8215] loop1: detected capacity change from 0 to 4096 [ 165.522746][ T8222] loop2: detected capacity change from 0 to 128 [ 165.605963][ T8222] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 165.634124][ T8215] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 165.756716][ T5776] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 166.141204][ T8238] loop1: detected capacity change from 0 to 256 [ 166.192364][ T8238] FAT-fs (loop1): Directory bread(block 64) failed [ 166.204407][ T8238] FAT-fs (loop1): Directory bread(block 65) failed [ 166.221791][ T8238] FAT-fs (loop1): Directory bread(block 66) failed [ 166.244756][ T8238] FAT-fs (loop1): Directory bread(block 67) failed [ 166.279061][ T8238] FAT-fs (loop1): Directory bread(block 68) failed [ 166.286060][ T8245] netlink: 'syz.4.823': attribute type 4 has an invalid length. [ 166.314190][ T8238] FAT-fs (loop1): Directory bread(block 69) failed [ 166.328196][ T8245] netlink: 17 bytes leftover after parsing attributes in process `syz.4.823'. [ 166.348618][ T8238] FAT-fs (loop1): Directory bread(block 70) failed [ 166.369100][ T8238] FAT-fs (loop1): Directory bread(block 71) failed [ 166.404528][ T8238] FAT-fs (loop1): Directory bread(block 72) failed [ 166.417515][ T8238] FAT-fs (loop1): Directory bread(block 73) failed [ 166.632903][ T8254] netlink: 'syz.2.834': attribute type 4 has an invalid length. [ 166.655021][ T8254] netlink: 17 bytes leftover after parsing attributes in process `syz.2.834'. [ 166.913773][ T8261] loop2: detected capacity change from 0 to 4096 [ 166.951079][ T8261] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 167.557215][ T8267] loop4: detected capacity change from 0 to 40427 [ 167.584472][ T8267] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 167.605777][ T8267] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 167.634382][ T8267] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x7ffff [ 167.655945][ T8267] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x6 [ 167.697679][ T8267] F2FS-fs (loop4): invalid crc value [ 167.735399][ T8267] F2FS-fs (loop4): Found nat_bits in checkpoint [ 167.870008][ T8267] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 167.881687][ T8267] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 167.940999][ T6357] syz-executor: attempt to access beyond end of device [ 167.940999][ T6357] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 167.978011][ T6357] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 168.024931][ T8292] netlink: 'syz.3.839': attribute type 4 has an invalid length. [ 168.056543][ T8292] netlink: 17 bytes leftover after parsing attributes in process `syz.3.839'. [ 168.370906][ T8300] loop2: detected capacity change from 0 to 2048 [ 168.475328][ T8300] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.571942][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.622773][ T8309] loop4: detected capacity change from 0 to 256 [ 168.665237][ T8307] loop1: detected capacity change from 0 to 2048 [ 168.693675][ T8309] FAT-fs (loop4): Directory bread(block 64) failed [ 168.724907][ T8309] FAT-fs (loop4): Directory bread(block 65) failed [ 168.737687][ T8309] FAT-fs (loop4): Directory bread(block 66) failed [ 168.744346][ T8309] FAT-fs (loop4): Directory bread(block 67) failed [ 168.756241][ T8309] FAT-fs (loop4): Directory bread(block 68) failed [ 168.763002][ T8309] FAT-fs (loop4): Directory bread(block 69) failed [ 168.770660][ T8309] FAT-fs (loop4): Directory bread(block 70) failed [ 168.778471][ T8309] FAT-fs (loop4): Directory bread(block 71) failed [ 168.785512][ T8309] FAT-fs (loop4): Directory bread(block 72) failed [ 168.787810][ T8307] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.792140][ T8309] FAT-fs (loop4): Directory bread(block 73) failed [ 168.930585][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.732463][ T8335] netlink: 44 bytes leftover after parsing attributes in process `syz.2.859'. [ 169.765078][ T8335] netlink: 8 bytes leftover after parsing attributes in process `syz.2.859'. [ 169.949363][ T8315] loop1: detected capacity change from 0 to 40427 [ 169.950420][ T8342] loop3: detected capacity change from 0 to 128 [ 169.972680][ T8315] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 169.995049][ T8315] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 170.014863][ T8315] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x7ffff [ 170.033994][ T8315] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x6 [ 170.053984][ T8315] F2FS-fs (loop1): invalid crc value [ 170.062439][ T5760] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 170.093457][ T8342] smb3: Unexpected value for 'acl' [ 170.110543][ T8315] F2FS-fs (loop1): Found nat_bits in checkpoint [ 170.339601][ T8315] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 170.346870][ T8315] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 170.451144][ T5765] syz-executor: attempt to access beyond end of device [ 170.451144][ T5765] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 170.486175][ T5765] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 170.545520][ T8340] loop2: detected capacity change from 0 to 32768 [ 170.564500][ T8340] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 9 [ 170.719342][ T8356] netlink: 36 bytes leftover after parsing attributes in process `syz.3.875'. [ 170.812049][ T7230] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 9 [ 171.019635][ T8362] sp0: Synchronizing with TNC [ 171.318624][ T8354] loop4: detected capacity change from 0 to 32768 [ 171.336232][ T8354] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9 [ 171.442945][ T8370] netlink: 44 bytes leftover after parsing attributes in process `syz.1.871'. [ 171.458797][ T8370] netlink: 8 bytes leftover after parsing attributes in process `syz.1.871'. [ 171.603137][ T7230] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9 [ 171.739562][ T8380] netlink: 36 bytes leftover after parsing attributes in process `syz.4.879'. [ 172.027295][ T27] audit: type=1326 audit(171.985:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.3.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1618e929 code=0x7ffc0000 [ 172.077284][ T27] audit: type=1326 audit(171.985:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.3.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1618e929 code=0x7ffc0000 [ 172.175940][ T27] audit: type=1326 audit(172.015:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.3.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f2f1618e929 code=0x7ffc0000 [ 172.223482][ T27] audit: type=1326 audit(172.015:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.3.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1618e929 code=0x7ffc0000 [ 172.249299][ T27] audit: type=1326 audit(172.015:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.3.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1618e929 code=0x7ffc0000 [ 172.300669][ T8400] loop3: detected capacity change from 0 to 164 [ 172.346978][ T8402] sp0: Synchronizing with TNC [ 172.354416][ T27] audit: type=1326 audit(172.015:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.3.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f2f1618e929 code=0x7ffc0000 [ 172.423044][ T27] audit: type=1326 audit(172.031:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.3.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1618e929 code=0x7ffc0000 [ 172.445947][ T27] audit: type=1326 audit(172.031:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8391 comm="syz.3.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1618e929 code=0x7ffc0000 [ 172.793398][ T8416] netlink: 8 bytes leftover after parsing attributes in process `syz.1.906'. [ 172.864945][ T8416] netlink: 8 bytes leftover after parsing attributes in process `syz.1.906'. [ 172.993827][ T8426] loop2: detected capacity change from 0 to 164 [ 173.028566][ T8428] loop1: detected capacity change from 0 to 16 [ 173.102258][ T8428] erofs: (device loop1): mounted with root inode @ nid 36. [ 173.148660][ T8428] syz.1.902: attempt to access beyond end of device [ 173.148660][ T8428] loop1: rw=0, sector=3489784, nr_sectors = 8 limit=16 [ 174.007128][ T8455] loop4: detected capacity change from 0 to 8192 [ 174.059157][ T8455] loop4: p3 p4 < > [ 174.063745][ T8455] loop4: p3 start 18548 is beyond EOD, truncated [ 174.328555][ T7230] udevd[7230]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 174.339397][ T8470] (null): rxe_set_mtu: Set mtu to 1024 [ 174.457082][ T8453] loop1: detected capacity change from 0 to 32768 [ 174.501961][ T8453] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 174.605123][ T8470] infiniband syz0: set active [ 174.610152][ T8470] infiniband syz0: added bond_slave_1 [ 174.630006][ T8453] XFS (loop1): Ending clean mount [ 174.673896][ T8470] RDS/IB: syz0: added [ 174.687025][ T8470] smc: adding ib device syz0 with port count 1 [ 174.703564][ T8470] smc: ib device syz0 port 1 has pnetid [ 174.880816][ T5765] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 175.114769][ T6558] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 175.312741][ T6558] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 175.327634][ T6558] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.348481][ T6558] usb 4-1: config 0 descriptor?? [ 175.369358][ T6558] cp210x 4-1:0.0: cp210x converter detected [ 175.583113][ T8498] loop2: detected capacity change from 0 to 8192 [ 175.666852][ T8498] loop2: p3 p4 < > [ 175.670999][ T8498] loop2: p3 start 18548 is beyond EOD, truncated [ 175.809050][ T6558] usb 4-1: cp210x converter now attached to ttyUSB0 [ 175.961622][ T7230] udevd[7230]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 176.030887][ T5810] usb 4-1: USB disconnect, device number 10 [ 176.041980][ T5810] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 176.067813][ T5810] cp210x 4-1:0.0: device disconnected [ 176.459435][ T8518] netlink: 'syz.1.942': attribute type 4 has an invalid length. [ 176.477237][ T8518] netlink: 199824 bytes leftover after parsing attributes in process `syz.1.942'. [ 176.513293][ T8520] loop4: detected capacity change from 0 to 1024 [ 176.611603][ T42] hfsplus: b-tree write err: -5, ino 4 [ 177.349699][ T8543] netlink: 12 bytes leftover after parsing attributes in process `syz.2.953'. [ 177.436199][ T8547] netlink: 156 bytes leftover after parsing attributes in process `syz.1.955'. [ 177.475679][ T8547] netlink: 16 bytes leftover after parsing attributes in process `syz.1.955'. [ 177.502429][ T8549] loop2: detected capacity change from 0 to 1024 [ 177.522824][ T8549] EXT4-fs: Ignoring removed orlov option [ 177.540991][ T8549] EXT4-fs: Ignoring removed