last executing test programs: 2m27.038493811s ago: executing program 1 (id=857): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0x14, 0xffffffffffffffff, &(0x7f0000000140)=0x4) 2m26.692855509s ago: executing program 1 (id=862): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newlink={0x78, 0x10, 0x1, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x47138}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_VFINFO_LIST={0x3c, 0x16, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, [@IFLA_VF_TRUST={0xc, 0x9, {0x2, 0x8}}, @IFLA_VF_MAC={0x28, 0x1, {0x10000, @random="6cd6a267165d"}}]}]}, @IFLA_LINKMODE={0x5, 0x11, 0x9}]}, 0x78}, 0x1, 0x0, 0x0, 0x40000d1}, 0x0) 2m26.279736736s ago: executing program 1 (id=867): r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000ac0)="ee", 0x1}, {0x0, 0x2}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0) 2m26.04586393s ago: executing program 1 (id=871): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) getrandom(0x0, 0x0, 0x0) 2m25.809312047s ago: executing program 1 (id=875): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0x1, 0x200, &(0x7f0000006140)="$eJzsUr9rFEEU/mZ37tzThBxyIIogSvBHkdxmo/FHoWBjUEEQhRgQPO4u8XDjj+yB3nHgWqWwERQhQSwESQoL8R9wQW3ERiHYhUhaU6SwkYSVN/tmb88/INV8xX4z8958731v53bwINgBYGujUwWKIEiU8P2XgARwQKgj1OyEHebLzHmOX7ASjpj/Mm+dbE9MAqJxaGXMivbUDooi+kp/vq6iioGbOP360rsfV3Mvlnevv/1I+Revtz5AHKkNvHn1/tn5+X4lL25MZnXsaP+CQ0IAnm9OrKzKvXZJazXCZSqdg8bLKQh3wQEw/Hlo/qzb/9RizaDVvlPx/fpscO6JhXVV6udGp0qLWwBiAvsbB5DNIftLnENn+yRwDYCNOM2R6KLcnLlfDlrtocZMZbo+Xb/reaNj7nHXPeGVpxp+3aUvwNXUdZ4giI8BoN9UoBaEiu+i2Cbn7EQvSIf6CtO496XA7RfQqeb1r/udXikgU0/b0iwQsS1H9QFllSwfBo32YSgyp4NKRUIZG4eAzZsRmekvqeWowPCne35tDuSNry1Cphoja8ilGy+7GT2lHWKOeRB2zygWmdeY9YvWL1UqBYsvHQ2BPB5Vms04jh9jqQ9XviUROpv18ukqnZcaGFku2r3mzvy37y4MDAwMDAwMDAwMDAy2H/8CAAD//xZelnI=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m24.704990536s ago: executing program 1 (id=884): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) ioctl$VIDIOC_ENUMOUTPUT(r0, 0xc0485630, &(0x7f0000000480)={0x4, "0edbc1aa487176e00666b6ac38332e9319d28d0abd3748399fe23b953ac4679f"}) 2m9.644810417s ago: executing program 32 (id=884): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) ioctl$VIDIOC_ENUMOUTPUT(r0, 0xc0485630, &(0x7f0000000480)={0x4, "0edbc1aa487176e00666b6ac38332e9319d28d0abd3748399fe23b953ac4679f"}) 7.674518944s ago: executing program 5 (id=2676): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@multicast2, @in6=@mcast2}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}]}, 0xa0}}, 0x0) 7.232246944s ago: executing program 5 (id=2680): r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/net\x00') ioctl$NS_GET_OWNER_UID(r0, 0x8004b708, 0x0) 7.119206176s ago: executing program 5 (id=2682): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16], 0x0) 5.437147867s ago: executing program 5 (id=2703): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000001300)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000001600)="08000e11b3722cb7", 0x8}], 0x1, &(0x7f0000000100)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x1}}], 0x18}, 0x14) 5.094377535s ago: executing program 5 (id=2704): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r0, 0x6, 0x9, &(0x7f0000000180)=0x1, 0x19) 5.036204874s ago: executing program 5 (id=2705): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) 3.751121071s ago: executing program 2 (id=2717): writev(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f0000000000)="c65a697dc193404fa0e2f58f60b4a27b59b6ba2ced2a80952f4742cd184015cfff3ea1491931aa", 0x27}], 0x1) syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201100153a42908f00a71729188010203010902240001060000000904020002ffffff000905"], 0x0) 3.30790517s ago: executing program 3 (id=2722): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) 3.064822083s ago: executing program 3 (id=2724): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2) 2.273260627s ago: executing program 3 (id=2726): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000001300)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000001600)="08000e11b3722cb7", 0x8}], 0x1, &(0x7f0000000100)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x1}}], 0x18}, 0x14) 2.129172432s ago: executing program 3 (id=2729): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000012c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000080)={0x2, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1, 0x5}) 2.015084319s ago: executing program 2 (id=2731): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x6c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x30, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}]}, @CTA_EXPECT_MASTER={0x4}]}, 0x6c}}, 0x0) 1.777943068s ago: executing program 2 (id=2734): r0 = socket$igmp6(0xa, 0x3, 0x2) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000002340)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, @empty, 0xe, 0x3, 0x10, 0x500, 0x40, 0x40000208}) 1.552992071s ago: executing program 3 (id=2738): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000140)='./file1\x00', 0x8c0, &(0x7f0000000280)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x444f, &(0x7f0000008900)="$eJzs3U1vI2cdAPD/TLI0WbptUnooEhKWqAQCFCU9AalENpvdNOmGRQutEBevk7i7ASdeJQ7iUIlwq8QJiQPiUIHgllOVL7B8BC4cy3klOHBBQqowsj1OPBO7cXftLIt+v0Mez/Nu/+flmcNk0kzjwc5BaeegVNkr1bfeO3ij9LN67XC3Gukl6Tv+lcsbn+F8xv0kjkbfJyN058atH7z7RsSft//6uNlsNqNlMvpa6Pn8r3++v9WbdqWFNq1++/c2Kj+OiFfPzatlIiJ+lE3oepa3nKXTEXEtIpKIePf9X90rjWg2H31cfbP8ycYHJ4uvrx9/eDL4uycRv6t98Zv3d//+lYnFv319RMMDAAAAAAAAAAAAAAAAAPCcW717553vzy/EoyQmj5Pzz+uuZumg52ObI/Pl8X9ZAAAAAAAAAAAAAAAAAAAA+B919vx/KXmlz/P/K1m6NKB987sDCl4Y7TwZj7Xv3Vm5Ob+Qvf89OVf+rSzrH9cnYrbPe99b6aOe+tcL7fu//z3rdOLp59+dX3fcmUjSueYvTstnIk3n5iL+kL34/bXkalqrHzS+8V79cG/76cd/3uXj33lZfm4vyN6f/2nx762+XOh//O///0IU99rW9r3zuzJ95OM/+ID80y+ToeJ/o9DuMuLPk8vHf7KdN91bYalzAmjF/9eTF8d/pdD/uOL/UkSUktZcS7kzQGsN08oftF4hLx//K+283Kkz+yEHHf//LsT/ZqH/QfF/eWTfoP/5/6h4IaKvfPw/186bytU4O/5n04uP/1uF/p/F9b81/yPX/6Hk49+5aftjvkr7lxz2/L9a6H9c8X+ntVu2LlcvJbk94Djp5A/6f3Xk5eM/da787P4vHWr991ah/afe/41Ad37dcdv3fz33IV9LOvd/9JeP//TAesMe/2uFduM+/y+11388qXz8r7bz8mvnmfbfYeO/Xuh/XPFvr0qmuvE/O5/854VO/u+t/4aSj//nO5lpb42j9t/2+i+5eP3/dqH/Z7H+a83/KB3vqP8v8vF/cWC9Vvz/MsT1/3ah3fjjHzFvrf/ETuN/JR43m9cG1msf/1MXx3+j0G7c8f/qODsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeA4sZ+lMJOlcbjtN5+YibmTbr8XVZLOyXd6s1bd+ehCxkuWX4pXkfq2+WamVd/bq29VypVarb0XczMpfjankoFZvlHcrD2+d9jWdPKhW9hub1UojIlaz/C/FtW5fmzuN3crDiHjrtOzltL7/8EFlr7y9s/+d+fn5+Vg7ncNsUv15o7rX6IzeKY1YP207k/RMrl389ulcXkx+Uj/c36vU2vm3e9rU6luVWk+bjazsNzGbNPYP97YqjWq5Vr/fHe9ZWsrSlbW7P7x7e+Fc+b2kky5f7rQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+IweLX77txEx2dlKI2Kp+yHpV/+jj6tvlj/Z+OBk8fX14w9PHg+qBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ZQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgq7dIwSMRCFAfjNWKidx7AKSWeboIgWRgRPoMfwMPEoXsI7WFjYWohgZkDjLqTZrb6veZCfl/dDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArHN5N97ftl1EiqOvw4iXx9e33/l1mdMwz7zYP9hTT3bj6mY8v2i78t3Tv/ysPHrv80/6+fH0EBtm9Tz83V/+T7N653hrr2lY17/2q3dPIuUmIvqSn6acm2bduwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBvduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADxwIAAAAAwvyto+jbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBXAAAA///CXSBY") symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.52789703s ago: executing program 2 (id=2739): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000040)={0x2, 0x1, 0x16, 0x5, 0x17d, 0x0}) 1.33188617s ago: executing program 2 (id=2742): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x89f7, &(0x7f0000000900)={'ip6tnl0\x00', @random="0600002000"}) 1.223688963s ago: executing program 0 (id=2743): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=@ipv6_newroute={0x1c, 0x18, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x6}}, 0x1c}}, 0x0) 1.114584612s ago: executing program 2 (id=2744): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)={{0x12, 0x1, 0x0, 0x6e, 0x40, 0xb7, 0x40, 0x9e1, 0x5121, 0x40c1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3c, 0xac, 0x24}}]}}]}}, 0x0) syz_usb_control_io$cdc_ncm(r0, &(0x7f00000005c0)={0x14, 0x0, &(0x7f0000000580)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) 941.799114ms ago: executing program 0 (id=2747): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x2a, 0xa, 0x0, "3259c54601cccfc31e008faa0000b28d0000000000000cc9aaa200", 0x38414761}) 825.340334ms ago: executing program 4 (id=2748): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$sock_cred(r0, 0x1, 0x4a, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0xc) 769.653235ms ago: executing program 0 (id=2749): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000003c0)=@nat={'nat\x00', 0x670, 0x2, 0x328, 0x140, 0xa8, 0xfeffffff, 0x140, 0x1e8, 0x290, 0x290, 0xffffffff, 0x290, 0x290, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x6800, {0x0, @multicast2, @rand_addr, @port, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xa8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @local}}}}, {{@ip={@multicast2, @multicast1, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @initdev={0xac, 0x1e, 0xfd, 0x0}, @multicast2, @port, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) 762.377621ms ago: executing program 4 (id=2750): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x19, 0x0, &(0x7f00000002c0)) 557.265617ms ago: executing program 0 (id=2751): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000004c0)='./file0\x00', 0x804000, &(0x7f0000000400)={[{@abort}]}, 0x1, 0x607, &(0x7f00000005c0)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7zFo4kxkCgtLWCIcQFbQxr8ETdurLQgUqChNVo0oSS4MTFuDDFx5UL8F1wpkS0rXblw48qQEDUsTbxmpjOlvb23cPtraufzSS73zJw7PWe4/d5z5vScuQFU1mD6Ty1if0RMJxH9yfxiXmfkmYMLr3v4+wdn00cS9forvyaR5PuK1yf5c19+cE9EfP9dEvs6VpY7M3ft4vjU1OTVfHt49tL08MzctcMXLo2fnzw/eXn0udETx48dPzFypK3z6cqfrzfJO33z7Xf7Pxp7/cvP/0hGvvppLImT8WL+wqXnsVEGYzD7P0lWZvWduLXRpZWjI/89WfoWJ50lVoi2FO9fGjf/if7oiEdvXn98+FKplQM2VT2JqNfr9aLdrAOV0SPmobKKfkBxbZ9dBy+5fquV0CcBtsaDUwsDAMviP9O5MDYYPdnYwO6HydKPhWxMq72Rueb2RMS9u2M3z90duxmbNA4HNDd/IyL+2yz+kyz+B6InBrL4ry2L/7RfcCZ/Tve/vMbyG4eKxT9snYX471k1/qNF/L+xJP7fXGP5g4+Sb/Uui//etZ4SAAAAAAAAVNadUxHxbLO//9cW5/9Ek/k/fRFxcgPKH2zYXvn3/9r9DSgGaOLBqYgXGuf/ZmrF7N+Bjjz1j2w+QFdy7sLU5JGI+GdEHIquXen2yCplHP5432et8gbz+X/FIy3/Xj4XMK/H/c5dy4+ZGJ8dX+95AxEPbkT8r+n832Sx/U+atP/p58H0E5ax7+nbZ1rlPT7+gc1S/yLiYNP2/9FdK5LV788xnPUHhotewUr/f/+Tb1qVv9b4d4sJWL+0/d+9evwPJEvv1zPTfhlH5zrrrfLW2v/vTl7NbjnTne97b3x29upIRHdyuiPdu2z/aPt1hp2oiIciXtL4P/TU6uN/zfr/vREx33Cnp+S35WuKC//+s+/nVvXR/4fypPE/0Vb7335i9PbAt63Kf7L2/1jW1h/K9xj/gwW3ijDtXr6/STh2Nsva6voCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwE5Qi4g9kdSGFtO12tBQRF9E/Ct216auzMw+c+7KO5cn0rzs+/9rxTf99i9sJ8X3/w8s2R5t2D4aEXsj4tOO3mx76OyVqYmyTx4AAAAAAAAAAAAAAAAAAAC2ib4W6/9Tv3SUXTtg03WWXQGgJF83i/8fyqgJsPW0/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/gHAAAAAIAdZe+BOz8mETH/fG/2SHXneV2l1gzYbLWyKwCUxi1+oLpM/YHqco0PJI/J72l50OOOXM302XUcDAAAAAAAAAAAAACVc3C/9f9QVdb/Q3Wtff2/OwfA312x/v9AyfUAtp5rfCDtCqy2kr/p+v/Metb/AwAAAAAAAAAAAADtmJm7dnF8amryaluJnohYkVWv16+nP3ItP3A7JF7bHtXYxER3457iLSu7YjskUUyF3y71aUgUa/2e7KjSPpIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAGfwUAAP//AiwaKw==") openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x51d001, 0x408) 557.119036ms ago: executing program 4 (id=2752): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="580000000301010400000000000000000a0000004400018006000340000000002c00018014000300fc02000000000000000000000000000014000400fe8800000000000000000000000001010c000280050001"], 0x58}}, 0x0) 486.163705ms ago: executing program 4 (id=2753): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000040)={0xb00, 0x0, 0x0, 0x1}) 302.549886ms ago: executing program 0 (id=2754): r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000040)={0x0, 0x5, 0x5}) 259.648427ms ago: executing program 4 (id=2755): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000000)={0x2, 0x100, 0x3, {0x0, 0x0, 0x1000, 0x2}}) 121.136981ms ago: executing program 3 (id=2756): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x58, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2102}, [@IFLA_IFNAME={0x14, 0x3, 'wg2\x00'}, @IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0xc}]}]}]}, 0x58}}, 0x0) 66.339024ms ago: executing program 4 (id=2757): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000000)=0x800, 0x4) 0s ago: executing program 0 (id=2758): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xed) kernel console output (not intermixed with test programs): m 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 190.001688][ T5880] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 190.137258][ T8899] loop5: detected capacity change from 0 to 1024 [ 190.205131][ T5880] usb 1-1: Using ep0 maxpacket: 16 [ 190.248939][ T5880] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 190.278727][ T5880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.321782][ T5880] usb 1-1: Product: syz [ 190.333362][ T5880] usb 1-1: Manufacturer: syz [ 190.338110][ T5880] usb 1-1: SerialNumber: syz [ 190.343103][ T8907] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1299'. [ 190.378789][ T5880] r8152-cfgselector 1-1: Unknown version 0x0000 [ 190.389503][ T5880] r8152-cfgselector 1-1: config 0 descriptor?? [ 190.403679][ T8903] loop3: detected capacity change from 0 to 4096 [ 190.443670][ T8903] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 190.548505][ T8903] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 190.902168][ T5883] r8152-cfgselector 1-1: USB disconnect, device number 5 [ 191.664972][ T8916] loop5: detected capacity change from 0 to 32768 [ 191.692987][ T8916] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1304 (8916) [ 191.747974][ T8916] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 191.771743][ T8942] netlink: 'syz.4.1316': attribute type 1 has an invalid length. [ 191.779541][ T8942] netlink: 'syz.4.1316': attribute type 2 has an invalid length. [ 191.793043][ T8916] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm [ 191.822261][ T8916] BTRFS info (device loop5): disk space caching is enabled [ 191.838157][ T8916] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 191.890747][ T8944] loop3: detected capacity change from 0 to 1764 [ 191.968411][ T8960] wg1: entered promiscuous mode [ 192.021020][ T8960] wg1: entered allmulticast mode [ 192.113892][ T8944] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 192.151710][ T8916] BTRFS info (device loop5): rebuilding free space tree [ 192.326400][ T8916] BTRFS info (device loop5): disabling free space tree [ 192.375149][ T8916] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 192.422795][ T8916] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 192.624609][ T8916] BTRFS info (device loop5): balance: start -susage=280585918480385,stripes=0..1 [ 192.664220][ T8916] BTRFS info (device loop5): balance: ended with status: 0 [ 192.835556][ T8472] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 193.416438][ T8970] loop2: detected capacity change from 0 to 32768 [ 193.970931][ T9000] loop5: detected capacity change from 0 to 4096 [ 194.039806][ T9000] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 194.272676][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.279088][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.304234][ T9018] xt_connbytes: Forcing CT accounting to be enabled [ 194.701836][ T9033] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1352'. [ 194.926327][ T9040] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1356'. [ 195.313411][ T9051] loop2: detected capacity change from 0 to 4096 [ 195.413045][ T9058] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 195.761555][ T5880] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 195.951275][ T5880] usb 4-1: Using ep0 maxpacket: 16 [ 195.958644][ T5880] usb 4-1: config 0 has an invalid interface number: 251 but max is 0 [ 195.981493][ T5880] usb 4-1: config 0 has no interface number 0 [ 196.007081][ T5880] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 196.041331][ T5880] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 196.084054][ T5880] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 196.099151][ T9047] loop0: detected capacity change from 0 to 32768 [ 196.106514][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 196.121279][ T5880] usb 4-1: Product: syz [ 196.125490][ T5880] usb 4-1: Manufacturer: syz [ 196.148607][ T5880] usb 4-1: SerialNumber: syz [ 196.210208][ T5880] usb 4-1: config 0 descriptor?? [ 196.232968][ T9053] loop5: detected capacity change from 0 to 32768 [ 