last executing test programs: 2.521895514s ago: executing program 1 (id=1619): r0 = syz_open_dev$vim2m(&(0x7f00000013c0), 0x8, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x35, 0x2, 0x40, "100000df00000002000000000000000000000000000000000000000000000010", 0x34325241}) 2.155518826s ago: executing program 1 (id=1624): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000180)={'veth1_vlan\x00', 0x8a}) 1.956464949s ago: executing program 2 (id=1627): r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000080)="1300000043001f0003030003d590066544dc25", 0x13) 1.865864435s ago: executing program 1 (id=1628): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) close(r0) 1.756019194s ago: executing program 2 (id=1631): timer_create(0x8, 0x0, &(0x7f0000002700)=0x0) timer_settime(r0, 0x0, &(0x7f0000000080)={{}, {0x0, 0x3938700}}, &(0x7f00000000c0)) 1.618358467s ago: executing program 1 (id=1633): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xb, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000019ffff3f00000000000000001801000020207325000000000020200b7b0af8ff00000000bfa100000000000007010000f6ffffffb702000008000000b70300001800000085000000cb00000095"], &(0x7f00000000c0)='GPL\x00', 0x5, 0xfe4, &(0x7f0000001e00)=""/4068, 0x40f00, 0x45}, 0x94) 1.553774108s ago: executing program 3 (id=1634): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff00000087f19f710000000000", @ANYRES32=0x0, @ANYBLOB="0000000008440000200012800b00010067656e65766500001000028004000600060005004e24000008000a00", @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 1.531750641s ago: executing program 2 (id=1635): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0) write$vga_arbiter(r0, &(0x7f0000000680)=@target={'target ', {'PCI:', '0', ':', 'b', ':', 'e', '.', '0'}}, 0x13) 1.522092313s ago: executing program 0 (id=1636): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x800, &(0x7f0000000800)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl}, {@cache_fscache}]}}) 1.451953255s ago: executing program 1 (id=1637): sigaltstack(&(0x7f0000001040)={&(0x7f0000001580)=""/4097, 0x0, 0xffffffffffffff0d}, 0x0) sigaltstack(&(0x7f0000000000)={0x0}, &(0x7f0000000340)={0x0}) 1.353402231s ago: executing program 2 (id=1638): syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000040)='./file2\x00', 0x1200400, &(0x7f0000000000)=ANY=[], 0x1, 0xa74, &(0x7f00000000c0)="$eJzs3U2MW0cBAOB53vWmmwTilIQuSWgTftryt9tslvATQVM1F6Km4lYp4hKlaYlIA6KV+FElkpy40aoKV37EqRwqQEjtBUU9calEI3GpOBQOHIiCVIkDFBKjtWe89qytZ++f7fX3SbPjefPsmff2+fn9zUwAJlal8Xdpaa4I4fobr5z6x4N/n12e8mhrjlrj73RbqhpCKGJ6Ovu8d6ea8Z33XjzfLS7CYuNvSocnb7feuyuEcCUcDjdCLRy4fvPltxafOHP19LUjb7964tbmLD0AAEyWr984sbT/r386uPf91+4/GXa0pqfj81pM747H/SfjgX86/q+EznTRFtrNZPNNx1DJ5pvqMl97OdVsvuke5c9kn1tt5R/smG9HSflTbdO6LTeMs7Qd10JRme9IVyrz881z8tA4r58p5i9fvPTM80OqKLDh/vVACOGwMGio1+s/aqzAEajL5odb9eHXQdiMUN8z7D0QQFN+v3CVK/mVhfVpfdp0f+XffqzS/f2wAbZ6+1f+eJX/q6ux/LN/2dR6MBm26+9XWq70Pdod0/l9hPz5pUG//+nzpuKf6ezzy/S6jzAu9xd61XNqi+uxVr3qn28X29VXYpzWw1ez/PbvT/4/HZf/MdDdvyfs+v/hEajDtg7VEaiD0HeoD3sHBIyslefmmupRys+f68vzd5Tk31OSP1uSv7Mkf1dJPkyy373wk/BSsXKen5/TD3o9LF1n+0CMPzhgffLrkYOWnz/3O6j1lp8/Twyj7PVzT1344tNnbzaf/y9a2//duL0fjula/G7diDOk64X5dfXWs/+1znIqPea7N6tP2m9UdqT5680S93XOV+xb+ZzQtp9ZVY+5zvft6TXfoc75atl8szHck9U3Pz7Zmb0vHX+k/WpaX9PZ8laz5ZjJ6pH2K3tjnNcD1iJtj72e/0/b51yoFs9cvHThkZhO2+kfp6o7lqcfbf/QX29N3YH16bf9z1zobP+zuzW9WmnfL+xZmV607xdq2fTFZrJ1mzxNPxbT6Xfum1Ozjenz57996emNXniYcM//4IffOnfp0oXvepFezFotXngx7D0TsNkWXnjuOwtFCOHic+eevfDshcvHjh8/trh4/EvHlhYax/UL7Uf3wHay8qM/7JoAAAAAAAAAAAAA/fre6VM3//zmF95ptv9faf+X2v+nJ39T+/8fZ+3/83byqR18age4t0t+Y9y91zvrMZPNV43hQ1l992Xl7M/e9+EYt8bxi+3/U3v7vF/XVJ/7sul5/71pvqw7gVX9pcxkfZDk4wV+LMbXYvzLAENUzHafHOOO/q3D6v6t07ae+qfQL8V4Sv+3tDWkfkxS++9e/Tql/f/eLagjG28rmhMOexmB7v458v1/tx2JD70uExCs54kK9bpRPIDRMOzxP9N1zxRf/sPX7lkOabbbj3XuL/P+S2E9Rn38SeWPwvifxYZVojX+XV/7vy69q3f089z/6Ar/+dmtd9qKDQf63f9ezRY99QO9r7zMdu/H8tPyPxT6K7/+i6z8/IZQn/6blb+zz/JXLf+htZX/v1h+Wm0Pf7zf8ps1LiqdIyfm143T/b/8unFyJ1v+1LfnwMu/xoEa78byYZL1Hme23xFsR9NQxv/tcn90rfLnMD4f02lHmJ5zyH+RB61/er4i/Q7szz6/KPl9G5dxinuZ9PF/vxzjsu9DGv83bY+1LulKW7raZd1WVr0Ahundkb//N2bhygjUQRjRMDsCdegM9Xp9cy9olRhq4Qx9/Q/77vOwyx/2+i+Tj/+bH7rn4/9WshOIfPzf/P35+L95fj6+Xp6fj/+br898/N88/77sc/Mr2HMl+R8pyT9Qkn9wJX+2W/6hkvd/tCT/SIjHJD3y7y95/wMl+feW5E+V5H+iJP+TJfkPluQ/XJL/qZL87S61R5nU5YdJlrfP8/2HyZHu//T6/u8ryQfG109fO/r42d9+o9Zs/z/TOl9L9/FOxnQ1njt/P6bz+96hLb2c92ZM/y3LH/XrHTBJ8v4z8t/3h0rygfGVnvPy/YYJVHTvsafffqt6HeczXj4d48/E+LMx/lyM52O8EOOjMV7covqxOR7/ze9PvFSsnO/vyfL7fZ68qHSe2ef9RB3rsz759YFBn2fP+/Eb1HrLX2NzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKGpNP4uLc0VIVx/45VTT525uLA85dHWHLXG3+m2VLX1vhAeifFUjH8eX9x578Xz7fHdGBdhMRShaE0PT95ulbQrhHAlHA43Qi0cuH7z5bcWnzhz9fS1I2+/euLW5q0BAAAA2P7+HwAA//+FBRqS") truncate(&(0x7f0000000b40)='./file2\x00', 0x800081) 1.274159105s ago: executing program 1 (id=1639): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000880)=ANY=[@ANYBLOB="636f6d6d69743d30303030303030303030303030303030303030302c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c61636c2c6c6f63616c666c6f636b732c00092c028a3e5e3d356729aea7ca3fad2d183adad8e398462724e676c20f8d5ba5e324d43b4cb2740b9ed587e8e1eb9abed9bd1956375ca4a2e7e8b12a206ab1c1873177d9589d17e2c24c1e4a723b69720830e8e0b63e0c9f8821b1ea6faf51f5e1b81113cc5f437d61b627977f194fe72b02c4178f1c4913ba476fd820cf2e88f51ada7c10e8f40b2d21840ccacbaf197d71f86cc2a7ffdf45cfee1fba03d0005b892e718935374e7e068e5ea9a7fd1c16a7ee5cb028ca153c5efb24de48d5a1ab5ac938b648c9f683142b93ec377285d20155596b9be69a2c05a6d247fc04aedb7946a49b53caa904"], 