nomblk_io_submit option [ 177.564242][ T8551] netlink: 830 bytes leftover after parsing attributes in process `syz.3.959'. [ 177.590266][ T8551] bond_slave_0: entered promiscuous mode [ 177.596756][ T8551] bond_slave_1: entered promiscuous mode [ 177.626555][ T8549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 177.700170][ T8556] loop1: detected capacity change from 0 to 1764 [ 177.712719][ T8536] loop4: detected capacity change from 0 to 32768 [ 177.746671][ T8536] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.958 (8536) [ 177.769956][ T8536] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 177.791460][ T5760] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 177.797817][ T8536] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 177.816120][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.820252][ T8536] BTRFS info (device loop4): enabling auto defrag [ 177.831919][ T8536] BTRFS info (device loop4): use no compression [ 177.838521][ T8536] BTRFS info (device loop4): force clearing of disk cache [ 177.846000][ T8536] BTRFS info (device loop4): turning on async discard [ 177.852855][ T8536] BTRFS info (device loop4): max_inline at 5 [ 177.860209][ T8536] BTRFS info (device loop4): force zlib compression, level 3 [ 177.868232][ T8536] BTRFS info (device loop4): using free space tree [ 178.050403][ T8536] BTRFS info (device loop4): enabling ssd optimizations [ 178.076762][ T8536] BTRFS info (device loop4): rebuilding free space tree [ 178.308199][ T6357] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 178.366104][ T8587] netlink: 'syz.2.967': attribute type 4 has an invalid length. [ 178.381576][ T8587] netlink: 199824 bytes leftover after parsing attributes in process `syz.2.967'. [ 178.924768][ T9] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 179.126678][ T9] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 179.136279][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.151851][ T9] usb 5-1: config 0 descriptor?? [ 179.170717][ T9] cp210x 5-1:0.0: cp210x converter detected [ 179.228248][ T8602] loop3: detected capacity change from 0 to 32768 [ 179.257753][ T8602] JBD2: Ignoring recovery information on journal [ 179.294510][ T8602] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 179.434369][ T27] audit: type=1326 audit(179.391:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764378e929 code=0x7ffc0000 [ 179.457618][ T27] audit: type=1326 audit(179.421:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764378e929 code=0x7ffc0000 [ 179.486835][ T27] audit: type=1326 audit(179.441:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f764378d290 code=0x7ffc0000 [ 179.512828][ T27] audit: type=1326 audit(179.441:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f764378d290 code=0x7ffc0000 [ 179.535560][ T27] audit: type=1326 audit(179.441:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764378e929 code=0x7ffc0000 [ 179.542944][ T5770] ocfs2: Unmounting device (7,3) on (node local) [ 179.557809][ T27] audit: type=1326 audit(179.441:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764378e929 code=0x7ffc0000 [ 179.629328][ T9] usb 5-1: cp210x converter now attached to ttyUSB0 [ 179.646757][ T27] audit: type=1326 audit(179.471:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f764378e929 code=0x7ffc0000 [ 179.714841][ T27] audit: type=1326 audit(179.471:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764378e929 code=0x7ffc0000 [ 179.756894][ T27] audit: type=1326 audit(179.471:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.1.985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f764378e929 code=0x7ffc0000 [ 179.832506][ T28] usb 5-1: USB disconnect, device number 5 [ 179.865360][ T28] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 179.889512][ T28] cp210x 5-1:0.0: device disconnected [ 180.222815][ T8632] loop1: detected capacity change from 0 to 256 [ 180.242822][ T8635] loop3: detected capacity change from 0 to 512 [ 180.303716][ T27] audit: type=1800 audit(180.241:60): pid=8632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.995" name="file1" dev="loop1" ino=1048723 res=0 errno=0 [ 180.324456][ T8635] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 180.371973][ T8635] EXT4-fs (loop3): 1 truncate cleaned up [ 180.379840][ T8635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 180.733483][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.862240][ T8652] loop1: detected capacity change from 0 to 512 [ 180.911286][ T8654] loop2: detected capacity change from 0 to 512 [ 180.955695][ T8654] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.040232][ T8662] loop3: detected capacity change from 0 to 256 [ 181.045964][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.338925][ T8667] loop2: detected capacity change from 0 to 256 [ 181.371708][ T8667] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 181.437167][ T8667] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 181.445229][ T8671] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1012'. [ 181.502545][ T8667] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 181.671622][ T8677] loop4: detected capacity change from 0 to 512 [ 181.693378][ T8677] EXT4-fs: Ignoring removed nobh option [ 181.716968][ T8677] EXT4-fs (loop4): Test dummy encryption mode enabled [ 181.731638][ T8677] EXT4-fs error (device loop4): __ext4_iget:5053: inode #11: block 1: comm syz.4.1015: invalid block [ 181.735643][ T8680] (null): rxe_set_mtu: Set mtu to 1024 [ 181.743170][ T8677] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1015: couldn't read orphan inode 11 (err -117) [ 181.768511][ T8677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 181.772074][ T8680] rdma_rxe: rxe_newlink: failed to add bond_slave_1 [ 181.852620][ T6357] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.900474][ T8686] loop2: detected capacity change from 0 to 512 [ 181.908673][ T8686] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 181.955044][ T6558] usb 2-1: new full-speed USB device number 11 using dummy_hcd [ 182.013623][ T8686] EXT4-fs (loop2): 1 truncate cleaned up [ 182.053999][ T8686] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 182.059613][ T8690] xt_bpf: check failed: parse error [ 182.178497][ T6558] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 182.203476][ T6558] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.257420][ T6558] usb 2-1: config 0 descriptor?? [ 182.298507][ T6558] cp210x 2-1:0.0: cp210x converter detected [ 182.358568][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.385957][ T8697] loop4: detected capacity change from 0 to 512 [ 182.700552][ T8704] loop3: detected capacity change from 0 to 4096 [ 182.743979][ T8704] NILFS (loop3): invalid segment: Checksum error in segment payload [ 182.771823][ T6558] usb 2-1: cp210x converter now attached to ttyUSB0 [ 182.796397][ T8704] NILFS (loop3): trying rollback from an earlier position [ 182.845883][ T8704] NILFS (loop3): recovery complete [ 182.983902][ T28] usb 2-1: USB disconnect, device number 11 [ 183.023248][ T28] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 183.064038][ T28] cp210x 2-1:0.0: device disconnected [ 183.230795][ T8720] loop3: detected capacity change from 0 to 512 [ 183.277030][ T8720] EXT4-fs: Ignoring removed nobh option [ 183.284939][ T8724] xt_bpf: check failed: parse error [ 183.293262][ T8720] EXT4-fs (loop3): Test dummy encryption mode enabled [ 183.370530][ T8720] EXT4-fs error (device loop3): __ext4_iget:5053: inode #11: block 1: comm syz.3.1020: invalid block [ 183.453847][ T8720] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1020: couldn't read orphan inode 11 (err -117) [ 183.561107][ T8720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 183.670796][ T8739] loop2: detected capacity change from 0 to 512 [ 183.755108][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.863958][ T8743] loop1: detected capacity change from 0 to 4096 [ 183.947796][ T8743] NILFS (loop1): invalid segment: Checksum error in segment payload [ 183.971702][ T8743] NILFS (loop1): trying rollback from an earlier position [ 184.032321][ T8743] NILFS (loop1): recovery complete [ 184.862480][ T8749] loop4: detected capacity change from 0 to 32768 [ 184.898692][ T8749] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 184.934310][ T8749] XFS (loop4): Ending clean mount [ 184.952942][ T8749] XFS (loop4): Quotacheck needed: Please wait. [ 185.001176][ T8749] XFS (loop4): Quotacheck: Done. [ 185.054886][ T6357] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 185.092366][ T8782] loop2: detected capacity change from 0 to 512 [ 185.105769][ T8782] EXT4-fs: Ignoring removed bh option [ 185.116708][ T8785] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1048'. [ 185.144823][ T8782] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 185.198180][ T8782] EXT4-fs (loop2): 1 truncate cleaned up [ 185.227946][ T8782] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.389632][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.430266][ T8789] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1052'. [ 185.607631][ T8798] loop4: detected capacity change from 0 to 512 [ 185.627606][ T8798] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 185.695840][ T8798] EXT4-fs (loop4): 1 truncate cleaned up [ 185.702725][ T8798] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 185.734085][ T8803] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1046'. [ 185.760577][ T8801] loop2: detected capacity change from 0 to 1764 [ 185.858082][ T7230] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 185.955737][ T6357] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.974387][ T5772] Bluetooth: hci0: unexpected event for opcode 0x2024 [ 186.662683][ T8834] loop3: detected capacity change from 0 to 2048 [ 186.708482][ T8832] loop1: detected capacity change from 0 to 4096 [ 186.725142][ T8835] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 186.771308][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 186.771322][ T27] audit: type=1800 audit(186.731:62): pid=8834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1063" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 187.097984][ T8826] loop4: detected capacity change from 0 to 32768 [ 187.142929][ T8826] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.1059 (8826) [ 187.206988][ T8843] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1065'. [ 187.221030][ T8826] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 187.263098][ T8826] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 187.289503][ T8826] BTRFS info (device loop4): force zlib compression, level 3 [ 187.309665][ T8826] BTRFS info (device loop4): force clearing of disk cache [ 187.333130][ T8826] BTRFS info (device loop4): setting nodatasum [ 187.364889][ T8826] BTRFS info (device loop4): allowing degraded mounts [ 187.371730][ T8826] BTRFS info (device loop4): enabling disk space caching [ 187.414750][ T8826] BTRFS info (device loop4): disk space caching is enabled [ 187.542566][ T8826] BTRFS info (device loop4): auto enabling async discard [ 187.557126][ T8826] BTRFS info (device loop4): rebuilding free space tree [ 187.612011][ T8826] BTRFS info (device loop4): disabling free space tree [ 187.625109][ T8826] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 187.645110][ T8826] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 187.734210][ T8826] BTRFS info (device loop4): balance: start -d -m [ 187.735113][ T8826] BTRFS info (device loop4): relocating block group 6881280 flags data|metadata [ 187.786772][ T8826] BTRFS info (device loop4): balance: canceled [ 187.879486][ T8840] loop3: detected capacity change from 0 to 32768 [ 187.918390][ T9] usb 2-1: new full-speed USB device number 12 using dummy_hcd [ 187.928993][ T8840] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 187.977935][ T6357] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 187.980252][ T8840] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 188.140956][ T9] usb 2-1: config 0 has an invalid interface number: 132 but max is 0 [ 188.173463][ T9] usb 2-1: config 0 has no interface number 0 [ 188.190905][ T27] audit: type=1800 audit(188.131:63): pid=8874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1066" name="file1" dev="loop3" ino=17059 res=0 errno=0 [ 188.218710][ T9] usb 2-1: config 0 interface 132 altsetting 4 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 188.258291][ T9] usb 2-1: config 0 interface 132 altsetting 4 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 188.294935][ T9] usb 2-1: config 0 interface 132 has no altsetting 0 [ 188.322916][ T9] usb 2-1: New USB device found, idVendor=0525, idProduct=9901, bcdDevice=ff.75 [ 188.332650][ T5770] ocfs2: Unmounting device (7,3) on (node local) [ 188.342528][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.375815][ T9] usb 2-1: Product: syz [ 188.380039][ T9] usb 2-1: Manufacturer: syz [ 188.406616][ T9] usb 2-1: SerialNumber: syz [ 188.438229][ T9] usb 2-1: config 0 descriptor?? [ 188.444501][ T8867] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 188.456781][ T8867] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 188.634310][ T8882] loop4: detected capacity change from 0 to 1024 [ 188.656347][ T8882] EXT4-fs: Ignoring removed orlov option [ 188.692152][ T8882] EXT4-fs: Ignoring removed nomblk_io_submit option [ 188.714057][ T8867] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 188.733181][ T8884] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1077'. [ 188.746342][ T8867] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 188.785609][ T8884] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1077'. [ 188.811524][ T8882] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.833118][ T9] cdc_subset 2-1:0.132 usb0: register 'cdc_subset' at usb-dummy_hcd.1-1, Belkin, eTEK, or compatible, 46:01:b5:f5:59:68 [ 188.934678][ T8878] loop2: detected capacity change from 0 to 32768 [ 189.047640][ T6357] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.126094][ T28] usb 2-1: USB disconnect, device number 12 [ 189.144910][ T28] cdc_subset 2-1:0.132 usb0: unregister 'cdc_subset' usb-dummy_hcd.1-1, Belkin, eTEK, or compatible [ 189.353509][ T8894] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1078'. [ 189.398862][ T8894] bond_slave_0: entered promiscuous mode [ 189.404592][ T8894] bond_slave_1: entered promiscuous mode [ 189.441041][ T8897] loop3: detected capacity change from 0 to 256 [ 189.491765][ T8897] exfat: Deprecated parameter 'namecase' [ 189.524823][ T8897] exfat: Deprecated parameter 'utf8' [ 189.545744][ T8897] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 189.603827][ T8897] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 190.233791][ T8925] smc: net device lo applied user defined pnetid SYZ1 [ 190.349875][ T8901] loop2: detected capacity change from 0 to 32768 [ 190.394940][ T8901] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.1082 (8901) [ 190.449011][ T8901] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 190.476952][ T8901] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 190.505932][ T8901] BTRFS info (device loop2): force zlib compression, level 3 [ 190.514123][ T8901] BTRFS info (device loop2): force clearing of disk cache [ 190.534771][ T8901] BTRFS info (device loop2): setting nodatasum [ 190.541750][ T8901] BTRFS info (device loop2): allowing degraded mounts [ 190.555498][ T8901] BTRFS info (device loop2): enabling disk space caching [ 190.593887][ T8901] BTRFS info (device loop2): disk space caching is enabled [ 190.754967][ T8901] BTRFS info (device loop2): auto enabling async discard [ 190.795002][ T8901] BTRFS info (device loop2): rebuilding free space tree [ 190.873876][ T8901] BTRFS info (device loop2): disabling free space tree [ 190.896119][ T8901] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 190.916087][ T8901] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 190.926818][ T8915] loop4: detected capacity change from 0 to 32768 [ 190.993513][ T8915] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 191.041626][ T8915] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 191.104075][ T27] audit: type=1800 audit(191.061:64): pid=8915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1085" name="file1" dev="loop4" ino=17059 res=0 errno=0 [ 191.168982][ T8901] BTRFS info (device loop2): balance: start -d -m [ 191.196660][ T8901] BTRFS info (device loop2): balance: canceled [ 191.236825][ T8921] loop3: detected capacity change from 0 to 40427 [ 191.337336][ T6357] ocfs2: Unmounting device (7,4) on (node local) [ 191.345607][ T8921] F2FS-fs (loop3): invalid crc value [ 191.379543][ T5776] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 191.393218][ T8921] F2FS-fs (loop3): Found nat_bits in checkpoint [ 191.404998][ T5772] Bluetooth: hci2: command 0x0406 tx timeout [ 191.585181][ T8921] F2FS-fs (loop3): Start checkpoint disabled! [ 191.660403][ T8921] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 192.205736][ T58] kworker/u4:4: attempt to access beyond end of device [ 192.205736][ T58] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 192.232180][ T58] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 192.654416][ T8967] loop4: detected capacity change from 0 to 40427 [ 192.706325][ T8967] F2FS-fs (loop4): Found nat_bits in checkpoint [ 192.800742][ T8967] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 192.974275][ T6357] syz-executor: attempt to access beyond end of device [ 192.974275][ T6357] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 192.994743][ T6357] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 193.090382][ T27] audit: type=1326 audit(193.051:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8994 comm="syz.2.1105" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd56f18e929 code=0x0 [ 193.262063][ T8982] loop1: detected capacity change from 0 to 32768 [ 193.297828][ T8982] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1100 (8982) [ 193.329100][ T8982] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 193.346938][ T8982] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 193.377820][ T8982] BTRFS info (device loop1): setting nodatasum [ 193.387901][ T8982] BTRFS info (device loop1): force zlib compression, level 3 [ 193.414467][ T8982] BTRFS info (device loop1): metadata ratio 1 [ 193.422154][ T8982] BTRFS info (device loop1): enabling ssd optimizations [ 193.444920][ T8982] BTRFS info (device loop1): allowing degraded mounts [ 193.455051][ T8982] BTRFS info (device loop1): using free space tree [ 193.649201][ T9020] vivid-002: disconnect [ 193.673663][ T9019] vivid-002: reconnect [ 193.713295][ T5765] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 193.918129][ T7230] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop1 scanned by udevd (7230) [ 193.988344][ T9026] loop3: detected capacity change from 0 to 256 [ 194.310111][ T9034] loop2: detected capacity change from 0 to 1024 [ 194.454685][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.461048][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.482007][ T9037] xt_CT: No such helper "syz1" [ 194.508121][ T9038] loop1: detected capacity change from 0 to 4096 [ 194.596006][ T9042] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 194.663360][ T58] hfsplus: b-tree write err: -5, ino 4 [ 194.878782][ T9051] loop3: detected capacity change from 0 to 128 [ 194.928504][ T9051] EXT4-fs: Ignoring removed mblk_io_submit option [ 194.972918][ T9051] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 195.183983][ T9051] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:406: inode #2: comm syz.3.1122: No space for directory leaf checksum. Please run e2fsck -D. [ 195.277484][ T9051] EXT4-fs error (device loop3): __ext4_find_entry:1696: inode #2: comm syz.3.1122: checksumming directory block 0 [ 195.379490][ T5770] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 195.564814][ T28] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 195.584900][ T5757] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 195.744919][ T28] usb 2-1: Using ep0 maxpacket: 16 [ 195.751944][ T28] usb 2-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 195.762826][ T28] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 195.772628][ T28] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 195.783116][ T5757] usb 5-1: Using ep0 maxpacket: 16 [ 195.788450][ T28] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8 [ 195.798507][ T28] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255 [ 195.812963][ T5757] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 195.824050][ T5757] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 195.833933][ T5757] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 195.846948][ T28] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 195.859994][ T28] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 195.868105][ T5757] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 195.877564][ T28] usb 2-1: SerialNumber: syz [ 195.884294][ T5757] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.894217][ T9066] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 195.906081][ T5757] usb 5-1: config 0 descriptor?? [ 195.913978][ T28] cdc_acm 2-1:1.0: Control and data interfaces are not separated! [ 