196.251880][ T9060] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 196.259185][ T9060] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 196.312687][ T9053] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 196.340311][ T9074] netlink: 'syz.4.1371': attribute type 2 has an invalid length. [ 196.384656][ T9074] netlink: 'syz.4.1371': attribute type 1 has an invalid length. [ 196.432806][ T9053] OCFS2: ERROR (device loop5): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad chain 1280 [ 196.499907][ T5880] asix 4-1:0.251: probe with driver asix failed with error -71 [ 196.523681][ T9053] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 196.541560][ T5880] usb 4-1: USB disconnect, device number 5 [ 196.584131][ T9053] OCFS2: File system is now read-only. [ 196.589659][ T9053] (syz.5.1362,9053,1):ocfs2_search_chain:1817 ERROR: status = -30 [ 196.646821][ T9053] (syz.5.1362,9053,0):ocfs2_search_chain:1940 ERROR: status = -30 [ 196.703355][ T9066] loop2: detected capacity change from 0 to 32768 [ 196.710094][ T9053] (syz.5.1362,9053,0):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30 [ 196.735122][ T9066] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1367 (9066) [ 196.752089][ T9053] (syz.5.1362,9053,1):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30 [ 196.760608][ T9053] (syz.5.1362,9053,1):ocfs2_claim_new_inode:2298 ERROR: status = -30 [ 196.815071][ T9053] (syz.5.1362,9053,1):ocfs2_claim_new_inode:2313 ERROR: status = -30 [ 196.824622][ T9066] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 196.836753][ T9053] (syz.5.1362,9053,1):ocfs2_mknod_locked:638 ERROR: status = -30 [ 196.847863][ T9066] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 196.859116][ T9053] (syz.5.1362,9053,1):ocfs2_mknod:385 ERROR: status = -30 [ 196.866732][ T9066] BTRFS info (device loop2): disk space caching is enabled [ 196.877568][ T9053] (syz.5.1362,9053,1):ocfs2_mknod:502 ERROR: status = -30 [ 196.888197][ T9066] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 196.902643][ T9053] (syz.5.1362,9053,1):ocfs2_create:675 ERROR: status = -30 [ 197.008717][ T8472] ocfs2: Unmounting device (7,5) on (node local) [ 197.291176][ T9066] BTRFS info (device loop2): rebuilding free space tree [ 197.367436][ T9066] BTRFS info (device loop2): disabling free space tree [ 197.368049][ T9096] loop3: detected capacity change from 0 to 512 [ 197.380974][ T9066] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 197.409707][ T9066] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 197.441854][ T9096] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 197.502391][ T9098] netlink: 124 bytes leftover after parsing attributes in process `syz.4.1377'. [ 197.563489][ T9066] BTRFS info (device loop2): balance: start -ssoft,usage=172,vrange=0..18446744073709551615,limit=0,stripes=0..511 [ 197.576530][ T9066] BTRFS info (device loop2): balance: ended with status: 0 [ 197.611611][ T9096] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.665760][ T9096] ext4 filesystem being mounted at /301/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 197.682878][ T5845] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 197.967009][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.161136][ T9107] loop4: detected capacity change from 0 to 8192 [ 198.230783][ T9107] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 198.335996][ T9107] tmpfs: Bad value for 'mpol' [ 198.397048][ T9123] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 198.987161][ T9142] netlink: 248 bytes leftover after parsing attributes in process `syz.0.1395'. [ 199.499193][ T5883] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 199.681303][ T5883] usb 5-1: Using ep0 maxpacket: 16 [ 199.709674][ T5883] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 199.742889][ T5883] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.795515][ T5883] usb 5-1: Product: syz [ 199.799739][ T5883] usb 5-1: Manufacturer: syz [ 199.850333][ T5883] usb 5-1: SerialNumber: syz [ 199.896209][ T5883] r8152-cfgselector 5-1: Unknown version 0x0000 [ 199.931369][ T5883] r8152-cfgselector 5-1: config 0 descriptor?? [ 200.453284][ T5881] r8152-cfgselector 5-1: USB disconnect, device number 7 [ 200.507515][ T9194] netdevsim netdevsim3: loading /lib/firmware// failed with error -22 [ 200.552133][ T9194] netdevsim netdevsim3: Direct firmware load for / failed with error -22 [ 200.607698][ T9194] netdevsim netdevsim3: Falling back to sysfs fallback for: / [ 201.135396][ T9216] IPVS: length: 69 != 8 [ 201.155249][ T9180] loop0: detected capacity change from 0 to 32768 [ 201.195322][ T9180] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1411 (9180) [ 201.335762][ T9180] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 201.391613][ T9180] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 201.409762][ T9180] BTRFS info (device loop0): disk space caching is enabled [ 201.428750][ T9222] loop2: detected capacity change from 0 to 1024 [ 201.449067][ T9180] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 201.753856][ T9180] BTRFS info (device loop0): rebuilding free space tree [ 201.771371][ T5898] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 201.828528][ T9180] BTRFS info (device loop0): disabling free space tree [ 201.851740][ T9180] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 201.879679][ T9250] loop3: detected capacity change from 0 to 1024 [ 201.898891][ T9180] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 201.963208][ T5898] usb 5-1: Using ep0 maxpacket: 16 [ 202.001613][ T5898] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 202.062434][ T5898] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 202.100607][ T5898] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.159888][ T5898] usb 5-1: Product: syz [ 202.174721][ T5898] usb 5-1: Manufacturer: syz [ 202.217072][ T5898] usb 5-1: SerialNumber: syz [ 202.246155][ T5831] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 202.260198][ T5898] usb 5-1: config 0 descriptor?? [ 202.307157][ T5898] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 202.346735][ T5898] em28xx 5-1:0.0: DVB interface 0 found: isoc [ 202.571856][ T5898] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 202.721100][ T5898] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 202.786700][ T5898] em28xx 5-1:0.0: board has no eeprom [ 202.925425][ T5898] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 202.939114][ T9273] loop3: detected capacity change from 0 to 4096 [ 202.963168][ T9279] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 202.963325][ T5898] em28xx 5-1:0.0: dvb set to isoc mode. [ 203.019315][ T9273] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 203.031167][ T5886] em28xx 5-1:0.0: Binding DVB extension [ 203.207160][ T5898] usb 5-1: USB disconnect, device number 8 [ 203.284579][ T5886] em28xx 5-1:0.0: Registering input extension [ 203.296145][ T5898] em28xx 5-1:0.0: Disconnecting em28xx [ 203.349373][ T9273] ntfs3(loop3): ino=19, mi_enum_attr [ 203.364997][ T5898] em28xx 5-1:0.0: Closing input extension [ 203.387380][ T9273] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 203.465655][ T9273] ntfs3(loop3): ino=5, "/" indx_read [ 203.623318][ T5898] em28xx 5-1:0.0: Freeing device [ 203.781630][ T9299] x_tables: duplicate entry at hook 3 [ 204.246992][ T9313] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1455'. [ 204.291288][ T9313] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1455'. [ 205.040432][ T9347] loop3: detected capacity change from 0 to 256 [ 205.138422][ T9349] loop0: detected capacity change from 0 to 256 [ 205.174712][ T9349] exfat: Deprecated parameter 'utf8' [ 205.205161][ T9347] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 205.242355][ T9349] exfat: Deprecated parameter 'namecase' [ 205.248535][ T9349] exfat: Deprecated parameter 'namecase' [ 205.412234][ T9349] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 205.489464][ T9360] loop4: detected capacity change from 0 to 256 [ 205.534029][ T9360] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 205.601711][ T9360] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 205.627531][ T9360] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 205.814661][ T9367] loop0: detected capacity change from 0 to 1024 [ 206.113589][ T13] hfsplus: b-tree write err: -5, ino 4 [ 206.338538][ T30] audit: type=1326 audit(2000000002.940:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9381 comm="syz.5.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c6f8e969 code=0x7ffc0000 [ 206.341128][ T9352] loop2: detected capacity change from 0 to 32768 [ 206.406734][ T30] audit: type=1326 audit(2000000002.940:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9381 comm="syz.5.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c6f8e969 code=0x7ffc0000 [ 206.444446][ T9352] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1473 (9352) [ 206.526547][ T30] audit: type=1326 audit(2000000002.990:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9381 comm="syz.5.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f14c6f8e969 code=0x7ffc0000 [ 206.568668][ T9352] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 206.585279][ T9324] Bluetooth: hci1: command 0x0406 tx timeout [ 206.592395][ T9324] Bluetooth: hci2: command 0x0406 tx timeout [ 206.598445][ T9324] Bluetooth: hci4: command 0x0406 tx timeout [ 206.604654][ T9324] Bluetooth: hci0: command 0x0406 tx timeout [ 206.605191][ T5834] Bluetooth: hci3: command 0x0406 tx timeout [ 206.642210][ T30] audit: type=1326 audit(2000000002.990:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9381 comm="syz.5.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c6f8e969 code=0x7ffc0000 [ 206.656706][ T9390] ieee802154 phy0 wpan0: encryption failed: -22 [ 206.679223][ T9352] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm [ 206.697384][ T9352] BTRFS info (device loop2): using free-space-tree [ 206.721201][ T5898] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 206.759340][ T30] audit: type=1326 audit(2000000002.990:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9381 comm="syz.5.1488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c6f8e969 code=0x7ffc0000 [ 206.886206][ T5843] Bluetooth: hci3: unexpected event 0x2f length: 1017 > 260 [ 206.925307][ T9413] loop0: detected capacity change from 0 to 512 [ 206.945456][ T5898] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 206.975812][ T5898] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.987687][ T5898] usb 4-1: Product: syz [ 206.996460][ T5898] usb 4-1: Manufacturer: syz [ 207.002095][ T5898] usb 4-1: SerialNumber: syz [ 207.043222][ T5898] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 207.047470][ T9413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.146779][ T9413] ext4 filesystem being mounted at /297/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 207.178506][ T5883] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 207.207572][ T5880] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 207.248706][ T9413] tmpfs: Bad value for 'mpol' [ 207.296076][ T5831] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.319762][ T5845] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 207.384338][ T5880] usb 6-1: Using ep0 maxpacket: 32 [ 207.408180][ T5880] usb 6-1: config 2 has an invalid interface number: 1 but max is 0 [ 207.422184][ T9386] random: crng reseeded on system resumption [ 207.459359][ T5880] usb 6-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 207.506391][ T5880] usb 6-1: config 2 has 2 interfaces, different from the descriptor's value: 1 [ 207.553212][ T5880] usb 6-1: New USB device found, idVendor=22b8, idProduct=2d97, bcdDevice=51.64 [ 207.601601][ T5880] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.626250][ T5886] usb 4-1: USB disconnect, device number 6 [ 207.640213][ T5880] usb 6-1: Product: syz [ 207.676752][ T5880] usb 6-1: Manufacturer: syz [ 207.720622][ T5880] usb 6-1: SerialNumber: syz [ 207.783709][ T5880] cdc_acm 6-1:2.1: probe with driver cdc_acm failed with error -22 [ 208.008978][ T5880] usb 6-1: USB disconnect, device number 2 [ 208.258091][ T5883] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 208.288077][ T5883] ath9k_htc: Failed to initialize the device [ 208.321041][ T5886] usb 4-1: ath9k_htc: USB layer deinitialized [ 208.595780][ T5898] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 208.775182][ T5898] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 208.791641][ T5898] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C [ 208.814355][ T5898] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 10 [ 208.858485][ T5898] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8C has invalid maxpacket 212, setting to 64 [ 208.910812][ T5898] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 208.958830][ T5898] usb 5-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 209.001051][ T5898] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 209.029142][ T5898] usb 5-1: Product: syz [ 209.039234][ T5898] usb 5-1: Manufacturer: syz [ 209.044515][ T5898] usb 5-1: SerialNumber: syz [ 209.065114][ T5898] usb 5-1: config 0 descriptor?? [ 209.098188][ T9441] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 209.263067][ T5898] rc_core: IR keymap rc-xbox-dvd not found [ 209.289296][ T5898] Registered IR keymap rc-empty [ 209.322603][ T5898] rc rc0: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 209.332022][ T5886] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 209.360314][ T9441] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 209.367128][ T9441] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 209.401073][ T5898] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input8 [ 209.427586][ T9441] vhci_hcd vhci_hcd.0: Device attached [ 209.475992][ T9474] vhci_hcd: connection closed [ 209.478928][ T1103] vhci_hcd: stop threads [ 209.502945][ T5898] usb 5-1: USB disconnect, device number 9 [ 209.508875][ C1] xbox_remote 5-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19 [ 209.522291][ T1103] vhci_hcd: release socket [ 209.545195][ T9479] loop5: detected capacity change from 0 to 1024 [ 209.552261][ T1103] vhci_hcd: disconnect device [ 209.576303][ T5886] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 209.588945][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.604582][ T5883] vhci_hcd: vhci_device speed not set [ 209.638887][ T5886] usb 1-1: config 0 descriptor?? [ 209.655917][ T5886] cp210x 1-1:0.0: cp210x converter detected [ 210.121729][ T5886] usb 1-1: cp210x converter now attached to ttyUSB0 [ 210.242217][ T5886] usb 1-1: USB disconnect, device number 6 [ 210.274481][ T5886] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 210.306720][ T5886] cp210x 1-1:0.0: device disconnected [ 210.487247][ T9502] netlink: 'syz.3.1534': attribute type 21 has an invalid length. [ 210.513842][ T9502] netlink: 'syz.3.1534': attribute type 11 has an invalid length. [ 210.744783][ T9508] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1537'. [ 210.981748][ T9515] loop2: detected capacity change from 0 to 128 [ 210.983445][ T9516] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1541'. [ 211.014768][ T9515] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 211.988198][ T9549] tracefs: Unknown parameter 'F¶qÒ„³ú}¯GfªD +81\´¯E½ØMvݺÁ0Ť¤OÞ Š^ÀMªþ' [ 212.148344][ T9520] loop0: detected capacity change from 0 to 32768 [ 212.275905][ T9520] JBD2: Ignoring recovery information on journal [ 212.458586][ T9520] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 212.469192][ T9565] loop2: detected capacity change from 0 to 16 [ 212.473586][ T5886] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 212.501806][ T9565] erofs (device loop2): mounted with root inode @ nid 36. [ 212.555135][ T9565] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 212.588793][ T9565] erofs (device loop2): failed to decompress -24 in[52, 4044] out[1851] [ 212.626919][ T9565] erofs (device loop2): read error -117 @ 43 of nid 36 [ 212.671342][ T5886] usb 5-1: Using ep0 maxpacket: 8 [ 212.684394][ T5886] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 212.706444][ T5886] usb 5-1: config 179 has no interface number 0 [ 212.730864][ T5886] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 212.771018][ T5886] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 212.799766][ T5886] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 212.821182][ T5886] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 212.834434][ T5831] ocfs2: Unmounting device (7,0) on (node local) [ 