last executing test programs: 8m44.960265805s ago: executing program 1 (id=2681): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000001300)=@raw={'raw\x00', 0x41, 0x3, 0x3c8, 0x0, 0x19, 0x0, 0x260, 0x0, 0x330, 0x1f0, 0x1f0, 0x330, 0x1f0, 0x3, 0x0, {[{{@ip={@dev, @dev, 0x0, 0x0, 'wlan1\x00', 'wg1\x00'}, 0x0, 0x1f8, 0x260, 0x0, {0x0, 0xffffffffa0028000}, [@common=@unspec=@quota={{0x38}}, @common=@inet=@hashlimit2={{0x150}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'veth0_vlan\x00', 'netpci0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x428) 8m44.806379728s ago: executing program 1 (id=2683): r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x2, 0x9, 0x4, 0x8, 0x7f, "cdb1114e0aaa374e87fb21004e0d8bce9470a8", 0xbcfd, 0x3}) 8m44.540742083s ago: executing program 1 (id=2686): r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40186f40, &(0x7f0000000080)={0xffffffff, 0x0, 0x945a, 0x4, 'syz0\x00'}) 8m44.18800638s ago: executing program 1 (id=2691): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c}) 8m43.495800083s ago: executing program 1 (id=2701): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f757365725f78617474722c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c646174613d77726974656261636b2c6572726f72733d72656d6f756e742d726f2c6e6f61636c2c0033b67a38edf7ca65cff4aecf1bccac7b7847e83ec6928ad9eff2281ff7a2314d9a8541a9772b98d067c1463bb01ed3ebf5764745d29402107611df2e22d6cfb25eb0a8b970f339cf6413aaef25cee228060d70ce0ade90d917a9c5"], 0x1, 0x442f, &(0x7f0000004480)="$eJzs3c9rHFUcAPA3k7RJan8ktYcKggsWFJWQ9KRGME3TH0lbI9UWESHdJNs2ssmWZCMeeog3wZPgQTwUBW85SQ5e65/gxaOeC3rwIghiZHdn053JLlnrbmLL53PYt/N+J9+Z2TeH3RcnyrcXV3OLq7n8cq40f3P1dO6jUnFtqRDiPdJ0/AN7Nz7t6cZ50kafff995jQzc/b8O9dPh/DDwk8Ptra2tkJFb2hqtOH9H7/fnW9M6+JMm0q/zXvrlPdDCCd2zKuiJ4Tw3vchRCGEM0neRJIOhBCOhFrZ9buf3ch1aDZ9Sbo5dmp6495m6789CuGr4jOv3Fr69fmesV9e6tDwAAAAAAAAAAAAAAAAAAA85i5cnbn29shouB+F3o2o9n3dvsbyJG31/ditjnluD/5aAAAAAAAAAAAAAAAAAAAA+H96+P3/XHQ82rlf92SSjrdov/Vm9+dI90y9NTN5bmQ02f89aiiZOVZ5fTXJ+u1MTxhqsu97dv/3M5n+m+//HnVs/vX51ccdDFE8nDqO4+HhEL5JNn4/GR2Ki6XV8ss3S2vLCx2bxmMrHf/a7v2p6CQb+rcb/4lM/93f///pHWdT5fhG506xJ1o6/j0t6/WHqK34n82024v48+jS8e+t5g00Vhiv3QC+/SQKn/fuHv/JTP/div/REEIuqsw1l7oDVNYwlfxW6xXS0vE/UM1L3TqTf2Ql/s2u/z8z8T+X6X+/7v/r2Q8imkrH/2A1rz9V4+H1PxTvfv2fz/S/H/GvzH/d539b0vFPfvmtN1Wl+p9s9/5/IdN/t+J/LU7meTRKnQEbUS2/1e/VkZaOf/+O8ofPf3Fb67+LmfZ79fxXH7f+/Fe//b8Y1Z7/aC4d/4GW9dq9/qcy7bp9/x+vrv94VOn4H6rmpdfOg9XXduM/nem/O/E/uP1uPLP+/7uvtgD42vqvLen4P1XLjBtrrFdfq+u/aPf1/6VM//ux/qvMfz3u7qhPinT8D7esV4n/j218/l/OtOt+/EMYsdZ/ZOn4H2lZr3r99+8e/yuZdt2O/wvd7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMTCRpIMhiodTx3E8PBzC2eT4ZDgUzeUXZueKpfkPVkOYTPJz4Xh0q1iayxdnF5dLC4XZfLFYmg/hXFJ+IvRHq8VSeXYpf+f8dl8D0e1CfqU8V8iXQwgXkvxnw5F6X3OL5aX8nRDCxe2yY3Fp5c7t/PLswuLK6yMjIyNhansOQ1Hh43JhuVwbvVYawvR228GoYXLV4kvbczkcfVhaW1nOF6v5lxvaFEvz+WJDmytJ2RdhKCqvrC3P58uF2WLpVn28/TSepJNTV9+9enl0R/mNqJZO7O20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiX7o+99mUIobd2FIcQxutvomb1v/u58MbsX1c+3Rw7Nb1xb/NBq3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWGXjlEqBoIwAM+uRazEY1iFpLONKKKFEcETaO0JPIwexUt4BwsLWwsR4gYkL3mkea/6vmZgf3Z2YAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1rm86+9vmzYixeFPVcXb4/vH//y61Jez+fsHe5iR3bm66c8vmrb8e9rIT8vRZ5eH9Pvr+SFm6uh1sifTffozNH062jLX0r4tzTe+exwp1xHRlfwk5VzX63oBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUXfBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArwAAAP//hykaaw==") mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2236824, 0x0) 8m42.717513828s ago: executing program 1 (id=2711): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x0, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@empty, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x0, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) 8m42.247601207s ago: executing program 32 (id=2711): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x0, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@empty, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x0, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) 6m15.36235925s ago: executing program 2 (id=5163): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="3900000013000318680907070000000f4e00ff3f3f000000170a001700000010040037000d00110001332564aa070000000001000000c48f57", 0x39}], 0x1) 6m15.012440447s ago: executing program 2 (id=5166): r0 = syz_open_dev$video4linux(&(0x7f0000000900), 0x5, 0x0) ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000040)={0x0, 0x0, {0x10000, 0x3, 0x5, 0x5}}) 6m14.86594398s ago: executing program 2 (id=5169): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@polexpire={0xc0, 0x1b, 0x1, 0x70bd29, 0x25dfdbfe, {{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@empty, 0x4e23, 0x0, 0x4e23, 0x47, 0x2, 0xa0}, {0xfffffffffffffc00, 0x7f, 0x8, 0x4, 0x9, 0x3, 0xd, 0x4}, {0x0, 0x4, 0x6, 0x3}, 0xd0, 0x6e6bb5, 0x3, 0x1, 0x3, 0x2}, 0x4}}, 0xc0}, 0x1, 0x0, 0x0, 0x20040006}, 0x20000000) 6m14.668797154s ago: executing program 2 (id=5172): syz_mount_image$exfat(&(0x7f00000001c0), &(0x7f0000000000)='./bus\x00', 0x800, &(0x7f0000000200)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c6b6565705f6c6173745f646f74732c696f636861727365743d63703835302c7379735f747a2c696f636861727365743d69736f383835392d31352c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303030382c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c646d61736b3d30303030303030303030303030303030303030303031332c646973636172642c646973636172642c00e0669f62a389f94dcc2fda2101686c10656f728020f5a616130a1fc56df99c298f3ad694c74a629be0af8c838281"], 0x1, 0x152a, &(0x7f0000003000)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL/T+Z1+x/mceb6fz/5Yz6z9rP287/Ne9t6YbzoOqtageuV6RAT/ErzwRxIAxAJAPwC4BgACACgdVzru/Hx2iUn/2kHYX+vh1CtdAbuSuP9ZG/c/a+P+Z23c/6yN+5+1cf+zNu5/1sb9Zywr2zg1/7W8Zd2N7///96vzhzP8/f9fJLPE6C9Wl7i+E0DMn03h/mdt3P//WsGf2Yn7n7Vx/7Oq2CtdAPsPwO//rCDbH85w/7M27j9jWdmVvv98pTeIZO3n4Eq//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ2n/GUKAC6Nr3RdjDHGGGOMMcYY++v4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/ZP7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFY1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiSjOl/If5b/9O/oCfj75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/TL4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufOnfYEIRKACFcQEMUFsEBvkCHIEOYOcQa4gVxAJIkFcEBfkDq4P8gR5g3xB/iA+KBAUDHRgAhuIi02PBjcERYIbg6LBTUGxoHjgghJBQnBzUDK4JSgV3BqUDm4LygS3B2WDckH5oEJwR1AxuDOoFNwVVA7uDqoEVYNqQfXgnqBGcG9QM7gvqBXcH9QOHgjqBA8GdYOHgnrBw0H94JGgQfBo0DB4LGgUNA6aBE2DZn/p+t6fyPuE66a76yTdQ/fUL+teurfuo/vqfvoV3V+/qgfo13SyHqgH6df1YP2GHqLf1EP1MD1cv6VH6JF6lB6tx+ixOkWP0+P123qCfkdP1JP0ZD1Fp+qpepp+V0/XM/RM/Z6epd/Xs/UcPVfP02n6Az1fL9Dp+kO9UH+kM/QivVgv0Uv1Mr1cr9Ar9Sq9Wq/Ra/U6vV5v0Bv1Jr1Zb9Fb9Ta9XX+sd+hP9E69S+/Wn+o9+jO9V3+u9+kv9H79pc7UX+kD+mt9UH+jD+lv9WH9nT6ij+pj+nt9XP+gT+iT+pQ+rc/oH/VZ/ZM+p/35k/vzX+9GGWViTIyJNbEmh8lhcpqcJpfJZSImYuJMnMltcps8Jo/JZ/KZeBNvCpqC5jwyZAqZQiZqoqaIKWKKmqKmmClmnHEmwSSYkqakKWVKmdKmtCljypiypqwpb8qbO8wd5k5zp7nL3GXuNnebqqaqqW6qmxqmhqlpappappapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWKamGammWlumpsWpoVpZVqZ1qa1aWPamESTaNqatqadaWfam/amg+lgOpqOppPpZLqYLqar6Wq6mW4mySSZnqan6WV6mT6mj+ln+pn+pr8ZYAaYZJNsBplBZrAZbIaYIWaoGWaGnz9RNSPNKDPajDFjTYpJMePNeDPBTDATzUQz2Uw2qSbVTDPTzHQz3cw0M80sM8vMNrPNXDPXpJk0M9/MN+km3Sw0C02GyTCLzWKz1Cw1y81ys9KsNKvNarMW1pr1Zr3ZaDaazWaz2Wq2mu1mu9lhdpidZqfZbXabPWaP2Wv2mn1mn9lv9ptMk2kOmAPmoDloDplD5rA5bI6YI+aYOWaOm+PmhDlhTplT5ozJe/H70ptYm93msFfZnPZqm8teY/8+zmfz23hbwBa02uaxeX8VG2ttUXuTLWaLW2dL2AR782/isracLW8r2DtsRXunrfSbuIa919a099la9n5b3d7zq7i2fcDWsY/auogAtrGtb5vaBvZR29A+ZhvZxraJbWpb26dsG/u0TbTP2Lb22d/E8+0Cu9KusqvtGrvT7rKn7Gl70H5jz9gfbTfb3fazr9j+9lU7wL5mk+3A38TD7Vt2hB1pR9nRdowd+5t4sp1iU+1UO82+a6fbGb+J0+wHdpZNt7PtHDvXzvs5Pl9Tuv3QLrQf2QwbwGK7xC61y+xyu+L/17rErrPr7Qa7w35iN9stdqvdZrdfOhG2u+xu+6ndYz+zB+zXdp/9wu63h2ym/ern+PzjO2S/tYftd/aIPWqP2e/tcfuD+jl3ZC8A+6P93v5kz1lvgZCAJCkKKIayUSxlpxx0FeWkqykXXUMRupbi6DrKTddTHspL+Sg/xVMBKkiaDFkiCqkQFaYo3UCXyitGxclRCUqgm6kk3UKl6FYqTbdRGbqdylI5Kk8V6A6qSHdSJbqLKtPdVIWqUjWqTvdQDbqXatJ9VIvup9r0ANWhB6kuPUT16GGqT49QA3qUGtJj1IgaUxNqSs3ocWpOT1ALakmt6ElqTU9RG3qaEukZakvPUjv6G7Wn56gDPU8d6QXqRJ2pC71IXekl6kbdKYl6UE96mXpRb+pDfakfvUL96VUaQK9RMg2kQfQ6DaY3aAi9SUNpGA2nt2gEjaRRNJrG0FhKoXE0nt6mCfQOTaRJNJmmUCpNpWn0Lk2nGTST3qNZ9D7Npjk0l+ZRGn1A82kBpdOHtJA+ogxaRItpCS2lZbScVtBKWkWraQ2tpXW0njbQRtpEm2kLbaVttJ0+ph30Ce2kXbSbPqU99Bntpc9pH31B++lLyqSv6AB9TQfpGzpE3/ru9B0doaN0jL6n4/QDnaCTdIpO0xn6kc7ST3SOPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8O48Lowd3h9mCfMG+YL84fxYYGwYKhDE9qQwjAsFBYOo+ENYZHwxrBoiGGxsHjowhJhQnhzWDK8JSwV3hqWDm8Ly4S3h2XDcuGj91cI7wgrhneGlcK7wsrh3WGVsGpYLawe3hPWCO8Na4b3hbXC+8NS4QNhnfDBsG74UFgvfDisHz4SNggfDRuGj4WNwsZhk7Bp2Cx8PGwePhG2CFuGrcInw9bhU2Gb8OkwMXwmbBs++/P8Awv+eD4p7BH2DF8OXw69v0/Ojc6LpkU/iM6PLoimRz+MLox+FM2ILoouji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Iel89Gzh0wkmnXOBiXDYX67K7HO4ql9Nd7XK5a1zEXevi3HUut7ve5XF5XT6X38W7Aq6g084468iFrpAr7KLuBlfE3eiKuptcMVfcOVfCJbimrplr5pq7J1wL19K1ck+6J91T7in3tHvaPePaumddO/c319495zq4593z7gXXyXV2XdyLrqsbl+vCezLJ9XQ9XS/Xy/VxfVw/18/1d/3dADfAJbtkN8gNcoPdYDfEDXFD3VA33A13I9wIN8qNcmPcGJfiUtx4N95NcBPcRDfRTXaTXapLddPcNDfdTXcVZ1w4ymw32811c12aS3Pz3flzxnS30C10GS7DLXaL3VK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdDrfD7fTXXFjU7XF73V63z+1z+92XLtN95Q64r91B94075L51h9137og76o65791x94M74U66U+60O+N+dGfdT+6c8y4lMi4yPvJ2ZELkncjEyKTI5MiUSGpkamRa5N3I9MiMyMzIe5FZkfcjsyNzInMj8yJpkQ8i8yMLIumRDyMLIx9FMiKLIosjSyJLI8si3hfYHPpCvrCP+ht8EX+jL+pv8sV8ce98CZ/gb/Yl/S2+lL/Vl/a3+TL+dl/Wl/Pl/WO+kW/sm/imvpl/3Df3T/gWvqVv5Z/0rf1Tvo1/2if6Z3xb/6xv5//m2/vnfAf/vO/oX/CdfGffxb/ou/qXfDff3Sf5Hr6nf9n38r19H9/X9/Ov+P7+VT/Av+aT/UA/yL/uB/s3/BD/ph/qh/nhMW/5EZcukWGsT/Hj/Hj/tp/g3/ET/SQ/2U/xqX6qn+bf9dP9DD/Tv+dn+ff9bD/Hz/XzfJr/wM/3C3y6/9Av9B/5DL/o0k1lv9yv8Cv9Kr/ar/Fr/Tq/3m/wG/0mv9lv8Vv9Nr/df+x3+E/8Tr/L7/af+j3+M7/Xf+73+S/8fv+lz/Rf+QP+a3/Qf+MP+W/9Yf+dP+KP+mP+e3/c/+BP+JP+lD/tz/gf/Vn/kz/H/2eNMcYYY+xPGXd5KH49c+F2fo/fyRG/2LknAFy9JX/mL+fPn1GuzXNh3FvEt44AwDPdOz58aatSJSkp6eK+GRKCwnMALv1N0HkxcDleBK3gKUiEllDyd+vvLTqfoX+wfvQ2gBy/yImFy/Hl9T8HwKTfWf/xJ4fPLxOeivsf1p8DULTw5ZzscDleBK1+vr/SEkr9Qf15m/+y/tjfrp/9ixSAFr/IyQmX48v1J8AT8Cwk/mpPxhhjjDHGGGPsgt6ifPtL15+X/sXn712fx6vLOdngcvyPrs8ZY4wxxhhjjDF25T3XucvTjycmtmz/zw8q/a+y/vSgIfxfrcyD3x14D3DpJwoA/sUFAc4P5L/zUWz6txwr+eJb5++nlp72AfxntPKvGFzhDybGGGOMMcbYX+7ySf+vf66uVEGMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlgW9O/4dWJX+jEyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjV9r/CwAA///UxgMC") mount(0x0, &(0x7f0000000640)='./file0/../file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0) 6m14.381661739s ago: executing program 2 (id=5177): r0 = socket(0x40000000015, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x271b, 0x0, &(0x7f00000000c0)=0xfb0c26a3ca35b30f) 6m13.82600811s ago: executing program 2 (id=5188): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x8000000, 0x0, 0x2, 0x0, 0x8000}, 0x20) 6m13.374134959s ago: executing program 33 (id=5188): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x8000000, 0x0, 0x2, 0x0, 0x8000}, 0x20) 2.377621875s ago: executing program 4 (id=11296): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000003180)=""/4112, &(0x7f0000000000)=0x1010) 2.159650639s ago: executing program 4 (id=11299): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000800)={0x2, 0x28, 0xfa00, {0x0, {0x1b, 0x4e22, 0x3, @dev={0xfe, 0x80, '\x00', 0x2a}, 0x36c}}}, 0x30) 2.029066421s ago: executing program 3 (id=11302): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0x40402, 0x1) write$cgroup_int(r0, &(0x7f0000000040)=0x4908, 0x12) 1.900565184s ago: executing program 4 (id=11304): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@ipv6_newrule={0x34, 0x20, 0x2d2c6d60ea1da725, 0x70bd29, 0x25dfdbfd, {0xa, 0x0, 0x0, 0x7, 0xff, 0x0, 0x0, 0x1, 0x10002}, [@FIB_RULE_POLICY=@FRA_PRIORITY={0x8}, @FIB_RULE_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0xa5e9}, @FIB_RULE_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e23, 0x4e23}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008081}, 0x0) 1.795652646s ago: executing program 3 (id=11307): r0 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x5, 0x0, 0x4) 1.664022278s ago: executing program 4 (id=11311): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_netrom_SIOCDELRT(r0, 0x890c, &(0x7f0000000040)={0x1000000, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bpq0, 0x1, 'syz1\x00', @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xc, 0x4, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast]}) 1.5694766s ago: executing program 3 (id=11313): r0 = socket(0x1d, 0x2, 0x6) ppoll(&(0x7f0000000c80)=[{r0}], 0x1, &(0x7f0000000cc0)={0x0, 0x989680}, 0x0, 0x0) 1.529858081s ago: executing program 0 (id=11314): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000400000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 1.478246542s ago: executing program 4 (id=11316): r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$get_persistent(0x16, 0xffffffffffffffff, r0) 1.404282643s ago: executing program 3 (id=11317): r0 = syz_open_dev$video4linux(&(0x7f0000000400), 0x800000000401, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc040564a, &(0x7f0000000000)={0x0, 0x1, 0x1011, 0xffffffffffffffff, 0x0, 0x0}) 1.302590765s ago: executing program 5 (id=11318): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000002a0003470fbb65e1c3e4ffff06006000160000005600000025000000190013000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) 1.243737396s ago: executing program 3 (id=11319): r0 = syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x120c083, &(0x7f0000000480), 0xfd, 0x111d, &(0x7f0000000640)="$eJzs2bFqFFEUBuD/7qwm3cjYD4IWFhIS1gcwhcK2ttqIBARTZUFQfA3fwLfwFTSVtSG9FgFLYWScHRMloCGbQOD7YPeeOTNnzr3lvRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoTZOvJbk5SZoxN0lSkrbdnx8macf8jY/VJCWPd+aLh3uzR4sk1a/Hy5Ok9FV9WZqt2+vNrJk1W839B9t3Pi1ev3n5bHd3Z2/5mpI2B0crXUUZ/6qTubLSHgAAAHBldedW592r/+l0/cvF9AcAAAD+ZeUHCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABn1NXHcTMGkyQladv9+WGS9pS6a5c0PwAAAOD8SiZ5Wp+WH44Bjt3L57r8zvfj99LHm3lfp0wvb8oAAABw5bz48Mdlt7YMTn5f/9EN+n333UyHffn6cO9WptnYGOLlkG/bSZVk869eB0dvn4+/0lXJ2sWsCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJ/swAEJAAAAgKD/r9sRKAAAAAAAAAAAAAAAAAAAAAAAAAAAFwUAAP//cLriEQ==") syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000100)='.\x00', 0x1a484bc, &(0x7f0000000200)=ANY=[@ANYRES8=r0, @ANYBLOB="eea73c3ca047349ab66dff07b1e2bdc61875c6ccebea30ba1b8977c632dd4bd75d3cfd10cce0c88ccff0ff447cd9caded4abf65767e9dbbd7b5841a8ce3eae5cb5abfd7d4fb44c7151dec2b7b8f9cf870af04f1cc951b195c7fd36ffdbd0622cdc14395f095fb0d31f384214d59a0105d577557215473973f3b70178f49f07562f4d21cad59fafb7fbaf76061c56fdd2093329e2ece7cf96435bca11a90ba7f31e69c4b73ba3d172906ffc90f5de134a696a731d20a9cf70009a31f83d4b774b0d99de69f14de9e655b84b646166d979b9cdbde38324510998bba500000000007cf791c3e2fc9c72f920a64e0000000000000000000000b5ff5bb6b1fa869800651587af", @ANYRES8, @ANYRESDEC=r0, @ANYRESOCT, @ANYRES16, @ANYRESHEX=r0, @ANYRESHEX, @ANYRESDEC], 0x1, 0x0, &(0x7f0000000480)) 1.229854647s ago: executing program 4 (id=11320): r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0x5f, 0x2a, 0xb4, 0x20, 0xc72, 0xd, 0x279b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xdb, 0xa2, 0x92}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.197125717s ago: executing program 0 (id=11321): r0 = socket(0x1d, 0x2, 0x6) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'wlan1\x00', &(0x7f0000000080)=@ethtool_ringparam={0x11, 0x0, 0xffff7fff, 0x1ff, 0x1, 0x0, 0x4, 0x6, 0xffffffff}}) 1.144800218s ago: executing program 6 (id=11322): r0 = socket$inet_icmp(0x2, 0x2, 0x1) sendto$inet(r0, &(0x7f0000000780)="82734b7244c539ac", 0x8, 0x8005, 0x0, 0x0) 1.069062469s ago: executing program 5 (id=11323): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)={0x2, 0x400000000000003, 0x20, 0x0, 0x13, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3, 0x0, 0x0, 0x100000000000000}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e20, @loopback}}, @sadb_lifetime={0x4, 0x4, 0x0, 0xfffffffffffffffe}, @sadb_sa={0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @broadcast}}, @sadb_x_sec_ctx={0x1, 0x18, 0x6a, 0xb}]}, 0x98}}, 0x0) 995.642641ms ago: executing program 0 (id=11324): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x685}, [@printk={@d, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffd}, 0x39) 811.538505ms ago: executing program 0 (id=11325): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}, @IPSET_ATTR_MAXELEM={0x8}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x60}}, 0x0) 811.464305ms ago: executing program 6 (id=11326): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000000c0)) 734.157996ms ago: executing program 6 (id=11327): r0 = socket(0x1d, 0x2, 0x6) ppoll(&(0x7f0000000c80)=[{r0}], 0x1, &(0x7f0000000cc0)={0x0, 0x989680}, 0x0, 0x0) 619.685628ms ago: executing program 5 (id=11328): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newtaction={0x78, 0x30, 0xb, 0x0, 0x0, {}, [{0x64, 0x1, [@m_skbmod={0x60, 0x1, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBMOD_DMAC={0x0, 0x3, @multicast}, @TCA_SKBMOD_SMAC={0xfffffffffffffece, 0x4, @multicast}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0) 607.469209ms ago: executing program 0 (id=11329): r0 = socket$inet(0xa, 0x801, 0x84) getsockopt$bt_hci(r0, 0x84, 