195.928112][ T28] cdc_acm: probe of 2-1:1.0 failed with error -12 [ 196.146250][ T6558] usb 2-1: USB disconnect, device number 13 [ 196.329841][ T5757] microsoft 0003:045E:07DA.000F: No inputs registered, leaving [ 196.340624][ T5757] microsoft 0003:045E:07DA.000F: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 196.352260][ T5757] microsoft 0003:045E:07DA.000F: no inputs found [ 196.358822][ T5757] microsoft 0003:045E:07DA.000F: could not initialize ff, continuing anyway [ 196.529836][ T5757] usb 5-1: USB disconnect, device number 6 [ 196.910001][ T9083] overlayfs: missing 'lowerdir' [ 196.958895][ T9085] loop3: detected capacity change from 0 to 1024 [ 197.099622][ T27] audit: type=1800 audit(197.051:66): pid=9085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1136" name="file1" dev="loop3" ino=20 res=0 errno=0 [ 197.132209][ T9085] hfsplus: request for non-existent node 16777216 in B*Tree [ 197.161517][ T9085] hfsplus: request for non-existent node 16777216 in B*Tree [ 197.333802][ T9078] loop1: detected capacity change from 0 to 32768 [ 197.351475][ T9093] loop4: detected capacity change from 0 to 128 [ 197.364218][ T9078] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.1131 (9078) [ 197.417820][ T9078] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 197.439687][ T9078] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 197.449952][ T9078] BTRFS info (device loop1): force zlib compression, level 3 [ 197.479374][ T9078] BTRFS info (device loop1): force clearing of disk cache [ 197.492466][ T9078] BTRFS info (device loop1): setting nodatasum [ 197.503021][ T9078] BTRFS info (device loop1): allowing degraded mounts [ 197.504835][ T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 197.511415][ T9078] BTRFS info (device loop1): enabling disk space caching [ 197.532277][ T9078] BTRFS info (device loop1): disk space caching is enabled [ 197.591073][ T27] audit: type=1326 audit(197.551:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9099 comm="syz.4.1143" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ec2d8e929 code=0x0 [ 197.632499][ T9078] BTRFS info (device loop1): auto enabling async discard [ 197.642034][ T9078] BTRFS info (device loop1): rebuilding free space tree [ 197.661741][ T9078] BTRFS info (device loop1): disabling free space tree [ 197.672277][ T9078] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 197.684313][ T9078] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 197.736475][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 197.751186][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.773015][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.800648][ T9] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 197.822785][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.833307][ T9078] BTRFS info (device loop1): balance: start -d -m [ 197.846589][ T9] usb 3-1: config 0 descriptor?? [ 197.855612][ T9078] BTRFS info (device loop1): relocating block group 6881280 flags data|metadata [ 197.901900][ T9078] BTRFS info (device loop1): balance: canceled [ 197.967696][ T5765] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 198.033448][ T9120] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1145'. [ 198.214358][ T9122] loop1: detected capacity change from 0 to 256 [ 198.297103][ T9] ft260 0003:0403:6030.0010: item fetching failed at offset 0/2 [ 198.325554][ T9] ft260 0003:0403:6030.0010: failed to parse HID [ 198.357079][ T9] ft260: probe of 0003:0403:6030.0010 failed with error -22 [ 198.562272][ T6558] usb 3-1: USB disconnect, device number 12 [ 198.576945][ T9129] loop1: detected capacity change from 0 to 1024 [ 198.633389][ T9129] hfsplus: walked past end of dir [ 198.771029][ T9137] vivid-003: disconnect [ 198.782683][ T9136] vivid-003: reconnect [ 199.004788][ T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 199.215622][ T9] usb 5-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 199.234724][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.254800][ T9] usb 5-1: Product: syz [ 199.259017][ T9] usb 5-1: Manufacturer: syz [ 199.264035][ T9] usb 5-1: SerialNumber: syz [ 199.291868][ T9] r8152-cfgselector 5-1: config 0 descriptor?? [ 199.349918][ T9139] loop3: detected capacity change from 0 to 32768 [ 199.356937][ T9149] xt_CT: No such helper "syz1" [ 199.390227][ T9151] loop1: detected capacity change from 0 to 4096 [ 199.402230][ T9139] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop3 scanned by syz.3.1153 (9139) [ 199.436085][ T9139] BTRFS info (device loop3): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 199.456543][ T9151] ntfs3: Bad value for 'gid' [ 199.465223][ T9139] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 199.492437][ T9139] BTRFS info (device loop3): using free space tree [ 199.532074][ T9] r8152-cfgselector 5-1: Needed 1 retries to read version [ 199.545640][ T9] usbip-host 5-1: 5-1 is not in match_busid table... skip! [ 199.606240][ T9162] binder: BINDER_SET_CONTEXT_MGR already set [ 199.613331][ T9162] binder: 9159:9162 ioctl 40046207 0 returned -16 [ 199.770390][ T5808] usb 5-1: USB disconnect, device number 7 [ 199.775858][ T9139] BTRFS info (device loop3): enabling ssd optimizations [ 199.816157][ T9139] BTRFS info (device loop3): auto enabling async discard [ 200.144772][ T6558] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 200.149641][ T5770] BTRFS info (device loop3): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 200.358535][ T6558] usb 2-1: Using ep0 maxpacket: 8 [ 200.385733][ T6558] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 200.429595][ T9174] loop2: detected capacity change from 0 to 32768 [ 200.429673][ T6558] usb 2-1: New USB device found, idVendor=056a, idProduct=003f, bcdDevice= 0.00 [ 200.492993][ T9174] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1161 (9174) [ 200.494854][ T6558] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.564403][ T9174] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 200.586508][ T6558] usb 2-1: config 0 descriptor?? [ 200.597740][ T9174] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 200.654140][ T9174] BTRFS info (device loop2): setting nodatasum [ 200.691760][ T9174] BTRFS info (device loop2): force zlib compression, level 3 [ 200.726806][ T9174] BTRFS info (device loop2): metadata ratio 1 [ 200.732934][ T9174] BTRFS info (device loop2): enabling ssd optimizations [ 200.804871][ T9174] BTRFS info (device loop2): allowing degraded mounts [ 200.811717][ T9174] BTRFS info (device loop2): using free space tree [ 200.854090][ T9183] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1165'. [ 200.931656][ T9198] overlayfs: missing 'lowerdir' [ 201.041301][ T6558] wacom 0003:056A:003F.0011: unknown main item tag 0x0 [ 201.073672][ T6558] wacom 0003:056A:003F.0011: unknown main item tag 0x0 [ 201.091622][ T6558] wacom 0003:056A:003F.0011: unknown main item tag 0x0 [ 201.106376][ T6558] wacom 0003:056A:003F.0011: unknown main item tag 0x0 [ 201.124025][ T6558] wacom 0003:056A:003F.0011: unknown main item tag 0x0 [ 201.134282][ T6558] wacom 0003:056A:003F.0011: hidraw0: USB HID v0.07 Device [HID 056a:003f] on usb-dummy_hcd.1-1/input0 [ 201.199660][ T5776] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 201.465715][ T6558] usb 2-1: USB disconnect, device number 14 [ 201.522966][ T5760] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop2 scanned by udevd (5760) [ 201.636461][ T9213] Bluetooth: MGMT ver 1.22 [ 202.726879][ T9243] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1186'. [ 202.744522][ T9246] loop4: detected capacity change from 0 to 512 [ 202.775801][ T9246] EXT4-fs: Ignoring removed mblk_io_submit option [ 202.782277][ T9246] EXT4-fs: Ignoring removed bh option [ 202.842121][ T9246] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 202.917705][ T9246] EXT4-fs (loop4): 1 truncate cleaned up [ 202.936834][ T9246] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 202.998887][ T9227] loop2: detected capacity change from 0 to 40427 [ 203.088885][ T9227] F2FS-fs (loop2): Found nat_bits in checkpoint [ 203.117428][ T6357] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.230235][ T9227] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 203.293280][ T9266] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 203.325328][ T9267] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1191'. [ 203.349851][ T9267] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1191'. [ 203.397001][ T9264] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1191'. [ 203.478447][ T5776] syz-executor: attempt to access beyond end of device [ 203.478447][ T5776] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 203.522600][ T5776] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 203.578001][ T9271] loop3: detected capacity change from 0 to 1024 [ 203.600028][ T9269] loop1: detected capacity change from 0 to 4096 [ 203.606043][ T9271] EXT4-fs: inline encryption not supported [ 203.608053][ T9273] netlink: 'syz.4.1198': attribute type 1 has an invalid length. [ 203.634483][ T9271] EXT4-fs: Ignoring removed oldalloc option [ 203.653791][ T9274] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 203.669711][ T9271] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 203.729744][ T9271] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 203.825181][ T9271] EXT4-fs (loop3): Online resizing not supported with bigalloc [ 203.946832][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.346580][ T9292] loop1: detected capacity change from 0 to 128 [ 204.450673][ T9292] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 204.463310][ T9296] loop2: detected capacity change from 0 to 16 [ 204.487845][ T9296] erofs: (device loop2): mounted with root inode @ nid 36. [ 204.730059][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 204.784782][ T9304] loop4: detected capacity change from 0 to 256 [ 204.816477][ T9304] exfat: Deprecated parameter 'utf8' [ 204.864896][ T9304] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xd9b3646f, utbl_chksum : 0xe619d30d) [ 204.869594][ T9306] loop3: detected capacity change from 0 to 8 [ 204.957687][ T9306] SQUASHFS error: zstd decompression failed, data probably corrupt [ 205.011693][ T9306] SQUASHFS error: Failed to read block 0x4ec: -5 [ 205.035077][ T9306] SQUASHFS error: Unable to read metadata cache entry [4ea] [ 205.042419][ T9306] SQUASHFS error: Unable to read inode 0x2011f [ 205.168930][ T9312] loop4: detected capacity change from 0 to 1024 [ 205.225742][ T9312] hfsplus: bad catalog entry type [ 205.292487][ T3415] hfsplus: b-tree write err: -5, ino 4 [ 205.646118][ T9324] loop1: detected capacity change from 0 to 2048 [ 