212.876130][ T5886] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 212.927275][ T9574] libceph: resolve '+ælc' (ret=-3): failed [ 212.929576][ T5886] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 212.980536][ T5886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.036450][ T9558] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 213.330784][ T9558] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 213.337361][ T9558] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 213.341021][ T9584] netlink: 'syz.0.1568': attribute type 30 has an invalid length. [ 213.388862][ T9558] vhci_hcd vhci_hcd.0: Device attached [ 213.434801][ T5886] usb 5-1: USB disconnect, device number 10 [ 213.434864][ C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 213.449188][ C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 213.462959][ T9582] vhci_hcd: connection closed [ 213.480445][ T1158] vhci_hcd: stop threads [ 213.510865][ T1158] vhci_hcd: release socket [ 213.531219][ T1158] vhci_hcd: disconnect device [ 213.581229][ T10] vhci_hcd: vhci_device speed not set [ 213.880071][ T9571] loop5: detected capacity change from 0 to 32768 [ 213.901858][ T9571] XFS: ikeep mount option is deprecated. [ 213.927022][ T9571] XFS: ikeep mount option is deprecated. [ 213.950750][ T9571] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 214.201552][ T9618] netlink: 'syz.2.1580': attribute type 1 has an invalid length. [ 214.229280][ T9618] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1580'. [ 214.315887][ T9571] XFS (loop5): Ending clean mount [ 214.339392][ T9571] XFS (loop5): Quotacheck needed: Please wait. [ 214.481571][ T9571] XFS (loop5): Quotacheck: Done. [ 215.006987][ T8472] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 215.625948][ T9654] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 215.788510][ T9662] netlink: 268 bytes leftover after parsing attributes in process `syz.3.1600'. [ 215.980937][ T24] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 216.153053][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 216.179423][ T24] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 216.208750][ T24] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 216.235618][ T24] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 216.277955][ T24] usb 3-1: config 1 interface 1 has no altsetting 0 [ 216.302757][ T24] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 216.320215][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.355525][ T24] usb 3-1: Product: syz [ 216.359746][ T24] usb 3-1: Manufacturer: syz [ 216.386938][ T24] usb 3-1: SerialNumber: syz [ 216.416589][ T9685] lo: entered allmulticast mode [ 216.472062][ T9685] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 216.679321][ T24] usb 3-1: 2:1 : invalid channels 0 [ 216.702425][ T9693] SET target dimension over the limit! [ 216.797413][ T24] usb 3-1: USB disconnect, device number 8 [ 216.959613][ T9702] netlink: 'syz.5.1618': attribute type 4 has an invalid length. [ 217.008737][ T9702] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1618'. [ 217.082561][ T9702] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 217.264270][ T9710] loop0: detected capacity change from 0 to 64 [ 217.627741][ T9724] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1627'. [ 217.653753][ T9727] loop2: detected capacity change from 0 to 764 [ 217.699090][ T9727] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 217.740821][ T9727] Symlink component flag not implemented [ 217.789605][ T9727] Symlink component flag not implemented (122) [ 218.356034][ T9747] loop2: detected capacity change from 0 to 256 [ 218.500420][ T10] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 218.543868][ T9752] xt_CT: You must specify a L4 protocol and not use inversions on it [ 218.561432][ T9753] netlink: 'syz.0.1641': attribute type 6 has an invalid length. [ 218.735873][ T10] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 218.761297][ T10] usb 5-1: config 0 interface 0 has no altsetting 0 [ 218.779631][ T10] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 218.790416][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 218.805820][ T10] usb 5-1: Product: syz [ 218.810103][ T10] usb 5-1: Manufacturer: syz [ 218.826016][ T10] usb 5-1: SerialNumber: syz [ 218.830684][ T24] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 218.849196][ T10] usb 5-1: config 0 descriptor?? [ 218.923047][ T10] usb 5-1: selecting invalid altsetting 0 [ 219.006366][ T24] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 219.013865][ T9767] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1649'. [ 219.035513][ T24] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 219.047485][ T9767] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1649'. [ 219.099612][ T24] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 219.126559][ T10] usb 5-1: USB disconnect, device number 11 [ 219.143676][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.189297][ T9755] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 219.243846][ T24] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 219.470712][ T24] usb 3-1: USB disconnect, device number 9 [ 219.545860][ T30] audit: type=1326 audit(2000000016.160:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 219.588301][ T30] audit: type=1326 audit(2000000016.190:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.0.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 219.610570][ C1] vkms_vblank_simulate: vblank timer overrun [ 219.655364][ T30] audit: type=1326 audit(2000000016.190:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 219.677577][ C1] vkms_vblank_simulate: vblank timer overrun [ 219.686382][ T30] audit: type=1326 audit(2000000016.190:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.0.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 219.708609][ C1] vkms_vblank_simulate: vblank timer overrun [ 219.715550][ T30] audit: type=1326 audit(2000000016.230:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 219.782262][ T30] audit: type=1326 audit(2000000016.240:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 219.882847][ T30] audit: type=1326 audit(2000000016.240:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 219.963429][ T30] audit: type=1326 audit(2000000016.250:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.0.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 220.200989][ T30] audit: type=1326 audit(2000000016.250:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.0.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 220.260785][ T30] audit: type=1326 audit(2000000016.250:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.0.1656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 220.617159][ T9812] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1670'. [ 220.822169][ T9817] vim2m vim2m.0: Fourcc format (0x42474752) invalid. [ 220.881849][ T9821] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1676'. [ 220.920606][ T9821] (unnamed net_device) (uninitialized): option use_carrier: invalid value (4) [ 221.012524][ T9825] netlink: 'syz.0.1678': attribute type 32 has an invalid length. [ 221.216156][ T9833] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 221.553196][ T9845] loop0: detected capacity change from 0 to 1024 [ 221.621017][ T9845] EXT4-fs: Ignoring removed bh option [ 221.715666][ T9845] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 221.814157][ T9864] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1696'. [ 221.947338][ T9866] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1697'. [ 221.993332][ T5831] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 222.048139][ T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 222.212036][ T9] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 222.225118][ T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 222.255040][ T9] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 222.275612][ T9] usb 6-1: config 1 has no interface number 1 [ 222.294272][ T9] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 222.351514][ T9] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 222.380344][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.405650][ T9] usb 6-1: Product: syz [ 222.409878][ T9] usb 6-1: Manufacturer: syz [ 222.429118][ T9] usb 6-1: SerialNumber: syz [ 222.520470][ T9884] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1706'. [ 222.694938][ T9] usb 6-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0 [ 222.716249][ T9] usb 6-1: MIDIStreaming interface descriptor not found [ 222.885961][ T9] usb 6-1: USB disconnect, device number 3 [ 223.294773][ T9878] loop2: detected capacity change from 0 to 40427 [ 223.316561][ T9878] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 223.326839][ T9878] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 223.613528][ T9878] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 223.639307][ T9878] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 224.698321][ T9916] loop5: detected capacity change from 0 to 32768 [ 224.806792][ T9916] ERROR: (device loop5): dbAlloc: the hint is outside the map [ 224.806792][ T9916] [ 224.947408][ T49] read_mapping_page failed! [ 224.968062][ T49] ERROR: (device loop5): txCommit: [ 224.968062][ T49] [ 225.020265][ T49] jfs_write_inode: jfs_commit_inode failed! [ 225.187986][ T9955] delete_channel: no stack [ 225.226197][ T9956] netlink: 'syz.2.1739': attribute type 28 has an invalid length. [ 225.281326][ T9956] netlink: 'syz.2.1739': attribute type 29 has an invalid length. [ 225.289217][ T9956] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1739'. [ 225.388470][ T9962] loop3: detected capacity change from 0 to 64 [ 225.556352][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 225.556372][ T30] audit: type=1400 audit(2000000022.171:68): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=9965 comm="syz.5.1743" [ 225.943632][ T9982] libceph: resolve '. [ 225.943632][ T9982] #)|.زf͹Dza×ïÅ2sˆoÖw¿úÕ?£'Ê%ÐKAq‰f»CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM¤¨ìó¤h‡E$ [ 225.943632][ T9982] ' (ret=-3): failed [ 225.984886][ T9984] libceph: resolve '400' (ret=-3): failed [ 226.509525][T10001] syz.4.1759: attempt to access beyond end of device [ 226.509525][T10001] nbd4: rw=0, sector=0, nr_sectors = 2 limit=0 [ 226.532111][T10001] befs: (nbd4): unable to read superblock [ 226.771774][ T9977] loop3: detected capacity change from 0 to 32768 [ 226.835599][ T9977] XFS (loop3): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 227.052108][ T9977] XFS (loop3): Ending clean mount [ 227.219531][ T5836] XFS (loop3): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 227.523320][T10005] loop4: detected capacity change from 0 to 32768 [ 227.548528][T10005] (syz.4.1761,10005,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 227.616181][T10005] (syz.4.1761,10005,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 227.739203][T10020] bond0: Unable to set peer notification delay as MII monitoring is disabled [ 227.746774][T10005] JBD2: Ignoring recovery information on journal [ 227.990959][T10005] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 228.290182][T10041] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1774'. [ 228.314926][T10041] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1774'. [ 228.337790][T10041] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1774'. [ 228.417794][ T5842] ocfs2: Unmounting device (7,4) on (node local) [ 228.805075][T10061] loop0: detected capacity change from 0 to 256 [ 228.861637][T10061] exfat: Deprecated parameter 'namecase' [ 228.948575][T10061] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 229.464249][T10089] loop0: detected capacity change from 0 to 64 [ 229.501553][T10089] hfs: Bad value for 'uid' [ 229.809874][ T9] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 229.881775][ T30] audit: type=1326 audit(2000000026.491:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.0.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 229.988888][ T30] audit: type=1326 audit(2000000026.491:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.0.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 230.021020][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 230.036788][ T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 230.088165][ T30] audit: type=1326 audit(2000000026.541:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.0.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 230.088173][ T9] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0 [ 230.088203][ T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 134, changing to 11 [ 230.220320][ T30] audit: type=1326 audit(2000000026.541:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.0.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 230.242626][ C1] vkms_vblank_simulate: vblank timer overrun [ 230.248540][ T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 59360, setting to 1024 [ 230.285291][ T9] usb 6-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d [ 230.309735][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.313716][ T30] audit: type=1326 audit(2000000026.541:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10101 comm="syz.0.1804" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 230.340018][ C1] vkms_vblank_simulate: vblank timer overrun [ 230.346785][ T9] usb 6-1: Product: syz [ 230.379800][ T9] usb 6-1: Manufacturer: syz [ 230.394779][ T9] usb 6-1: SerialNumber: syz [ 230.422505][T10091] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 230.461899][ T9] ti_usb_3410_5052 6-1:1.0: TI USB 3410 1 port adapter converter detected [ 230.508582][T10115] loop0: detected capacity change from 0 to 1764 [ 230.655858][T10115] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 230.683630][ T5880] usb 6-1: USB disconnect, device number 4 [ 230.727287][T10098] loop2: detected capacity change from 0 to 32768 [ 230.774231][T10098] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1803 (10098) [ 230.803121][T10098] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 230.814160][T10098] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm [ 230.824106][T10098] BTRFS info (device loop2): using free-space-tree [ 230.882348][ T5883] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 231.061545][ T5883] usb 5-1: Using ep0 maxpacket: 16 [ 231.093873][ T5883] usb 5-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=62.ba [ 231.110031][ T5845] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 231.130219][ T5883] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.138315][ T5883] usb 5-1: Product: syz [ 231.164668][ T5883] usb 5-1: Manufacturer: syz [ 231.169323][ T5883] usb 5-1: SerialNumber: syz [ 231.218813][ T5883] usb 5-1: config 0 descriptor?? [ 231.499159][ T5883] snd-usb-hiface 5-1:0.0: probe with driver snd-usb-hiface failed with error -22 [ 231.707441][ T5883] usb 5-1: USB disconnect, device number 12 [ 232.164399][ T5880] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 232.199311][T10175] netlink: 232 bytes leftover after parsing attributes in process `syz.5.1832'. [ 232.349802][ T5880] usb 3-1: Using ep0 maxpacket: 16 [ 232.377573][ T5880] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 232.394492][ T5880] usb 3-1: New USB device found, idVendor=0403, idProduct=fa78, bcdDevice=c5.ff [ 232.419955][ T24] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 232.426341][ T5880] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.445927][ T5880] usb 3-1: Product: syz [ 232.456046][ T5880] usb 3-1: Manufacturer: syz [ 232.468546][ T5880] usb 3-1: SerialNumber: syz [ 232.482997][ T5880] usb 3-1: config 0 descriptor?? [ 232.501205][ T5880] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 232.526092][ T5880] ftdi_sio ttyUSB0: unknown device type: 0xc5ff [ 232.614815][ T24] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 232.647648][ T24] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84 [ 232.674760][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 232.695790][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 99, setting to 64 [ 232.707176][ T24] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 232.727035][ T10] usb 3-1: USB disconnect, device number 10 [ 232.732847][ T24] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 232.754384][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.754402][ T10] ftdi_sio 3-1:0.0: device disconnected [ 232.768841][ T24] usb 1-1: Product: syz [ 232.775282][ T24] usb 1-1: Manufacturer: syz [ 232.780351][ T24] usb 1-1: SerialNumber: syz [ 232.800075][ T24] usb 1-1: config 0 descriptor?? [ 232.813477][T10174] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 232.836029][ T24] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input9 [ 232.860938][ C0] kbtab 1-1:0.0: kbtab_irq - usb_submit_urb failed with result -1 [ 233.074541][ T24] usb 1-1: USB disconnect, device number 7 [ 233.080617][ C1] kbtab 1-1:0.0: kbtab_irq - usb_submit_urb failed with result -19 [ 233.400223][T10192] capability: warning: `syz.4.1844' uses 32-bit capabilities (legacy support in use) [ 233.770192][ T5843] Bluetooth: hci4: command 0x0406 tx timeout [ 233.970173][ T10] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 234.170233][ T10] usb 3-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5 [ 234.179345][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.230026][ T10] usb 3-1: config 0 descriptor?? [ 234.647001][ T10] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 234.689962][ T10] asix 3-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 234.702222][ T10] asix 3-1:0.0: probe with driver asix failed with error -71 [ 234.751313][ T10] usb 3-1: USB disconnect, device number 11 [ 234.997128][T10220] loop5: detected capacity change from 0 to 40427 [ 235.023551][T10220] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 235.032889][T10220] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 235.087646][T10220] F2FS-fs (loop5): invalid crc value [ 235.109379][T10246] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 235.128209][T10246] overlayfs: overlapping lowerdir path [ 235.211351][ T10] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 235.309135][T10220] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 235.309777][T10253] xt_TCPMSS: Only works on TCP SYN packets [ 235.326976][T10220] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 235.379774][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 235.406523][ T10] usb 5-1: config 0 has an invalid interface number: 186 but max is 0 [ 235.416033][ T10] usb 5-1: config 0 has no interface number 0 [ 235.433899][ T10] usb 5-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 235.462459][ T10] usb 5-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 235.481403][ T10] usb 5-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 235.503537][ T10] usb 5-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 235.517350][ T10] usb 5-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 235.563177][ T10] usb 5-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 235.577680][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.587798][ T10] usb 5-1: Product: syz [ 235.599829][ T10] usb 5-1: Manufacturer: syz [ 235.604500][ T10] usb 5-1: SerialNumber: syz [ 235.613570][ T10] usb 5-1: config 0 descriptor?? [ 235.875183][ T10] iowarrior 5-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0 [ 236.074642][ T10] usb 5-1: USB disconnect, device number 13 [ 236.390833][T10278] loop2: detected capacity change from 0 to 2048 [ 236.441906][T10278] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 236.902947][T10292] loop5: detected capacity change from 0 to 512 [ 236.934896][T10292] EXT4-fs: Ignoring removed mblk_io_submit option [ 237.032023][T10292] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 237.045380][T10292] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 237.091662][T10292] Quota error (device loop5): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 237.104033][T10292] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 237.114816][T10292] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1888: Failed to acquire dquot type 0 [ 237.276068][ T8472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 237.324716][ T30] audit: type=1326 audit(2000000033.951:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10304 comm="syz.3.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 237.378029][ T30] audit: type=1326 audit(2000000033.971:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10304 comm="syz.3.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 237.414806][ T30] audit: type=1326 audit(2000000033.971:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10304 comm="syz.3.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 237.506897][ T30] audit: type=1326 audit(2000000033.971:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10304 comm="syz.3.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 237.651770][T10314] loop5: detected capacity change from 0 to 164 [ 238.285422][T10329] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1907'. [ 238.397416][T10335] tmpfs: Bad value for 'mpol' [ 238.516447][T10340] loop4: detected capacity change from 0 to 8 [ 238.702717][T10315] loop3: detected capacity change from 0 to 32768 [ 238.761636][T10315] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1898 (10315) [ 238.872594][T10315] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 238.939380][T10315] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm [ 238.948759][T10315] BTRFS info (device loop3): using free-space-tree [ 239.013020][T10355] loop5: detected capacity change from 0 to 256 [ 239.256234][T10355] FAT-fs (loop5): Directory bread(block 64) failed [ 239.286937][T10355] FAT-fs (loop5): Directory bread(block 65) failed [ 239.320474][T10355] FAT-fs (loop5): Directory bread(block 66) failed [ 239.327158][T10355] FAT-fs (loop5): Directory bread(block 67) failed [ 239.399429][T10355] FAT-fs (loop5): Directory bread(block 68) failed [ 239.420744][T10355] FAT-fs (loop5): Directory bread(block 69) failed [ 239.427818][T10355] FAT-fs (loop5): Directory bread(block 70) failed [ 239.494530][ T5836] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 239.497998][T10355] FAT-fs (loop5): Directory bread(block 71) failed [ 239.568735][T10355] FAT-fs (loop5): Directory bread(block 72) failed [ 239.607474][T10355] FAT-fs (loop5): Directory bread(block 73) failed [ 239.728127][T10383] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1926'. [ 239.877823][ T30] audit: type=1800 audit(2000000036.482:78): pid=10355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1919" name="bus" dev="loop5" ino=1048629 res=0 errno=0 [ 240.325566][T10399] netlink: 'syz.4.1933': attribute type 27 has an invalid length. [ 240.956094][T10387] loop2: detected capacity change from 0 to 32768 [ 241.180614][T10389] loop3: detected capacity change from 0 to 32768 [ 241.301083][T10389] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 241.475161][T10435] loop0: detected capacity change from 0 to 512 [ 241.651552][T10435] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 241.688921][T10389] XFS (loop3): Ending clean mount [ 241.712311][T10435] ext4 filesystem being mounted at /401/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 241.824191][ T5831] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 241.873230][ T5836] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 242.283345][T10458] netlink: 'syz.4.1957': attribute type 2 has an invalid length. [ 242.397120][T10462] loop0: detected capacity change from 0 to 256 [ 242.636507][T10462] FAT-fs (loop0): Directory bread(block 64) failed [ 242.689169][T10462] FAT-fs (loop0): Directory bread(block 65) failed [ 242.719940][T10462] FAT-fs (loop0): Directory bread(block 66) failed [ 242.743455][T10462] FAT-fs (loop0): Directory bread(block 67) failed [ 242.777222][T10462] FAT-fs (loop0): Directory bread(block 68) failed [ 242.819149][T10462] FAT-fs (loop0): Directory bread(block 69) failed [ 242.826525][T10462] FAT-fs (loop0): Directory bread(block 70) failed [ 242.905710][T10462] FAT-fs (loop0): Directory bread(block 71) failed [ 242.926111][T10484] loop4: detected capacity change from 0 to 256 [ 242.947427][T10462] FAT-fs (loop0): Directory bread(block 72) failed [ 242.997109][T10462] FAT-fs (loop0): Directory bread(block 73) failed [ 243.743429][T10512] loop2: detected capacity change from 0 to 256 [ 243.818804][T10516] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615) [ 243.865111][T10516] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 243.906368][T10512] FAT-fs (loop2): Directory bread(block 64) failed [ 243.925281][T10519] loop3: detected capacity change from 0 to 16 [ 243.933539][T10512] FAT-fs (loop2): Directory bread(block 65) failed [ 243.959795][T10519] erofs (device loop3): mounted with root inode @ nid 36. [ 243.981727][T10512] FAT-fs (loop2): Directory bread(block 66) failed [ 244.001932][T10512] FAT-fs (loop2): Directory bread(block 67) failed [ 244.008631][T10512] FAT-fs (loop2): Directory bread(block 68) failed [ 244.048124][T10519] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 244.058100][T10512] FAT-fs (loop2): Directory bread(block 69) failed [ 244.067954][T10519] erofs (device loop3): failed to decompress -44 in[46, 4050] out[1851] [ 244.077538][T10512] FAT-fs (loop2): Directory bread(block 70) failed [ 244.086884][T10512] FAT-fs (loop2): Directory bread(block 71) failed [ 244.104618][T10519] erofs (device loop3): read error -117 @ 43 of nid 36 [ 244.145190][T10512] FAT-fs (loop2): Directory bread(block 72) failed [ 244.159358][T10512] FAT-fs (loop2): Directory bread(block 73) failed [ 244.200758][T10523] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1989'. [ 244.521168][T10528] loop0: detected capacity change from 0 to 4096 [ 244.550366][T10528] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 244.603683][T10531] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1994'. [ 244.629070][ T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 244.679728][T10528] ntfs3(loop0): ino=19, mi_enum_attr [ 244.698194][T10528] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 244.711693][T10506] loop4: detected capacity change from 0 to 32768 [ 244.729548][T10506] XFS: ikeep mount option is deprecated. [ 244.735251][T10506] XFS: ikeep mount option is deprecated. [ 244.775317][T10528] overlayfs: workdir and upperdir must reside under the same mount [ 244.799245][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 244.819275][T10506] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 244.850650][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 244.904527][ T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89 [ 244.983798][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 245.079133][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024 [ 245.147219][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 245.188146][T10506] XFS (loop4): Ending clean mount [ 245.188891][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 245.214100][T10506] XFS (loop4): Quotacheck needed: Please wait. [ 245.255307][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 245.315687][T10506] XFS (loop4): Quotacheck: Done. [ 245.321000][ T9] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8 [ 245.321032][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 245.321053][ T9] usb 4-1: Product: syz [ 245.321069][ T9] usb 4-1: Manufacturer: syz [ 245.321084][ T9] usb 4-1: SerialNumber: syz [ 245.324091][ T9] usb 4-1: config 0 descriptor?? [ 245.414966][T10525] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 245.428454][T10555] loop0: detected capacity change from 0 to 128 [ 245.452423][ T9] ati_remote 4-1:0.0: Initializing ati_remote hardware failed. [ 245.465850][ T9] ati_remote 4-1:0.0: probe with driver ati_remote failed with error -5 [ 245.487939][T10559] netlink: 'syz.5.2002': attribute type 1 has an invalid length. [ 245.505451][T10559] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2002'. [ 245.597502][ T5842] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 245.739042][ T5883] usb 4-1: USB disconnect, device number 7 [ 246.305467][T10580] loop4: detected capacity change from 0 to 2048 [ 246.355251][T10580] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 246.378978][ T5883] usb 3-1: new full-speed USB device number 12 using dummy_hcd [ 246.522836][ T5842] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 246.541654][T10590] x_tables: unsorted entry at hook 1 [ 246.583490][ T5883] usb 3-1: New USB device found, idVendor=055d, idProduct=9002, bcdDevice=23.5e [ 246.626773][ T5883] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 246.652816][ T5883] usb 3-1: Product: syz [ 246.657081][ T5883] usb 3-1: Manufacturer: syz [ 246.674523][ T5883] usb 3-1: SerialNumber: syz [ 246.712740][ T5883] usb 3-1: config 0 descriptor?? [ 246.776922][ T5883] pwc: Samsung SNC-35E (v3.0) USB webcam detected. [ 246.937915][T10603] netlink: 'syz.0.2022': attribute type 30 has an invalid length. [ 246.963653][ T5883] pwc: Failed to set LED on/off time (-71) [ 246.985604][ T5883] pwc: send_video_command error -71 [ 247.008171][ T5883] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 247.028887][ T5883] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71 [ 247.105650][ T5883] usb 3-1: USB disconnect, device number 12 [ 247.404192][T10619] loop0: detected capacity change from 0 to 1024 [ 247.767159][T10633] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2038'. [ 248.008082][T10641] loop0: detected capacity change from 0 to 2048 [ 248.067735][T10641] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 248.127003][T10641] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 248.289095][ T5898] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 248.380848][ T5883] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 248.455495][T10658] loop3: detected capacity change from 0 to 512 [ 248.506565][ T5898] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 248.545878][T10658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.558899][ T5898] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 248.597890][ T5898] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 248.612273][T10658] ext4 filesystem being mounted at /437/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 248.623568][ T5883] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 248.641181][ T5883] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 248.682232][ T5898] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 248.692684][T10658] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 248.710381][ T5883] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 248.724884][ T5898] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 248.733108][ T5883] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 248.734710][T10649] loop4: detected capacity change from 0 to 32768 [ 248.749319][ T5898] usb 6-1: SerialNumber: syz [ 248.755814][T10658] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 248.755942][ T5883] usb 3-1: Manufacturer: syz [ 248.787898][T10649] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2044 (10649) [ 248.790780][T10646] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 248.837469][ T5883] usb 3-1: config 0 descriptor?? [ 248.857692][T10658] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2050: Failed to acquire dquot type 0 [ 248.920347][ T5898] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22 [ 248.954402][T10649] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 248.974459][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.977617][T10649] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm [ 249.118699][ T5883] rc_core: IR keymap rc-hauppauge not found [ 249.124706][ T5883] Registered IR keymap rc-empty [ 249.140715][ T5883] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 249.171453][ T5883] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input12 [ 249.180662][ T5880] usb 6-1: USB disconnect, device number 5 [ 249.280831][ C1] igorplugusb 3-1:0.0: Error: urb status = -32 [ 249.316901][ T5883] usb 3-1: USB disconnect, device number 13 [ 249.327877][T10649] BTRFS info (device loop4): rebuilding free space tree [ 249.446909][T10649] BTRFS info (device loop4): disabling free space tree [ 249.476193][T10649] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 249.531007][T10649] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 249.761127][T10649] BTRFS info (device loop4 state M): max_inline set to 4096 [ 249.872948][ T5842] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 250.104646][T10710] xt_hashlimit: max too large, truncated to 1048576 [ 250.159600][T10710] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 250.317274][T10718] cifs: Unknown parameter 'no'‘a£Nð[G¶zob,erèèµ;%j¸¼ [ 250.317274][T10718] ‡üzæ,€@q¬Ú÷ôÐåéJ#³"ŽÚh/.W1ȱ¨nNCº"†CÙ׈¡E)Ð8+€î¶á÷' [ 250.524688][T10725] netlink: 'syz.4.2071': attribute type 1 has an invalid length. [ 250.556804][T10725] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2071'. [ 251.218891][T10749] dlm: non-version read from control device 90 [ 251.904420][T10781] loop4: detected capacity change from 0 to 512 [ 251.942924][T10782] team0: Port device team_slave_0 removed [ 251.982844][T10782] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 252.105271][T10781] EXT4-fs (loop4): 1 orphan inode deleted [ 252.127284][ T1111] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 252.147804][ T1111] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1 [ 252.160481][T10781] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 252.219024][T10781] ext4 filesystem being mounted at /405/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 252.377337][T10796] netlink: 'syz.0.2104': attribute type 4 has an invalid length. [ 252.410684][ T5842] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.129006][T10775] loop2: detected capacity change from 0 to 32768 [ 253.187325][T10775] ERROR: (device loop2): xtTruncate_pmap: XT_GETPAGE: xtree page corrupt [ 253.187325][T10775] [ 253.220399][ T5883] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 253.236393][T10775] ERROR: (device loop2): remounting filesystem as read-only [ 253.264270][T10775] ERROR: (device loop2): jfs_rename: [ 253.264270][T10775] [ 253.280452][T10798] loop5: detected capacity change from 0 to 32768 [ 253.295729][T10798] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2106 (10798) [ 253.377569][T10798] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 253.399221][ T5845] ERROR: (device loop2): xtTruncate: XT_GETPAGE: xtree page corrupt [ 253.399221][ T5845] [ 253.423795][ T5883] usb 4-1: config 0 has an invalid interface number: 20 but max is 0 [ 253.445752][T10798] BTRFS info (device loop5): using sha256 (sha256-x86_64) checksum algorithm [ 253.457017][ T5883] usb 4-1: config 0 has no interface number 0 [ 253.473780][ T5883] usb 4-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 253.491843][T10798] BTRFS info (device loop5): using free-space-tree [ 253.542203][ T5883] usb 4-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 253.560197][ T5883] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 253.568220][ T5883] usb 4-1: Product: syz [ 253.643043][ T5883] usb 4-1: Manufacturer: syz [ 253.647706][ T5883] usb 4-1: SerialNumber: syz [ 253.750131][ T5883] usb 4-1: config 0 descriptor?? [ 253.756475][T10815] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 253.785938][ T5883] usb-storage 4-1:0.20: USB Mass Storage device detected [ 253.907583][ T5883] usb-storage 4-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 254.031437][T10853] IPv6: Can't replace route, no match found [ 254.043420][ T5883] scsi host1: usb-storage 4-1:0.20 [ 254.105179][ T8472] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 254.279609][ T5955] usb 4-1: USB disconnect, device number 8 [ 254.420280][T10864] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 254.488809][T10865] loop2: detected capacity change from 0 to 256 [ 254.651416][T10865] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 255.041755][ T9] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 255.248602][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 255.278845][ T9] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 255.320673][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 34821, setting to 1024 [ 255.328668][T10891] bridge0: port 3(erspan0) entered blocking state [ 255.348701][ T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024 [ 255.367211][T10891] bridge0: port 3(erspan0) entered disabled state [ 255.373900][ T5886] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 255.392283][T10891] erspan0: entered allmulticast mode [ 255.411080][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 255.433254][T10891] erspan0: entered promiscuous mode [ 255.451600][T10891] bridge0: port 3(erspan0) entered blocking state [ 255.458207][T10891] bridge0: port 3(erspan0) entered forwarding state [ 255.463675][ T9] usb 3-1: New USB device found, idVendor=0582, idProduct=00f0, bcdDevice=c7.3d [ 255.495027][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.515974][ T9] usb 3-1: Product: syz [ 255.526097][ T9] usb 3-1: Manufacturer: syz [ 255.535971][ T9] usb 3-1: SerialNumber: syz [ 255.552191][ T9] usb 3-1: config 0 descriptor?? [ 255.552864][ T5886] usb 6-1: Using ep0 maxpacket: 8 [ 255.574414][T10865] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 255.590462][ T5886] usb 6-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 255.626859][ T5886] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.632267][T10897] netlink: 'syz.4.2146': attribute type 21 has an invalid length. [ 255.643407][ T5886] usb 6-1: Product: syz [ 255.652245][ T5886] usb 6-1: Manufacturer: syz [ 255.663754][ T5886] usb 6-1: SerialNumber: syz [ 255.668640][T10897] netlink: 'syz.4.2146': attribute type 20 has an invalid length. [ 255.695206][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.701662][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.719354][ T5886] usb 6-1: config 0 descriptor?? [ 255.931473][T10905] loop4: detected capacity change from 0 to 256 [ 255.943413][ T5886] usb 6-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 255.958121][ T9] usb 3-1: USB disconnect, device number 14 [ 256.015909][ T6200] udevd[6200]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 256.168763][ T5886] usb write operation failed. (-71) [ 256.184693][ T5886] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 256.236133][ T5886] dvbdev: DVB: registering new adapter (Terratec H7) [ 256.256755][ T5886] usb 6-1: media controller created [ 256.266115][ T5886] usb read operation failed. (-71) [ 256.281413][ T5886] usb write operation failed. (-71) [ 256.300712][ T5886] dvb_usb_az6007 6-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 256.363371][ T5886] usb 6-1: USB disconnect, device number 6 [ 256.747530][T10929] netlink: 'syz.4.2160': attribute type 3 has an invalid length. [ 256.805128][T10929] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2160'. [ 256.946753][T10935] openvswitch: netlink: Tunnel attr 303 out of range max 16 [ 257.144263][T10941] loop2: detected capacity change from 0 to 512 [ 257.188268][T10941] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 257.236040][T10941] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 257.257356][T10941] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e128, mo2=0002] [ 257.266067][T10941] System zones: 0-1, 15-15, 18-18, 34-34 [ 257.272612][T10941] EXT4-fs (loop2): orphan cleanup on readonly fs [ 257.308359][T10941] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 257.344499][T10941] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 257.422141][T10941] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 257.465727][T10941] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2167: bg 0: block 40: padding at end of block bitmap is not set [ 257.545104][T10941] EXT4-fs (loop2): Remounting filesystem read-only [ 257.554519][T10941] EXT4-fs (loop2): 1 truncate cleaned up [ 257.585737][T10941] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 257.771030][T10967] netlink: 'syz.3.2177': attribute type 1 has an invalid length. [ 257.782173][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.800075][T10967] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2177'. [ 257.818354][T10967] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2177'. [ 258.419886][T10992] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 258.593480][T11000] netlink: 'syz.5.2192': attribute type 21 has an invalid length. [ 258.638246][ T5883] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 258.668929][ T5886] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 258.829121][ T5883] usb 5-1: Using ep0 maxpacket: 32 [ 258.841845][ T5886] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 258.867890][ T5883] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 258.878682][ T5886] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 258.898556][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.906994][ T5886] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 258.922927][ T5883] usb 5-1: config 0 descriptor?? [ 258.941798][ T5886] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 258.951888][ T24] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 258.974550][ T5883] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 258.988286][ T5886] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 259.001400][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.024008][ T5886] usb 4-1: config 0 descriptor?? [ 259.158200][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 259.165845][ T24] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 259.175674][ T24] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 259.208884][ T24] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 259.228153][ T24] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 259.265500][ T5886] hdpvr 4-1:0.0: firmware version 0x0 dated [ 259.278082][ T24] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 259.288707][ T5886] hdpvr 4-1:0.0: untested firmware, the driver might not work. [ 259.318116][ T24] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 259.341517][ T24] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 259.359023][ T5883] gspca_nw80x: reg_r err -71 [ 259.360536][T11020] loop2: detected capacity change from 0 to 512 [ 259.364907][ T5883] nw80x 5-1:0.0: probe with driver nw80x failed with error -71 [ 259.389015][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.410021][T11020] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 259.431437][T11020] EXT4-fs (loop2): 1 truncate cleaned up [ 259.439307][T11020] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.444003][ T24] usbtmc 1-1:16.0: probe with driver usbtmc failed with error -22 [ 259.470005][ T5886] hdpvr 4-1:0.0: device init failed [ 259.473156][T11020] EXT4-fs error (device loop2): ext4_append:79: inode #2: comm syz.2.2203: Logical block already allocated [ 259.486166][ T5883] usb 5-1: USB disconnect, device number 14 [ 259.501854][ T5886] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12 [ 259.507369][T11020] EXT4-fs (loop2): Remounting filesystem read-only [ 259.562468][ T5886] usb 4-1: USB disconnect, device number 9 [ 259.592082][ T5898] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 259.592138][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.689925][ T9] usb 1-1: USB disconnect, device number 8 [ 259.699966][T11024] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2204'. [ 259.780899][ T5898] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 259.793555][ T5898] usb 6-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 259.802891][ T5898] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.814218][ T5898] usb 6-1: config 0 descriptor?? [ 260.078923][ T5880] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 260.106767][T11030] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 260.275379][ T5898] usb 6-1: USB disconnect, device number 7 [ 260.298163][ T5880] usb 3-1: Using ep0 maxpacket: 32 [ 260.316296][ T5880] usb 3-1: config 0 interface 0 has no altsetting 0 [ 260.327544][ T5880] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 260.345737][ T5880] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.389699][ T5880] usb 3-1: Product: syz [ 260.404219][ T5880] usb 3-1: Manufacturer: syz [ 260.421321][ T5880] usb 3-1: SerialNumber: syz [ 260.478560][ T5880] usb 3-1: config 0 descriptor?? [ 260.845188][T11054] ipt_ECN: cannot use operation on non-tcp rule [ 260.902253][ T5880] gs_usb 3-1:0.0: Couldn't get device config: (err=-71) [ 260.928099][ T5880] gs_usb 3-1:0.0: probe with driver gs_usb failed with error -71 [ 261.010404][ T5880] usb 3-1: USB disconnect, device number 15 [ 261.338293][T11074] netlink: 'syz.0.2229': attribute type 1 has an invalid length. [ 261.359150][T11074] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2229'. [ 261.760586][T11091] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.854376][T11096] bond0: entered allmulticast mode [ 261.874425][T11096] bond_slave_0: entered allmulticast mode [ 261.924659][T11096] bond_slave_1: entered allmulticast mode [ 262.220664][T11109] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 262.360779][T11115] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2249'. [ 262.498188][ T24] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 262.658036][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 262.666272][ T24] usb 3-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91 [ 262.696459][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.720944][T11098] loop3: detected capacity change from 0 to 40427 [ 262.729658][ T24] usb 3-1: config 0 descriptor?? [ 262.760870][T11098] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 262.769300][T11098] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 262.800485][ T24] gspca_main: sunplus-2.14.0 probing 0458:7006 [ 262.819302][T11098] F2FS-fs (loop3): invalid crc value [ 263.100938][T11098] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 263.137888][T11098] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 263.187044][ T24] gspca_sunplus: reg_w_riv err -71 [ 263.203827][ T24] sunplus 3-1:0.0: probe with driver sunplus failed with error -71 [ 263.250201][ T24] usb 3-1: USB disconnect, device number 16 [ 263.578393][T11127] loop5: detected capacity change from 0 to 32768 [ 263.585897][T11127] XFS: ikeep mount option is deprecated. [ 263.672004][T11127] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 263.860888][T11127] XFS (loop5): Ending clean mount [ 263.886604][T11127] XFS (loop5): Quotacheck needed: Please wait. [ 264.021095][T11127] XFS (loop5): Quotacheck: Done. [ 264.231768][ T8472] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 264.272461][T11175] loop4: detected capacity change from 0 to 256 [ 264.306065][T11172] loop3: detected capacity change from 0 to 4096 [ 264.384371][T11179] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 264.471656][T11180] veth2: entered allmulticast mode [ 265.008644][T11191] netlink: 'syz.3.2281': attribute type 10 has an invalid length. [ 265.164854][T11196] syz.4.2283: attempt to access beyond end of device [ 265.164854][T11196] nbd4: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 265.218255][T11196] XFS (nbd4): SB validate failed with error -5. [ 265.251748][T11206] loop5: detected capacity change from 0 to 16 [ 265.281637][T11206] erofs (device loop5): mounted with root inode @ nid 36. [ 265.338082][T11206] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 265.400510][T11206] erofs (device loop5): failed to decompress -23 in[64, 4032] out[1851] [ 265.444631][T11169] loop2: detected capacity change from 0 to 32768 [ 265.451752][T11206] erofs (device loop5): read error -117 @ 43 of nid 36 [ 265.530997][T11210] loop3: detected capacity change from 0 to 2048 [ 265.546765][T11213] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode [ 265.555892][T11213] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 265.579049][T11210] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 265.684095][T11169] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 265.867285][T11169] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded=yes,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 265.867285][T11169] allowing incompatible features above 0.0: (unknown version) [ 265.867285][T11169] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 265.911474][ C0] vkms_vblank_simulate: vblank timer overrun [ 265.952590][T11169] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 265.984684][T11169] bcachefs (loop2): Version upgrade required: [ 265.984684][T11169] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 265.984684][T11169] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 265.984684][T11169] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 266.058092][ C0] vkms_vblank_simulate: vblank timer overrun [ 266.224245][T11169] bcachefs (loop2): dropping and reconstructing all alloc info [ 266.278709][T11231] loop5: detected capacity change from 0 to 1024 [ 266.370263][T11169] bcachefs (loop2): accounting_read... done [ 266.407879][T11169] bcachefs (loop2): alloc_read... done [ 266.416510][T11169] bcachefs (loop2): snapshots_read... done [ 266.454161][T11169] bcachefs (loop2): check_allocations... done [ 266.590809][T11169] bcachefs (loop2): going read-write [ 266.857914][T11169] bcachefs (loop2): journal_replay... done [ 267.122665][T11169] bcachefs (loop2): check_alloc_info... [ 267.217394][T11269] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2313'. [ 