0x1, 0x4422, &(0x7f0000004480)="$eJzs3c9PHFUcAPA3A1qobYXaQ01M3MQmGjUEelJpIqW0FFqsqbYxXrYLbFt0YRtYjIce8NbEk4kH46HRxBunhoPX+id48VjPTfTgxcSkEbO7s8AMu7I2LNjm80nKMO/37nfn7Zsmw4sTlZtzS7m5pVxhIVeeub50MvdZubQ8XwzxHtnv/mlPJ+Ik9vvn0plzH1w9GcJPs788XF9fXw9V3aGpoS2///nH7Zmtx4Y4U6fabvPWdsvHIYRj28ZV1RVC+OjHEKIQwukkbTQ59oYQjoR63tXbX17L7dJo7j0onso/mrqzNnxicvXuWuvXHoXwbenFN2/M//ZK1/Cvr+9S9wAAAAAAAAAAAAAAAAAAPOHGL1+68v7gULgfhe7VaPvzuuPJsdXzseu75uXOv1gAAAAAAAAAAAAAAAAAAAD4n9p8/j8XHW3y/P9YchxpUX/93c6Pkc6ZeO/S2NnBoWT/92hb/ltJ0u+nu0J/k33fs/u/n87Ub77/+/Z+HldjfI1++0IUD6TO43hgIITvk43fj0cH41J5qfLG9fLywuyuDeOJlY5/fff+VHSSDf3bjf9opv3O7///wrZPU/X82u59xJ5q6fh3tSz3wxdRW/E/k6m3F/Gve6az3Tyl0vHvrqX1bi0wUp8AqvH/qnvn+I9l2u9U/I+EEHJRday51AxQXcNU0zfWKz4W/yod//qblZo6kzey1fX/Vyb+ZzPt79f8v5L9IqKpdPyfraX1pEpsXv/98c7X/7lM+/sR/+r4V3z/tyUd/wP1xO5Ukdo72e78P55pv1PxvxIn4zwSpT4Bq1E9vdXfqyMtHf+ebfmb939xW+u/85n6e3X/1+i3cf/XmP5fi+r3fzSXjn9vy3LtXv8TmXqdnv9Haus/Hlc6/gdraen/6+ur/Ww3/pOZ9jsV/9qqpKcR/8355O8D9fTvrP/ako7/c/XEeGuJldrP2vov2nn9fyHT/n6s/6rjX4k72+vTIh3/Qy3LVeP/cxvf/xcz9Tof/xAGrfUfWzr+h1uWq13/PTvHfypTr9Pxf7WTjQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8AUaTY1+I4oHUeRwPDIRwJjk/Hg5G04XZ/HSpPPPpUghjSXouHI1ulMrThVJ+bqE8W8wXSqXyTAhnk/xjoSdaKpUr+fnCrXMbbfVGN4uFxcp0sVAJIYwn6S+Fw422pucq84VbIYTzG3nPx+XFWzcLC/nZucV3BgcHB8PExhj6o+LnleJCpd57PTeEyY26fdGWwdWyL2yM5VD0SXl5caFQqqVf3FKnVJ4plLbUmUryvg79UWVxeWGmUCnmS+Ubjf7200hyHJu4/OHli0Pb8q9F9ePo3g4LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP/o/vDb34QQuutncQghFyW/RMm/lHsPiqfyj6burA2fmFy9u/awWRkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgH3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS/8oCgNRHIAns2y/x9gqJN22WXYRLYwInkCP4WH0KF7CO1hY2FoJOgHJH0iT7vuaR/Jj5j2YBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOPN1vVmVZThM32fdufLe75I9fDbf/5j4vmY1nxZ//0XZXr3rJP/pF/XKj7T+22/DT21cWztSXufXrp92ob2bWi+pu9XyGIeQqhS/p3FmOfj7gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHiwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRd8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCvAAAA//9ggh5T") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f00000003c0)={{}, {}, [], {}, [], {}, {0x20, 0x4}}, 0x24, 0x2) 1.216388225s ago: executing program 0 (id=1640): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x35, &(0x7f0000000000), 0x4) 1.211143726s ago: executing program 3 (id=1641): madvise(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x12) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 1.012126469s ago: executing program 0 (id=1642): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="180800000000000000000000000800008510000003000000180000000000000000000000000000009500000000000000bfa000000000000095"], &(0x7f00000003c0)='syzkaller\x00', 0x8, 0xf6, &(0x7f0000001700)=""/246, 0xb6df4c32c1d5c814}, 0x94) 741.255385ms ago: executing program 3 (id=1643): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x920) 740.124165ms ago: executing program 2 (id=1644): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000020a01020000000000000000010000000900010073797a30000000000900030073797a310000000038000000030a01040000000000000000010000010900018073797a30"], 0xac}, 0x1, 0x0, 0x0, 0x8040}, 0x0) 678.289895ms ago: executing program 0 (id=1645): syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x90, &(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0x3, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==") truncate(&(0x7f0000000100)='./file2\x00', 0x3) 557.737166ms ago: executing program 3 (id=1646): r0 = socket(0x2, 0x3, 0xff) getsockopt$inet_mreqn(r0, 0x0, 0x22, 0x0, &(0x7f0000000040)) 315.122606ms ago: executing program 3 (id=1647): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x20, 0x0, 0xb, 0x101, 0x0, 0x0, {0x3, 0x0, 0x4}, [@NFTA_COMPAT_NAME={0xc, 0x1, '^&(:+,$\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x48000}, 0x800) 219.461983ms ago: executing program 2 (id=1648): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=@updpolicy={0x17c, 0x19, 0x1, 0x70bd25, 0x1, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x1000, 0x0, 0x2, 0x0, 0x5}, {0x0, 0x0, 0x800}, 0x200, 0x0, 0x1, 0x0, 0x1, 0x1}, [@tmpl={0xc4, 0x5, [{{@in=@local, 0x4d4, 0x6c}, 0x0, @in6=@local, 0x8034ff, 0x0, 0x0, 0x0, 0x2, 0x0, 0x203c}, {{@in=@broadcast, 0x2000, 0x3c}, 0x2, @in6=@dev}, {{@in6=@mcast1, 0x4d2, 0x3c}, 0x2, @in=@multicast1, 0x0, 0x1, 0x2, 0x1}]}]}, 0x17c}, 0x1, 0x0, 0x0, 0x804}, 0x4000) 218.366613ms ago: executing program 0 (id=1649): r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0) ioctl$I2C_SLAVE_FORCE(r0, 0x706, 0x150) 601.41µs ago: executing program 0 (id=1650): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4b8, 0xffffffff, 0x260, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [0xff], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000, 0x0, 0xff], [0xffffffff, 0xff000000, 0xff], [0x0, 0xffffff, 0xff, 0x7fffff7f], 