0x1, &(0x7f0000001500)=""/4110, &(0x7f0000000000)=0x100e) 387.668003ms ago: executing program 0 (id=11330): r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x88, &(0x7f0000000180)=@generic={0x7, 0x2, 0x80, "b7946c80", "bcd8cc342bf8a2bb84d3d94e0ba1e50e574b1a69b9fea4f1c946a340d7b89d8d5d427fa6b79eee934c94d64ed752de1dbe33ae6a75d95c3b7a8315431363b6fc091bc1c17d218e9e6ccc57330204b00c6fa2bbd6b264aed73c3f594be8f8e1bdf01d3304c3f1cad09f980c9f382bef347cede3a4d883a2e099857f834d171e69"}) 387.596843ms ago: executing program 6 (id=11331): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) 290.005605ms ago: executing program 5 (id=11332): r0 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'veth0_vlan\x00', &(0x7f0000000040)=@ethtool_ts_info={0x26}}) 227.265666ms ago: executing program 6 (id=11333): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000100)={0x0, 0x5, 0x20, 0x8, 0x1}, &(0x7f0000000280)=0x18) 87.691399ms ago: executing program 5 (id=11334): r0 = fsopen(&(0x7f0000000400)='pipefs\x00', 0x0) vmsplice(r0, &(0x7f0000000ac0)=[{0xffffffffffffffff}], 0x1, 0x0) 85.114868ms ago: executing program 6 (id=11335): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@ipv6_delrule={0x30, 0x18, 0x1, 0x0, 0x0, {0xa, 0x80, 0x0, 0x0, 0xff, 0x3, 0x0, 0x6}, [@FRA_DST={0x14, 0x1, @private1}]}, 0x30}}, 0x0) 34.186059ms ago: executing program 3 (id=11336): setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@local, @in, 0x4e21, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x800, 0x0, 0x6}}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d0b939d60a53067d50000200006241a0000000905810300020000000904010000020d00000904010102020d0000090582020002000000090b"], 0x0) 0s ago: executing program 5 (id=11337): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x5, 0x97, &(0x7f00000001c0)=""/151}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)='\x00', 0x0, 0x2}, 0x50) kernel console output (not intermixed with test programs): ] netlink: 'syz.5.8802': attribute type 1 has an invalid length. [ 603.127498][T24291] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.149678][T24264] loop4: detected capacity change from 0 to 32768 [ 603.188196][T24264] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.8789 (24264) [ 603.229300][T24264] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 603.256191][T24264] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 603.323152][T24264] BTRFS info (device loop4): force zlib compression, level 3 [ 603.330576][T24264] BTRFS info (device loop4): turning on sync discard [ 603.359737][T24264] BTRFS info (device loop4): setting nodatasum [ 603.374131][T24264] BTRFS info (device loop4): use zlib compression, level 3 [ 603.423066][T24264] BTRFS info (device loop4): allowing degraded mounts [ 603.429914][T24264] BTRFS info (device loop4): enabling ssd optimizations [ 603.475748][T24264] BTRFS info (device loop4): using free space tree [ 603.989997][T24338] loop5: detected capacity change from 0 to 64 [ 604.083065][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 604.083080][ T26] audit: type=1800 audit(1756998506.766:2461): pid=24338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.8817" name="file1" dev="loop5" ino=21 res=0 errno=0 [ 604.190032][ T4273] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 604.652782][T24359] loop5: detected capacity change from 0 to 256 [ 604.665309][T24361] loop3: detected capacity change from 0 to 64 [ 604.987161][T24371] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8832'. [ 605.197091][T24375] loop5: detected capacity change from 0 to 2048 [ 605.256957][T24375] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 605.390849][T24383] netlink: 'syz.6.8839': attribute type 13 has an invalid length. [ 605.454421][T24383] device veth0_macvtap left promiscuous mode [ 605.509323][T24383] macvtap0: refused to change device tx_queue_len [ 605.699100][T24370] loop4: detected capacity change from 0 to 32768 [ 605.778314][T24397] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8845'. [ 605.939681][T24401] loop6: detected capacity change from 0 to 1024 [ 606.241383][T24415] IPv6: sit1: Disabled Multicast RS [ 606.247056][T24411] netlink: 64 bytes leftover after parsing attributes in process `syz.3.8853'. [ 606.499489][T24422] loop5: detected capacity change from 0 to 8 [ 606.593601][T24425] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8860'. [ 606.601240][T24427] vivid-000: disconnect [ 606.602577][T24425] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8860'. [ 606.602742][T24425] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 606.625278][T24426] vivid-000: reconnect [ 606.644549][T24422] SQUASHFS error: lzo decompression failed, data probably corrupt [ 606.654802][T24422] SQUASHFS error: Failed to read block 0x0: -5 [ 606.661959][T24422] SQUASHFS error: lzo decompression failed, data probably corrupt [ 606.670221][T24422] SQUASHFS error: Failed to read block 0x0: -5 [ 606.681834][ T26] audit: type=1800 audit(1756998509.366:2462): pid=24422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.8859" name="file2" dev="loop5" ino=3 res=0 errno=0 [ 606.726298][T24425] 8021q: adding VLAN 0 to HW filter on device bond5 [ 606.820719][ T26] audit: type=1326 audit(1756998509.506:2463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24434 comm="syz.3.8867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb62f8ebe9 code=0x7ffc0000 [ 606.852969][ T26] audit: type=1326 audit(1756998509.536:2464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24434 comm="syz.3.8867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb62f8ebe9 code=0x7ffc0000 [ 606.866409][T24436] loop4: detected capacity change from 0 to 256 [ 606.888884][ T26] audit: type=1326 audit(1756998509.536:2465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24434 comm="syz.3.8867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7fcb62f8ebe9 code=0x7ffc0000 [ 606.977943][T24436] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 607.012966][ T26] audit: type=1326 audit(1756998509.536:2466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24434 comm="syz.3.8867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb62f8ebe9 code=0x7ffc0000 [ 607.158371][ T26] audit: type=1326 audit(1756998509.536:2467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24434 comm="syz.3.8867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb62f8ebe9 code=0x7ffc0000 [ 607.299637][T24452] loop3: detected capacity change from 0 to 2048 [ 607.313267][ T7] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 607.361786][T24454] device gre0 entered promiscuous mode [ 607.494442][T24452] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 607.504654][ T7] usb 5-1: config 1 has an invalid descriptor of length 212, skipping remainder of the config [ 607.534022][ T7] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 607.553371][T24461] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8876'. [ 607.626604][ T7] usb 5-1: too many endpoints for config 1 interface 1 altsetting 78: 168, using maximum allowed: 30 [ 607.703990][ T7] usb 5-1: config 1 interface 1 altsetting 78 has 0 endpoint descriptors, different from the interface descriptor's value: 168 [ 607.752264][ T7] usb 5-1: config 1 interface 1 has no altsetting 0 [ 607.814524][ T7] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 607.838426][ T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 607.853029][ T7] usb 5-1: Product: syz [ 607.883101][ T7] usb 5-1: Manufacturer: syz [ 607.887764][ T7] usb 5-1: SerialNumber: syz [ 607.929463][ T7] usb 5-1: selecting invalid altsetting 0 [ 607.937521][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 607.950146][ T7] cdc_ether: probe of 5-1:1.0 failed with error -22 [ 608.133935][ T7] usb 5-1: selecting invalid altsetting 0 [ 608.145322][ T7] usbtest: probe of 5-1:1.1 failed with error -22 [ 608.184495][ T7] usb 5-1: USB disconnect, device number 33 [ 608.904647][T24516] loop5: detected capacity change from 0 to 1024 [ 609.109525][ T4350] hfsplus: b-tree write err: -5, ino 4 [ 609.394077][T24536] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8912'. [ 609.748474][T24504] loop3: detected capacity change from 0 to 40427 [ 609.803215][T24504] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 609.811440][T24504] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 609.891403][T24554] loop4: detected capacity change from 0 to 1024 [ 609.920998][T24504] F2FS-fs (loop3): Found nat_bits in checkpoint [ 609.930782][T24561] cgroup: none used incorrectly [ 610.091681][T24504] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 610.128847][T24504] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 610.752522][T24584] loop6: detected capacity change from 0 to 2048 [ 610.837971][T24584] Alternate GPT is invalid, using primary GPT. [ 610.850915][T24584] loop6: p2 p3 p7 [ 610.923211][T23850] usb 6-1: new full-speed USB device number 17 using dummy_hcd [ 611.144660][T23850] usb 6-1: config 0 has an invalid interface number: 229 but max is 0 [ 611.163008][T23850] usb 6-1: config 0 has no interface number 0 [ 611.199716][T23850] usb 6-1: config 0 interface 229 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 611.253959][T23850] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=1f.38 [ 611.256393][ T4255] udevd[4255]: inotify_add_watch(7, /dev/loop6p7, 10) failed: No such file or directory [ 611.287555][ T4390] udevd[4390]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 611.298294][T23850] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 611.304684][ T4806] udevd[4806]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 611.316182][T23850] usb 6-1: Product: syz [ 611.316201][T23850] usb 6-1: Manufacturer: syz [ 611.344443][T23850] usb 6-1: SerialNumber: syz [ 611.363941][T23850] usb 6-1: config 0 descriptor?? [ 611.592611][T23850] usb 6-1: USB disconnect, device number 17 [ 612.445257][T24649] overlayfs: missing 'lowerdir' [ 612.554626][T24653] netlink: 'syz.0.8968': attribute type 1 has an invalid length. [ 612.569904][T24653] netlink: 224 bytes leftover after parsing attributes in process `syz.0.8968'. [ 612.592179][T24656] loop6: detected capacity change from 0 to 512 [ 612.618200][T24656] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 612.690080][T24656] EXT4-fs (loop6): 1 truncate cleaned up [ 612.699096][T24660] netlink: 'syz.5.8972': attribute type 29 has an invalid length. [ 612.748990][T24656] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 612.772432][T24666] netlink: 'syz.3.8975': attribute type 5 has an invalid length. [ 612.780403][T24666] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8975'. [ 612.789887][T24660] netlink: 'syz.5.8972': attribute type 29 has an invalid length. [ 612.872380][T24669] loop3: detected capacity change from 0 to 4096 [ 612.873472][T24656] cifs: Unknown parameter 'dioread_lock' [ 612.927101][T24672] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 612.980824][T24669] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 613.057512][T24669] Remounting filesystem read-only [ 613.108151][T24678] netlink: 'syz.5.8978': attribute type 10 has an invalid length. [ 613.148227][T16080] EXT4-fs (loop6): unmounting filesystem. [ 613.297610][T24682] device xfrm0 entered promiscuous mode [ 613.360724][T24685] loop3: detected capacity change from 0 to 1024 [ 613.498818][ T93] block nbd0: Attempted send on invalid socket [ 613.505104][ T93] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 613.563768][ T56] hfsplus: b-tree write err: -5, ino 4 [ 614.006312][T24712] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8995'. [ 614.171430][T24715] loop3: detected capacity change from 0 to 1764 [ 614.768472][T24738] loop6: detected capacity change from 0 to 1024 [ 614.848997][T24705] loop4: detected capacity change from 0 to 32768 [ 614.925806][ T41] hfsplus: b-tree write err: -5, ino 4 [ 614.988543][T24705] XFS (loop4): Mounting V5 Filesystem [ 615.073352][T24744] loop3: detected capacity change from 0 to 4096 [ 615.080899][T24744] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 615.234189][T24705] XFS (loop4): Ending clean mount [ 615.392672][T24765] loop6: detected capacity change from 0 to 512 [ 615.429827][ T4273] XFS (loop4): Unmounting Filesystem [ 615.535644][T24765] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 615.583891][T24765] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002] [ 615.643913][T24765] EXT4-fs (loop6): orphan cleanup on readonly fs [ 615.670605][T24765] EXT4-fs error (device loop6): ext4_orphan_get:1426: comm syz.6.9016: bad orphan inode 267 [ 615.710974][T24765] EXT4-fs (loop6): Remounting filesystem read-only [ 615.718502][T24765] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 615.826038][T24765] EXT4-fs warning (device loop6): dx_probe:893: inode #2: comm syz.6.9016: dx entry: limit 0 != root limit 125 [ 615.881043][T24765] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.9016: Corrupt directory, running e2fsck is recommended [ 616.013396][T16080] EXT4-fs (loop6): unmounting filesystem. [ 616.312813][T24764] loop5: detected capacity change from 0 to 32768 [ 616.382545][T24764] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.9018 (24764) [ 616.459285][T24764] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 616.524088][T24764] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 616.532798][T24764] BTRFS info (device loop5): using free space tree [ 616.891624][T24764] BTRFS info (device loop5): enabling ssd optimizations [ 617.122584][T10446] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 617.192822][T24776] loop6: detected capacity change from 0 to 32768 [ 617.434465][T24826] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9040'. [ 617.958466][T24843] loop4: detected capacity change from 0 to 256 [ 618.001514][T24843] FAT-fs (loop4): Directory bread(block 64) failed [ 618.031968][T24843] FAT-fs (loop4): Directory bread(block 65) failed [ 618.059202][T24843] FAT-fs (loop4): Directory bread(block 66) failed [ 618.069363][T24843] FAT-fs (loop4): Directory bread(block 67) failed [ 618.109740][T24843] FAT-fs (loop4): Directory bread(block 68) failed [ 618.129891][T24843] FAT-fs (loop4): Directory bread(block 69) failed [ 618.136678][ T4315] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 618.163462][T24843] FAT-fs (loop4): Directory bread(block 70) failed [ 618.174277][T24843] FAT-fs (loop4): Directory bread(block 71) failed [ 618.181046][T24843] FAT-fs (loop4): Directory bread(block 72) failed [ 618.192566][T24843] FAT-fs (loop4): Directory bread(block 73) failed [ 618.241378][T24850] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9051'. [ 618.261853][T24850] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9051'. [ 618.343104][ T4315] usb 6-1: Using ep0 maxpacket: 16 [ 618.358979][ T4315] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 618.388410][ T4315] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 618.446101][ T4315] usb 6-1: Product: syz [ 618.450341][ T4315] usb 6-1: Manufacturer: syz [ 618.472935][ T4315] usb 6-1: SerialNumber: syz [ 618.494190][ T4315] r8152-cfgselector 6-1: config 0 descriptor?? [ 618.677386][T24863] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0 [ 618.819172][T24867] binder: 24866:24867 ioctl c00c6211 9999999999999999 returned -14 [ 618.857191][T24869] QAT: Stopping all acceleration devices. [ 618.939354][ T4315] r8152-cfgselector 6-1: Unknown version 0x0000 [ 618.953085][ T4315] r8152-cfgselector 6-1: bad CDC descriptors [ 618.975596][ T4315] r8152-cfgselector 6-1: Unknown version 0x0000 [ 618.993472][ T4315] r8152-cfgselector 6-1: USB disconnect, device number 18 [ 619.551532][T24892] netlink: 'syz.4.9069': attribute type 3 has an invalid length. [ 619.583692][T24892] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.9069'. [ 619.907179][T24912] netlink: 160 bytes leftover after parsing attributes in process `syz.5.9080'. [ 620.380069][T24932] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9090'. [ 620.848504][T24948] netlink: 'syz.4.9097': attribute type 5 has an invalid length. [ 621.093437][T24956] netlink: 'syz.6.9102': attribute type 1 has an invalid length. [ 621.320713][T24939] loop5: detected capacity change from 0 to 32768 [ 621.338818][T24959] loop4: detected capacity change from 0 to 4096 [ 621.370674][T24959] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512) [ 621.393680][T24939] ERROR: (device loop5): dbAlloc: the hint is outside the map [ 621.393680][T24939] [ 621.456288][T24939] ERROR: (device loop5): remounting filesystem as read-only [ 621.802617][T24967] loop6: detected capacity change from 0 to 8192 [ 622.116812][T24983] netlink: 104 bytes leftover after parsing attributes in process `syz.3.9116'. [ 622.251420][T24990] loop5: detected capacity change from 0 to 164 [ 622.316994][T24990] Unsupported NM flag settings (240) [ 622.379318][T24995] netlink: 'syz.3.9120': attribute type 3 has an invalid length. [ 622.675482][T25003] netlink: 'syz.6.9125': attribute type 5 has an invalid length. [ 622.860642][T25013] RDS: rds_bind could not find a transport for 0:0:4::1, load rds_tcp or rds_rdma? [ 623.337522][T25034] netlink: 'syz.5.9140': attribute type 10 has an invalid length. [ 623.373019][T25034] netlink: 40 bytes leftover after