267.224036][T11169] done [ 267.250946][T11169] bcachefs (loop2): check_lrus... done [ 267.265794][T11169] bcachefs (loop2): check_btree_backpointers... done [ 267.277919][T11169] bcachefs (loop2): check_backpointers_to_extents... done [ 267.286542][T11169] bcachefs (loop2): check_extents_to_backpointers... [ 267.326373][T11169] bcachefs (loop2): scanning for missing backpointers in 9/128 buckets [ 267.382629][T11169] done [ 267.394194][T11169] bcachefs (loop2): check_alloc_to_lru_refs... done [ 267.440592][T11169] bcachefs (loop2): bucket_gens_init... done [ 267.465594][T11280] mmap: syz.4.2318 (11280): VmData 121331712 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data. [ 267.495526][T11169] bcachefs (loop2): check_snapshot_trees... done [ 267.527020][T11169] bcachefs (loop2): check_snapshots... [ 267.534425][T11169] bcachefs (loop2): snapshot points to missing/incorrect tree: [ 267.534463][T11169] u64s 8 type snapshot 0:4294967295:0 len 0 ver 0: subvol parent 0 children 0 0 subvol 1 tree 0, fixing [ 267.586981][T11284] netlink: 'syz.3.2320': attribute type 21 has an invalid length. [ 267.587091][T11284] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2320'. [ 267.753773][T11169] done [ 267.818276][T11169] bcachefs (loop2): check_subvols... done [ 267.852133][T11169] bcachefs (loop2): check_subvol_children... done [ 267.859883][T11169] bcachefs (loop2): delete_dead_snapshots... done [ 267.867103][T11169] bcachefs (loop2): check_inodes... done [ 267.874737][T11169] bcachefs (loop2): check_extents... done [ 267.882054][T11169] bcachefs (loop2): check_indirect_extents... done [ 267.906624][T11169] bcachefs (loop2): check_dirents... [ 267.906744][T11297] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2325'. [ 267.909558][T11169] done [ 267.921152][T11297] bridge_slave_1: left allmulticast mode [ 267.928239][T11169] bcachefs (loop2): check_xattrs... done [ 267.956763][T11169] bcachefs (loop2): check_root... done [ 267.963387][T11169] bcachefs (loop2): check_unreachable_inodes... done [ 267.967679][T11297] bridge_slave_1: left promiscuous mode [ 267.977758][T11169] bcachefs (loop2): check_subvolume_structure... done [ 268.008244][T11169] bcachefs (loop2): check_directory_structure... done [ 268.016678][T11169] bcachefs (loop2): check_nlinks... [ 268.017962][T11297] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.053560][T11169] done [ 268.056403][T11169] bcachefs (loop2): check_rebalance_work... done [ 268.070679][T11297] bridge_slave_0: left allmulticast mode [ 268.074458][T11169] bcachefs (loop2): resume_logged_ops... [ 268.088368][T11297] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.091223][T11169] done [ 268.123268][T11169] bcachefs (loop2): delete_dead_inodes... done [ 268.144512][T11169] bcachefs (loop2): set_fs_needs_rebalance... done [ 268.214632][T11169] bcachefs (loop2): Fixed errors, running fsck a second time to verify fs is clean [ 268.247769][T11169] bcachefs (loop2): check_alloc_info... done [ 268.273914][T11305] affs: No valid root block on device nullb0 [ 268.287855][T11169] bcachefs (loop2): check_lrus... done [ 268.298093][T11169] bcachefs (loop2): check_btree_backpointers... done [ 268.315954][T11169] bcachefs (loop2): check_backpointers_to_extents... done [ 268.325473][T11169] bcachefs (loop2): check_extents_to_backpointers... done [ 268.344799][T11169] bcachefs (loop2): check_alloc_to_lru_refs... done [ 268.365455][T11169] bcachefs (loop2): bucket_gens_init... done [ 268.405939][T11169] bcachefs (loop2): check_snapshot_trees... done [ 268.436515][T11312] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on [ 268.454660][T11169] bcachefs (loop2): check_snapshots... done [ 268.513963][T11316] loop4: detected capacity change from 0 to 256 [ 268.525303][T11169] bcachefs (loop2): check_subvols... done [ 268.532406][T11169] bcachefs (loop2): check_subvol_children... done [ 268.540559][T11169] bcachefs (loop2): delete_dead_snapshots... done [ 268.548101][T11169] bcachefs (loop2): check_inodes... done [ 268.554643][T11169] bcachefs (loop2): check_extents... done [ 268.594092][T11169] bcachefs (loop2): check_indirect_extents... done [ 268.607585][T11169] bcachefs (loop2): check_dirents... done [ 268.625627][T11169] bcachefs (loop2): check_xattrs... done [ 268.635856][T11169] bcachefs (loop2): check_root... done [ 268.673796][T11169] bcachefs (loop2): check_unreachable_inodes... done [ 268.682742][T11318] netlink: 248 bytes leftover after parsing attributes in process `syz.5.2335'. [ 268.694467][T11169] bcachefs (loop2): check_subvolume_structure... done [ 268.723190][T11169] bcachefs (loop2): check_directory_structure... done [ 268.746840][T11169] bcachefs (loop2): check_nlinks... done [ 268.846172][T11169] bcachefs (loop2): check_rebalance_work... done [ 268.873015][T11169] bcachefs (loop2): resume_logged_ops... done [ 268.895573][T11169] bcachefs (loop2): delete_dead_inodes... done [ 268.927578][T11169] bcachefs (loop2): set_fs_needs_rebalance... done [ 268.955950][T11169] bcachefs (loop2): going read-only [ 269.018053][T11169] bcachefs (loop2): finished waiting for writes to stop [ 269.026036][T11169] bcachefs (loop2): flushing journal and stopping allocators, journal seq 24 [ 269.106043][T11169] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 24 [ 269.130958][T11258] bch-reclaim/loo (11258) used greatest stack depth: 19448 bytes left [ 269.147813][T11333] __vm_enough_memory: pid: 11333, comm: syz.3.2342, bytes: 21199728746496 not enough memory for the allocation [ 269.164100][T11169] bcachefs (loop2): clean shutdown complete, journal seq 25 [ 269.205706][T11169] bcachefs (loop2): marking filesystem clean [ 269.221450][T11337] loop5: detected capacity change from 0 to 256 [ 269.237275][T11169] bcachefs (loop2): done starting filesystem [ 269.382518][T11169] syz.2.2272 (11169) used greatest stack depth: 12872 bytes left [ 269.386992][T11337] FAT-fs (loop5): Directory bread(block 64) failed [ 269.437557][T11337] FAT-fs (loop5): Directory bread(block 65) failed [ 269.449993][ T5845] bcachefs (loop2): shutting down [ 269.468743][T11337] FAT-fs (loop5): Directory bread(block 66) failed [ 269.480085][T11337] FAT-fs (loop5): Directory bread(block 67) failed [ 269.512268][T11337] FAT-fs (loop5): Directory bread(block 68) failed [ 269.537578][T11337] FAT-fs (loop5): Directory bread(block 69) failed [ 269.579118][T11337] FAT-fs (loop5): Directory bread(block 70) failed [ 269.607912][T11337] FAT-fs (loop5): Directory bread(block 71) failed [ 269.614612][T11337] FAT-fs (loop5): Directory bread(block 72) failed [ 269.667627][T11337] FAT-fs (loop5): Directory bread(block 73) failed [ 269.685944][ T5845] bcachefs (loop2): shutdown complete [ 269.710390][T11347] loop3: detected capacity change from 0 to 4096 [ 269.761392][T11347] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 269.960542][T11347] ntfs3(loop3): ino=19, mi_enum_attr [ 269.965935][T11347] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 270.068073][T11347] ntfs3(loop3): failed to convert "c46c" to cp1251 [ 270.137632][T11347] ntfs3(loop3): ino=20, mi_enum_attr [ 270.717520][ T5898] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 270.899024][ T5898] usb 4-1: Using ep0 maxpacket: 8 [ 270.920351][ T5898] usb 4-1: config 0 has an invalid interface number: 211 but max is 0 [ 270.938639][ T5898] usb 4-1: config 0 has no interface number 0 [ 270.968082][ T5898] usb 4-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=76.ff [ 271.013510][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.057535][ T5898] usb 4-1: config 0 descriptor?? [ 271.076229][T11383] loop5: detected capacity change from 0 to 128 [ 271.173952][T11358] loop4: detected capacity change from 0 to 32768 [ 271.281060][T11358] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 271.393184][T11358] (syz.4.2352,11358,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=0, inode=18446744073708961857, rec_len=65535, name_len=1 [ 271.489978][ T5898] usb 4-1: f81604_write: reg: 105 data: 29 failed: -EPROTO [ 271.527254][ T5898] f81604 4-1:0.211: Setting termination of CH#0 failed: -EPROTO [ 271.527430][T11358] (syz.4.2352,11358,0):ocfs2_prepare_dir_for_insert:4294 ERROR: status = -2 [ 271.573727][ T5898] f81604 4-1:0.211: probe with driver f81604 failed with error -71 [ 271.616526][T11358] (syz.4.2352,11358,0):ocfs2_mknod:298 ERROR: status = -2 [ 271.648230][ T5898] usb 4-1: USB disconnect, device number 10 [ 271.659279][T11358] (syz.4.2352,11358,0):ocfs2_mknod:502 ERROR: status = -2 [ 271.666475][T11358] (syz.4.2352,11358,0):ocfs2_create:675 ERROR: status = -2 [ 271.929261][ T5842] ocfs2: Unmounting device (7,4) on (node local) [ 272.855219][T11419] loop3: detected capacity change from 0 to 16 [ 272.986099][T11419] erofs (device loop3): mounted with root inode @ nid 36. [ 273.037206][T11425] loop5: detected capacity change from 0 to 512 [ 273.050814][T11419] erofs (device loop3): bogus lookback distance 0 @ lcn 4 of nid 36 [ 273.111971][T11419] erofs (device loop3): bogus lookback distance 0 @ lcn 4 of nid 36 [ 273.159973][T11419] erofs (device loop3): read error -117 @ 72 of nid 36 [ 273.212840][T11425] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 273.276868][T11425] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 273.606805][ T8472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.748107][ T5886] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 273.883961][T11458] loop2: detected capacity change from 0 to 64 [ 273.912488][ T5886] usb 4-1: Using ep0 maxpacket: 32 [ 273.931968][ T5886] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 273.956010][ T5886] usb 4-1: config 0 has no interface number 0 [ 273.994605][ T5886] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 274.027367][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.053782][ T5886] usb 4-1: Product: syz [ 274.075884][ T5886] usb 4-1: Manufacturer: syz [ 274.088345][ T5886] usb 4-1: SerialNumber: syz [ 274.143736][ T5886] usb 4-1: config 0 descriptor?? [ 274.221569][ T5886] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 274.252798][ T5886] usb 4-1: selecting invalid altsetting 1 [ 274.285825][ T5886] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 274.373328][ T5886] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 274.461519][ T5886] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 274.497623][ T5886] usb 4-1: media controller created [ 274.615637][ T5886] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 274.765663][ T5886] usb 4-1: DVB: registering adapter 1 frontend 0 (Zarlink ZL10353 DVB-T)... [ 274.830460][ T5886] dvbdev: dvb_create_media_entity: media entity 'Zarlink ZL10353 DVB-T' registered. [ 275.085477][ T5886] DVB: Unable to find symbol mxl5005s_attach() [ 275.169367][ T5886] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 275.322559][ T5886] usb 4-1: USB disconnect, device number 11 [ 275.466541][T11505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2405'. [ 275.893413][T11511] loop3: detected capacity change from 0 to 4096 [ 276.068828][T11522] netlink: 'syz.2.2410': attribute type 10 has an invalid length. [ 276.142346][T11522] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2410'. [ 276.182261][T11522] team0: entered promiscuous mode [ 276.207482][T11522] team_slave_0: entered promiscuous mode [ 276.222230][T11522] team_slave_1: entered promiscuous mode [ 276.235909][T11486] loop5: detected capacity change from 0 to 32768 [ 276.267555][T11522] team0: entered allmulticast mode [ 276.272851][T11522] team_slave_0: entered allmulticast mode [ 276.319072][T11522] team_slave_1: entered allmulticast mode [ 276.352486][T11522] bridge0: port 3(team0) entered blocking state [ 276.377396][T11486] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 276.388385][T11522] bridge0: port 3(team0) entered disabled state [ 276.437833][T11522] bridge0: port 3(team0) entered blocking state [ 276.444265][T11522] bridge0: port 3(team0) entered forwarding state [ 276.631761][T11486] XFS (loop5): Ending clean mount [ 276.665752][T11486] XFS (loop5): Quotacheck needed: Please wait. [ 276.684001][ T30] audit: type=1326 audit(2000000073.304:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11545 comm="syz.3.2415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 276.794975][ T30] audit: type=1326 audit(2000000073.304:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11545 comm="syz.3.2415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 276.824845][ T30] audit: type=1326 audit(2000000073.314:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11545 comm="syz.3.2415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=102 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 276.847988][ T30] audit: type=1326 audit(2000000073.314:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11545 comm="syz.3.2415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297f98e969 code=0x7ffc0000 [ 276.942311][T11486] XFS (loop5): Quotacheck: Done. [ 276.998319][T11550] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2416'. [ 277.054204][T11554] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2417'. [ 277.094823][T11554] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2417'. [ 277.131651][T11554] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2417'. [ 277.202102][ T8472] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 277.224831][T11525] loop4: detected capacity change from 0 to 32768 [ 277.274691][T11525] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 277.629555][ T5842] ocfs2: Unmounting device (7,4) on (node local) [ 277.797826][T11571] xt_hashlimit: max too large, truncated to 1048576 [ 277.975005][T11576] loop2: detected capacity change from 0 to 1024 [ 278.055501][T11576] EXT4-fs: Ignoring removed nomblk_io_submit option [ 278.109873][T11576] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 278.136526][T11581] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2430'. [ 278.173749][T11576] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 278.489395][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.570672][T11602] loop4: detected capacity change from 0 to 128 [ 278.716571][T11602] FAT-fs (loop4): Directory bread(block 3236) failed [ 278.723794][T11607] tmpfs: Bad value for 'mpol' [ 278.754945][T11602] FAT-fs (loop4): Directory bread(block 3237) failed [ 278.780795][T11602] FAT-fs (loop4): Directory bread(block 3238) failed [ 278.814027][T11602] FAT-fs (loop4): Directory bread(block 3239) failed [ 278.841881][T11602] FAT-fs (loop4): Directory bread(block 3240) failed [ 278.901119][T11602] FAT-fs (loop4): Directory bread(block 3241) failed [ 278.909862][T11602] FAT-fs (loop4): Directory bread(block 3242) failed [ 278.916611][T11602] FAT-fs (loop4): Directory bread(block 3243) failed [ 278.964450][T11602] FAT-fs (loop4): Directory bread(block 3236) failed [ 278.997288][T11602] FAT-fs (loop4): Directory bread(block 3237) failed [ 279.281149][T11631] overlay: Unknown parameter 'smackfsfloor' [ 279.452734][T11636] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 279.502225][T11636] CIFS mount error: No usable UNC path provided in device string! [ 279.502225][T11636] [ 279.514217][T11636] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 279.519238][ T5955] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 279.727361][ T5955] usb 4-1: Using ep0 maxpacket: 8 [ 279.743579][ T5955] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 279.776421][ T5955] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 279.814767][ T5955] usb 4-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 279.861155][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.907018][ T5955] usb 4-1: Product: syz [ 279.911251][ T5955] usb 4-1: Manufacturer: syz [ 279.915911][ T5955] usb 4-1: SerialNumber: syz [ 279.943361][ T5955] usb 4-1: config 0 descriptor?? [ 279.957253][ T5880] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 279.985391][T11654] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2463'. [ 280.130465][ T5880] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 280.159969][ T5880] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 280.181240][ T5880] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.201777][T11648] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 280.247690][ T5880] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 280.435905][ T5955] usb 4-1: USB disconnect, device number 12 [ 280.593283][ T24] usb 5-1: USB disconnect, device number 15 [ 280.657541][ T5898] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 280.837136][ T5898] usb 3-1: Using ep0 maxpacket: 32 [ 280.865421][ T5898] usb 3-1: too many configurations: 21, using maximum allowed: 8 [ 280.885211][ T5898] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 280.904059][ T5898] usb 3-1: config 0 has no interface number 0 [ 280.922024][ T5898] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 280.938745][ T5898] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 280.965056][ T5898] usb 3-1: config 0 has no interface number 0 [ 280.985077][ T5898] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 281.005154][ T5898] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 281.026750][ T5898] usb 3-1: config 0 has no interface number 0 [ 281.044227][ T5898] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 281.104061][ T5898] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 281.127167][ T5898] usb 3-1: config 0 has no interface number 0 [ 281.159269][ T5898] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 281.189837][ T5898] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 281.204242][ T5898] usb 3-1: config 0 has no interface number 0 [ 281.224684][ T5898] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 281.256474][ T5898] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 281.297873][ T5898] usb 3-1: config 0 has no interface number 0 [ 281.304047][ T5898] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 281.331368][ T5898] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 281.357030][ T5898] usb 3-1: config 0 has no interface number 0 [ 281.398704][ T5898] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 281.422516][ T5898] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 281.439048][ T5898] usb 3-1: config 0 has no interface number 0 [ 281.446191][T11698] loop5: detected capacity change from 0 to 1024 [ 281.455476][ T5898] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 281.499471][ T5898] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 281.532851][T11698] fuse: Bad value for 'fd' [ 281.539240][ T5898] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=215 [ 281.566365][ T5898] usb 3-1: Product: syz [ 281.607338][ T5898] usb 3-1: Manufacturer: syz [ 281.612014][ T5898] usb 3-1: SerialNumber: syz [ 281.667265][ T36] hfsplus: b-tree write err: -5, ino 4 [ 281.671555][ T5898] usb 3-1: config 0 descriptor?? [ 281.684387][ T5898] radio-si470x 3-1:0.35: could not find interrupt in endpoint [ 281.719185][ T5898] radio-si470x 3-1:0.35: probe with driver radio-si470x failed with error -5 [ 281.748805][T11708] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (34504) [ 281.755265][T11710] loop4: detected capacity change from 0 to 64 [ 281.797221][T11708] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023 [ 281.917291][ T5898] radio-raremono 3-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 282.068351][T11714] loop3: detected capacity change from 0 to 64 [ 282.126651][ T5898] radio-raremono 3-1:0.35: raremono_cmd_main failed (-71) [ 282.174269][ T5898] radio-raremono 3-1:0.35: V4L2 device registered as radio48 [ 282.213257][ T5898] usb 3-1: USB disconnect, device number 17 [ 282.226623][ T5898] radio-raremono 3-1:0.35: Thanko's Raremono disconnected [ 282.289299][T11718] loop5: detected capacity change from 0 to 8 [ 282.377190][ T24] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 282.402772][T11718] SQUASHFS error: Unable to read inode 0x2 [ 282.577017][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 282.596392][ T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 282.626387][ T24] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 282.646926][ T24] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 282.655083][ T24] usb 5-1: Product: syz [ 282.666897][ T24] usb 5-1: Manufacturer: syz [ 282.683670][T11726] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 282.686883][ T24] usb 5-1: SerialNumber: syz [ 282.963533][ T24] usb 5-1: Invalid connection information received from device [ 283.015502][T11734] loop2: detected capacity change from 0 to 256 [ 283.067937][T11734] exfat: Deprecated parameter 'utf8' [ 283.073308][T11734] exfat: Deprecated parameter 'utf8' [ 283.147137][T11734] exfat: Deprecated parameter 'utf8' [ 283.163729][ T24] usb 5-1: USB disconnect, device number 16 [ 283.198841][T11734] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 283.261790][T11734] exFAT-fs (loop2): error, exfat_zeroed_cluster: out of range(sect:224 len:8) [ 283.282682][T11734] exFAT-fs (loop2): Filesystem has been set read-only [ 283.609803][T11752] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2509'. [ 283.650717][T11754] xt_TCPMSS: Only works on TCP SYN packets [ 283.674817][T11750] loop2: detected capacity change from 0 to 4096 [ 284.376911][ T9] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 284.407234][ T24] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 284.550371][ T9] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 284.566810][ T24] usb 4-1: Using ep0 maxpacket: 8 [ 284.572591][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.579608][ T24] usb 4-1: config 6 has an invalid interface number: 2 but max is 0 [ 284.604745][ T24] usb 4-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config [ 284.610081][ T9] usb 3-1: Product: syz [ 284.635203][ T24] usb 4-1: config 6 has no interface number 0 [ 284.656236][ T9] usb 3-1: Manufacturer: syz [ 284.663401][ T9] usb 3-1: SerialNumber: syz [ 284.675464][ T24] usb 4-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xAA, changing to 0x8A [ 284.691966][ T9] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 284.701940][ T24] usb 4-1: config 6 interface 2 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 284.712473][ T24] usb 4-1: config 6 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 284.734699][ T24] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 284.745287][ T5955] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 284.774336][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.814834][ T24] usb 4-1: Product: syz [ 284.851861][ T24] usb 4-1: Manufacturer: syz [ 284.887040][ T24] usb 4-1: SerialNumber: syz [ 284.922262][ T24] hso 4-1:6.2: Failed to find INT IN ep [ 285.130502][ T24] usb 4-1: USB disconnect, device number 13 [ 285.238772][ T5880] usb 3-1: USB disconnect, device number 18 [ 286.016611][ T5955] usb 3-1: Service connection timeout for: 256 [ 286.046596][ T5955] ath9k_htc 3-1:1.0: ath9k_htc: Unable to initialize HTC services [ 286.062615][T11836] loop3: detected capacity change from 0 to 512 [ 286.075076][ T5955] ath9k_htc: Failed to initialize the device [ 286.093991][ T5880] usb 3-1: ath9k_htc: USB layer deinitialized [ 286.168728][T11836] EXT4-fs (loop3): orphan cleanup on readonly fs [ 286.234257][T11836] Quota error (device loop3): v2_read_file_info: Block with free entry 2 out of range (1, 0). [ 286.316702][T11836] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 286.370832][T11836] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 286.402460][T11836] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #13: comm syz.3.2551: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 286.482834][T11836] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2551: couldn't read orphan inode 13 (err -117) [ 286.502685][T11836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0b00-0000-000000000000 ro without journal. Quota mode: writeback. [ 286.663526][T11854] loop2: detected capacity change from 0 to 256 [ 286.712563][T11856] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2560'. [ 286.713342][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0b00-0000-000000000000. [ 286.790138][T11856] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2560'. [ 286.932186][T11861] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2563'. [ 286.980351][T11861] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2563'. [ 287.039993][T11864] netlink: 'syz.5.2565': attribute type 3 has an invalid length. [ 288.471650][T11880] loop2: detected capacity change from 0 to 32768 [ 288.520484][T11880] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2571 (11880) [ 288.636521][T11880] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 288.698316][T11880] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm [ 288.761157][T11934] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.2598'. [ 288.778572][T11880] BTRFS info (device loop2): using free-space-tree [ 288.831327][T11934] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 288.877531][T11934] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 289.299472][T11971] loop3: detected capacity change from 0 to 64 [ 289.306984][ T5845] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 289.391087][T11971] syz.3.2606: attempt to access beyond end of device [ 289.391087][T11971] loop3: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 289.456195][T11971] Buffer I/O error on dev loop3, logical block 134217734, async page read [ 289.657802][T11971] syz.3.2606: attempt to access beyond end of device [ 289.657802][T11971] loop3: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 289.701812][T11971] Buffer I/O error on dev loop3, logical block 134217734, async page read [ 289.734099][T11983] xt_SECMARK: invalid mode: 2 [ 289.779456][T11985] nftables ruleset with unbound set [ 289.901854][ T24] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 290.112054][ T24] usb 1-1: Using ep0 maxpacket: 8 [ 290.139910][ T24] usb 1-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 290.185423][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.239088][ T24] usb 1-1: Product: syz [ 290.282688][ T24] usb 1-1: Manufacturer: syz [ 290.292369][ T24] usb 1-1: SerialNumber: syz [ 290.329589][ T24] usb 1-1: config 0 descriptor?? [ 290.562661][ T24] usb 1-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 290.699474][T12015] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 290.768359][ T24] usb write operation failed. (-71) [ 290.776476][T12019] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2624'. [ 290.810392][ T24] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 290.855982][ T24] dvbdev: DVB: registering new adapter (Terratec H7) [ 290.908699][ T24] usb 1-1: media controller created [ 290.927273][ T24] usb read operation failed. (-71) [ 290.968189][ T24] usb write operation failed. (-71) [ 291.006201][ T24] dvb_usb_az6007 1-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 291.039553][ T24] usb 1-1: USB disconnect, device number 9 [ 291.126489][ T5880] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 291.330373][T12038] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2633'. [ 291.358801][ T5880] usb 5-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 291.376430][T12038] erspan0: left allmulticast mode [ 291.382875][ T5880] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.397048][T12038] erspan0: left promiscuous mode [ 291.402287][T12038] bridge0: port 3(erspan0) entered disabled state [ 291.422749][ T5880] usb 5-1: Product: syz [ 291.436309][ T5880] usb 5-1: Manufacturer: syz [ 291.446923][ T5880] usb 5-1: SerialNumber: syz [ 291.490018][T12038] bridge_slave_1: left allmulticast mode [ 291.495723][T12038] bridge_slave_1: left promiscuous mode [ 291.504387][ T5880] usb 5-1: config 0 descriptor?? [ 291.541424][T12038] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.576098][T12038] bridge_slave_0: left allmulticast mode [ 291.585909][T12047] netlink: 'syz.0.2636': attribute type 6 has an invalid length. [ 291.593884][T12038] bridge_slave_0: left promiscuous mode [ 291.612930][T12038] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.700644][ T5883] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 291.724306][ T5880] int51x1 5-1:0.0: probe with driver int51x1 failed with error -22 [ 291.858340][ T5883] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 291.876310][ T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 291.878512][ T5883] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 291.900937][ T5883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.922217][T12042] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 291.943643][ T5898] usb 5-1: USB disconnect, device number 17 [ 291.968060][ T5883] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 292.060430][ T9] usb 6-1: config 0 has an invalid interface number: 58 but max is 0 [ 292.060464][ T9] usb 6-1: config 0 has no interface number 0 [ 292.060507][ T9] usb 6-1: config 0 interface 58 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 64 [ 292.068111][ T9] usb 6-1: New USB device found, idVendor=085a, idProduct=0008, bcdDevice=7f.81 [ 292.068144][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.068165][ T9] usb 6-1: Product: syz [ 292.068181][ T9] usb 6-1: Manufacturer: syz [ 292.068197][ T9] usb 6-1: SerialNumber: syz [ 292.108560][ T9] usb 6-1: config 0 descriptor?? [ 292.114265][T12049] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22 [ 292.293307][ T5883] usb 3-1: USB disconnect, device number 19 [ 292.366965][ T9] kaweth 6-1:0.58: Firmware present in device. [ 292.547047][ T9] kaweth 6-1:0.58: Error reading configuration (-71), no net device created [ 292.573607][ T9] kaweth 6-1:0.58: probe with driver kaweth failed with error -5 [ 292.598494][ T9] usb 6-1: USB disconnect, device number 8 [ 292.962523][T12084] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2651'. [ 293.021004][T12087] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2653'. [ 293.048932][T12087] bridge0: port 3(team0) entered disabled state [ 293.049369][T12088] affs: No valid root block on device nullb0 [ 293.077789][T12087] bridge_slave_1: left allmulticast mode [ 293.083625][T12087] bridge_slave_1: left promiscuous mode [ 293.096685][T12087] bridge0: port 2(bridge_slave_1) entered disabled state [ 293.147343][T12087] bridge_slave_0: left allmulticast mode [ 293.172726][T12087] bridge_slave_0: left promiscuous mode [ 293.220310][T12087] bridge0: port 1(bridge_slave_0) entered disabled state [ 293.800569][T12115] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2666'. [ 293.826273][T12115] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 293.850461][T12115] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 293.986700][ T5880] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 294.014595][T12123] loop5: detected capacity change from 0 to 1024 [ 294.157986][T12123] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 294.176923][ T30] audit: type=1326 audit(2000000090.805:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 294.199194][ C1] vkms_vblank_simulate: vblank timer overrun [ 294.232766][ T5880] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 294.236234][ T30] audit: type=1326 audit(2000000090.835:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 294.264922][ C1] vkms_vblank_simulate: vblank timer overrun [ 294.278642][T12133] loop2: detected capacity change from 0 to 64 [ 294.288705][ T5880] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 294.335091][ T30] audit: type=1326 audit(2000000090.835:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 294.335097][ T5880] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.335151][ T30] audit: type=1326 audit(2000000090.835:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 294.434632][T12123] EXT4-fs error (device loop5): __ext4_new_inode:1073: comm syz.5.2678: reserved inode found cleared - inode=1 [ 294.503010][T12112] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 294.532802][T12139] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2673'. [ 294.564562][ T5880] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 294.599453][ T30] audit: type=1326 audit(2000000090.835:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12131 comm="syz.0.2671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5718e969 code=0x7ffc0000 [ 294.637983][T12139] bridge_slave_1: left allmulticast mode [ 294.660034][ T8472] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.664073][T12139] bridge_slave_1: left promiscuous mode [ 294.703471][T12139] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.828456][T12139] bridge_slave_0: left allmulticast mode [ 294.847731][T12139] bridge_slave_0: left promiscuous mode [ 294.870100][T12139] bridge0: port 1(bridge_slave_0) entered disabled state [ 294.925764][ T5880] usb 4-1: USB disconnect, device number 14 [ 295.626183][ T5913] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 295.838404][ T5913] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 295.876486][ T5913] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 295.921005][ T5913] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 295.948916][ T5913] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 295.990269][ T5913] usb 6-1: SerialNumber: syz [ 296.234322][ T5913] usb 6-1: 0:2 : does not exist [ 296.254194][ T5913] usb 6-1: unit 5: unexpected type 0x03 [ 296.311832][ T5913] usb 6-1: USB disconnect, device number 9 [ 296.453511][ T6200] udevd[6200]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 296.664094][T12206] loop3: detected capacity change from 0 to 256 [ 296.679252][T12172] loop4: detected capacity change from 0 to 32768 [ 296.714657][T12172] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2687 (12172) [ 296.810987][T12172] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 296.870747][T12206] FAT-fs (loop3): Directory bread(block 64) failed [ 296.879911][T12172] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm [ 296.899831][T12206] FAT-fs (loop3): Directory bread(block 65) failed [ 296.939625][T12206] FAT-fs (loop3): Directory bread(block 66) failed [ 296.947619][T12172] BTRFS info (device loop4): using free-space-tree [ 296.964681][T12206] FAT-fs (loop3): Directory bread(block 67) failed [ 297.051721][T12206] FAT-fs (loop3): Directory bread(block 68) failed [ 297.079254][T12229] loop2: detected capacity change from 0 to 64 [ 297.092887][T12206] FAT-fs (loop3): Directory bread(block 69) failed [ 297.171750][T12206] FAT-fs (loop3): Directory bread(block 70) failed [ 297.216179][T12206] FAT-fs (loop3): Directory bread(block 71) failed [ 297.222937][T12206] FAT-fs (loop3): Directory bread(block 72) failed [ 297.316440][T12206] FAT-fs (loop3): Directory bread(block 73) failed [ 297.537696][ T5842] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 297.668245][T12212] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 297.697993][T12212] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 297.826715][T12212] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 297.844534][T12212] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 297.946823][T12212] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 297.956196][T12212] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 298.060061][T12212] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 298.122693][T12212] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 298.201615][T12212] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 298.234629][T12212] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 298.274455][T12262] loop2: detected capacity change from 0 to 512 [ 298.386343][T12262] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 298.465278][T12262] ext4 filesystem being mounted at /537/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 298.660183][ T5845] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.729867][ T5843] Bluetooth: hci5: command 0x0406 tx timeout [ 299.056495][ T5955] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 299.238076][ T5955] usb 3-1: Using ep0 maxpacket: 8 [ 299.266213][ T5955] usb 3-1: config 6 has an invalid interface number: 2 but max is 0 [ 299.291226][ T5955] usb 3-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config [ 299.311656][ T5955] usb 3-1: config 6 has no interface number 0 [ 299.332092][T12212] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 299.353046][ T5955] usb 3-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xAA, changing to 0x8A [ 299.395344][T12212] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 299.424298][ T5955] usb 3-1: config 6 interface 2 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 299.441494][ T5955] usb 3-1: config 6 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 299.462085][ T5955] usb 3-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91 [ 299.477902][ T5955] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 299.489914][ T5955] usb 3-1: Product: syz [ 299.494850][ T5955] usb 3-1: Manufacturer: syz [ 299.506966][ T5955] usb 3-1: SerialNumber: syz [ 299.550297][ T5955] hso 3-1:6.2: Failed to find INT IN ep [ 299.754947][ T9] usb 3-1: USB disconnect, device number 20 [ 300.417389][T12328] loop3: detected capacity change from 0 to 512 [ 300.502058][T12328] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.614366][T12328] ext4 filesystem being mounted at /572/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 300.725679][T12346] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2735'. [ 300.818494][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.040833][T12358] netlink: 512 bytes leftover after parsing attributes in process `syz.4.2741'. [ 301.215308][T12364] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 301.222709][T12364] IPv6: NLM_F_CREATE should be set when creating new route [ 301.230000][T12364] IPv6: NLM_F_CREATE should be set when creating new route [ 301.632185][ T5955] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 301.841755][ T5955] usb 3-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 301.875719][ T5955] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.901225][T12357] loop3: detected capacity change from 0 to 32768 [ 301.908416][ T5955] usb 3-1: Product: syz [ 301.912642][ T5955] usb 3-1: Manufacturer: syz [ 301.935824][ T5955] usb 3-1: SerialNumber: syz [ 301.957248][T12357] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 301.969063][ T5955] usb 3-1: config 0 descriptor?? [ 302.023077][T12357] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 302.189493][ T5955] int51x1 3-1:0.0: probe with driver int51x1 failed with error -22 [ 302.276417][ T5836] ocfs2: Unmounting device (7,3) on (node local) [ 302.404836][ T5880] usb 3-1: USB disconnect, device number 21 [ 302.415772][ T31] INFO: task syz-executor:5838 blocked for more than 143 seconds. [ 302.423655][ T31] Not tainted 6.15.0-rc7-next-20250522-syzkaller #0 [ 302.474642][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 302.493018][ T31] task:syz-executor state:D stack:21800 pid:5838 tgid:5838 ppid:1 task_flags:0x400140 flags:0x00004006 [ 302.518219][ T31] Call Trace: [ 302.554018][ T31] [ 302.561137][ T31] __schedule+0x16f5/0x4d00 [ 302.578634][ T31] ? schedule+0x165/0x360 [ 302.588659][ T31] ? __pfx___schedule+0x10/0x10 [ 302.598195][ T31] ? schedule+0x91/0x360 [ 302.610503][ T31] schedule+0x165/0x360 [ 302.623857][ T31] io_schedule+0x81/0xe0 [ 302.642978][ T31] folio_wait_bit_common+0x6b0/0xb90 [ 302.660144][ T31] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 302.675684][ T31] ? __pfx_wake_page_function+0x10/0x10 [ 302.686000][ T31] ? folios_put_refs+0x559/0x640 [ 302.696847][ T31] ? __pfx_find_lock_entries+0x10/0x10 [ 302.709340][ T31] __filemap_get_folio+0x139/0xaf0 [ 302.720553][ T31] truncate_inode_pages_range+0x3ed/0xda0 [ 302.735759][ T31] ? evict+0x847/0x9c0 [ 302.744542][ T31] ? evict_inodes+0x636/0x6c0 [ 302.754008][ T31] ? generic_shutdown_super+0x9a/0x2c0 [ 302.764796][ T31] ? kill_block_super+0x44/0x90 [ 302.772024][ T31] ? deactivate_locked_super+0xb9/0x130 [ 302.778101][ T31] ? __pfx_truncate_inode_pages_range+0x10/0x10 [ 302.784633][ T31] ? __lock_acquire+0xab9/0xd20 [ 302.789928][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 302.795773][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 302.801179][ T31] evict+0x517/0x9c0 [ 302.805217][ T31] ? __pfx_evict+0x10/0x10 [ 302.810377][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 302.815972][ T31] evict_inodes+0x636/0x6c0 [ 302.820681][ T31] ? __pfx_evict_inodes+0x10/0x10 [ 302.826210][ T31] generic_shutdown_super+0x9a/0x2c0 [ 302.831713][ T31] kill_block_super+0x44/0x90 [ 302.838621][ T31] deactivate_locked_super+0xb9/0x130 [ 302.844239][ T31] cleanup_mnt+0x425/0x4c0 [ 302.849221][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 302.854601][ T31] task_work_run+0x1d4/0x260 [ 302.859682][ T31] ? __pfx_task_work_run+0x10/0x10 [ 302.864991][ T31] ? __x64_sys_umount+0x122/0x160 [ 302.870551][ T31] ? exit_to_user_mode_loop+0x40/0x110 [ 302.881444][ T31] exit_to_user_mode_loop+0xec/0x110 [ 302.888088][ T31] do_syscall_64+0x2bd/0x3b0 [ 302.892888][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 302.903975][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.910526][ T31] ? clear_bhb_loop+0x60/0xb0 [ 302.915425][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.927407][ T31] RIP: 0033:0x7fdf6a38fc97 [ 302.931986][ T31] RSP: 002b:00007ffeb2d37008 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 302.957927][ T31] RAX: 0000000000000000 RBX: 00007fdf6a41089d RCX: 00007fdf6a38fc97 [ 302.971082][ T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeb2d370c0 [ 302.981946][ T31] RBP: 00007ffeb2d370c0 R08: 0000000000000000 R09: 0000000000000000 [ 302.994686][ T31] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeb2d38150 [ 303.003166][ T31] R13: 00007fdf6a41089d R14: 00000000000266d4 R15: 00007ffeb2d38190 [ 303.017246][ T31] [ 303.020405][ T31] [ 303.020405][ T31] Showing all locks held in the system: [ 303.031000][ T31] 1 lock held by khungtaskd/31: [ 303.036053][ T31] #0: ffffffff8e13f140 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 303.088338][ T31] 2 locks held by getty/5595: [ 303.093125][ T31] #0: ffff8880349420a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 303.103352][ T31] #1: ffffc90002fee2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 303.113824][ T31] 1 lock held by syz-executor/5838: [ 303.119293][ T31] #0: ffff88803499e0e0 (&type->s_umount_key#54){++++}-{4:4}, at: deactivate_super+0xa9/0xe0 [ 303.129881][ T31] 1 lock held by syz.5.2705/12241: [ 303.135032][ T31] #0: ffff88803499e0e0 (&type->s_umount_key#54){++++}-{4:4}, at: super_lock+0x2a9/0x3b0 [ 303.145307][ T31] [ 303.147876][ T31] ============================================= [ 303.147876][ T31] [ 303.156681][ T31] NMI backtrace for cpu 1 [ 303.156701][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc7-next-20250522-syzkaller #0 PREEMPT(full) [ 303.156725][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 303.156737][ T31] Call Trace: [ 303.156745][ T31] [ 303.156753][ T31] dump_stack_lvl+0x189/0x250 [ 303.156776][ T31] ? __wake_up_klogd+0xd9/0x110 [ 303.156802][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 303.156821][ T31] ? __pfx__printk+0x10/0x10 [ 303.156856][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 303.156886][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 303.156910][ T31] ? _printk+0xcf/0x120 [ 303.156936][ T31] ? __pfx__printk+0x10/0x10 [ 303.156959][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 303.156989][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 303.157018][ T31] watchdog+0xfee/0x1030 [ 303.157047][ T31] ? watchdog+0x1de/0x1030 [ 303.157082][ T31] kthread+0x711/0x8a0 [ 303.157109][ T31] ? __pfx_watchdog+0x10/0x10 [ 303.157135][ T31] ? __pfx_kthread+0x10/0x10 [ 303.157159][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 303.157188][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 303.157204][ T31] ? __pfx_kthread+0x10/0x10 [ 303.157227][ T31] ret_from_fork+0x3fc/0x770 [ 303.157258][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 303.157291][ T31] ? __switch_to_asm+0x39/0x70 [ 303.157310][ T31] ? __switch_to_asm+0x33/0x70 [ 303.157329][ T31] ? __pfx_kthread+0x10/0x10 [ 303.157352][ T31] ret_from_fork_asm+0x1a/0x30 [ 303.157389][ T31] [ 303.157397][ T31] Sending NMI from CPU 1 to CPUs 0: [ 303.315423][ C0] NMI backtrace for cpu 0 [ 303.315440][ C0] CPU: 0 UID: 0 PID: 5821 Comm: syz-executor Not tainted 6.15.0-rc7-next-20250522-syzkaller #0 PREEMPT(full) [ 303.315461][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 303.315472][ C0] RIP: 0010:lock_release+0x89/0x3e0 [ 303.315500][ C0] Code: 23 03 0e 00 0f 84 44 02 00 00 65 8b 05 f0 7d fe 10 85 c0 0f 85 35 02 00 00 65 4c 8b 3c 25 08 70 9c 92 41 83 bf ec 0a 00 00 00 <0f> 85 1e 02 00 00 49 81 3e 40 33 60 93 0f 84 11 02 00 00 48 c7 44 [ 303.315515][ C0] RSP: 0018:ffffc900042478c0 EFLAGS: 00000246 [ 303.315530][ C0] RAX: 0000000000000000 RBX: ffff888024919b40 RCX: efbe555f9c4a2600 [ 303.315547][ C0] RDX: 0000000000000000 RSI: ffffffff8be28fe0 RDI: ffffffff8be28fa0 [ 303.315559][ C0] RBP: ffffc90004247a50 R08: 0000000000000000 R09: ffffffff894228af [ 303.315571][ C0] R10: 0000000000000000 R11: fffff52000848f10 R12: 1ffff92000848f30 [ 303.315584][ C0] R13: ffffffff89da09c0 R14: ffff888024919b58 R15: ffff88807e8a3c00 [ 303.315598][ C0] FS: 0000555583a3a500(0000) GS:ffff888125c59000(0000) knlGS:0000000000000000 [ 303.315614][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 303.315626][ C0] CR2: 00007fce282f9440 CR3: 0000000076aea000 CR4: 00000000003526f0 [ 303.315643][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 303.315653][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 303.315664][ C0] Call Trace: [ 303.315671][ C0] [ 303.315682][ C0] ? tcp_recvmsg+0x220/0x810 [ 303.315710][ C0] _raw_spin_unlock_bh+0x1b/0x40 [ 303.315735][ C0] tcp_recvmsg+0x220/0x810 [ 303.315756][ C0] ? __pfx_tcp_recvmsg+0x10/0x10 [ 303.315778][ C0] ? aa_sk_perm+0x81e/0x950 [ 303.315802][ C0] ? sock_rps_record_flow+0x19/0x410 [ 303.315820][ C0] inet_recvmsg+0x147/0x250 [ 303.315836][ C0] ? schedule+0x165/0x360 [ 303.315860][ C0] ? __pfx_inet_recvmsg+0x10/0x10 [ 303.315878][ C0] ? bpf_lsm_socket_recvmsg+0x9/0x20 [ 303.315900][ C0] ? security_socket_recvmsg+0x7e/0x2e0 [ 303.315921][ C0] sock_recvmsg+0x1a8/0x270 [ 303.315941][ C0] sock_read_iter+0x231/0x2f0 [ 303.315958][ C0] ? __pfx_sock_read_iter+0x10/0x10 [ 303.315972][ C0] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 303.316001][ C0] ? bpf_lsm_file_permission+0x9/0x20 [ 303.316025][ C0] ? security_file_permission+0x75/0x290 [ 303.316051][ C0] vfs_read+0x4cd/0x980 [ 303.316071][ C0] ? __pfx_vfs_read+0x10/0x10 [ 303.316090][ C0] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 303.316119][ C0] ksys_read+0x145/0x250 [ 303.316135][ C0] ? __pfx_ksys_read+0x10/0x10 [ 303.316148][ C0] ? rcu_is_watching+0x15/0xb0 [ 303.316166][ C0] ? do_syscall_64+0xbe/0x3b0 [ 303.316185][ C0] do_syscall_64+0xfa/0x3b0 [ 303.316201][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.316217][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 303.316234][ C0] ? clear_bhb_loop+0x60/0xb0 [ 303.316253][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.316268][ C0] RIP: 0033:0x7f188df8d33d [ 303.316282][ C0] Code: a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb b5 e8 a8 48 00 00 0f 1f 84 00 00 00 00 00 80 3d 01 72 1f 00 00 74 17 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 5b c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec [ 303.316296][ C0] RSP: 002b:00007fff63a18918 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 303.316313][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f188df8d33d [ 303.316324][ C0] RDX: 0000000000000004 RSI: 00007fff63a1892c RDI: 0000000000000003 [ 303.316335][ C0] RBP: 0000000000000000 R08: 000000001aba5d4d R09: 7fffffffffffffff [ 303.316346][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff63a18d40 [ 303.316356][ C0] R13: 0000000000000004 R14: 00007fff63a1892c R15: 00007fff63a189c0 [ 303.316376][ C0] [ 303.327255][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 303.327276][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc7-next-20250522-syzkaller #0 PREEMPT(full) [ 303.327302][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 303.327317][ T31] Call Trace: [ 303.327328][ T31] [ 303.327337][ T31] dump_stack_lvl+0x99/0x250 [ 303.327365][ T31] ? __asan_memcpy+0x40/0x70 [ 303.327397][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 303.327418][ T31] ? __pfx__printk+0x10/0x10 [ 303.327463][ T31] panic+0x2db/0x790 [ 303.327503][ T31] ? __pfx_panic+0x10/0x10 [ 303.327532][ T31] ? tick_nohz_tick_stopped+0x86/0xb0 [ 303.327560][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 303.327591][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 303.327631][ T31] watchdog+0x102d/0x1030 [ 303.327664][ T31] ? watchdog+0x1de/0x1030 [ 303.327702][ T31] kthread+0x711/0x8a0 [ 303.327731][ T31] ? __pfx_watchdog+0x10/0x10 [ 303.327761][ T31] ? __pfx_kthread+0x10/0x10 [ 303.327788][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 303.327822][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 303.327842][ T31] ? __pfx_kthread+0x10/0x10 [ 303.327868][ T31] ret_from_fork+0x3fc/0x770 [ 303.327902][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 303.327939][ T31] ? __switch_to_asm+0x39/0x70 [ 303.327961][ T31] ? __switch_to_asm+0x33/0x70 [ 303.327983][ T31] ? __pfx_kthread+0x10/0x10 [ 303.328009][ T31] ret_from_fork_asm+0x1a/0x30 [ 303.328050][ T31] [ 303.825852][ T31] Kernel Offset: disabled [ 303.830185][ T31] Rebooting in 86400 seconds..