205.661429][ T9324] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 205.709263][ T9332] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 205.710795][ T7230] udevd[7230]: incorrect nilfs2 checksum on /dev/loop1 [ 205.854910][ T5757] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 205.925486][ T9334] net_ratelimit: 66 callbacks suppressed [ 205.925503][ T9334] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 205.944809][ T6558] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 206.066800][ T5757] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 206.076160][ T5757] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.084168][ T5757] usb 5-1: Product: syz [ 206.088500][ T5757] usb 5-1: Manufacturer: syz [ 206.093114][ T5757] usb 5-1: SerialNumber: syz [ 206.107007][ T5757] usb 5-1: config 0 descriptor?? [ 206.119383][ T5757] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 206.146843][ T6558] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 206.162900][ T6558] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.199014][ T6558] usb 4-1: config 0 descriptor?? [ 206.238466][ T9342] loop1: detected capacity change from 0 to 512 [ 206.238950][ T6558] cp210x 4-1:0.0: cp210x converter detected [ 206.256244][ T9342] EXT4-fs: Ignoring removed nobh option [ 206.268359][ T9342] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 206.322830][ T9342] EXT4-fs (loop1): 1 truncate cleaned up [ 206.366500][ T9342] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 206.502412][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.662257][ T6558] usb 4-1: cp210x converter now attached to ttyUSB0 [ 206.784886][ T5757] gspca_sunplus: reg_r err -71 [ 206.790731][ T5757] sunplus: probe of 5-1:0.0 failed with error -71 [ 206.816448][ T5757] usb 5-1: USB disconnect, device number 8 [ 206.859690][ T6558] usb 4-1: USB disconnect, device number 11 [ 206.870635][ T9349] loop1: detected capacity change from 0 to 1024 [ 206.887557][ T6558] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 206.924854][ T9349] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 206.955599][ T6558] cp210x 4-1:0.0: device disconnected [ 206.988920][ T9349] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.161451][ T9345] loop2: detected capacity change from 0 to 40427 [ 207.163821][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.230088][ T9345] F2FS-fs (loop2): Found nat_bits in checkpoint [ 207.277243][ T9357] loop1: detected capacity change from 0 to 164 [ 207.468980][ T9345] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 207.585316][ T9362] loop1: detected capacity change from 0 to 2048 [ 207.643599][ T9362] Alternate GPT is invalid, using primary GPT. [ 207.657303][ T9345] syz.2.1228: attempt to access beyond end of device [ 207.657303][ T9345] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 207.686669][ T9362] loop1: p2 p3 p7 [ 207.982042][ T5776] syz-executor: attempt to access beyond end of device [ 207.982042][ T5776] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 208.019644][ T9376] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1237'. [ 208.019764][ T9375] ceph: Unexpected value for 'acl' [ 208.049869][ T9376] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1237'. [ 208.061081][ T5776] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 208.072927][ T5880] udevd[5880]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 208.085067][ T9373] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1237'. [ 208.087319][ T5760] udevd[5760]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 208.105073][ T7230] udevd[7230]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 208.650879][ T9394] loop1: detected capacity change from 0 to 1024 [ 208.819805][ T58] hfsplus: b-tree write err: -5, ino 4 [ 208.877162][ T9399] ucma_write: process 468 (syz.4.1251) changed security contexts after opening file descriptor, this is not allowed. [ 209.395100][ T5808] usb 2-1: new full-speed USB device number 15 using dummy_hcd [ 209.623235][ T5808] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 209.640341][ T5808] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.655017][ T9421] loop4: detected capacity change from 0 to 1024 [ 209.671014][ T5808] usb 2-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00 [ 209.696830][ T9422] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1261'. [ 209.699348][ T5808] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.722295][ T9421] hfsplus: found bad thread record in catalog [ 209.734827][ T9424] loop2: detected capacity change from 0 to 512 [ 209.735168][ T9422] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1261'. [ 209.744894][ T5808] usb 2-1: config 0 descriptor?? [ 209.750583][ T9421] hfsplus: catalog searching failed [ 209.774883][ T9422] tipc: Invalid UDP bearer configuration [ 209.774936][ T9422] tipc: Enabling of bearer rejected, failed to enable media [ 209.874706][ T9424] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 209.895322][ T1127] hfsplus: b-tree write err: -5, ino 4 [ 210.040117][ T9424] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1263: iget: bad i_size value: 360287970189639680 [ 210.145260][ T9424] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1263: couldn't read orphan inode 15 (err -117) [ 210.166553][ T9424] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 210.229386][ T5808] wacom 0003:056A:00D0.0012: unknown main item tag 0x0 [ 210.249131][ T5808] wacom 0003:056A:00D0.0012: unknown main item tag 0x0 [ 210.252611][ T9424] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.1263: iget: bad i_size value: 360287970189639680 [ 210.275268][ T5808] wacom 0003:056A:00D0.0012: unknown main item tag 0x0 [ 210.282201][ T5808] wacom 0003:056A:00D0.0012: unknown main item tag 0x0 [ 210.318384][ T5808] wacom 0003:056A:00D0.0012: unknown main item tag 0x0 [ 210.339153][ T5808] wacom 0003:056A:00D0.0012: Unknown device_type for 'HID 056a:00d0'. Assuming pen. [ 210.363760][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.374923][ T5808] wacom 0003:056A:00D0.0012: hidraw0: USB HID v0.00 Device [HID 056a:00d0] on usb-dummy_hcd.1-1/input0 [ 210.407789][ T5808] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00D0.0012/input/input24 [ 210.470568][ T9439] loop4: detected capacity change from 0 to 1764 [ 210.553674][ T9442] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1270'. [ 210.574839][ T9442] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1270'. [ 210.604526][ T9441] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1270'. [ 210.728879][ T5808] usb 2-1: USB disconnect, device number 15 [ 210.890292][ T9450] loop2: detected capacity change from 0 to 2048 [ 210.907515][ T9450] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 210.950594][ T7230] udevd[7230]: incorrect nilfs2 checksum on /dev/loop2 [ 210.972270][ T9452] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 211.104847][ T5797] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 211.289777][ T5797] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 211.308675][ T5797] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 211.338416][ T5797] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 211.360670][ T5797] usb 5-1: config 220 has no interface number 2 [ 211.370662][ T5797] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 211.377894][ T9464] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 211.388813][ T5797] usb 5-1: config 220 interface 0 has no altsetting 0 [ 211.413396][ T5797] usb 5-1: config 220 interface 76 has no altsetting 0 [ 211.421968][ T5797] usb 5-1: config 220 interface 1 has no altsetting 0 [ 211.432371][ T9466] loop2: detected capacity change from 0 to 8 [ 211.463824][ T5797] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 211.473787][ T9466] SQUASHFS error: zstd decompression failed, data probably corrupt [ 211.482158][ T5797] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.496544][ T9466] SQUASHFS error: Failed to read block 0x4ec: -5 [ 211.497729][ T5797] usb 5-1: Product: syz [ 211.502901][ T9466] SQUASHFS error: Unable to read metadata cache entry [4ea] [ 211.502958][ T9466] SQUASHFS error: Unable to read inode 0x2011f [ 211.546805][ T5797] usb 5-1: Manufacturer: syz [ 211.553185][ T5797] usb 5-1: SerialNumber: syz [ 211.797221][ T5797] usb 5-1: selecting invalid altsetting 0 [ 211.842782][ T5797] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 211.852398][ T9472] loop1: detected capacity change from 0 to 1024 [ 211.864719][ T5797] usb 5-1: No valid video chain found. [ 211.879468][ T5772] Bluetooth: hci3: command 0x0406 tx timeout [ 211.908188][ T9472] EXT4-fs: Ignoring removed nobh option [ 211.920421][ T5797] usb 5-1: selecting invalid altsetting 0 [ 211.927836][ T5797] usbtest: probe of 5-1:220.1 failed with error -22 [ 211.936505][ T9474] loop3: detected capacity change from 0 to 2048 [ 211.945196][ T5797] usb 5-1: USB disconnect, device number 9 [ 211.971216][ T9472] EXT4-fs: Ignoring removed bh option [ 212.040513][ T9477] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 212.107205][ T9472] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 212.343845][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.553499][ T9476] loop2: detected capacity change from 0 to 32768 [ 212.623122][ T9476] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 212.712255][ T9500] loop1: detected capacity change from 0 to 8 [ 212.756882][ T9500] SQUASHFS error: zstd decompression failed, data probably corrupt [ 212.777121][ T9476] XFS (loop2): Ending clean mount [ 212.780088][ T9500] SQUASHFS error: Failed to read block 0x4ec: -5 [ 212.796167][ T9476] XFS (loop2): Quotacheck needed: Please wait. [ 212.800374][ T9500] SQUASHFS error: Unable to read metadata cache entry [4ea] [ 212.890193][ T9500] SQUASHFS error: Unable to read inode 0x2011f [ 212.915133][ T9476] XFS (loop2): Quotacheck: Done. [ 212.924095][ T9502] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 212.979045][ T27] audit: type=1800 audit(212.931:68): pid=9476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1285" name="bus" dev="loop2" ino=9290 res=0 errno=0 [ 213.197541][ T5776] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 213.353418][ T9506] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1296'. [ 213.429589][ T9486] loop4: detected capacity change from 0 to 32768 [ 213.546711][ T9486] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 213.583204][ T9509] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1297'. [ 213.873044][ T9486] XFS (loop4): Ending clean mount [ 213.890974][ T9486] XFS (loop4): Quotacheck needed: Please wait. [ 214.001668][ T9486] XFS (loop4): Quotacheck: Done. [ 214.124329][ T6357] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 214.171913][ T9533] loop3: detected capacity change from 0 to 128 [ 214.194412][ T9533] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 214.260655][ T9533] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 214.730088][ T9527] loop2: detected capacity change from 0 to 32768 [ 214.800951][ T9527] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 214.964523][ T9537] loop3: detected capacity change from 0 to 32768 [ 215.011127][ T9537] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 215.035006][ T5776] ocfs2: Unmounting device (7,2) on (node local) [ 215.328858][ T9557] loop1: detected capacity change from 0 to 512 [ 215.347589][ T9557] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 215.393804][ T9537] XFS (loop3): Ending clean mount [ 215.438343][ T9537] XFS (loop3): Quotacheck needed: Please wait. [ 215.579274][ T9537] XFS (loop3): Quotacheck: Done. [ 215.614984][ T9557] EXT4-fs (loop1): 1 truncate cleaned up [ 215.666164][ T9557] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.761202][ T5770] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 216.087624][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.231899][ T9571] loop4: detected capacity change from 0 to 16 [ 216.308265][ T9576] loop1: detected capacity change from 0 to 512 [ 216.326818][ T9571] erofs: (device loop4): mounted with root inode @ nid 36. [ 216.379812][ T9576] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm syz.1.1317: bg 0: block 5: invalid block bitmap [ 216.416976][ T9579] netlink: 112 bytes leftover after parsing attributes in process `syz.2.1320'. [ 216.434978][ T9579] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1320'. [ 216.444280][ T9571] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 216.513961][ T9576] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6642: Corrupt filesystem [ 216.525589][ T9571] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -46 in[60, 4036] out[1851] [ 216.555519][ T9571] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 216.562974][ T9580] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 216.590327][ T9576] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1317: invalid indirect mapped block 3 (level 2) [ 216.606983][ T9576] EXT4-fs (loop1): 1 orphan inode deleted [ 216.620692][ T9576] EXT4-fs (loop1): 1 truncate cleaned up [ 216.631416][ T9584] loop2: detected capacity change from 0 to 512 [ 216.637961][ T9580] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -46 in[60, 4036] out[1851] [ 216.650464][ T9576] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 216.655652][ T9582] loop3: detected capacity change from 0 to 4096 [ 216.663161][ T9580] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 216.737039][ T9582] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 216.744969][ T9584] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 216.748850][ T9582] EXT4-fs (loop3): Test dummy encryption mode enabled [ 216.805990][ T9582] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 217.011713][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.107520][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.233913][ T9582] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 217.378667][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.933563][ T9590] loop4: detected capacity change from 0 to 40427 [ 217.966894][ T9590] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x7ffff [ 217.987681][ T9590] F2FS-fs (loop4): invalid crc value [ 217.999847][ T9590] F2FS-fs (loop4): Found nat_bits in checkpoint [ 218.140428][ T9590] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 218.197191][ T9590] F2FS-fs (loop4): access invalid blkaddr:2816 [ 218.220399][ T9590] CPU: 0 PID: 9590 Comm: syz.4.1323 Not tainted 6.6.95-syzkaller #0 [ 218.228454][ T9590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 218.238539][ T9590] Call Trace: [ 218.241836][ T9590] [ 218.244779][ T9590] dump_stack_lvl+0x16c/0x230 [ 218.249511][ T9590] ? show_regs_print_info+0x20/0x20 [ 218.254734][ T9590] ? f2fs_get_next_page_offset+0x690/0x690 [ 218.260577][ T9590] f2fs_is_valid_blkaddr+0xef8/0x1580 [ 218.265993][ T9590] f2fs_map_blocks+0xcdd/0x3c00 [ 218.270910][ T9590] ? f2fs_get_block_locked+0xe0/0xe0 [ 218.276240][ T9590] ? __might_sleep+0xe0/0xe0 [ 218.280872][ T9590] ? down_read_killable+0x340/0x340 [ 218.286083][ T9590] ? stack_trace_save+0x9c/0xe0 [ 218.290966][ T9590] ? stack_trace_snprint+0xf0/0xf0 [ 218.296095][ T9590] f2fs_fiemap+0x902/0x1650 [ 218.300643][ T9590] ? f2fs_overwrite_io+0x1e0/0x1e0 [ 218.305761][ T9590] ? __might_fault+0xaa/0x120 [ 218.310459][ T9590] ? __might_fault+0xaa/0x120 [ 218.315137][ T9590] ? __might_fault+0xc6/0x120 [ 218.319809][ T9590] ? __might_fault+0xaa/0x120 [ 218.324492][ T9590] do_vfs_ioctl+0x140c/0x1bb0 [ 218.329190][ T9590] ? __ia32_compat_sys_ioctl+0x7f0/0x7f0 [ 218.334831][ T9590] ? tomoyo_path_number_perm+0x1ba/0x590 [ 218.340464][ T9590] ? __lock_acquire+0x7c80/0x7c80 [ 218.345491][ T9590] ? slab_free_freelist_hook+0x130/0x1b0 [ 218.351121][ T9590] ? tomoyo_path_number_perm+0x477/0x590 [ 218.356747][ T9590] ? __kmem_cache_free+0xba/0x1f0 [ 218.361767][ T9590] ? tomoyo_path_number_perm+0x4dc/0x590 [ 218.367392][ T9590] ? tomoyo_path_number_perm+0x1ba/0x590 [ 218.373016][ T9590] ? tomoyo_check_path_acl+0x1c0/0x1c0 [ 218.378497][ T9590] ? __fget_files+0x28/0x4d0 [ 218.383099][ T9590] ? bpf_lsm_file_ioctl+0x9/0x10 [ 218.388032][ T9590] ? security_file_ioctl+0x80/0xa0 [ 218.393142][ T9590] __se_sys_ioctl+0x83/0x170 [ 218.397734][ T9590] do_syscall_64+0x55/0xb0 [ 218.402148][ T9590] ? clear_bhb_loop+0x40/0x90 [ 218.406841][ T9590] ? clear_bhb_loop+0x40/0x90 [ 218.411539][ T9590] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 218.417470][ T9590] RIP: 0033:0x7f5ec2d8e929 [ 218.421926][ T9590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.441543][ T9590] RSP: 002b:00007f5ec3beb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 218.449954][ T9590] RAX: ffffffffffffffda RBX: 00007f5ec2fb5fa0 RCX: 00007f5ec2d8e929 [ 218.457923][ T9590] RDX: 0000200000000280 RSI: 00000000c020660b RDI: 0000000000000004 [ 218.465890][ T9590] RBP: 00007f5ec2e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 218.473852][ T9590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 218.481823][ T9590] R13: 0000000000000000 R14: 00007f5ec2fb5fa0 R15: 00007fff52cefcc8 [ 218.489900][ T9590] [ 218.858552][ T9618] loop2: detected capacity change from 0 to 4096 [ 218.914945][ T9619] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 218.974145][ T9602] loop1: detected capacity change from 0 to 40427 [ 219.000699][ T9606] loop3: detected capacity change from 0 to 32768 [ 219.048934][ T9602] F2FS-fs (loop1): Found nat_bits in checkpoint [ 219.092915][ T9606] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 219.142006][ T9602] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 219.212074][ T9602] syz.1.1328: attempt to access beyond end of device [ 219.212074][ T9602] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 219.275312][ T5765] syz-executor: attempt to access beyond end of device [ 219.275312][ T5765] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 219.307820][ T9606] XFS (loop3): Ending clean mount [ 219.333915][ T5765] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 219.384881][ T8] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 219.490289][ T5770] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 219.589140][ T8] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 219.597592][ T8] usb 5-1: config 0 has no interface number 0 [ 219.603725][ T8] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 219.651573][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.687203][ T8] usb 5-1: config 0 descriptor?? [ 219.706671][ T8] usb 5-1: selecting invalid altsetting 1 [ 219.739629][ T8] dvb_ttusb_budget: ttusb_init_controller: error [ 219.748540][ T8] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 219.970337][ T8] DVB: Unable to find symbol cx22700_attach() [ 220.121996][ T8] DVB: Unable to find symbol tda10046_attach() [ 220.134828][ T8] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 220.162611][ T8] usb 5-1: USB disconnect, device number 10 [ 220.166192][ T9635] loop2: detected capacity change from 0 to 32768 [ 220.207771][ T9635] JBD2: Ignoring recovery information on journal [ 220.361506][ T9635] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 220.490269][ T9655] overlayfs: disabling nfs_export due to verity=on [ 220.498536][ T9655] overlayfs: missing 'lowerdir' [ 220.554841][ T5810] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 220.613800][ T5776] ocfs2: Unmounting device (7,2) on (node local) [ 220.823943][ T5810] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 220.834660][ T5810] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.842686][ T5810] usb 2-1: Product: syz [ 220.877118][ T5810] usb 2-1: Manufacturer: syz [ 220.897284][ T5810] usb 2-1: SerialNumber: syz [ 220.923819][ T5810] usb 2-1: config 0 descriptor?? [ 220.965906][ T5810] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 221.087318][ T9672] loop3: detected capacity change from 0 to 164 [ 221.255159][ T5808] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 221.467026][ T5808] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 221.478461][ T5808] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 221.490119][ T5808] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 221.499869][ T5808] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.511263][ T5808] usb 3-1: config 0 descriptor?? [ 221.563423][ T9682] loop3: detected capacity change from 0 to 512 [ 221.571059][ T5810] gspca_sunplus: reg_r err -71 [ 221.577913][ T9682] EXT4-fs: Ignoring removed mblk_io_submit option [ 221.586677][ T5810] sunplus: probe of 2-1:0.0 failed with error -71 [ 221.608150][ T9682] EXT4-fs: Ignoring removed bh option [ 221.611029][ T5810] usb 2-1: USB disconnect, device number 16 [ 221.640287][ T9682] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 221.681097][ T9682] EXT4-fs (loop3): 1 truncate cleaned up [ 221.704442][ T9682] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 221.810030][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.958406][ T5808] pyra 0003:1E7D:2CF6.0013: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0 [ 221.972796][ T9692] loop3: detected capacity change from 0 to 512 [ 221.994736][ T8] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 222.090467][ T9692] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #16: comm syz.3.1361: corrupted inode contents [ 222.107369][ T9692] EXT4-fs error (device loop3): ext4_dirty_inode:6106: inode #16: comm syz.3.1361: mark_inode_dirty error [ 222.121598][ T9692] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #16: comm syz.3.1361: corrupted inode contents [ 222.140006][ T9692] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.1361: mark_inode_dirty error [ 222.151602][ T5808] pyra 0003:1E7D:2CF6.0013: couldn't init struct pyra_device [ 222.164760][ T9692] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #16: comm syz.3.1361: corrupted inode contents [ 222.177389][ T5808] pyra 0003:1E7D:2CF6.0013: couldn't install mouse [ 222.186105][ T5808] pyra: probe of 0003:1E7D:2CF6.0013 failed with error -71 [ 222.186952][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 222.194944][ T9692] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 222.221697][ T9692] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #16: comm syz.3.1361: corrupted inode contents [ 222.233831][ T8] usb 5-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 222.236498][ T5808] usb 3-1: USB disconnect, device number 13 [ 222.258831][ T9692] EXT4-fs error (device loop3): ext4_truncate:4288: inode #16: comm syz.3.1361: mark_inode_dirty error [ 222.267801][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.280692][ T9692] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 222.284362][ T8] usb 5-1: config 0 descriptor?? [ 222.313324][ T9692] EXT4-fs (loop3): 1 truncate cleaned up [ 222.322689][ T9692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 222.340471][ T12] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 222.354139][ T12] EXT4-fs error (device loop3): ext4_release_dquot:6974: comm kworker/u4:1: Failed to release dquot type 1 [ 222.390056][ T27] audit: type=1800 audit(222.351:69): pid=9692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1361" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 222.447669][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.589942][ T9701] loop1: detected capacity change from 0 to 2048 [ 222.651429][ T9701] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 222.735059][ T8] wacom 0003:056A:00D4.0014: Unknown device_type for 'HID 056a:00d4'. Assuming pen. [ 222.792294][ T8] wacom 0003:056A:00D4.0014: hidraw0: USB HID vff.fe Device [HID 056a:00d4] on usb-dummy_hcd.4-1/input0 [ 222.835011][ T8] input: Wacom Bamboo Pen Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:00D4.0014/input/input27 [ 223.005966][ T8] usb 5-1: USB disconnect, device number 11 [ 223.029771][ T9709] loop2: detected capacity change from 0 to 128 [ 223.628536][ T9729] loop4: detected capacity change from 0 to 256 [ 223.706633][ T9729] MINIX-fs: mounting file system with errors, running fsck is recommended [ 223.982167][ T9742] loop4: detected capacity change from 0 to 2048 [ 224.012933][ T9743] loop3: detected capacity change from 0 to 1024 [ 224.041632][ T9742] loop4: p1 < > p4 [ 224.050088][ T9742] loop4: p4 size 8388608 extends beyond EOD, truncated [ 224.121800][ T9747] loop1: detected capacity change from 0 to 64 [ 224.338573][ T9751] loop2: detected capacity change from 0 to 16 [ 224.383469][ T9751] erofs: (device loop2): mounted with root inode @ nid 36. [ 224.402774][ T9750] loop4: detected capacity change from 0 to 2048 [ 224.426057][ T9751] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 224.445621][ T9751] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -46 in[60, 4036] out[1851] [ 224.469523][ T9750] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 224.508726][ T7230] udevd[7230]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 224.514682][ T9751] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 224.519015][ T9756] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 224.538533][ T9756] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -46 in[60, 4036] out[1851] [ 224.550137][ T9756] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 224.575853][ T5880] udevd[5880]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 224.590125][ T9750] EXT4-fs error (device loop4): ext4_find_extent:936: inode #2: comm syz.4.1385: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 224.696410][ T9750] EXT4-fs (loop4): Remounting filesystem read-only [ 224.829580][ T6357] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.953289][ T9766] loop4: detected capacity change from 0 to 512 [ 225.009646][ T9766] EXT4-fs error (device loop4): ext4_validate_block_bitmap:430: comm syz.4.1392: bg 0: block 5: invalid block bitmap [ 225.030239][ T9766] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6642: Corrupt filesystem [ 225.055610][ T9766] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1392: invalid indirect mapped block 3 (level 2) [ 225.089380][ T9771] loop2: detected capacity change from 0 to 4096 [ 225.102489][ T9766] EXT4-fs (loop4): 1 orphan inode deleted [ 225.124726][ T28] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 225.140874][ T9771] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 225.160901][ T9766] EXT4-fs (loop4): 1 truncate cleaned up [ 225.174567][ T9771] EXT4-fs (loop2): Test dummy encryption mode enabled [ 225.183009][ T9766] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.214362][ T9771] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.324322][ T28] usb 2-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 225.333568][ T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.342147][ T28] usb 2-1: Product: syz [ 225.347370][ T28] usb 2-1: Manufacturer: syz [ 225.352537][ T28] usb 2-1: SerialNumber: syz [ 225.385005][ T6357] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.388360][ T28] usb 2-1: config 0 descriptor?? [ 225.442746][ T28] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 225.522706][ T5776] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.060197][ T28] gspca_sq905c: sq905c_command: usb_control_msg failed (-71) [ 226.073818][ T28] sq905c: probe of 2-1:0.0 failed with error -71 [ 226.095377][ T28] usb 2-1: USB disconnect, device number 17 [ 226.248665][ T9789] loop3: detected capacity change from 0 to 16 [ 226.273751][ T9789] erofs: (device loop3): mounted with root inode @ nid 36. [ 226.328658][ T9789] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 226.357289][ T9789] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -46 in[60, 4036] out[1851] [ 226.383375][ T9789] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 226.410693][ T9792] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 226.429930][ T9792] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -46 in[60, 4036] out[1851] [ 226.448964][ T9792] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 226.601178][ T9796] loop4: detected capacity change from 0 to 64 [ 226.652882][ T9796] hfs: unable to locate alternate MDB [ 226.671847][ T9796] hfs: continuing without an alternate MDB [ 226.950255][ T27] audit: type=1326 audit(226.911:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ec2d8e929 code=0x7ffc0000 [ 226.963421][ T9787] loop2: detected capacity change from 0 to 32768 [ 227.016204][ T27] audit: type=1326 audit(226.911:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ec2d8e929 code=0x7ffc0000 [ 227.073798][ T9787] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 227.092282][ T27] audit: type=1326 audit(226.961:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5ec2d8e929 code=0x7ffc0000 [ 227.135054][ T27] audit: type=1326 audit(226.961:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ec2d8e929 code=0x7ffc0000 [ 227.195672][ T27] audit: type=1326 audit(226.961:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ec2d8e929 code=0x7ffc0000 [ 227.217875][ T27] audit: type=1326 audit(226.961:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f5ec2d8e929 code=0x7ffc0000 [ 227.240032][ T27] audit: type=1326 audit(226.961:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ec2d8e929 code=0x7ffc0000 [ 227.261734][ T27] audit: type=1326 audit(226.961:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ec2d8e929 code=0x7ffc0000 [ 227.333567][ T9787] XFS (loop2): Ending clean mount [ 227.344590][ T9787] XFS (loop2): Quotacheck needed: Please wait. [ 227.443669][ T9787] XFS (loop2): Quotacheck: Done. [ 227.452084][ T9820] loop4: detected capacity change from 0 to 64 [ 227.463270][ T9820] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing [ 227.574849][ T8] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 227.590535][ T5776] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 227.601526][ T9798] loop3: detected capacity change from 0 to 40427 [ 227.635098][ T9798] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 227.644729][ T9798] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 227.663528][ T9798] F2FS-fs (loop3): build fault injection attr: rate: 18446, type: 0x7ffff [ 227.732770][ T9798] F2FS-fs (loop3): invalid crc value [ 227.756563][ T9798] F2FS-fs (loop3): Found nat_bits in checkpoint [ 227.794978][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 227.809671][ T8] usb 2-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 227.839691][ T8] usb 2-1: config 0 interface 0 has no altsetting 0 [ 227.850719][ T8] usb 2-1: New USB device found, idVendor=0403, idProduct=97c1, bcdDevice= 0.00 [ 227.898907][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.917788][ T9798] F2FS-fs (loop3): Start checkpoint disabled! [ 227.935374][ T8] usb 2-1: config 0 descriptor?? [ 227.953582][ T9798] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 227.977732][ T9798] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 228.197079][ T9826] loop4: detected capacity change from 0 to 4096 [ 228.216647][ T9826] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 228.323103][ T9826] ntfs3: loop4: ino=3, ntfs_set_state failed, -22. [ 228.326800][ T11] kworker/u4:0: attempt to access beyond end of device [ 228.326800][ T11] loop3: rw=1, sector=53248, nr_sectors = 16 limit=40427 [ 228.330948][ T9826] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 228.387652][ T8] hid-retrode 0003:0403:97C1.0015: item fetching failed at offset 0/5 [ 228.399999][ T11] kworker/u4:0: attempt to access beyond end of device [ 228.399999][ T11] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 228.416998][ T8] hid-retrode: probe of 0003:0403:97C1.0015 failed with error -22 [ 228.425705][ T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 228.442256][ T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 228.444393][ T9826] ntfs3: loop4: ino=1e, "file1" encrypted i/o not supported [ 228.470558][ T9832] hugetlbfs: Bad value for 'mode' [ 228.478297][ T27] audit: type=1800 audit(228.441:78): pid=9826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1416" name="file1" dev="loop4" ino=30 