parsing attributes in process `syz.5.9140'. [ 623.387677][T25034] device batadv0 entered promiscuous mode [ 623.401606][T25034] bridge0: port 1(batadv0) entered blocking state [ 623.418687][T25034] bridge0: port 1(batadv0) entered disabled state [ 623.433109][T25034] bridge0: port 1(batadv0) entered blocking state [ 623.439710][T25034] bridge0: port 1(batadv0) entered forwarding state [ 623.656524][T25043] loop6: detected capacity change from 0 to 4096 [ 623.689589][T25043] ntfs3: loop6: Different NTFS' sector size (4096) and media sector size (512) [ 623.735779][T24358] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 623.745954][T24358] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 623.813801][T25050] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9148'. [ 623.848840][T25043] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 623.883443][T25043] ntfs3: loop6: ino=1b, "file0" attr_set_size [ 624.002104][T16080] ntfs3: loop6: ntfs_sync_fs r=1a failed, -22. [ 624.004803][T25054] loop4: detected capacity change from 0 to 512 [ 624.020143][T16080] ntfs3: loop6: ntfs_evict_inode r=1a failed, -22. [ 624.094094][T25054] EXT4-fs: Ignoring removed nomblk_io_submit option [ 624.121028][T25054] EXT4-fs: Ignoring removed bh option [ 624.163602][T25054] EXT4-fs error (device loop4): mb_free_blocks:1810: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 624.207237][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.213579][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.282270][T25054] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #11: comm syz.4.9150: corrupted inode contents [ 624.294617][T25054] EXT4-fs error (device loop4): ext4_dirty_inode:6119: inode #11: comm syz.4.9150: mark_inode_dirty error [ 624.354455][T25054] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.9150: invalid indirect mapped block 1 (level 1) [ 624.413542][T25054] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #11: comm syz.4.9150: corrupted inode contents [ 624.464242][T25054] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 624.505589][T25054] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #11: comm syz.4.9150: corrupted inode contents [ 624.550632][T25054] EXT4-fs error (device loop4): ext4_truncate:4312: inode #11: comm syz.4.9150: mark_inode_dirty error [ 624.592378][T25054] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 624.658257][T25054] EXT4-fs (loop4): 1 truncate cleaned up [ 624.671339][T25054] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 624.714112][T25046] loop5: detected capacity change from 0 to 32768 [ 624.786617][T25054] EXT4-fs error (device loop4): ext4_find_dest_de:2115: inode #2: block 13: comm syz.4.9150: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0 [ 624.817139][T25046] [ 624.817139][T25046] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 624.817139][T25046] [ 624.904066][T25046] jfs_lookup: dtSearch returned -5 [ 625.010554][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 625.017560][T10446] [ 625.017560][T10446] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 625.017560][T10446] [ 625.020262][T25083] Timeout policy `syz0' can only be used by L3 protocol number 21 [ 625.059547][T10446] [ 625.059547][T10446] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 625.059547][T10446] [ 625.193110][T13402] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 625.398030][T13402] usb 7-1: Using ep0 maxpacket: 16 [ 625.429116][T13402] usb 7-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 625.455265][T13402] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 625.482337][T13402] usb 7-1: Product: syz [ 625.492045][T13402] usb 7-1: Manufacturer: syz [ 625.513271][T13402] usb 7-1: SerialNumber: syz [ 625.534490][T13402] usb 7-1: config 0 descriptor?? [ 625.564851][T13402] ssu100 7-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 625.594527][T25099] loop3: detected capacity change from 0 to 4096 [ 625.636407][T25099] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 625.669678][T25099] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 625.721730][T25099] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 625.772958][T25099] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 625.852842][T25099] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 625.913592][T25099] ntfs: volume version 3.1. [ 625.938594][T25099] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 625.951909][T13402] ssu100: probe of 7-1:0.0 failed with error -71 [ 625.967193][T13402] usb 7-1: USB disconnect, device number 14 [ 625.993494][T25111] xt_nat: multiple ranges no longer supported [ 626.006191][T25099] ntfs: (device loop3): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 626.046090][T25099] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 626.083217][T25099] ntfs: (device loop3): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 626.114920][T25099] ntfs: (device loop3): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 626.160521][T25117] Device name cannot be null; rc = [-22] [ 626.462614][T25129] netlink: 'syz.5.9186': attribute type 10 has an invalid length. [ 626.501114][T25129] netlink: 40 bytes leftover after parsing attributes in process `syz.5.9186'. [ 626.552487][T25129] device team0 entered promiscuous mode [ 626.584794][T25129] bridge0: port 2(team0) entered blocking state [ 626.624617][T25129] bridge0: port 2(team0) entered disabled state [ 626.665432][T25135] loop3: detected capacity change from 0 to 512 [ 626.692332][T25135] EXT4-fs: Ignoring removed nobh option [ 626.814513][T25135] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.9189: iget: bad i_size value: 38620345925642 [ 626.851933][T25135] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.9189: couldn't read orphan inode 15 (err -117) [ 626.888577][T25135] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 626.948390][T25135] EXT4-fs error (device loop3): empty_inline_dir:1885: inode #12: block 7: comm syz.3.9189: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0 [ 627.033573][T25135] EXT4-fs warning (device loop3): empty_inline_dir:1892: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60 [ 627.222079][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 627.271944][T25158] QAT: failed to copy from user cfg_data. [ 627.394134][T25164] netlink: 'syz.6.9203': attribute type 3 has an invalid length. [ 627.407224][ T93] block nbd3: Attempted send on invalid socket [ 627.413446][ T93] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 627.443087][T25165] ADFS-fs (nbd3): error: unable to read block 3, try 0 [ 627.626355][T25176] netlink: 'syz.3.9208': attribute type 15 has an invalid length. [ 627.863800][T25185] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 628.444090][T25212] loop3: detected capacity change from 0 to 1024 [ 628.567148][T25218] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9229'. [ 628.617767][T25218] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9229'. [ 628.622329][T25220] loop5: detected capacity change from 0 to 256 [ 628.644805][ T9] hfsplus: bad catalog file entry [ 628.647406][T25218] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9229'. [ 628.673122][ C0] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured! [ 628.710821][T25220] FAT-fs (loop5): Directory bread(block 64) failed [ 628.730752][T25220] FAT-fs (loop5): Directory bread(block 65) failed [ 628.765505][T25220] FAT-fs (loop5): Directory bread(block 66) failed [ 628.786891][T25220] FAT-fs (loop5): Directory bread(block 67) failed [ 628.827889][T25220] FAT-fs (loop5): Directory bread(block 68) failed [ 628.853074][T25220] FAT-fs (loop5): Directory bread(block 69) failed [ 628.859849][T25220] FAT-fs (loop5): Directory bread(block 70) failed [ 628.893355][T25220] FAT-fs (loop5): Directory bread(block 71) failed [ 628.899993][T25220] FAT-fs (loop5): Directory bread(block 72) failed [ 628.933545][T25220] FAT-fs (loop5): Directory bread(block 73) failed [ 629.116221][T25235] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9237'. [ 629.629700][T25252] Invalid option length (0) for dns_resolver key [ 630.206105][T25279] netlink: 'syz.3.9257': attribute type 10 has an invalid length. [ 630.256168][T25279] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9257'. [ 630.293075][T25279] device batadv0 entered promiscuous mode [ 630.353679][T25279] bridge0: port 3(batadv0) entered blocking state [ 630.360191][T25279] bridge0: port 3(batadv0) entered disabled state [ 630.424088][T25279] bridge0: port 3(batadv0) entered blocking state [ 630.430633][T25279] bridge0: port 3(batadv0) entered forwarding state [ 630.474298][T25288] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9262'. [ 630.514054][T25288] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9262'. [ 630.703281][ T4350] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 630.712629][ T4350] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 630.841995][T25305] loop4: detected capacity change from 0 to 64 [ 630.921548][T25307] loop5: detected capacity change from 0 to 512 [ 630.962767][T25307] EXT4-fs: Ignoring removed nomblk_io_submit option [ 630.993266][T25307] EXT4-fs: Ignoring removed bh option [ 631.093196][T25307] EXT4-fs error (device loop5): mb_free_blocks:1810: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 631.178219][T25307] EXT4-fs error (device loop5): ext4_do_update_inode:5254: inode #11: comm syz.5.9271: corrupted inode contents [ 631.196533][T25316] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9274'. [ 631.263864][T25307] EXT4-fs error (device loop5): ext4_dirty_inode:6119: inode #11: comm syz.5.9271: mark_inode_dirty error [ 631.301629][T25307] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.9271: invalid indirect mapped block 1 (level 1) [ 631.350480][T25307] EXT4-fs error (device loop5): ext4_do_update_inode:5254: inode #11: comm syz.5.9271: corrupted inode contents [ 631.393129][T25307] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 631.430643][T25307] EXT4-fs error (device loop5): ext4_do_update_inode:5254: inode #11: comm syz.5.9271: corrupted inode contents [ 631.460399][T25325] netlink: 'syz.4.9278': attribute type 10 has an invalid length. [ 631.473594][T25307] EXT4-fs error (device loop5): ext4_truncate:4312: inode #11: comm syz.5.9271: mark_inode_dirty error [ 631.477775][T25325] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9278'. [ 631.517235][T25307] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 631.524864][T25325] batman_adv: batadv0: Adding interface: virt_wifi0 [ 631.541267][T25307] EXT4-fs (loop5): 1 truncate cleaned up [ 631.541286][T25325] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 631.560819][T25307] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 631.663998][T25325] batman_adv: batadv0: Interface activated: virt_wifi0 [ 631.727477][T25307] EXT4-fs error (device loop5): ext4_find_dest_de:2115: inode #2: block 13: comm syz.5.9271: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0 [ 631.871282][T10446] EXT4-fs (loop5): unmounting filesystem. [ 631.883096][ C1] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured! [ 631.936642][T25318] loop3: detected capacity change from 0 to 32768 [ 631.954485][T25332] loop4: detected capacity change from 0 to 2048 [ 631.985075][T25318] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.9277 (25318) [ 632.036517][T25332] Invalid option length (0) for dns_resolver key [ 632.074453][T25318] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 632.143972][T25318] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 632.215453][T25318] BTRFS info (device loop3): enabling disk space caching [ 632.223093][T25318] BTRFS info (device loop3): disabling tree log [ 632.229366][T25318] BTRFS info (device loop3): setting nodatasum [ 632.257336][T25328] loop6: detected capacity change from 0 to 32768 [ 632.274818][T25318] BTRFS info (device loop3): turning off barriers [ 632.287601][T25328] ERROR: (device loop6): dbAlloc: the hint is outside the map [ 632.287601][T25328] [ 632.307681][T25318] BTRFS info (device loop3): doing ref verification [ 632.348379][T25318] BTRFS info (device loop3): force clearing of disk cache [ 632.367287][T25328] ERROR: (device loop6): remounting filesystem as read-only [ 632.375413][T25318] BTRFS info (device loop3): turning on flush-on-commit [ 632.389236][T25318] BTRFS info (device loop3): enabling ssd optimizations [ 632.453311][T25318] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8) [ 632.462720][T25318] BTRFS info (device loop3): use lzo compression, level 0 [ 632.515216][T25318] BTRFS info (device loop3): disk space caching is enabled [ 632.586544][T25352] SET target dimension over the limit! [ 632.971959][T25380] netlink: 'syz.4.9298': attribute type 11 has an invalid length. [ 633.000284][T25382] cgroup: No subsys list or none specified [ 633.006868][T25318] BTRFS info (device loop3): rebuilding free space tree [ 633.050740][T25318] BTRFS info (device loop3): disabling free space tree [ 633.070148][T25318] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 633.126252][T25318] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 633.432442][ T4261] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 633.439469][T25398] netlink: 'syz.5.9305': attribute type 1 has an invalid length. [ 633.481671][T25398] netlink: 128 bytes leftover after parsing attributes in process `syz.5.9305'. [ 634.606122][T25432] loop3: detected capacity change from 0 to 512 [ 634.647770][T25436] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 634.718009][T25408] loop5: detected capacity change from 0 to 32768 [ 634.743209][T25408] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by syz.5.9311 (25408) [ 634.744798][T25415] loop4: detected capacity change from 0 to 32768 [ 634.772363][T25432] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 634.829236][T25432] ext4 filesystem being mounted at /1873/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 634.839627][T25415] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 634.853144][T25432] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #4: comm syz.3.9322: corrupted inode contents [ 634.861598][T25415] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 634.905565][T25443] futex_wake_op: syz.6.9325 tries to shift op by -1; fix this program [ 634.920225][T25432] EXT4-fs error (device loop3): ext4_dirty_inode:6119: inode #4: comm syz.3.9322: mark_inode_dirty error [ 634.951787][T25408] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 634.972797][T25432] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #4: comm syz.3.9322: corrupted inode contents [ 634.979844][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 634.979856][ T26] audit: type=1326 audit(1756998537.656:2468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25444 comm="syz.0.9326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 635.040083][T25415] (syz.4.9315,25415,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=0, inode=281474976710721, rec_len=32768, name_len=1 [ 635.052470][T25408] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 635.083976][T25432] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #4: comm syz.3.9322: mark_inode_dirty error [ 635.126424][ T26] audit: type=1326 audit(1756998537.706:2469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25444 comm="syz.0.9326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 635.149689][T25415] (syz.4.9315,25415,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 635.150446][T25408] BTRFS info (device loop5): using free space tree [ 635.199652][T25432] Quota error (device loop3): write_blk: dquota write failed [ 635.216392][T25415] (syz.4.9315,25415,1):ocfs2_mknod:298 ERROR: status = -2 [ 635.223190][ T26] audit: type=1326 audit(1756998537.716:2470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25444 comm="syz.0.9326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 635.244232][T25415] (syz.4.9315,25415,1):ocfs2_mknod:502 ERROR: status = -2 [ 635.292969][T25432] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 635.383973][T25415] (syz.4.9315,25415,0):ocfs2_create:676 ERROR: status = -2 [ 635.391351][T25432] EXT4-fs error (device loop3): ext4_acquire_dquot:6816: comm syz.3.9322: Failed to acquire dquot type 1 [ 635.413743][ T26] audit: type=1326 audit(1756998537.716:2471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25444 comm="syz.0.9326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 635.474113][ T26] audit: type=1326 audit(1756998537.716:2472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25444 comm="syz.0.9326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 635.562787][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 635.575222][ T4273] ocfs2: Unmounting device (7,4) on (node local) [ 635.641305][T25408] BTRFS info (device loop5): enabling ssd optimizations [ 635.686029][T25479] IPv6: addrconf: prefix option has invalid lifetime [ 635.840907][T10446] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 636.170942][T25495] loop4: detected capacity change from 0 to 512 [ 636.383282][T25495] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 636.456510][T25495] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 636.515636][T25495] Quota error (device