0x3c80}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x1, {0x2000010}}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x4, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518) 0s ago: executing program 3 (id=1651): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x800) kernel console output (not intermixed with test programs): y bread(block 72) failed [ 122.944974][ T6774] FAT-fs (loop1): Directory bread(block 73) failed [ 122.951981][ T5941] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop2 scanned by udevd (5941) [ 123.046693][ T6781] netlink: 28 bytes leftover after parsing attributes in process `syz.3.426'. [ 123.080597][ T6781] netlink: 28 bytes leftover after parsing attributes in process `syz.3.426'. [ 124.240108][ T23] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 124.406783][ T6822] comedi comedi4: bad chanlist[0]=0xfffffffe chan=65534 range length=2 [ 124.444789][ T6825] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 124.450903][ T23] usb 3-1: Using ep0 maxpacket: 16 [ 124.482802][ T23] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 124.513573][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 11 [ 124.560307][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 57872, setting to 1024 [ 124.584992][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 124.618884][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 124.659668][ T23] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 124.688844][ T23] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 124.702600][ T28] audit: type=1326 audit(1775915837.771:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4645f9c819 code=0x7fc00000 [ 124.730019][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.748078][ T23] usb 3-1: config 0 descriptor?? [ 124.754539][ T28] audit: type=1326 audit(1775915837.771:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4645f9c819 code=0x7fc00000 [ 124.812961][ T28] audit: type=1326 audit(1775915837.771:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4645f9c819 code=0x7fc00000 [ 124.879111][ T28] audit: type=1326 audit(1775915837.771:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4645f9c819 code=0x7fc00000 [ 124.935277][ T28] audit: type=1326 audit(1775915837.771:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4645f9c819 code=0x7fc00000 [ 124.957596][ C1] vkms_vblank_simulate: vblank timer overrun [ 124.969716][ T28] audit: type=1326 audit(1775915837.771:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4645f9c819 code=0x7fc00000 [ 124.992929][ T23] rc_core: IR keymap rc-hauppauge not found [ 124.998902][ T23] Registered IR keymap rc-empty [ 125.014861][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.024195][ T28] audit: type=1326 audit(1775915837.771:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4645f9c819 code=0x7fc00000 [ 125.057696][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.067949][ T28] audit: type=1326 audit(1775915837.771:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4645f9c819 code=0x7fc00000 [ 125.090335][ C1] vkms_vblank_simulate: vblank timer overrun [ 125.099165][ T23] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 125.115444][ T28] audit: type=1326 audit(1775915837.771:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4645f9c819 code=0x7fc00000 [ 125.137751][ C1] vkms_vblank_simulate: vblank timer overrun [ 125.148568][ T23] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input8 [ 125.178266][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.185921][ C1] mceusb 3-1:0.0: Error: urb status = -75 [ 125.194035][ T28] audit: type=1326 audit(1775915837.771:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6831 comm="syz.1.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4645f9c819 code=0x7fc00000 [ 125.216855][ T5773] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 125.222194][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.261887][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.330039][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.381213][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.420552][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.429949][ T5773] usb 1-1: Using ep0 maxpacket: 8 [ 125.438101][ T5773] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 125.452022][ T5773] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 125.462921][ T5773] usb 1-1: config 0 has no interface number 0 [ 125.469084][ T5773] usb 1-1: config 0 interface 52 has no altsetting 0 [ 125.470545][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.498807][ T5773] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 125.519302][ T5773] usb 1-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 125.530382][ T5773] usb 1-1: Manufacturer: syz [ 125.540389][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.553160][ T5773] usb 1-1: config 0 descriptor?? [ 125.561586][ T5773] hub 1-1:0.52: bad descriptor, ignoring hub [ 125.567673][ T5773] hub: probe of 1-1:0.52 failed with error -5 [ 125.581216][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.624392][ T23] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 125.682829][ T23] mceusb 