res=0 errno=0 [ 228.498429][ T9826] ntfs3: loop4: ino=1e, "file1" encrypted i/o not supported [ 228.577849][ T5808] usb 2-1: USB disconnect, device number 18 [ 228.596589][ T11] ntfs3: loop4: ino=3, ntfs3_write_inode failed, -22. [ 228.604888][ T6357] ntfs3: loop4: ino=3, ntfs_set_state failed, -22. [ 228.625461][ T6357] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 228.637569][ T6357] ntfs3: loop4: ino=3, ntfs_set_state failed, -22. [ 228.657607][ T9835] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1420'. [ 228.663939][ T541] ntfs3: loop4: ino=3, ntfs3_write_inode failed, -22. [ 229.749793][ T9880] loop2: detected capacity change from 0 to 2048 [ 229.763700][ T9880] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 229.885104][ T9886] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1442'. [ 229.894061][ T9886] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1442'. [ 229.943878][ T9886] netlink: 'syz.1.1442': attribute type 7 has an invalid length. [ 230.161494][ T9896] loop2: detected capacity change from 0 to 64 [ 230.172675][ T9895] netlink: 'syz.1.1449': attribute type 28 has an invalid length. [ 230.222856][ T27] audit: type=1800 audit(230.181:79): pid=9896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1448" name="file1" dev="loop2" ino=18 res=0 errno=0 [ 230.254010][ T9896] syz.2.1448: attempt to access beyond end of device [ 230.254010][ T9896] loop2: rw=34817, sector=18, nr_sectors = 400 limit=64 [ 230.294048][ T9896] syz.2.1448: attempt to access beyond end of device [ 230.294048][ T9896] loop2: rw=34817, sector=420, nr_sectors = 20 limit=64 [ 230.301077][ T9900] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1451'. [ 230.338727][ T9896] [ 230.341100][ T9896] ====================================================== [ 230.348126][ T9896] WARNING: possible circular locking dependency detected [ 230.355162][ T9896] 6.6.95-syzkaller #0 Not tainted [ 230.360190][ T9896] ------------------------------------------------------ [ 230.367211][ T9896] syz.2.1448/9896 is trying to acquire lock: [ 230.373196][ T9896] ffff888077ee8778 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xdb/0x1220 [ 230.384015][ T9896] [ 230.384015][ T9896] but task is already holding lock: [ 230.391390][ T9896] ffff88805cc6e0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x15f/0x1d0 [ 230.400742][ T9896] [ 230.400742][ T9896] which lock already depends on the new lock. [ 230.400742][ T9896] [ 230.411154][ T9896] [ 230.411154][ T9896] the existing dependency chain (in reverse order) is: [ 230.420181][ T9896] [ 230.420181][ T9896] -> #1 (&tree->tree_lock/1){+.+.}-{3:3}: [ 230.428133][ T9896] __mutex_lock+0x129/0xcc0 [ 230.433182][ T9896] hfs_find_init+0x15f/0x1d0 [ 230.438319][ T9896] hfs_extend_file+0x2ef/0x1220 [ 230.443716][ T9896] hfs_bmap_reserve+0x107/0x430 [ 230.449118][ T9896] hfs_cat_create+0x1b4/0x620 [ 230.454333][ T9896] hfs_create+0x66/0xd0 [ 230.459026][ T9896] path_openat+0x1277/0x3190 [ 230.464155][ T9896] do_filp_open+0x1c5/0x3d0 [ 230.469203][ T9896] do_sys_openat2+0x12c/0x1c0 [ 230.474443][ T9896] __x64_sys_openat+0x139/0x160 [ 230.479839][ T9896] do_syscall_64+0x55/0xb0 [ 230.484063][ T9906] loop4: detected capacity change from 0 to 2048 [ 230.484777][ T9896] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 230.484804][ T9896] [ 230.484804][ T9896] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}: [ 230.484831][ T9896] __lock_acquire+0x2ddb/0x7c80 [ 230.512106][ T9896] lock_acquire+0x197/0x410 [ 230.517135][ T9896] __mutex_lock+0x129/0xcc0 [ 230.522153][ T9896] hfs_extend_file+0xdb/0x1220 [ 230.527425][ T9896] hfs_bmap_reserve+0x107/0x430 [ 230.532787][ T9896] __hfs_ext_write_extent+0x1fa/0x470 [ 230.538665][ T9896] __hfs_ext_cache_extent+0x6b/0x9b0 [ 230.544461][ T9896] hfs_extend_file+0x317/0x1220 [ 230.549817][ T9896] hfs_get_block+0x3d8/0xbd0 [ 230.554915][ T9896] __blockdev_direct_IO+0x1679/0x3420 [ 230.560795][ T9896] hfs_direct_IO+0x11b/0x220 [ 230.565894][ T9896] generic_file_direct_write+0x1d4/0x3e0 [ 230.572037][ T9896] __generic_file_write_iter+0x11b/0x230 [ 230.578193][ T9896] generic_file_write_iter+0xaf/0x2e0 [ 230.584098][ T9896] do_iter_write+0x79a/0xc70 [ 230.589207][ T9896] do_writev+0x252/0x410 [ 230.593959][ T9896] do_syscall_64+0x55/0xb0 [ 230.598889][ T9896] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 230.605301][ T9896] [ 230.605301][ T9896] other info that might help us debug this: [ 230.605301][ T9896] [ 230.615515][ T9896] Possible unsafe locking scenario: [ 230.615515][ T9896] [ 230.622947][ T9896] CPU0 CPU1 [ 230.628293][ T9896] ---- ---- [ 230.633641][ T9896] lock(&tree->tree_lock/1); [ 230.638313][ T9896] lock(&HFS_I(tree->inode)->extents_lock); [ 230.646799][ T9896] lock(&tree->tree_lock/1); [ 230.654012][ T9896] lock(&HFS_I(tree->inode)->extents_lock); [ 230.659988][ T9896] [ 230.659988][ T9896] *** DEADLOCK *** [ 230.659988][ T9896] [ 230.668120][ T9896] 5 locks held by syz.2.1448/9896: [ 230.673216][ T9896] #0: ffff88807d4a6d48 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2a3/0x330 [ 230.682458][ T9896] #1: ffff88805cc6c418 (sb_writers#17){.+.+}-{0:0}, at: do_writev+0x236/0x410 [ 230.691546][ T9896] #2: ffff888077ee9cb8 (&sb->s_type->i_mutex_key#29){+.+.}-{3:3}, at: generic_file_write_iter+0x83/0x2e0 [ 230.702868][ T9896] #3: ffff888077ee9af8 (&HFS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xdb/0x1220 [ 230.713585][ T9896] #4: ffff88805cc6e0b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x15f/0x1d0 [ 230.723335][ T9896] [ 230.723335][ T9896] stack backtrace: [ 230.729209][ T9896] CPU: 1 PID: 9896 Comm: syz.2.1448 Not tainted 6.6.95-syzkaller #0 [ 230.737171][ T9896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 230.747215][ T9896] Call Trace: [ 230.750481][ T9896] [ 230.753398][ T9896] dump_stack_lvl+0x16c/0x230 [ 230.758072][ T9896] ? load_image+0x3b0/0x3b0 [ 230.762562][ T9896] ? show_regs_print_info+0x20/0x20 [ 230.767754][ T9896] ? print_circular_bug+0x12b/0x1a0 [ 230.772943][ T9896] check_noncircular+0x2bd/0x3c0 [ 230.777874][ T9896] ? look_up_lock_class+0x75/0x140 [ 230.782977][ T9896] ? print_deadlock_bug+0x5d0/0x5d0 [ 230.788165][ T9896] ? lockdep_lock+0xe0/0x220 [ 230.792744][ T9896] ? mark_lock+0x94/0x320 [ 230.797064][ T9896] ? _find_first_zero_bit+0xd3/0x100 [ 230.802336][ T9896] __lock_acquire+0x2ddb/0x7c80 [ 230.807187][ T9896] ? verify_lock_unused+0x140/0x140 [ 230.812376][ T9896] ? look_up_lock_class+0x75/0x140 [ 230.817481][ T9896] lock_acquire+0x197/0x410 [ 230.821972][ T9896] ? hfs_extend_file+0xdb/0x1220 [ 230.826903][ T9896] ? __might_sleep+0xe0/0xe0 [ 230.831481][ T9896] ? __lock_acquire+0x1334/0x7c80 [ 230.836495][ T9896] ? read_lock_is_recursive+0x20/0x20 [ 230.841859][ T9896] __mutex_lock+0x129/0xcc0 [ 230.846354][ T9896] ? hfs_extend_file+0xdb/0x1220 [ 230.851277][ T9896] ? lock_chain_count+0x20/0x20 [ 230.856120][ T9896] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 230.862004][ T9896] ? hfs_extend_file+0xdb/0x1220 [ 230.866928][ T9896] ? verify_lock_unused+0x140/0x140 [ 230.872115][ T9896] ? mutex_lock_nested+0x20/0x20 [ 230.877043][ T9896] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 230.882932][ T9896] ? _raw_spin_unlock+0x40/0x40 [ 230.887783][ T9896] ? stack_trace_save+0x9c/0xe0 [ 230.892624][ T9896] ? stack_trace_snprint+0xf0/0xf0 [ 230.897726][ T9896] hfs_extend_file+0xdb/0x1220 [ 230.902481][ T9896] ? hfs_get_block+0xbd0/0xbd0 [ 230.907238][ T9896] ? __mutex_trylock_common+0x153/0x250 [ 230.912780][ T9896] ? trace_raw_output_contention_end+0xd0/0xd0 [ 230.918931][ T9896] ? rcu_is_watching+0x15/0xb0 [ 230.923688][ T9896] ? hfs_brec_find+0x18f/0x500 [ 230.928442][ T9896] ? __mutex_lock+0x304/0xcc0 [ 230.933109][ T9896] hfs_bmap_reserve+0x107/0x430 [ 230.937958][ T9896] __hfs_ext_write_extent+0x1fa/0x470 [ 230.943324][ T9896] __hfs_ext_cache_extent+0x6b/0x9b0 [ 230.948608][ T9896] ? hfs_find_init+0x15f/0x1d0 [ 230.953366][ T9896] hfs_extend_file+0x317/0x1220 [ 230.958208][ T9896] ? filemap_get_folios+0xe5/0x7b0 [ 230.963317][ T9896] ? hfs_get_block+0xbd0/0xbd0 [ 230.968070][ T9896] ? find_lock_entries+0xfe0/0xfe0 [ 230.973178][ T9896] ? clean_bdev_aliases+0x55f/0x630 [ 230.978368][ T9896] hfs_get_block+0x3d8/0xbd0 [ 230.982958][ T9896] ? hfs_free_extents+0x430/0x430 [ 230.987973][ T9896] ? submit_page_section+0x5f8/0xa40 [ 230.993256][ T9896] ? hfs_free_extents+0x430/0x430 [ 230.998272][ T9896] __blockdev_direct_IO+0x1679/0x3420 [ 231.003650][ T9896] ? show_vfsstat+0x3a0/0x3a0 [ 231.008324][ T9896] ? mark_lock+0x94/0x320 [ 231.012658][ T9896] ? hfs_free_extents+0x430/0x430 [ 231.017692][ T9896] ? filemap_write_and_wait_range+0x160/0x1f0 [ 231.023760][ T9896] ? do_raw_spin_lock+0x121/0x2c0 [ 231.028780][ T9896] ? __rwlock_init+0x150/0x150 [ 231.033538][ T9896] hfs_direct_IO+0x11b/0x220 [ 231.038124][ T9896] generic_file_direct_write+0x1d4/0x3e0 [ 231.043761][ T9896] __generic_file_write_iter+0x11b/0x230 [ 231.049390][ T9896] ? generic_file_write_iter+0x9b/0x2e0 [ 231.054942][ T9896] generic_file_write_iter+0xaf/0x2e0 [ 231.060331][ T9896] do_iter_write+0x79a/0xc70 [ 231.064924][ T9896] ? vfs_iter_write+0xa0/0xa0 [ 231.069588][ T9896] ? rcu_read_lock_any_held+0xb4/0x120 [ 231.075042][ T9896] do_writev+0x252/0x410 [ 231.079277][ T9896] ? do_readv+0x3e0/0x3e0 [ 231.083602][ T9896] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 231.089576][ T9896] ? lock_chain_count+0x20/0x20 [ 231.094419][ T9896] ? lockdep_hardirqs_on+0x98/0x150 [ 231.099623][ T9896] do_syscall_64+0x55/0xb0 [ 231.104031][ T9896] ? clear_bhb_loop+0x40/0x90 [ 231.108698][ T9896] ? clear_bhb_loop+0x40/0x90 [ 231.113365][ T9896] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 231.119258][ T9896] RIP: 0033:0x7fd56f18e929 [ 231.123665][ T9896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.143265][ T9896] RSP: 002b:00007fd56ffbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 231.151929][ T9896] RAX: ffffffffffffffda RBX: 00007fd56f3b5fa0 RCX: 00007fd56f18e929 [ 231.159891][ T9896] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000004 [ 231.167852][ T9896] RBP: 00007fd56f210b39 R08: 0000000000000000 R09: 0000000000000000 [ 231.175812][ T9896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 231.183773][ T9896] R13: 0000000000000000 R14: 00007fd56f3b5fa0 R15: 00007ffda30d2f88 [ 231.191743][ T9896] [ 231.205106][ T9906] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 231.231323][ T9908] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 231.232009][ T9896] syz.2.1448: attempt to access beyond end of device [ 231.232009][ T9896] loop2: rw=34817, sector=441, nr_sectors = 64 limit=64