loop4): write_blk: dquota write failed [ 636.523133][T25495] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 636.533359][T25495] EXT4-fs error (device loop4): ext4_acquire_dquot:6816: comm syz.4.9343: Failed to acquire dquot type 0 [ 636.583572][T25495] EXT4-fs (loop4): 1 truncate cleaned up [ 636.627452][T25495] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 637.083357][ T9982] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 637.225197][T25497] loop6: detected capacity change from 0 to 32768 [ 637.277975][ T9982] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 637.320895][ T9982] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 62709, setting to 1024 [ 637.348837][ T9982] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 1024 [ 637.368833][ T9982] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 637.382317][ T9982] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 637.415144][T25495] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 637.427412][ T9982] usb 5-1: invalid MIDI out EP 0 [ 637.539706][ T9982] snd-usb-audio: probe of 5-1:27.0 failed with error -22 [ 637.547199][ T5031] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 637.610997][ T4808] udevd[4808]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 637.704879][T23850] usb 5-1: USB disconnect, device number 34 [ 637.730976][T25543] netlink: 24 bytes leftover after parsing attributes in process `syz.6.9365'. [ 637.743326][ T5031] usb 4-1: Using ep0 maxpacket: 8 [ 637.750138][ T5031] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 637.793286][ T5031] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 637.834493][ T5031] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 637.891449][ T5031] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 637.913038][ T5031] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 637.950680][ T5031] usb 4-1: config 0 descriptor?? [ 638.293778][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 638.411282][T23850] usb 4-1: USB disconnect, device number 31 [ 638.497264][T25541] loop5: detected capacity change from 0 to 40427 [ 638.557313][T25541] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 638.584133][T25541] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 638.601959][T25571] netlink: 'syz.6.9377': attribute type 10 has an invalid length. [ 638.619162][T25541] F2FS-fs (loop5): invalid crc value [ 638.651669][T25571] batman_adv: batadv0: Adding interface: wlan1 [ 638.662967][T25571] batman_adv: batadv0: The MTU of interface wlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 638.690465][T25541] F2FS-fs (loop5): Found nat_bits in checkpoint [ 638.796291][T25571] batman_adv: batadv0: Not using interface wlan1 (retrying later): interface not active [ 638.842494][T25541] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 638.853174][T25541] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 639.105794][T25583] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 639.434465][T25592] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 639.603027][ T5031] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 639.813060][ T5031] usb 4-1: Using ep0 maxpacket: 32 [ 639.819835][ T5031] usb 4-1: config 0 has an invalid interface number: 111 but max is 1 [ 639.863144][ T5031] usb 4-1: config 0 has no interface number 1 [ 639.870409][ T5031] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 639.935591][ T5031] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83 [ 639.963728][ T5031] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 639.975786][ T5031] usb 4-1: Product: syz [ 640.003349][ T5031] usb 4-1: Manufacturer: syz [ 640.007988][ T5031] usb 4-1: SerialNumber: syz [ 640.055078][ T5031] usb 4-1: config 0 descriptor?? [ 640.084224][T25615] netlink: 'syz.0.9398': attribute type 10 has an invalid length. [ 640.129327][T25619] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9399'. [ 640.150887][T25615] 8021q: adding VLAN 0 to HW filter on device bond0 [ 640.202002][T25615] team0: Port device bond0 added [ 640.265395][ T5031] snd-usb-6fire 4-1:0.111: unable to receive device firmware state. [ 640.284642][ T5031] snd-usb-6fire: probe of 4-1:0.111 failed with error -71 [ 640.324080][ T5031] usb 4-1: USB disconnect, device number 32 [ 640.581328][T25633] kernel read not supported for file /!selinuxwk1ÐmÃ9Éž*T“ýâ‘ïª#j—¼ÞYÌÅmVËvm(pÉ-QZ#Ò{„¿ (pid: 25633 comm: syz.6.9405) [ 641.995053][T25696] netlink: 'syz.5.9430': attribute type 1 has an invalid length. [ 642.017581][T25696] netlink: 112865 bytes leftover after parsing attributes in process `syz.5.9430'. [ 642.430744][T25714] sctp: [Deprecated]: syz.3.9438 (pid 25714) Use of int in max_burst socket option. [ 642.430744][T25714] Use struct sctp_assoc_value instead [ 643.296608][T25757] netlink: 'syz.4.9460': attribute type 1 has an invalid length. [ 643.614009][T25772] x_tables: ip_tables: osf match: only valid for protocol 6 [ 643.936325][T25786] loop5: detected capacity change from 0 to 256 [ 643.977350][T25789] loop4: detected capacity change from 0 to 2048 [ 644.053840][T25789] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 644.134838][T25786] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 644.500152][T25805] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9484'. [ 644.552961][T25805] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9484'. [ 644.582039][T25805] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9484'. [ 644.693065][ T4315] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 644.883084][ T4315] usb 7-1: Using ep0 maxpacket: 32 [ 644.904147][ T4315] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 644.932090][ T4315] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 644.971138][ T4315] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 645.014151][ T4315] usb 7-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 645.033239][ T4315] usb 7-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 645.046456][T25819] netlink: 1088 bytes leftover after parsing attributes in process `syz.4.9491'. [ 645.056900][ T4315] usb 7-1: Product: syz [ 645.061112][ T4315] usb 7-1: Manufacturer: syz [ 645.083076][ T4315] usb 7-1: SerialNumber: syz [ 645.109439][ T4315] input: appletouch as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/input/input28 [ 645.385405][ T4315] usb 7-1: USB disconnect, device number 15 [ 645.416385][ T4315] appletouch 7-1:1.0: input: appletouch disconnected [ 645.621865][T25843] loop4: detected capacity change from 0 to 1024 [ 645.720623][T25843] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #3: comm syz.4.9503: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 3, max 3(4), depth 0(0) [ 645.754002][T25843] EXT4-fs error (device loop4): ext4_quota_enable:7027: comm syz.4.9503: Bad quota inode: 3, type: 0 [ 645.801136][T25851] netlink: 'syz.0.9506': attribute type 10 has an invalid length. [ 645.813376][T25843] EXT4-fs warning (device loop4): ext4_enable_quotas:7068: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 645.829807][T25843] EXT4-fs (loop4): mount failed [ 645.852383][T25851] netlink: 40 bytes leftover after parsing attributes in process `syz.0.9506'. [ 645.904963][T25851] netlink: 'syz.0.9506': attribute type 10 has an invalid length. [ 645.936502][T25851] netlink: 40 bytes leftover after parsing attributes in process `syz.0.9506'. [ 646.038094][T25858] comedi: No check for data length of config insn id 64 is implemented [ 646.108552][T25858] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c [ 646.150747][T25858] comedi: Assuming n=15 is correct [ 646.318420][T25874] netlink: 'syz.5.9517': attribute type 28 has an invalid length. [ 646.610117][T25887] loop6: detected capacity change from 0 to 2048 [ 646.674007][T25887] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 646.737419][T25887] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 646.803979][T16080] EXT4-fs (loop6): unmounting filesystem. [ 646.825277][T25899] loop5: detected capacity change from 0 to 256 [ 647.303158][ T4315] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 647.346172][T25921] usb usb8: usbfs: process 25921 (syz.4.9539) did not claim interface 0 before use [ 647.527133][T25931] netlink: 'syz.4.9543': attribute type 5 has an invalid length. [ 647.533094][ T4315] usb 4-1: Using ep0 maxpacket: 16 [ 647.544634][ T4315] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 647.571778][ T4315] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 647.587515][ T4315] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 647.600164][ T4315] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 647.618315][ T4315] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 647.655296][ T4315] usb 4-1: config 1 interface 0 has no altsetting 0 [ 647.661945][ T4315] usb 4-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 647.672172][ T4315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 647.711168][ T4315] ums-sddr09 4-1:1.0: USB Mass Storage device detected [ 647.957049][ T4315] ums-sddr09: probe of 4-1:1.0 failed with error -22 [ 648.004764][ T4315] usb 4-1: USB disconnect, device number 33 [ 648.178022][T25936] loop5: detected capacity change from 0 to 32768 [ 648.252351][T25936] XFS (loop5): Mounting V5 Filesystem [ 648.412337][T25936] XFS (loop5): Ending clean mount [ 648.457933][T25936] XFS (loop5): syz.5.9546 should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported [ 648.577456][T10446] XFS (loop5): Unmounting Filesystem [ 648.602666][T25968] Timeout policy `syz0' can only be used by L3 protocol number 21 [ 648.794464][T25971] netlink: 'syz.4.9560': attribute type 10 has an invalid length. [ 648.816434][T25971] 8021q: adding VLAN 0 to HW filter on device bond0 [ 648.824799][T25971] team0: Port device bond0 added [ 648.933733][T25960] loop6: detected capacity change from 0 to 40427 [ 648.960037][T25960] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504) [ 648.970464][T25960] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 648.991119][T25975] netlink: 'syz.3.9563': attribute type 1 has an invalid length. [ 649.011432][T25960] F2FS-fs (loop6): build fault injection attr: rate: 17008, type: 0x3ffff [ 649.031271][T25960] F2FS-fs (loop6): build fault injection attr: rate: 0, type: 0x5 [ 649.084112][T25960] F2FS-fs (loop6): invalid crc value [ 649.115527][T25960] F2FS-fs (loop6): Found nat_bits in checkpoint [ 649.235939][T25960] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 649.273934][T25960] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 649.557155][T16080] syz-executor: attempt to access beyond end of device [ 649.557155][T16080] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 649.574042][T25997] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9571'. [ 650.077284][T26015] cgroup2: Unexpected value for 'nsdelegate' [ 650.282634][T26028] netlink: 16 bytes leftover after parsing attributes in process `syz.6.9572'. [ 650.504389][T26037] netlink: 'syz.3.9589': attribute type 1 has an invalid length. [ 650.531219][T26039] loop6: detected capacity change from 0 to 16 [ 650.533077][T26037] netlink: 134744 bytes leftover after parsing attributes in process `syz.3.9589'. [ 650.558065][T26039] erofs: (device loop6): mounted with root inode @ nid 36. [ 650.613078][T26039] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 650.622841][T26039] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 650.667107][T26039] erofs: (device loop6): z_erofs_do_map_blocks: inconsistent algorithmtype 0 for nid 36 [ 650.682521][T26039] erofs: (device loop6): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 65535 [ 650.779447][T26039] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117] [ 650.972465][T26055] loop4: detected capacity change from 0 to 512 [ 651.123339][T26055] EXT4-fs: Ignoring removed nobh option [ 651.187114][T26055] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 651.262218][T26069] loop3: detected capacity change from 0 to 2048 [ 651.329361][T26069] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 651.361465][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 651.388477][ T26] audit: type=1326 audit(1756998554.076:2473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26075 comm="syz.0.9608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 651.473137][ T26] audit: type=1326 audit(1756998554.106:2474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26075 comm="syz.0.9608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 651.576943][ T26] audit: type=1326 audit(1756998554.106:2475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26075 comm="syz.0.9608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 651.683649][ T26] audit: type=1326 audit(1756998554.106:2476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26075 comm="syz.0.9608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 651.824548][T26088] kernel read not supported for file / œ7³ÏüâW)ës“§Ç!Qöì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 26088 comm: syz.0.9615) [ 651.865960][ T26] audit: type=1800 audit(1756998554.556:2477): pid=26088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.9615" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=100286 res=0 errno=0 [ 652.847968][T26129] loop6: detected capacity change from 0 to 4096 [ 652.922668][T26139] dlm: no locking on control device [ 653.169998][T26147] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9643'. [ 653.300750][T26152] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9646'. [ 653.313438][T26151] netlink: 'syz.0.9645': attribute type 1 has an invalid length. [ 653.339165][T26152] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9646'. [ 653.428544][T26155] loop6: detected capacity change from 0 to 8 [ 653.482599][ T4390] udevd[4390]: incorrect cramfs checksum on /dev/loop6 [ 653.511432][T26155] cramfs: Error -5 while decompressing! [ 653.531137][T26155] cramfs: ffffffff96d7a1a8(26)->ffff888039b89000(4096) [ 653.549093][T26155] cramfs: Error -5 while decompressing! [ 653.562186][T26155] cramfs: ffffffff96d7a1c2(26)->ffff88803b5a9000(4096) [ 653.569008][ T4390] udevd[4390]: incorrect cramfs checksum on /dev/loop6 [ 653.587123][T26157] netlink: 32 bytes leftover after parsing attributes in process `syz.0.9648'. [ 653.589271][T26155] cramfs: Error -3 while decompressing! [ 653.610761][T26155] cramfs: ffffffff96d7a1dc(16)->ffff88803b5bf000(4096) [ 653.621207][T26155] cramfs: Error -5 while decompressing! [ 653.651339][T26155] cramfs: ffffffff96d7a1a8(26)->ffff888039b89000(4096) [ 654.172565][T26185] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 654.260730][T26189] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 654.992186][T26226] loop5: detected capacity change from 0 to 256 [ 655.349892][T26238] fuse: blksize only supported for fuseblk [ 655.604769][T26248] loop5: detected capacity change from 0 to 512 [ 655.691985][T26257] xt_l2tp: v2 doesn't support IP mode [ 655.711112][T26248] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 655.728391][T26248] ext4 filesystem being mounted at /1375/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 655.780794][T26248] EXT4-fs error (device loop5): ext4_empty_dir:3136: inode #12: comm syz.5.9693: invalid size [ 655.815619][T26248] EXT4-fs (loop5): Remounting filesystem read-only [ 655.992650][T10446] EXT4-fs (loop5): unmounting filesystem. [ 656.441383][T26284] loop4: detected capacity change from 0 to 64 [ 656.467120][T26287] netlink: 16 bytes leftover after parsing attributes in process `syz.6.9710'. [ 656.517861][T26287] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9710'. [ 656.612051][T26291] loop3: detected capacity change from 0 to 136 [ 656.662963][T26291] Attempt to read inode for relocated directory [ 656.827531][ T26] audit: type=1107 audit(1756998559.516:2478): pid=26298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 657.327612][T26316] loop6: detected capacity change from 0 to 4096 [ 657.414441][ C1] vkms_vblank_simulate: vblank timer overrun [ 657.469588][T26328] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9732'. [ 657.481225][T26328] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9732'. [ 657.514180][T26328] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9732'. [ 657.612779][T26336] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 657.644183][T26316] NILFS error (device loop6): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1 [ 657.732617][T26316] Remounting filesystem read-only [ 657.843042][T26344] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9737'. [ 657.911961][T26344] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9737'. [ 658.431661][T26369] loop4: detected capacity change from 0 to 164 [ 658.491394][T26369] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 658.598979][T26375] overlayfs: missing 'workdir' [ 658.890036][T26391] netlink: 268 bytes leftover after parsing attributes in process `syz.5.9760'. [ 658.908764][T26391] unsupported nla_type 65024 [ 659.157629][T26399] loop5: detected capacity change from 0 to 764 [ 659.208391][T26401] netlink: 224 bytes leftover after parsing attributes in process `syz.0.9765'. [ 659.252362][T26401] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9765'. [ 659.277014][T26404] loop4: detected capacity change from 