3-1:0.0: Registered with mce emulator interface version 1 [ 125.721960][ T23] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 125.745187][ T23] usb 3-1: USB disconnect, device number 4 [ 126.034628][ T6848] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 126.123641][ T5773] usb 1-1: USB disconnect, device number 5 [ 126.290948][ T6854] loop2: detected capacity change from 0 to 8 [ 126.352979][ T6854] SQUASHFS error: Unable to read directory block [629:26] [ 126.520892][ T5773] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 126.752887][ T5773] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 126.791098][ T5773] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 126.797637][ T6860] loop2: detected capacity change from 0 to 1764 [ 126.825323][ T5773] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 126.861849][ T5773] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de [ 126.894092][ T5941] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 126.904748][ T5773] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.935850][ T5773] usb 4-1: config 0 descriptor?? [ 127.175348][ T5773] ath6kl: Failed to submit usb control message: -71 [ 127.200523][ T5773] ath6kl: unable to send the bmi data to the device: -71 [ 127.215607][ T5773] ath6kl: Unable to send get target info: -71 [ 127.242627][ T5773] ath6kl: Failed to init ath6kl core: -71 [ 127.258019][ T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 127.272057][ T5773] ath6kl_usb: probe of 4-1:0.0 failed with error -71 [ 127.304040][ T5773] usb 4-1: USB disconnect, device number 4 [ 127.453540][ T9] usb 3-1: config 0 interface 0 altsetting 60 endpoint 0xE has invalid maxpacket 1023, setting to 64 [ 127.486401][ T9] usb 3-1: config 0 interface 0 altsetting 60 endpoint 0xD has invalid maxpacket 65278, setting to 1024 [ 127.522141][ T9] usb 3-1: config 0 interface 0 altsetting 60 bulk endpoint 0xD has invalid maxpacket 1024 [ 127.546178][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 127.555700][ T9] usb 3-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=ae.ad [ 127.577266][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.597576][ T9] usb 3-1: config 0 descriptor?? [ 127.611067][ T6860] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 127.829117][ T9] usb 3-1: string descriptor 0 read error: -71 [ 127.851575][ T9] usb 3-1: ucan: probing device on interface #0 [ 127.886989][ T9] usb 3-1: ucan: invalid endpoint configuration [ 127.912519][ T9] usb 3-1: ucan: probe failed; try to update the device firmware [ 127.954980][ T9] usb 3-1: USB disconnect, device number 5 [ 128.164531][ T6879] loop1: detected capacity change from 0 to 512 [ 128.268054][ T6882] delete_channel: no stack [ 128.336544][ T6885] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 128.529368][ T6871] loop0: detected capacity change from 0 to 32768 [ 128.828884][ T6897] netlink: 8 bytes leftover after parsing attributes in process `syz.2.481'. [ 129.847305][ T6929] loop0: detected capacity change from 0 to 512 [ 129.912838][ T6929] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 129.970302][ T9] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 129.991556][ T6929] EXT4-fs error (device loop0): ext4_orphan_get:1409: comm syz.0.497: couldn't read orphan inode 26 (err -116) [ 130.035429][ T6929] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.048837][ T6929] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.108437][ T6929] __quota_error: 3257 callbacks suppressed [ 130.108457][ T6929] Quota error (device loop0): do_check_range: Getting dqdh_entries 36 out of range 0-14 [ 130.127031][ T6929] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 130.137640][ T6929] EXT4-fs error (device loop0): ext4_acquire_dquot:6953: comm syz.0.497: Failed to acquire dquot type 1 [ 130.183141][ T6909] loop1: detected capacity change from 0 to 32768 [ 130.217975][ T9] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 130.231411][ T9] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 130.250207][ T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 130.259317][ T9] usb 3-1: config 1 has no interface number 0 [ 130.266604][ T9] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 130.276962][ T9] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 130.290440][ T9] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 130.299564][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.318847][ T6909] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 130.335944][ T9] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 130.371507][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.519812][ T6909] XFS (loop1): Ending clean mount [ 130.596087][ T9] snd_usb_pod 3-1:1.1: endpoint not available, using fallback values [ 130.623348][ T6909] XFS (loop1): Quotacheck needed: Please wait. [ 130.626085][ T9] snd_usb_pod 3-1:1.1: invalid control EP [ 130.650002][ T9] snd_usb_pod 3-1:1.1: cannot start listening: -22 [ 130.670196][ T9] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 130.688408][ T9] snd_usb_pod: probe of 3-1:1.1 failed with error -22 [ 130.757073][ T6909] XFS (loop1): Quotacheck: Done. [ 130.787699][ T6946] loop3: detected