0 to 256 [ 659.303018][T26405] QAT: failed to copy from user. [ 659.689647][T26383] loop3: detected capacity change from 0 to 32768 [ 659.723154][T26383] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop3 scanned by syz.3.9756 (26383) [ 659.782018][T26383] BTRFS info (device loop3): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 659.844024][T26421] bad cache= option: nonw [ 659.844024][T26421] [ 659.863232][T26383] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 659.884047][T26421] CIFS: VFS: bad cache= option: nonw [ 659.900095][T26383] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8) [ 659.950421][T26383] BTRFS info (device loop3): use lzo compression, level 0 [ 659.968871][T26383] BTRFS info (device loop3): using free space tree [ 660.192345][T26444] netlink: 'syz.6.9782': attribute type 21 has an invalid length. [ 660.359817][T16232] BTRFS warning (device loop3): checksum verify failed on logical 5341184 mirror 1 wanted 0xa6a79200fc2db5c7fef4cde9daceb98fa983ab1b5e61c163154889303e570b9a found 0xf78cc308cf2a2f71f3d6afc3959d27189c3b2d7f84bbde7d06b13cce8929204b level 0 [ 660.413309][T26383] BTRFS error (device loop3): failed to load root free space [ 660.517503][T26383] BTRFS error (device loop3): open_ctree failed: -22 [ 660.766188][ T4390] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop3 scanned by udevd (4390) [ 661.407307][T26487] loop3: detected capacity change from 0 to 256 [ 661.490359][T26492] netlink: 52 bytes leftover after parsing attributes in process `syz.6.9801'. [ 661.554059][T26487] exfat: Deprecated parameter 'utf8' [ 661.589872][T26487] exfat: Deprecated parameter 'utf8' [ 661.629956][T26487] exfat: Deprecated parameter 'namecase' [ 661.685156][T26487] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 661.760703][T26501] xt_recent: hitcount (4294967294) is larger than allowed maximum (255) [ 661.837586][T26504] [U] [ 661.840335][T26504] [U] [ 661.843035][T26504] [U] [ 661.845728][T26504] [U] [ 661.947576][T26504] [U] [ 661.950318][T26504] [U] [ 661.953016][T26504] [U] [ 661.955713][T26504] [U] [ 662.017175][T26504] [U] [ 662.019924][T26504] [U] [ 662.022624][T26504] [U] [ 662.042647][T26503] [U] [ 662.248019][T26522] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9816'. [ 662.528790][T26536] netlink: 'syz.3.9823': attribute type 1 has an invalid length. [ 663.063735][T26558] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 663.465177][ T26] audit: type=1400 audit(1756998566.156:2479): apparmor="DENIED" operation="stack" info="label not found" error=-2 profile="unconfined" name=3A3A0AE10CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=26573 comm="syz.3.9842" [ 663.495449][ C1] vkms_vblank_simulate: vblank timer overrun [ 663.848484][T26584] loop6: detected capacity change from 0 to 16 [ 663.866932][T26551] loop4: detected capacity change from 0 to 40427 [ 663.893810][T26584] erofs: (device loop6): mounted with root inode @ nid 36. [ 663.914311][T26551] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 663.944773][T26590] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 663.960576][T26551] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 663.984334][T26584] erofs: (device loop6): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 664.000389][T26551] F2FS-fs (loop4): invalid crc value [ 664.044881][T26584] erofs: (device loop6): z_erofs_readahead: readahead error at page 1 @ nid 89 [ 664.060570][T26551] F2FS-fs (loop4): Found nat_bits in checkpoint [ 664.076375][T26584] erofs: (device loop6): z_erofs_readahead: readahead error at page 0 @ nid 89 [ 664.143462][T26584] syz.6.9847: attempt to access beyond end of device [ 664.143462][T26584] loop6: rw=524288, sector=524296, nr_sectors = 8 limit=16 [ 664.172154][T26584] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117] [ 664.194439][T26599] loop5: detected capacity change from 0 to 16 [ 664.204009][ T26] audit: type=1800 audit(1756998566.896:2480): pid=26584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.9847" name="file2" dev="loop6" ino=89 res=0 errno=0 [ 664.226578][T26551] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 664.252152][T26551] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 664.253980][T26599] erofs: (device loop5): mounted with root inode @ nid 36. [ 664.409837][T26597] loop3: detected capacity change from 0 to 8192 [ 664.518865][T26597] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 664.564972][T26597] FAT-fs (loop3): Filesystem has been set read-only [ 665.093940][ T26] audit: type=1326 audit(1756998567.786:2481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26627 comm="syz.5.9866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31f98ebe9 code=0x7ffc0000 [ 665.116363][ C1] vkms_vblank_simulate: vblank timer overrun [ 665.245196][ T26] audit: type=1326 audit(1756998567.836:2482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26627 comm="syz.5.9866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=196 compat=0 ip=0x7fb31f98ebe9 code=0x7ffc0000 [ 665.330486][ T26] audit: type=1326 audit(1756998567.836:2483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26627 comm="syz.5.9866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31f98ebe9 code=0x7ffc0000 [ 665.363152][ T8744] usb 7-1: new low-speed USB device number 16 using dummy_hcd [ 665.422152][ T26] audit: type=1326 audit(1756998567.836:2484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26627 comm="syz.5.9866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31f98ebe9 code=0x7ffc0000 [ 665.579562][ T8744] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 665.613289][ T8744] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 665.643013][ T8744] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt [ 665.682929][ T8744] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 665.710826][ T8744] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 665.763039][ T8744] usb 7-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 665.792442][ T8744] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 665.842308][ T8744] usb 7-1: config 0 descriptor?? [ 665.853546][T26625] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 666.100510][ T8744] usb 7-1: USB disconnect, device number 16 [ 666.413322][T26684] bridge0: port 1(macvlan0) entered blocking state [ 666.439881][T26684] bridge0: port 1(macvlan0) entered disabled state [ 666.456893][T26684] device macvlan0 entered promiscuous mode [ 666.552742][T26688] netlink: 'syz.4.9896': attribute type 1 has an invalid length. [ 666.579997][T26688] netlink: 228 bytes leftover after parsing attributes in process `syz.4.9896'. [ 667.004833][T26708] 8021q: adding VLAN 0 to HW filter on device bond2 [ 667.171965][T26715] rdma_rxe: rxe_register_device failed with error -23 [ 667.203381][T26715] rdma_rxe: failed to add wlan1 [ 667.416652][T26727] netlink: 202920 bytes leftover after parsing attributes in process `syz.0.9915'. [ 667.669332][T26737] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9920'. [ 667.856845][T26747] loop4: detected capacity change from 0 to 256 [ 667.898460][T26747] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 667.953464][T26752] xt_hashlimit: invalid interval [ 667.987273][T26753] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9928'. [ 667.990358][T26747] fuse: Bad value for 'fd' [ 668.047291][T26753] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9928'. [ 668.364372][T26767] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9935'. [ 668.396033][T26769] loop5: detected capacity change from 0 to 64 [ 668.407548][T26767] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 669.089940][T26797] netlink: 'syz.3.9950': attribute type 2 has an invalid length. [ 669.714055][T26823] loop3: detected capacity change from 0 to 128 [ 669.751820][T26823] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 669.804659][T26823] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 669.949113][T26829] netlink: 'syz.5.9966': attribute type 1 has an invalid length. [ 670.674682][T26855] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9979'. [ 671.527079][T26859] loop3: detected capacity change from 0 to 32768 [ 671.564406][T26859] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.9981 (26859) [ 671.654836][T26859] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 671.697013][T26859] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 671.723202][ T4315] usb 7-1: new full-speed USB device number 17 using dummy_hcd [ 671.733662][T26859] BTRFS info (device loop3): using free space tree [ 671.915324][ T4315] usb 7-1: unable to get BOS descriptor or descriptor too short [ 671.932790][ T4315] usb 7-1: not running at top speed; connect to a high speed hub [ 671.949544][ T4315] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 671.960222][ T4315] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 671.977956][ T4315] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 671.988660][ T4315] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 672.003666][ T4315] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 672.028604][ T4315] usb 7-1: New USB device found, idVendor=045e, idProduct=043f, bcdDevice=fc.90 [ 672.048304][ T4315] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 672.069398][ T4315] usb 7-1: Product: syz [ 672.079511][ T4315] usb 7-1: Manufacturer: syz [ 672.089023][ T4315] usb 7-1: SerialNumber: syz [ 672.106837][ T4315] ipaq 7-1:1.0: PocketPC PDA converter detected [ 672.177942][T26859] BTRFS info (device loop3): enabling ssd optimizations [ 672.220496][T26930] netlink: 'syz.5.10006': attribute type 1 has an invalid length. [ 672.317034][ T4315] usb 7-1: PocketPC PDA converter now attached to ttyUSB0 [ 672.397983][ T4261] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 672.543853][ T8917] usb 7-1: USB disconnect, device number 17 [ 672.603335][ T8917] ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0 [ 672.633658][ T8917] ipaq 7-1:1.0: device disconnected [ 673.343039][T23850] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 673.434331][T26966] netlink: 10 bytes leftover after parsing attributes in process `syz.3.10024'. [ 673.563242][T23850] usb 6-1: Using ep0 maxpacket: 32 [ 673.571833][T23850] usb 6-1: config 0 interface 0 has no altsetting 0 [ 673.595355][T23850] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 673.621263][T23850] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 673.652910][T23850] usb 6-1: Product: syz [ 673.663145][T23850] usb 6-1: Manufacturer: syz [ 673.678038][T23850] usb 6-1: SerialNumber: syz [ 673.689643][T23850] usb 6-1: config 0 descriptor?? [ 673.969476][T26984] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10035'. [ 674.124221][T23850] gs_usb 6-1:0.0: Couldn't get device config: (err=-71) [ 674.131389][T23850] gs_usb: probe of 6-1:0.0 failed with error -71 [ 674.178409][T23850] usb 6-1: USB disconnect, device number 19 [ 674.284523][T26999] netlink: 'syz.6.10041': attribute type 49 has an invalid length. [ 674.545830][T27010] netlink: 192 bytes leftover after parsing attributes in process `syz.4.10047'. [ 674.807196][T27022] loop3: detected capacity change from 0 to 256 [ 674.929868][T27022] FAT-fs (loop3): Directory bread(block 64) failed [ 674.953470][T27022] FAT-fs (loop3): Directory bread(block 65) failed [ 674.960267][T27022] FAT-fs (loop3): Directory bread(block 66) failed [ 675.013328][T27022] FAT-fs (loop3): Directory bread(block 67) failed [ 675.020247][T27022] FAT-fs (loop3): Directory bread(block 68) failed [ 675.067824][T27022] FAT-fs (loop3): Directory bread(block 69) failed [ 675.103069][T27022] FAT-fs (loop3): Directory bread(block 70) failed [ 675.110063][T27022] FAT-fs (loop3): Directory bread(block 71) failed [ 675.135318][T27022] FAT-fs (loop3): Directory bread(block 72) failed [ 675.141878][T27022] FAT-fs (loop3): Directory bread(block 73) failed [ 675.238533][T27041] vivid-000: disconnect [ 675.276859][T27039] vivid-000: reconnect [ 675.465602][T27049] loop6: detected capacity change from 0 to 8 [ 675.710287][T27057] tmpfs: Bad value for 'mpol' [ 675.856026][T27064] netlink: 'syz.4.10073': attribute type 3 has an invalid length. [ 676.201150][T27080] netlink: 'syz.5.10080': attribute type 21 has an invalid length. [ 676.249598][T27080] netlink: 144 bytes leftover after parsing attributes in process `syz.5.10080'. [ 676.609211][T27104] loop3: detected capacity change from 0 to 128 [ 676.651899][T27104] EXT4-fs (loop3): Test dummy encryption mode enabled [ 676.728633][T27104] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 676.784323][T27104] ext4 filesystem being mounted at /2021/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 676.866280][T27114] loop5: detected capacity change from 0 to 256 [ 676.922163][T27114] FAT-fs (loop5): Directory bread(block 64) failed [ 676.960883][T27114] FAT-fs (loop5): Directory bread(block 65) failed [ 677.000742][T27114] FAT-fs (loop5): Directory bread(block 66) failed [ 677.032094][T27114] FAT-fs (loop5): Directory bread(block 67) failed [ 677.043259][T27114] FAT-fs (loop5): Directory bread(block 68) failed [ 677.049894][T27114] FAT-fs (loop5): Directory bread(block 69) failed [ 677.091112][T27114] FAT-fs (loop5): Directory bread(block 70) failed [ 677.133656][T27114] FAT-fs (loop5): Directory bread(block 71) failed [ 677.163351][T27114] FAT-fs (loop5): Directory bread(block 72) failed [ 677.169922][T27114] FAT-fs (loop5): Directory bread(block 73) failed [ 677.444781][T27104] fscrypt (loop3): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 677.584393][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 678.048498][T27162] loop3: detected capacity change from 0 to 256 [ 678.098248][T27162] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 679.056420][T27205] binfmt_misc: register: failed to install interpreter file ./file0 [ 679.572914][T27227] sctp: [Deprecated]: syz.0.10146 (pid 27227) Use of int in max_burst socket option. [ 679.572914][T27227] Use struct sctp_assoc_value instead [ 680.107518][T27221] loop6: detected capacity change from 0 to 32768 [ 680.140430][T27221] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 scanned by syz.6.10143 (27221) [ 680.215926][T27221] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 680.254133][T27221] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm [ 680.273116][T27221] BTRFS info (device loop6): using free space tree [ 680.563110][T27221] BTRFS info (device loop6): enabling ssd optimizations [ 680.687301][T27275] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10161'. [ 680.834500][T16080] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 680.882563][T27279] netlink: 56 bytes leftover after parsing attributes in process `syz.3.10163'. [ 681.001411][T27279] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10163'. [ 681.088746][T27279] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10163'. [ 681.304184][T27293] xt_l2tp: missing protocol rule (udp|l2tpip) [ 681.328729][T27295] loop5: detected capacity change from 0 to 512 [ 681.457756][T27295] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 681.513691][T27295] ext4 filesystem being mounted at /1476/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 681.514707][T27302] misc userio: Invalid payload size [ 681.608551][T27295] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 681.651723][T27295] Quota error (device loop5): write_blk: dquota write failed [ 681.660235][T27295] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota [ 681.670693][T27295] EXT4-fs error (device loop5): ext4_acquire_dquot:6816: comm syz.5.10172: Failed to acquire dquot type 0 [ 681.828079][T10446] EXT4-fs (loop5): unmounting filesystem. [ 682.045920][T27321] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 682.080200][T27319] loop6: detected capacity change from 0 to 2048 [ 682.169568][ T4390] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 682.403401][T27329] loop5: detected capacity change from 0 to 256 [ 682.462254][T27329] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 682.525013][T27310] loop3: detected capacity change from 0 to 32768 [ 682.577451][T27308] loop4: detected capacity change from 0 to 32768 [ 682.592771][T27308] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.10176 (27308) [ 682.666847][T27308] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 682.696888][T27310] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 682.723374][T27308] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 682.773834][T27308] BTRFS info (device loop4): using free space tree [ 682.779958][T27339] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10189'. [ 682.967590][ T4261] ocfs2: Unmounting device (7,3) on (node local) [ 683.043856][T27353] device netdevsim0 entered promiscuous mode [ 683.187080][T27308] BTRFS info (device loop4): enabling ssd optimizations [ 683.377963][ T4273] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 683.421742][ T26] audit: type=1326 audit(1756998586.106:2485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27377 comm="syz.5.10199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31f98ebe9 code=0x7ffc0000 [ 683.554868][ T26] audit: type=1326 audit(1756998586.136:2486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27377 comm="syz.5.10199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31f98ebe9 code=0x7ffc0000 [ 683.690098][ T26] audit: type=1326 audit(1756998586.136:2487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27377 comm="syz.5.10199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fb31f98ebe9 code=0x7ffc0000 [ 683.712552][ C1] vkms_vblank_simulate: vblank timer overrun [ 683.719855][ T26] audit: type=1326 audit(1756998586.136:2488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27377 comm="syz.5.10199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31f98ebe9 code=0x7ffc0000 [ 683.742593][ T26] audit: type=1326 audit(1756998586.136:2489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27377 comm="syz.5.10199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb31f98ebe9 code=0x7ffc0000 [ 683.765113][ C1] vkms_vblank_simulate: vblank timer overrun [ 683.893363][T27389] tmpfs: Bad value for 'mpol' [ 683.908528][T27391] loop5: detected capacity change from 0 to 256 [ 683.929391][T27391] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 683.949021][T27391] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 683.964467][T27391] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 684.926380][T27428] netlink: 32 bytes leftover after parsing attributes in process `syz.3.10224'. [ 685.083863][ T26] audit: type=1326 audit(1756998587.776:2490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27434 comm="syz.0.10229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 685.161028][T27437] comedi comedi4: bad chanlist[0]=0xfffffffd chan=65533 range length=2 [ 685.179976][ T26] audit: type=1326 audit(1756998587.776:2491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27434 comm="syz.0.10229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 685.278869][ T26] audit: type=1326 audit(1756998587.776:2492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27434 comm="syz.0.10229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7fee3c38ebe9 code=0x7ffc0000 [ 685.633032][ C0] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured! [ 685.635887][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.647946][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.143904][T27477] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 686.249717][T27473] loop3: detected capacity change from 0 to 4096 [ 686.282022][T27483] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10252'. [ 686.320952][T27483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10252'. [ 686.346171][T27483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10252'. [ 686.347206][T27473] ntfs: volume version 3.1. [ 686.588997][T27494] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10257'. [ 687.013336][T27515] syz.4.10265 (27515): drop_caches: 0 [ 687.253478][T27523] netlink: 'syz.4.10270': attribute type 1 has an invalid length. [ 687.312752][T27527] netlink: 168 bytes leftover after parsing attributes in process `syz.6.10271'. [ 687.512235][T27531] netlink: 'syz.4.10273': attribute type 15 has an invalid length. [ 687.744010][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 687.744026][ T26] audit: type=1326 audit(1756998590.436:2495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27536 comm="syz.4.10279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ec38ebe9 code=0x7ffc0000 [ 687.798474][ T26] audit: type=1326 audit(1756998590.436:2496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27536 comm="syz.4.10279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ec38ebe9 code=0x7ffc0000 [ 687.917426][ T26] audit: type=1326 audit(1756998590.466:2497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27536 comm="syz.4.10279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7fc5ec38ebe9 code=0x7ffc0000 [ 688.016790][ T26] audit: type=1326 audit(1756998590.466:2498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27536 comm="syz.4.10279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ec38ebe9 code=0x7ffc0000 [ 688.075227][T27547] loop6: detected capacity change from 0 to 256 [ 688.095173][ T26] audit: type=1326 audit(1756998590.466:2499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27536 comm="syz.4.10279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5ec38ebe9 code=0x7ffc0000 [ 688.159982][T27547] FAT-fs (loop6): Directory bread(block 64) failed [ 688.197662][T27525] loop3: detected capacity change from 0 to 32768 [ 688.203077][T27547] FAT-fs (loop6): Directory bread(block 65) failed [ 688.231150][T27547] FAT-fs (loop6): Directory bread(block 66) failed [ 688.266006][T27547] FAT-fs (loop6): Directory bread(block 67) failed [ 688.293270][T27547] FAT-fs (loop6): Directory bread(block 68) failed [ 688.302943][T27547] FAT-fs (loop6): Directory bread(block 69) failed [ 688.309567][T27547] FAT-fs (loop6): Directory bread(block 70) failed [ 688.380288][T27547] FAT-fs (loop6): Directory bread(block 71) failed [ 688.387349][T27547] FAT-fs (loop6): Directory bread(block 72) failed [ 688.394442][T27547] FAT-fs (loop6): Directory bread(block 73) failed [ 688.413690][T27525] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 688.416600][T27547] syz.6.10283: attempt to access beyond end of device [ 688.416600][T27547] loop6: rw=524288, sector=1192, nr_sectors = 4 limit=256 [ 688.438891][T27547] syz.6.10283: attempt to access beyond end of device [ 688.438891][T27547] loop6: rw=0, sector=1192, nr_sectors = 4 limit=256 [ 688.462887][ T26] audit: type=1800 audit(1756998591.146:2500): pid=27547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.10283" name="file1" dev="loop6" ino=1048723 res=0 errno=0 [ 688.528252][T27525] OCFS2: ERROR (device loop3): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad chain 1280 [ 688.610629][T27525] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 688.648667][T27525] OCFS2: File system is now read-only. [ 688.662349][T27566] netlink: 'syz.6.10292': attribute type 6 has an invalid length. [ 688.671375][T27525] (syz.3.10269,27525,1):ocfs2_search_chain:1761 ERROR: status = -30 [ 688.733044][T27525] (syz.3.10269,27525,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 688.741087][T27525] (syz.3.10269,27525,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 688.793859][T27525] (syz.3.10269,27525,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 688.802506][T27525] (syz.3.10269,27525,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 688.853384][T27525] (syz.3.10269,27525,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 688.883264][T27525] (syz.3.10269,27525,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 688.924093][T27525] (syz.3.10269,27525,1):ocfs2_mknod:385 ERROR: status = -30 [ 688.943695][T27573] vim2m vim2m.0: Fourcc format (0x31384142) invalid. [ 688.947196][T27525] (syz.3.10269,27525,1):ocfs2_mknod:502 ERROR: status = -30 [ 688.982889][T27525] (syz.3.10269,27525,1):ocfs2_create:676 ERROR: status = -30 [ 689.119713][ T4261] ocfs2: Unmounting device (7,3) on (node local) [ 689.222933][ T8744] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 689.291586][T27586] netlink: 17 bytes leftover after parsing attributes in process `syz.4.10304'. [ 689.413327][ T8744] usb 6-1: Using ep0 maxpacket: 32 [ 689.420125][ T8744] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 689.450112][ T8744] usb 6-1: config 0 has no interface number 0 [ 689.478431][ T8744] usb 6-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 689.511097][ T8744] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 689.542569][ T8744] usb 6-1: Product: syz [ 689.555935][ T8744] usb 6-1: Manufacturer: syz [ 689.570727][ T8744] usb 6-1: SerialNumber: syz [ 689.592519][ T8744] usb 6-1: config 0 descriptor?? [ 689.615075][ T8744] usb 6-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 689.644726][ T8744] usb 6-1: selecting invalid altsetting 1 [ 689.663773][ T8744] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 689.714271][ T8744] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 689.749819][ T8744] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 689.772013][ T8744] usb 6-1: media controller created [ 689.857223][ T8744] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 690.008743][T27580] loop6: detected capacity change from 0 to 32768 [ 690.090761][T27580] XFS (loop6): Mounting V5 Filesystem [ 690.157124][ T8744] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 690.249450][T27580] XFS (loop6): Ending clean mount [ 690.301875][T27580] XFS (loop6): Quotacheck needed: Please wait. [ 690.347073][ T8744] usb 6-1: USB disconnect, device number 20 [ 690.443437][T27580] XFS (loop6): Quotacheck: Done. [ 690.596327][T16080] XFS (loop6): Unmounting Filesystem [ 690.860156][T27621] loop4: detected capacity change from 0 to 4096 [ 690.949899][T27621] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 691.129759][T27621] ntfs3: loop4: ino=1e, "file1" encrypted i/o not supported [ 691.203926][ T26] audit: type=1800 audit(1756998593.896:2501): pid=27621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.10315" name="file1" dev="loop4" ino=30 res=0 errno=0 [ 691.323437][T27638] netlink: 'syz.0.10323': attribute type 2 has an invalid length. [ 692.147958][T27639] loop5: detected capacity change from 0 to 32768 [ 692.169040][T27669] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10337'. [ 692.223047][T27669] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10337'. [ 692.285596][T27639] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode. [ 692.429207][T27639] OCFS2: ERROR (device loop5): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has bit count 57088 but max bitmap bits of 2048 [ 692.485005][T27639] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 692.530158][T27639] OCFS2: File system is now read-only. [ 692.553426][T27639] (syz.5.10325,27639,0):ocfs2_search_chain:1761 ERROR: status = -30 [ 692.584424][T27639] (syz.5.10325,27639,0):ocfs2_search_chain:1871 ERROR: status = -30 [ 692.592455][T27639] (syz.5.10325,27639,0):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 692.658813][T27639] (syz.5.10325,27639,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 692.699921][T27639] (syz.5.10325,27639,0):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 692.753185][T27639] (syz.5.10325,27639,0):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 692.792138][T27639] (syz.5.10325,27639,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 692.823009][T27639] (syz.5.10325,27639,0):ocfs2_mknod:385 ERROR: status = -30 [ 692.850985][T27639] (syz.5.10325,27639,0):ocfs2_mknod:502 ERROR: status = -30 [ 692.894757][T27639] (syz.5.10325,27639,0):ocfs2_mkdir:659 ERROR: status = -30 [ 692.955634][T27698] netlink: 28 bytes leftover after parsing attributes in process `syz.6.10350'. [ 692.977851][T27698] netlink: 68 bytes leftover after parsing attributes in process `syz.6.10350'. [ 693.027245][T10446] ocfs2: Unmounting device (7,5) on (node local) [ 693.304334][ T26] audit: type=1326 audit(1756998595.996:2502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27707 comm="syz.3.10357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb62f8ebe9 code=0x7ffc0000 [ 693.373971][ T26] audit: type=1326 audit(1756998595.996:2503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27707 comm="syz.3.10357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb62f8ebe9 code=0x7ffc0000 [ 693.460159][T27715] overlayfs: unrecognized mount option "\" or missing value [ 693.492036][ T26] audit: type=1326 audit(1756998595.996:2504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27707 comm="syz.3.10357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7fcb62f8ebe9 code=0x7ffc0000 [ 693.557167][ T26] audit: type=1326 audit(1756998595.996:2505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27707 comm="syz.3.10357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb62f8ebe9 code=0x7ffc0000 [ 693.619725][ T26] audit: type=1326 audit(1756998595.996:2506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27707 comm="syz.3.10357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb62f8ebe9 code=0x7ffc0000 [ 694.447663][T27756] loop3: detected capacity change from 0 to 4096 [ 694.469332][T27756] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 694.567629][T27756] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 694.775293][T27772] loop4: detected capacity change from 0 to 2048 [ 694.820294][T27772] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 694.845922][ T56] ntfs3: loop3: ntfs3_write_inode r=5 failed, -22. [ 694.875649][ T4261] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22. [ 694.945724][T27777] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 694.956802][T27779] netlink: 592 bytes leftover after parsing attributes in process `syz.0.10391'. [ 695.362226][T27796] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10398'. [ 695.581429][T27805] loop4: detected capacity change from 0 to 164 [ 695.603075][ T8744] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 695.636963][T27805] ISOFS: unable to read i-node block [ 695.675634][T27805] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 695.701234][T27807] loop3: detected capacity change from 0 to 4096 [ 695.719025][T27805] ISOFS: unable to read i-node block [ 695.797305][ T8744] usb 6-1: config 0 has no interfaces? [ 695.803115][T27807] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 695.813352][ T8744] usb 6-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 695.842554][ T8744] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 695.855725][T27813] xt_bpf: check failed: parse error [ 695.868542][ T8744] usb 6-1: Product: syz [ 695.873059][ C1] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured! [ 695.911698][T27807] ntfs3: loop3: Failed to load $Extend. [ 695.926306][ T8744] usb 6-1: Manufacturer: syz [ 695.930945][ T8744] usb 6-1: SerialNumber: syz [ 695.983219][ T8744] r8152-cfgselector 6-1: config 0 descriptor?? [ 696.126143][T27819] netlink: 'syz.6.10408': attribute type 13 has an invalid length. [ 696.201883][ T8744] usbip-host 6-1: 6-1 is not in match_busid table... skip! [ 696.407429][ T8917] usb 6-1: USB disconnect, device number 21 [ 696.532765][T27835] loop6: detected capacity change from 0 to 256 [ 696.833545][T27845] loop4: detected capacity change from 0 to 1024 [ 696.880325][T27845] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 696.960908][T27845] EXT4-fs error (device loop4): ext4_empty_dir:3154: inode #11: block 32: comm syz.4.10421: bad entry in directory: rec_len % 4 != 0 - offset=12, inode=2, rec_len=65526, size=1024 fake=1 [ 697.028483][T27845] EXT4-fs warning (device loop4): ext4_empty_dir:3156: inode #11: comm syz.4.10421: directory missing '..' [ 697.143252][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 697.160142][T27855] delete_channel: no stack [ 698.033071][ T8917] usb 5-1: new full-speed USB device number 35 using dummy_hcd [ 698.124734][T27897] netlink: 'syz.6.10444': attribute type 1 has an invalid length. [ 698.142626][T27897] netlink: 'syz.6.10444': attribute type 2 has an invalid length. [ 698.171127][T27897] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10444'. [ 698.234773][ T8917] usb 5-1: config index 0 descriptor too short (expected 539, got 27) [ 698.263795][ T8917] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 4 [ 698.308460][ T8917] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 698.327133][T27905] netlink: 40 bytes leftover after parsing attributes in process `syz.3.10448'. [ 698.333535][ T8917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 698.372990][ T8917] usb 5-1: Product: syz [ 698.378994][ T8917] usb 5-1: Manufacturer: syz [ 698.393732][ T8917] usb 5-1: SerialNumber: syz [ 698.420616][ T8917] usb 5-1: config 0 descriptor?? [ 698.468698][ T8917] hub 5-1:0.0: bad descriptor, ignoring hub [ 698.493394][ T8917] hub: probe of 5-1:0.0 failed with error -5 [ 698.522269][ T8917] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input31 [ 698.596119][T27915] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10453'. [ 698.606010][ T8917] usbtouchscreen 5-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -90 [ 698.655377][ T8917] usbtouchscreen: probe of 5-1:0.0 failed with error -90 [ 698.683725][T27921] loop5: detected capacity change from 0 to 164 [ 698.738047][T27921] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 698.744246][ T8917] usb 5-1: USB disconnect, device number 35 [ 698.811704][T27921] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 699.282277][T27948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10466'. [ 699.786717][T27974] loop6: detected capacity change from 0 to 4096 [ 699.846192][T27974] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 699.892343][T27974] ntfs3: loop6: Failed to load $Extend. [ 700.334562][T28012] autofs4:pid:28012:autofs_fill_super: called with bogus options [ 700.464769][T28018] loop4: detected capacity change from 0 to 16 [ 700.504114][T28018] erofs: (device loop4): mounted with root inode @ nid 36. [ 700.541281][T28018] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 700.596939][T28018] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -43 in[46, 4050] out[1851] [ 700.657522][T28018] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 701.068585][T28061] NILFS (nullb0): couldn't find