capacity change from 0 to 4096 [ 130.846895][ T23] usb 3-1: USB disconnect, device number 6 [ 130.971161][ T5770] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 130.996597][ T6946] ntfs: (device loop3): parse_options(): NLS character set maccentHuro not found. Using previous one cp857. [ 131.040929][ T6946] ntfs: (device loop3): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 131.164502][ T6946] ntfs: volume version 3.1. [ 131.197600][ T6946] ntfs: (device loop3): ntfs_index_lookup(): Corrupt index. Aborting lookup. [ 131.213365][ T6946] ntfs: (device loop3): ntfs_mark_quotas_out_of_date(): Lookup of quota defaults entry failed. [ 131.263957][ T6946] ntfs: (device loop3): load_system_files(): Failed to mark quotas out of date. Mounting read-only. Run chkdsk. [ 131.291332][ T6946] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 131.310019][ T6946] ntfs: (device loop3): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl. [ 131.331182][ T6946] ntfs: (device loop3): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 131.771723][ T6966] trusted_key: encrypted_key: keyword 'load|ʓ.V' not recognized [ 131.801055][ T23] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 132.001893][ T23] usb 1-1: config 1 has an invalid interface number: 94 but max is 0 [ 132.010317][ T23] usb 1-1: config 1 has no interface number 0 [ 132.016483][ T23] usb 1-1: config 1 interface 94 altsetting 233 endpoint 0xA has an invalid bInterval 0, changing to 7 [ 132.059370][ T23] usb 1-1: config 1 interface 94 altsetting 233 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 132.109688][ T6978] netlink: 40 bytes leftover after parsing attributes in process `syz.2.515'. [ 132.129924][ T23] usb 1-1: config 1 interface 94 has no altsetting 0 [ 132.136739][ T23] usb 1-1: New USB device found, idVendor=2100, idProduct=9e66, bcdDevice=c7.28 [ 132.153031][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.391416][ T23] usb 1-1: string descriptor 0 read error: -71 [ 132.409320][ T23] ftdi_sio 1-1:1.94: FTDI USB Serial Device converter detected [ 132.460425][ T23] ftdi_sio ttyUSB0: unknown device type: 0xc728 [ 132.481370][ T23] usb 1-1: USB disconnect, device number 6 [ 132.533014][ T23] ftdi_sio 1-1:1.94: device disconnected [ 132.680150][ T6993] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 132.696362][ T6993] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 132.786402][ T6997] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 132.786402][ T6997] The task syz.3.524 (6997) triggered the difference, watch for misbehavior. [ 133.229327][ T7009] loop1: detected capacity change from 0 to 512 [ 133.249451][ T7008] loop2: detected capacity change from 0 to 512 [ 133.266130][ T7009] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 133.296323][ T7009] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 133.317511][ T7009] System zones: 0-1, 15-15, 18-18, 34-34 [ 133.324167][ T7009] EXT4-fs (loop1): orphan cleanup on readonly fs [ 133.344681][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.351849][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.376105][ T7009] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.530: bg 0: block 40: padding at end of block bitmap is not set [ 133.420636][ T7008] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.499680][ T7008] ext4 filesystem being mounted at /143/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 133.530215][ T7009] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 133.590526][ T7009] EXT4-fs (loop1): 1 truncate cleaned up [ 133.597612][ T7009] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 133.699179][ T7008] EXT4-fs error (device loop2): ext4_xattr_block_find:1879: inode #15: comm syz.2.529: corrupted xattr block 33: invalid ea_ino [ 133.718021][ T7009] EXT4-fs error (device loop1): ext4_encrypted_get_link:46: inode #16: comm syz.1.530: bad symlink. [ 133.753428][ T7008] EXT4-fs (loop2): Remounting filesystem read-only [ 133.885117][ T5766] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.902583][ T49] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 133.913777][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.959900][ T49] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 133.980010][ T49] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 134.392603][ T7032] loop2: detected capacity change from 0 to 164 [ 134.437395][ T7032] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 134.674535][ T7041] No such timeout policy "syz0" [ 134.684860][ T7039] [U]  [ 134.688101][ T7039] [U] K{ [ 134.705542][ T7039] [U] t 1ŠFfˊ`GJgo/mC [ 134.736360][ T7039] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 134.787558][ T7039] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 134.820114][ T7039] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 134.883914][ T7039] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 134.943757][ T7039] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 134.957621][ T7039] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 134.971245][ T7039] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 135.149949][ T7039] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 