nilfs on the device [ 701.317744][T28071] loop5: detected capacity change from 0 to 4096 [ 701.324199][ T26] audit: type=1326 audit(1756998604.016:2507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28076 comm="syz.6.10509" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb43818ebe9 code=0x0 [ 701.385365][T28071] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512) [ 702.279262][T28147] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10529'. [ 702.332328][T28136] loop5: detected capacity change from 0 to 8192 [ 702.394800][T28136] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 702.437862][T28136] FAT-fs (loop5): error, clusters badly computed (1 != 0) [ 702.489030][T28136] FAT-fs (loop5): Filesystem has been set read-only [ 702.520456][T28136] FAT-fs (loop5): error, clusters badly computed (2 != 1) [ 702.563984][T28136] FAT-fs (loop5): error, clusters badly computed (3 != 2) [ 702.591794][T28136] FAT-fs (loop5): error, clusters badly computed (4 != 3) [ 702.843167][T28174] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10537'. [ 703.123575][T28142] loop4: detected capacity change from 0 to 32768 [ 703.151848][T28194] loop6: detected capacity change from 0 to 128 [ 703.177938][T28142] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.10528 (28142) [ 703.222334][T28194] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 703.243903][T28142] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 703.314594][T28142] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 703.367240][T28142] BTRFS info (device loop4): enabling disk space caching [ 703.392973][T28142] BTRFS info (device loop4): doing ref verification [ 703.413330][T28206] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10547'. [ 703.424007][T28142] BTRFS info (device loop4): enabling all of the rescue options [ 703.431693][T28142] BTRFS info (device loop4): ignoring data csums [ 703.481003][T28142] BTRFS info (device loop4): ignoring bad roots [ 703.536396][T28142] BTRFS info (device loop4): disabling log replay at mount time [ 703.584262][T28142] BTRFS info (device loop4): force clearing of disk cache [ 703.591420][T28142] BTRFS info (device loop4): setting nodatacow, compression disabled [ 703.661657][T28142] BTRFS info (device loop4): doing ref verification [ 703.671766][T28142] BTRFS error (device loop4): nologreplay must be used with ro mount option [ 703.706688][T28142] BTRFS error (device loop4): open_ctree failed: -22 [ 704.473880][T28272] loop4: detected capacity change from 0 to 64 [ 704.792705][T28297] ufs: You didn't specify the type of your ufs filesystem [ 704.792705][T28297] [ 704.792705][T28297] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 704.792705][T28297] [ 704.792705][T28297] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 704.863053][T28297] ufs: ufstype=old is supported read-only [ 704.869873][T28297] ufs: ufs_fill_super(): bad magic number [ 705.350237][T28328] loop5: detected capacity change from 0 to 4096 [ 705.383246][T28328] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 705.541997][T28328] ntfs3: loop5: failed to convert "c46c" to maccenteuro [ 705.855867][T28371] loop6: detected capacity change from 0 to 24 [ 705.924744][T28371] MTD: Attempt to mount non-MTD device "/dev/loop6" [ 705.946533][T28371] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 706.186254][T28394] hsr0: VLAN not yet supported [ 706.222899][ T126] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 706.443091][ T126] usb 5-1: Using ep0 maxpacket: 16 [ 706.450357][ T126] usb 5-1: config 4 has an invalid interface number: 51 but max is 0 [ 706.474970][ T126] usb 5-1: config 4 has no interface number 0 [ 706.481124][ T126] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16 [ 706.520368][ T126] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 706.553065][ T126] usb 5-1: config 4 interface 51 has no altsetting 0 [ 706.577438][ T126] usb 5-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76 [ 706.622895][ T126] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 706.631231][ T126] usb 5-1: Product: syz [ 706.675458][ T126] usb 5-1: Manufacturer: syz [ 706.691606][ T126] usb 5-1: SerialNumber: syz [ 706.728216][T28375] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 706.743078][T28375] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 706.961090][T28375] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 706.965830][T28430] loop6: detected capacity change from 0 to 2048 [ 706.983195][T28375] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 707.007078][ T126] cdc_eem 5-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.4-1, CDC EEM Device, 6e:c9:44:2b:78:87 [ 707.038258][T28430] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found [ 707.054343][T28430] UDF-fs: Scanning with blocksize 512 failed [ 707.120172][T28430] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 707.207400][ T126] usb 5-1: USB disconnect, device number 36 [ 707.248561][ T126] cdc_eem 5-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.4-1, CDC EEM Device [ 707.288697][T28411] loop5: detected capacity change from 0 to 32768 [ 709.236842][T28587] afs: Bad value for 'source' [ 709.273105][ T6346] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 709.483191][ T6346] usb 7-1: Using ep0 maxpacket: 8 [ 709.490068][ T6346] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 709.541487][ T6346] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 709.591773][ T6346] usb 7-1: config 0 interface 0 has no altsetting 0 [ 709.632899][ T6346] usb 7-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 709.642011][ T6346] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 709.689250][ T6346] usb 7-1: Product: syz [ 709.707892][T28612] sctp: [Deprecated]: syz.4.10659 (pid 28612) Use of struct sctp_assoc_value in delayed_ack socket option. [ 709.707892][T28612] Use struct sctp_sack_info instead [ 709.707936][ T6346] usb 7-1: Manufacturer: syz [ 709.768191][T28616] usb usb8: usbfs: process 28616 (syz.0.10660) did not claim interface 8 before use [ 709.782803][ T6346] usb 7-1: SerialNumber: syz [ 709.815637][ T6346] usb 7-1: config 0 descriptor?? [ 709.845447][ T6346] snd_usb_toneport 7-1:0.0: Line 6 TonePort UX2 found [ 710.037755][ T6346] snd_usb_toneport 7-1:0.0: cannot get proper max packet size [ 710.050586][ T6346] snd_usb_toneport 7-1:0.0: Line 6 TonePort UX2 now disconnected [ 710.078643][ T6346] snd_usb_toneport: probe of 7-1:0.0 failed with error -22 [ 710.274627][ T4342] usb 7-1: USB disconnect, device number 18 [ 710.519861][T28671] loop5: detected capacity change from 0 to 128 [ 710.576496][ T4806] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 710.900249][T28692] loop5: detected capacity change from 0 to 2048 [ 710.963910][T28692] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 711.129680][T28708] cifs: Unknown parameter 'Ü[—Íñ¦bšÿÿÿITäŒ&¬æ:ÅèÙ"‚Õëï1:ºÃÃÓ­'Ä4,Zz-#FÇ<æõ]%gCžÊ [ 711.129680][T28708] SÃȘØÈžZ§6ŸÂ' [ 711.743497][T28750] netlink: 830 bytes leftover after parsing attributes in process `syz.3.10695'. [ 712.476145][T28805] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10715'. [ 712.510882][T28805] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10715'. [ 712.856269][T28828] loop4: detected capacity change from 0 to 256 [ 712.969477][T28828] FAT-fs (loop4): Directory bread(block 64) failed [ 713.034342][T28828] FAT-fs (loop4): Directory bread(block 65) failed [ 713.041656][T28828] FAT-fs (loop4): Directory bread(block 66) failed [ 713.069995][T28828] FAT-fs (loop4): Directory bread(block 67) failed [ 713.100462][T28828] FAT-fs (loop4): Directory bread(block 68) failed [ 713.123036][T28828] FAT-fs (loop4): Directory bread(block 69) failed [ 713.144269][T28828] FAT-fs (loop4): Directory bread(block 70) failed [ 713.166541][T28828] FAT-fs (loop4): Directory bread(block 71) failed [ 713.210555][T28828] FAT-fs (loop4): Directory bread(block 72) failed [ 713.246548][T28828] FAT-fs (loop4): Directory bread(block 73) failed [ 713.743264][T28881] loop3: detected capacity change from 0 to 256 [ 713.975235][T28899] netlink: 156 bytes leftover after parsing attributes in process `syz.0.10743'. [ 714.325179][T28925] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10752'. [ 714.355744][T28925] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10752'. [ 714.666155][T28951] netlink: 'syz.6.10760': attribute type 4 has an invalid length. [ 714.739461][T28951] device veth1_macvtap left promiscuous mode [ 714.808173][T28957] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10761'. [ 715.103127][ T8917] usb 6-1: new low-speed USB device number 22 using dummy_hcd [ 715.115124][T28983] (unnamed net_device) (uninitialized): option ad_select: invalid value (105) [ 715.182763][T28988] (unnamed net_device) (uninitialized): option mode: invalid value (254) [ 715.302113][ T8917] usb 6-1: string descriptor 0 read error: -22 [ 715.314096][ T8917] usb 6-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f [ 715.361233][ T8917] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 715.404308][ T8917] usb 6-1: config 0 descriptor?? [ 715.414618][ T8917] usbtest 6-1:0.0: FX2 device [ 715.419323][ T8917] usbtest 6-1:0.0: low-speed {control intr-in intr-out} tests (+alt) [ 715.578096][T29019] loop3: detected capacity change from 0 to 736 [ 715.617110][ T5854] usb 6-1: USB disconnect, device number 22 [ 715.708218][T29035] netlink: 'syz.4.10782': attribute type 21 has an invalid length. [ 716.263162][T29067] sctp: [Deprecated]: syz.3.10792 (pid 29067) Use of struct sctp_assoc_value in delayed_ack socket option. [ 716.263162][T29067] Use struct sctp_sack_info instead [ 716.511327][T29081] ipt_REJECT: TCP_RESET invalid for non-tcp [ 716.634573][T29089] loop5: detected capacity change from 0 to 256 [ 717.123001][T29123] netlink: 'syz.5.10810': attribute type 7 has an invalid length. [ 717.303163][ T8917] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 717.495266][ T8917] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 717.513302][ T8917] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 717.521511][ T8917] usb 7-1: Product: syz [ 717.531213][ T8917] usb 7-1: Manufacturer: syz [ 717.537215][ T8917] usb 7-1: SerialNumber: syz [ 717.560075][ T8917] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 717.620102][ T8917] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 717.799110][T29166] netlink: 'syz.0.10824': attribute type 21 has an invalid length. [ 717.825984][ C0] usb 7-1: ath: unknown panic pattern! [ 717.882158][T29170] loop4: detected capacity change from 0 to 512 [ 717.951150][T29170] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 1024: comm syz.4.10822: invalid block [ 717.979112][T29170] EXT4-fs (loop4): Remounting filesystem read-only [ 717.992356][T29170] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.10822: invalid indirect mapped block 1024 (level 0) [ 718.007511][T29170] EXT4-fs (loop4): Remounting filesystem read-only [ 718.015053][T29170] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.10822: bg 0: block 35: padding at end of block bitmap is not set [ 718.041037][T29170] EXT4-fs (loop4): Remounting filesystem read-only [ 718.054815][T29170] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 718.122758][T29170] EXT4-fs (loop4): Remounting filesystem read-only [ 718.142994][T29170] EXT4-fs (loop4): 1 truncate cleaned up [ 718.148684][T29170] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 718.255324][ T4342] usb 7-1: USB disconnect, device number 19 [ 718.288859][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 718.673084][ T8917] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 718.680166][ T8917] ath9k_htc: Failed to initialize the device [ 718.719989][ T4342] usb 7-1: ath9k_htc: USB layer deinitialized [ 718.732198][T29222] loop3: detected capacity change from 0 to 1024 [ 718.891759][T29222] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 718.926720][T29222] ext4 filesystem being mounted at /2181/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 719.038192][T29222] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 719.164215][ T4261] EXT4-fs (loop3): unmounting filesystem. [ 720.135363][T29328] loop3: detected capacity change from 0 to 256 [ 720.402598][T29344] loop3: detected capacity change from 0 to 8 [ 720.436123][T29344] SQUASHFS error: zlib decompression failed, data probably corrupt [ 720.551753][T29344] SQUASHFS error: Failed to read block 0x9b: -5 [ 720.602183][T29344] SQUASHFS error: Unable to read metadata cache entry [99] [ 720.633064][T29344] SQUASHFS error: Unable to read inode 0x127 [ 720.849336][T29374] loop6: detected capacity change from 0 to 1024 [ 721.215499][T29392] cgroup: Invalid name [ 721.651967][T29419] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10897'. [ 721.889153][T29437] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10903'. [ 721.898539][T29438] netlink: 48 bytes leftover after parsing attributes in process `syz.6.10904'. [ 721.914889][T29437] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10903'. [ 722.329595][T29468] netlink: 'syz.0.10913': attribute type 95 has an invalid length. [ 722.676026][T29488] sctp: [Deprecated]: syz.3.10920 (pid 29488) Use of int in maxseg socket option. [ 722.676026][T29488] Use struct sctp_assoc_value instead [ 722.824363][T29495] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10922'. [ 723.191467][T29513] loop5: detected capacity change from 0 to 4096 [ 723.451105][T29535] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 723.591061][T29545] loop4: detected capacity change from 0 to 512 [ 723.719201][T29545] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 723.794786][T29545] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 723.816723][T29545] System zones: 0-2, 18-18, 34-34 [ 723.825327][T29543] loop3: detected capacity change from 0 to 4096 [ 723.853133][T29545] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 723.862568][T29545] ext4 filesystem being mounted at /2272/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 724.086478][ T4273] EXT4-fs (loop4): unmounting filesystem. [ 724.420519][T29592] netlink: 'syz.5.10949': attribute type 10 has an invalid length. [ 724.489937][T29592] team0: Device veth1_vlan failed to register rx_handler [ 725.514721][T29603] loop3: detected capacity change from 0 to 32768 [ 726.203391][T29693] [U] [ 726.206128][T29693] [U] [ 726.208833][T29693] [U] [ 726.211537][T29693] [U] [ 726.261504][T29693] [U] [ 726.264235][T29693] [U] [ 726.266932][T29693] [U] [ 726.267625][T29696] binder: 29695:29696 ioctl c018620c 200000001180 returned -22 [ 726.269611][T29693] [U] [ 726.279847][ C0] vkms_vblank_simulate: vblank timer overrun [ 726.386121][T29693] [U] [ 726.388861][T29693] [U] [ 726.391552][T29693] [U] [ 726.426427][T29692] [U] [ 726.522722][T29710] x_tables: duplicate underflow at hook 4 [ 726.584686][T29715] netlink: 72 bytes leftover after parsing attributes in process `syz.0.10989'. [ 726.612586][T29715] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10989'. [ 726.642253][T29715] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10989'. [ 726.710680][T29715] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10989'. [ 726.765399][T29728] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10993'. [ 726.795638][T29728] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10993'. [ 726.982151][T29730] loop4: detected capacity change from 0 to 8192 [ 727.036214][T29730] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 727.101617][T29730] FAT-fs (loop4): error, clusters badly computed (1 != 0) [ 727.133298][T29730] FAT-fs (loop4): Filesystem has been set read-only [ 727.170472][T29730] FAT-fs (loop4): error, clusters badly computed (2 != 1) [ 727.193907][T29730] FAT-fs (loop4): error, clusters badly computed (3 != 2) [ 727.238582][T29730] FAT-fs (loop4): error, clusters badly computed (4 != 3) [ 727.387558][T29762] loop5: detected capacity change from 0 to 512 [ 727.486197][T29762] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.11004: casefold flag without casefold feature [ 727.590658][T29762] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.11004: couldn't read orphan inode 15 (err -117) [ 727.663774][T29762] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 727.840462][T10446] EXT4-fs (loop5): unmounting filesystem. [ 728.066564][T29798] netlink: 830 bytes leftover after parsing attributes in process `syz.3.11014'. [ 728.145682][T29803] netlink: 36 bytes leftover after parsing attributes in process `syz.4.11018'. [ 728.226539][T29809] afs: Unknown parameter 'dont_hash' [ 728.523107][T29825] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11023'. [ 728.939450][T29855] loop3: detected capacity change from 0 to 256 [ 728.980328][T29855] exfat: Deprecated parameter 'namecase' [ 729.029891][T29855] exfat: Deprecated parameter 'namecase' [ 729.042236][T29855] exfat: Deprecated parameter 'utf8' [ 729.077050][T29855] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012366, chksum : 0xd06b6363, utbl_chksum : 0xe619d30d) [ 729.192005][T29866] loop6: detected capacity change from 0 to 256 [ 729.980273][T29912] netlink: 132 bytes leftover after parsing attributes in process `syz.6.11048'. [ 730.593316][T29949] netlink: 72 bytes leftover after parsing attributes in process `syz.3.11061'. [ 730.613508][T29949] netlink: 36 bytes leftover after parsing attributes in process `syz.3.11061'. [ 730.632631][T29949] device vlan0 entered promiscuous mode [ 730.862567][T29917] loop4: detected capacity change from 0 to 32768 [ 730.965715][T29917] JBD2: Ignoring recovery information on journal [ 731.046520][T29967] netlink: 'syz.6.11067': attribute type 12 has an invalid length. [ 731.067497][T29917] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 731.087955][T29967] netlink: 120 bytes leftover after parsing attributes in process `syz.6.11067'. [ 731.095687][T29974] overlayfs: missing 'lowerdir' [ 731.146559][T29917] ocfs2: Unmounting device (7,4) on (node local) [ 731.361708][T29983] bond0: (slave netdevsim0): Releasing backup interface [ 731.403304][T29983] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 731.616340][T29997] ieee802154 phy0 wpan0: encryption failed: -22 [ 732.030292][T30013] loop3: detected capacity change from 0 to 4096 [ 732.052128][T30013] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 732.163212][ T5854] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 732.211923][T30013] ntfs3: loop3: failed to convert "c46c" to maccenteuro [ 732.403005][ T5854] usb 6-1: Using ep0 maxpacket: 32 [ 732.411165][ T5854] usb 6-1: config 0 has an invalid interface number: 2 but max is 0 [ 732.439800][ T5854] usb 6-1: config 0 has no interface number 0 [ 732.461048][ T5854] usb 6-1: New USB device found, idVendor=108c, idProduct=0168, bcdDevice=84.b2 [ 732.511058][ T5854] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 732.549503][ T5854] usb 6-1: Product: syz [ 732.563480][ T5854] usb 6-1: Manufacturer: syz [ 732.582939][ T5854] usb 6-1: SerialNumber: syz [ 732.610720][ T5854] usb 6-1: config 0 descriptor?? [ 732.626310][ T5854] etas_es58x 6-1:0.2: Starting syz syz (Serial Number syz) [ 732.829251][ T5854] etas_es58x 6-1:0.2: Product info: 424242424242 [ 733.039500][ T5854] usb 6-1: USB disconnect, device number 23 [ 733.050465][ T5854] etas_es58x 6-1:0.2: Disconnecting syz syz [ 733.442099][T30107] loop4: detected capacity change from 0 to 4096 [ 733.475804][T30107] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 733.640497][T30107] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 733.800600][T30066] loop3: detected capacity change from 0 to 32768 [ 734.003879][T30066] ERROR: (device loop3): dbAllocAG: unable to allocate blocks [ 734.003879][T30066] [ 734.133302][T30066] ERROR: (device loop3): remounting filesystem as read-only [ 734.140648][T30066] jfs_create: dtInsert returned -EIO [ 734.173137][T30066] ERROR: (device loop3): jfs_create: [ 734.173137][T30066] [ 734.759373][T30188] loop3: detected capacity change from 0 to 1024 [ 734.814754][T30183] loop6: detected capacity change from 0 to 4096 [ 734.855742][T30183] ntfs3: loop6: Different NTFS' sector size (4096) and media sector size (512) [ 735.031046][T30183] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 735.193017][T30209] __nla_validate_parse: 1 callbacks suppressed [ 735.193033][T30209] netlink: 132 bytes leftover after parsing attributes in process `syz.3.11127'. [ 735.919075][T30259] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11138'. [ 735.951618][T30259] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11138'. [ 736.012503][T30212] loop5: detected capacity change from 0 to 32768 [ 736.063942][T30212] ERROR: (device loop5): dbAllocAG: unable to allocate blocks [ 736.063942][T30212] [ 736.100386][T30212] ERROR: (device loop5): remounting filesystem as read-only [ 736.135497][T30212] jfs_create: dtInsert returned -EIO [ 736.359301][T30212] ERROR: (device loop5): jfs_create: [ 736.359301][T30212] [ 736.761844][T30293] netlink: 36 bytes leftover after parsing attributes in process `syz.5.11145'. [ 736.834453][T30297] netlink: 48 bytes leftover after parsing attributes in process `syz.3.11151'. [ 737.060745][T30313] binder: 30312:30313 ioctl c018620c 200000001180 returned -22 [ 737.110781][T30316] x_tables: duplicate underflow at hook 4 [ 737.192377][T30320] loop4: detected capacity change from 0 to 256 [ 737.457124][T30339] netlink: 24 bytes leftover after parsing attributes in process `syz.4.11162'. [ 737.501183][T30339] netlink: 24 bytes leftover after parsing attributes in process `syz.4.11162'. [ 737.556712][T30334] loop5: detected capacity change from 0 to 4096 [ 737.810005][T30356] loop3: detected capacity change from 0 to 4096 [ 737.862914][T30356] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 737.962688][T30356] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 738.142510][T30376] netlink: 'syz.4.11174': attribute type 10 has an invalid length. [ 738.231170][T30376] team0: Device veth1_vlan failed to register rx_handler [ 738.703110][ T8744] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 738.899823][ T8744] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 738.917671][T30428] loop5: detected capacity change from 0 to 512 [ 738.932803][ T8744] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 738.979949][T30428] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 738.998093][ T8744] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 739.005257][T30433] netlink: 'syz.3.11190': attribute type 10 has an invalid length. [ 739.016061][ T8744] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 739.030573][ T8744] usb 5-1: Product: syz [ 739.035741][ T8744] usb 5-1: Manufacturer: syz [ 739.040352][ T8744] usb 5-1: SerialNumber: syz [ 739.052010][T30428] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 739.089370][T30428] System zones: 0-2, 18-18, 34-34 [ 739.104340][T30433] team0: Device veth1_vlan failed to register rx_handler [ 739.127053][T30428] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 739.183096][ T8744] cdc_ncm 5-1:1.0: skipping garbage [ 739.189712][T30428] ext4 filesystem being mounted at /1662/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 739.204963][ T8744] cdc_ncm 5-1:1.0: NCM or ECM functional descriptors missing [ 739.220342][ T8744] cdc_ncm 5-1:1.0: bind() failure [ 739.270443][ T8744] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 739.315380][ T8744] cdc_ncm 5-1:1.1: bind() failure [ 739.410187][ T8744] usb 5-1: USB disconnect, device number 37 [ 739.429115][T30423] loop6: detected capacity change from 0 to 32768 [ 739.445323][T10446] EXT4-fs (loop5): unmounting filesystem. [ 739.540920][T30466] (unnamed net_device) (uninitialized): option mode: invalid value (254) [ 740.000037][T30493] sctp: [Deprecated]: syz.5.11202 (pid 30493) Use of struct sctp_assoc_value in delayed_ack socket option. [ 740.000037][T30493] Use struct sctp_sack_info instead [ 740.003856][T30492] netlink: 'syz.3.11203': attribute type 12 has an invalid length. [ 740.068328][T30497] ieee802154 phy0 wpan0: encryption failed: -22 [ 740.107141][T30492] netlink: 120 bytes leftover after parsing attributes in process `syz.3.11203'. [ 740.891714][T30551] loop4: detected capacity change from 0 to 256 [ 740.949776][T30551] exfat: Deprecated parameter 'utf8' [ 740.969720][T30551] exfat: Deprecated parameter 'namecase' [ 741.035147][T30561] loop5: detected capacity change from 0 to 8 [ 741.051605][T30551] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 741.976849][T30625] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11245'. [ 742.532009][T30597] loop3: detected capacity change from 0 to 32768 [ 742.600999][T30597] JBD2: Ignoring recovery information on journal [ 742.721274][T30597] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 742.835579][T30597] ocfs2: Unmounting device (7,3) on (node local) [ 743.089881][T30682] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11258'. [ 743.150110][T30682] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11258'. [ 743.186216][T30682] netlink: 48 bytes leftover after parsing attributes in process `syz.6.11258'. [ 743.366125][T30691] loop3: detected capacity change from 0 to 8 [ 743.403672][T30646] loop5: detected capacity change from 0 to 32768 [ 743.907464][T30717] device batadv1 entered promiscuous mode [ 744.273248][T30743] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 744.431900][T30752] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11282'. [ 744.900357][T30784] loop5: detected capacity change from 0 to 256 [ 744.933757][T30784] exfat: Deprecated parameter 'utf8' [ 744.993478][T30784] exfat: Deprecated parameter 'namecase' [ 745.043799][T30795] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 745.055428][T30784] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 745.635980][T30834] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 745.902159][T30852] loop6: detected capacity change from 0 to 8 [ 745.944983][T30855] netlink: 'syz.0.11314': attribute type 4 has an invalid length. [ 745.957530][T30857] cgroup: Invalid name [ 745.961109][T30852] SQUASHFS error: zlib decompression failed, data probably corrupt [ 745.979275][T30852] SQUASHFS error: Failed to read block 0x9b: -5 [ 746.011519][T30855] device veth1_macvtap left promiscuous mode [ 746.018588][T30852] SQUASHFS error: Unable to read metadata cache entry [99] [ 746.072981][T30852] SQUASHFS error: Unable to read inode 0x127 [ 746.358903][T30871] loop3: detected capacity change from 0 to 8192 [ 746.420768][T30871] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 746.462891][T30871] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 746.473330][T30871] REISERFS (device loop3): using ordered data mode [ 746.489948][T30871] reiserfs: using flush barriers [ 746.495309][ T5854] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 746.506600][T30871] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 746.633540][T30871] REISERFS (device loop3): checking transaction log (loop3) [ 746.668870][T30871] REISERFS (device loop3): Using r5 hash to sort names [ 746.692911][ T5854] usb 5-1: Using ep0 maxpacket: 32 [ 746.706606][ T5854] usb 5-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 746.742521][ T5854] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 746.753147][T30871] reiserfs: enabling write barrier flush mode [ 746.768575][T30905] netlink: 28 bytes leftover after parsing attributes in process `syz.5.11328'. [ 746.777819][ T5854] usb 5-1: Product: syz [ 746.787305][ T5854] usb 5-1: Manufacturer: syz [ 746.801003][ T5854] usb 5-1: SerialNumber: syz [ 746.808364][T30871] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2 [ 746.831761][T30905] netlink: 28 bytes leftover after parsing attributes in process `syz.5.11328'. [ 746.857577][ T5854] usb 5-1: config 0 descriptor?? [ 746.864571][T30871] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 746.866367][T30905] netlink: 48 bytes leftover after parsing attributes in process `syz.5.11328'. [ 746.884452][T30871] REISERFS (device loop3): Remounting filesystem read-only [ 746.884523][T30871] REISERFS error (device loop3): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 1 0x0 SD] stat data [ 746.963699][T30871] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2 [ 747.012994][T30871] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 747.087571][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.089632][T30871] REISERFS error (device loop3): zam-7001 reiserfs_find_entry: io error [ 747.093915][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.147376][T30871] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 3937, free_space(entry_count) 2 [ 747.172026][T30871] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 747.183393][T30871] REISERFS error (device loop3): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 1 0x0 SD] stat data [ 747.197315][T30871] REISERFS warning (device loop3): jdm-20006 create_privroot: xattrs/ACLs enabled and couldn't find/create .reiserfs_priv. Failing mount. [ 747.275905][ T5854] peak_usb 5-1:0.0 can0: unable to request usb[type=0 value=0] err=-71 [ 747.295953][ T5854] peak_usb 5-1:0.0: unable to read PCAN-USB Pro bootloader info (err -71) [ 747.316578][T30937] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 747.323847][T30937] IPv6: NLM_F_CREATE should be set when creating new route [ 747.331113][T30937] IPv6: NLM_F_CREATE should be set when creating new route [ 747.348636][ T4261] ------------[ cut here ]------------ [ 747.354479][ T4261] kernel BUG at fs/reiserfs/journal.c:1916! [ 747.373009][ T4261] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 747.379098][ T4261] CPU: 1 PID: 4261 Comm: syz-executor Not tainted syzkaller #0 [ 747.386631][ T4261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 747.396670][ T4261] RIP: 0010:do_journal_release+0x536/0x540 [ 747.402467][ T4261] Code: b9 ff e9 49 fc ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c b9 fc ff ff 4c 89 ff e8 f4 1e b9 ff e9 ac fc ff ff e8 9a 02 69 ff <0f> 0b e8 93 02 69 ff 0f 0b 90 41 57 41 56 53 48 89 f3 49 bf 00 00 [ 747.422059][ T4261] RSP: 0018:ffffc90004137b00 EFLAGS: 00010293 [ 747.428108][ T4261] RAX: ffffffff8217cd86 RBX: ffff88805213e000 RCX: ffff88802b930000 [ 747.436077][ T4261] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 747.444125][ T4261] RBP: ffffc90004137bf8 R08: dffffc0000000000 R09: ffffc90004137b40 [ 747.452087][ T4261] R10: fffff52000826f6f R11: 1ffff92000826f68 R12: ffffc9000fff1000 [ 747.460046][ T4261] R13: 1ffff92000826f64 R14: ffff88805213e678 R15: 0000000000000000 [ 747.468003][ T4261] FS: 0000555558b9c500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 747.476914][ T4261] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 747.483496][ T4261] CR2: 0000001b30a1fff8 CR3: 000000005ca76000 CR4: 00000000003506e0 [ 747.491462][ T4261] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 747.499432][ T4261] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 747.507399][ T4261] Call Trace: [ 747.510664][ T4261] [ 747.513582][ T4261] ? journal_release+0x30/0x30 [ 747.518339][ T4261] journal_release+0x1b/0x30 [ 747.522913][ T4261] reiserfs_put_super+0x21e/0x480 [ 747.527929][ T4261] ? hook_inode_free_security+0xa0/0xa0 [ 747.533462][ T4261] ? reiserfs_dirty_inode+0x240/0x240 [ 747.538824][ T4261] ? fscrypt_destroy_keyring+0x288/0x2a0 [ 747.544442][ T4261] ? reiserfs_dirty_inode+0x240/0x240 [ 747.549798][ T4261] generic_shutdown_super+0x130/0x340 [ 747.555151][ T4261] kill_block_super+0x7c/0xe0 [ 747.559812][ T4261] deactivate_locked_super+0x93/0xf0 [ 747.565083][ T4261] cleanup_mnt+0x463/0x4f0 [ 747.569482][ T4261] ? lockdep_hardirqs_on+0x94/0x140 [ 747.574678][ T4261] task_work_run+0x1ca/0x250 [ 747.579260][ T4261] ? task_work_cancel+0x230/0x230 [ 747.584271][ T4261] ? exit_to_user_mode_loop+0x3b/0x110 [ 747.589721][ T4261] exit_to_user_mode_loop+0xe6/0x110 [ 747.594999][ T4261] exit_to_user_mode_prepare+0xb1/0x140 [ 747.600546][ T4261] syscall_exit_to_user_mode+0x16/0x40 [ 747.605998][ T4261] do_syscall_64+0x58/0xa0 [ 747.610406][ T4261] ? clear_bhb_loop+0x60/0xb0 [ 747.615070][ T4261] ? clear_bhb_loop+0x60/0xb0 [ 747.619728][ T4261] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 747.625609][ T4261] RIP: 0033:0x7fcb62f8ff17 [ 747.630035][ T4261] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 747.649633][ T4261] RSP: 002b:00007fffb79e8a98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 747.658028][ T4261] RAX: 0000000000000000 RBX: 00007fcb63011c05 RCX: 00007fcb62f8ff17 [ 747.665988][ T4261] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffb79e8b50 [ 747.673952][ T4261] RBP: 00007fffb79e8b50 R08: 0000000000000000 R09: 0000000000000000 [ 747.681905][ T4261] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffb79e9be0 [ 747.689858][ T4261] R13: 00007fcb63011c05 R14: 00000000000b66d3 R15: 00007fffb79e9c20 [ 747.697816][ T4261] [ 747.700830][ T4261] Modules linked in: [ 747.733364][ T5854] peak_usb: probe of 5-1:0.0 failed with error -71 [ 747.742445][ T4261] ---[ end trace 0000000000000000 ]--- [ 747.748170][ T4261] RIP: 0010:do_journal_release+0x536/0x540 [ 747.755965][ T4261] Code: b9 ff e9 49 fc ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c b9 fc ff ff 4c 89 ff e8 f4 1e b9 ff e9 ac fc ff ff e8 9a 02 69 ff <0f> 0b e8 93 02 69 ff 0f 0b 90 41 57 41 56 53 48 89 f3 49 bf 00 00 [ 747.757099][ T5854] usb 5-1: USB disconnect, device number 38 [ 747.783902][ T4261] RSP: 0018:ffffc90004137b00 EFLAGS: 00010293 [ 747.790046][ T4261] RAX: ffffffff8217cd86 RBX: ffff88805213e000 RCX: ffff88802b930000 [ 747.800627][ T4261] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 747.809002][ T4261] RBP: ffffc90004137bf8 R08: dffffc0000000000 R09: ffffc90004137b40 [ 747.829116][ T4261] R10: fffff52000826f6f R11: 1ffff92000826f68 R12: ffffc9000fff1000 [ 747.837715][ T4261] R13: 1ffff92000826f64 R14: ffff88805213e678 R15: 0000000000000000 [ 747.845955][ T4261] FS: 0000555558b9c500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 747.855345][ T4261] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 747.861942][ T4261] CR2: 00007fb438396358 CR3: 000000005ca76000 CR4: 00000000003506f0 [ 747.870355][ T4261] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 747.878515][ T4261] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 747.886640][ T4261] Kernel panic - not syncing: Fatal exception [ 747.892900][ T4261] Kernel Offset: disabled [ 747.897205][ T4261] Rebooting in 86400 seconds..