135.180367][ T7039] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 135.229991][ T7039] [U] 22Ʃx?0;3u [ 135.234455][ T7039] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 135.313553][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 135.313567][ T28] audit: type=1326 audit(1775915848.371:3301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6219c819 code=0x7ffc0000 [ 135.330609][ T7039] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 135.402684][ T28] audit: type=1326 audit(1775915848.381:3302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6219c819 code=0x7ffc0000 [ 135.420642][ T7039] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 135.479171][ T28] audit: type=1326 audit(1775915848.381:3303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6219c819 code=0x7ffc0000 [ 135.509506][ T7039] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 135.557655][ T7062] bridge0: port 3(bond0) entered blocking state [ 135.567555][ T28] audit: type=1326 audit(1775915848.421:3304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6219c819 code=0x7ffc0000 [ 135.575641][ T7039] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 135.602541][ T7062] bridge0: port 3(bond0) entered disabled state [ 135.629082][ T7062] bond0: entered allmulticast mode [ 135.635521][ T7062] bond_slave_0: entered allmulticast mode [ 135.641638][ T28] audit: type=1326 audit(1775915848.421:3305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f7a6219c819 code=0x7ffc0000 [ 135.664324][ T7062] bond_slave_1: entered allmulticast mode [ 135.671114][ T7039] [U] ec [ 135.671132][ T7039] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 135.671499][ T7039] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 135.704223][ T7062] bond0: entered promiscuous mode [ 135.720044][ T7062] bond_slave_0: entered promiscuous mode [ 135.726042][ T7062] bond_slave_1: entered promiscuous mode [ 135.737437][ T28] audit: type=1326 audit(1775915848.421:3306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6219c819 code=0x7ffc0000 [ 135.784483][ T28] audit: type=1326 audit(1775915848.421:3307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6219c819 code=0x7ffc0000 [ 135.831193][ T7062] bridge0: port 3(bond0) entered blocking state [ 135.837998][ T7062] bridge0: port 3(bond0) entered forwarding state [ 135.889972][ T28] audit: type=1326 audit(1775915848.421:3308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f7a6219c819 code=0x7ffc0000 [ 135.977049][ T28] audit: type=1326 audit(1775915848.421:3309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f7a6219c819 code=0x7ffc0000 [ 136.138373][ T7070] loop1: detected capacity change from 0 to 2048 [ 136.177949][ T7070] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 136.577859][ T7088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.568'. [ 136.591990][ T7088] openvswitch: netlink: Missing key (keys=40, expected=80) [ 136.739982][ T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 136.869243][ T7100] loop1: detected capacity change from 0 to 16 [ 136.879484][ T7100] erofs: (device loop1): mounted with root inode @ nid 36. [ 136.906312][ T5771] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -42 in[46, 0] out[9000] [ 136.948488][ T7100] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -42 in[46, 4050] out[9000] [ 136.963663][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 137.009366][ T9] usb 3-1: config 0 has an invalid interface number: 105 but max is 0 [ 137.011196][ T28] audit: type=1800 audit(1775915850.081:3310): pid=7100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.574" name="file2" dev="loop1" ino=89 res=0 errno=0 [ 137.037360][ T9] usb 3-1: config 0 has an invalid descriptor of length 214, skipping remainder of the config [ 137.037388][ T9] usb 3-1: config 0 has no interface number 0 [ 137.051763][ T9] usb 3-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28 [ 137.100065][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.108172][ T9] usb 3-1: Product: syz [ 137.135004][ T9] usb 3-1: Manufacturer: syz [ 137.139709][ T9] usb 3-1: SerialNumber: syz [ 137.188945][ T9] usb 3-1: config 0 descriptor?? [ 137.464808][ T5767] usb 3-1: USB disconnect, device number 7 [ 137.689103][ T7113] netlink: 'syz.1.580': attribute type 7 has an invalid length. [ 137.875048][ T7118] loop1: detected capacity change from 0 to 256 [ 138.710102][ T7148] netlink: 14 bytes leftover after parsing attributes in process `syz.0.596'. [ 139.159811][ T7160] loop3: detected capacity change from 0 to 1764 [ 139.481336][ T7150] loop2: detected capacity change from 0 to 32768 [ 139.531167][ T7150] (syz.2.598,7150,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 139.592265][ T7150] (syz.2.598,7150,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 139.669094][ T7150] JBD2: Ignoring recovery information on journal [ 139.855144][ T7150] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 140.055861][ T7187] netlink: 84 bytes leftover after parsing attributes in process `syz.3.615'. [ 140.272186][ T5766] ocfs2: Unmounting device (7,2) on (node local) [ 140.455260][ T7197] loop1: detected capacity change from 0 to 512 [ 140.563545][ T7197] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 140.629202][ T7197] EXT4-fs (loop1): external journal device major/minor numbers have changed [ 140.932917][ T7197] EXT4-fs (loop1): failed to open journal device unknown-block(0,5) -6 [ 141.517540][ T7233] loop1: detected capacity change from 0 to 1024 [ 141.652155][ T7233] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 141.705472][ T7233] ext4 filesystem being mounted at /151/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 141.789117][ T7214] loop0: detected capacity change from 0 to 32768 [ 141.811049][ T7233] EXT4-fs error (device loop1): ext4_xattr_block_list:766: inode #15: comm syz.1.635: corrupted xattr block 128: invalid header [ 141.842343][ T7214] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 141.870131][ T5767] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 141.933530][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 142.029648][ T7214] XFS (loop0): Ending clean mount [ 142.100815][ T5767] usb 3-1: Using ep0 maxpacket: 16 [ 142.139663][ T5767] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 142.160067][ T5767] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.168156][ T5767] usb 3-1: Product: syz [ 142.174250][ T5767] usb 3-1: Manufacturer: syz [ 142.178927][ T5767] usb 3-1: SerialNumber: syz [ 142.212569][ T5767] usb 3-1: config 0 descriptor?? [ 142.232992][ T5767] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 142.241916][ T5765] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 142.673911][ T5767] ssu100: probe of 3-1:0.0 failed with error -71 [ 142.704417][ T5767] usb 3-1: USB disconnect, device number 8 [ 142.803322][ T7268] team0: entered promiscuous mode [ 142.808508][ T7268] team_slave_0: entered promiscuous mode [ 142.816241][ T7268] team_slave_1: entered promiscuous mode [ 142.839241][ T7268] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.102795][ T7274] netlink: 'syz.3.651': attribute type 3 has an invalid length. [ 143.112895][ T7274] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.651'. [ 143.250178][ T5767] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 143.285334][ T7264] loop1: detected capacity change from 0 to 32768 [ 143.301141][ T7264] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 143.363080][ T5941] I/O error, dev loop1, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 143.444898][ T5767] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 143.471465][ T5767] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.504521][ T5767] usb 1-1: Product: syz [ 143.508791][ T5767] usb 1-1: Manufacturer: syz [ 143.532956][ T5767] usb 1-1: SerialNumber: syz [ 143.569538][ T5767] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 143.655399][ T23] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 144.262283][ T5777] usb 1-1: USB disconnect, device number 7 [ 144.583944][ T7304] loop1: detected capacity change from 0 to 4096 [ 144.631828][ T7304] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 144.740033][ T23] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 144.768840][ T23] ath9k_htc: Failed to initialize the device [ 144.810004][ T5777] usb 1-1: ath9k_htc: USB layer deinitialized [ 145.252521][ T5777] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 145.457389][ T5777] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 145.478997][ T5777] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 145.500920][ T5777] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 145.519901][ T5777] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 145.539457][ T5777] usb 3-1: config 1 has no interface number 0 [ 145.545833][ T5777] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 145.565176][ T5777] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.596065][ T5777] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 145.780586][ T7336] loop3: detected capacity change from 0 to 4096 [ 145.811575][ T5777] snd_usb_pod 3-1:1.1: endpoint not available, using fallback values [ 145.831483][ T7336] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.850330][ T5777] snd_usb_pod 3-1:1.1: invalid control EP [ 145.852439][ T7342] loop1: detected capacity change from 0 to 512 [ 145.856125][ T5777] snd_usb_pod 3-1:1.1: cannot start listening: -22 [ 145.933067][ T7342] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e028, mo2=0002] [ 145.954621][ T5777] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 145.978007][ T7342] System zones: 1-12 [ 145.991641][ T5777] snd_usb_pod: probe of 3-1:1.1 failed with error -22 [ 146.014522][ T7342] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.684: invalid indirect mapped block 8 (level 2) [ 146.042728][ T5777] usb 3-1: USB disconnect, device number 9 [ 146.063242][ T7336] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #15: comm syz.3.682: corrupted inode contents [ 146.085961][ T7342] EXT4-fs (loop1): Remounting filesystem read-only [ 146.106075][ T7326] loop0: detected capacity change from 0 to 32768 [ 146.122349][ T7336] EXT4-fs error (device loop3): ext4_dirty_inode:6143: inode #15: comm syz.3.682: mark_inode_dirty error [ 146.123501][ T7342] EXT4-fs (loop1): 1 truncate cleaned up [ 146.152458][ T7342] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.195600][ T7326] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 146.197711][ T7336] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #15: comm syz.3.682: corrupted inode contents [ 146.230690][ T7326] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 146.239644][ T7336] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.682: mark_inode_dirty error [ 146.256653][ T7336] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #15: comm syz.3.682: corrupted inode contents [ 146.270457][ T7336] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.682: mark_inode_dirty error [ 146.285152][ T7336] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #15: comm syz.3.682: corrupted inode contents [ 146.304827][ T7336] EXT4-fs error (device loop3): ext4_truncate:4301: inode #15: comm syz.3.682: mark_inode_dirty error [ 146.362474][ T7326] XFS (loop0): Ending clean mount [ 146.364917][ T7336] EXT4-fs error (device loop3) in ext4_setattr:5682: Corrupt filesystem [ 146.381740][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.438695][ T7326] XFS (loop0): Quotacheck needed: Please wait. [ 146.486602][ T5777] XFS (loop0): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xd0, xfs_cntbt block 0x10 [ 146.509207][ T5777] XFS (loop0): Unmount and run xfs_repair [ 146.517602][ T5777] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 146.526979][ T5777] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff AB3C............ [ 146.538064][ T5777] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10 ................ [ 146.554573][ T5777] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 146.564084][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.578718][ T5777] 00000030: 00 00 00 00 20 bb 84 11 00 00 04 4e 00 00 00 02 .... ......N.... [ 146.593883][ T5777] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00 ...`............ [ 146.604066][ T5777] 00000050: 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 00 ................ [ 146.640821][ T5777] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 146.690024][ T5777] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 146.707171][ T1332] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x10 len 8 error 74 [ 146.772614][ T7326] XFS (loop0): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 146.813409][ T7326] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 147.252304][ T7365] loop2: detected capacity change from 0 to 2048 [ 147.280990][ T7365] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 147.494217][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.529936][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.538180][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.573231][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.610134][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.618917][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.670046][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.684130][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.732048][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.764250][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.775137][ T7379] loop3: detected capacity change from 0 to 16 [ 147.785236][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.817618][ T7379] erofs: (device loop3): mounted with root inode @ nid 36. [ 147.830598][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.838445][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.868484][ T7379] syz.3.698: attempt to access beyond end of device [ 147.868484][ T7379] loop3: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 147.883624][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.894084][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.911587][ T7379] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -6 in[63, 4033] out[4096] [ 147.928908][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.938349][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 147.967720][ T28] audit: type=1800 audit(1775915861.031:3311): pid=7379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.698" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 147.979187][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 148.025623][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 148.038630][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 148.059703][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 148.076465][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 148.105803][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 148.134641][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 148.156296][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 148.179095][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 148.190125][ T7388] netlink: 36 bytes leftover after parsing attributes in process `syz.3.703'. [ 148.204173][ T8] hid-generic 0001:2043D8E7:05F6.0001: unknown main item tag 0x0 [ 148.215204][ T7388] netlink: 36 bytes leftover after parsing attributes in process `syz.3.703'. [ 148.249303][ T8] hid-generic 0001:2043D8E7:05F6.0001: hidraw0: HID ved.d9 Device [syz0] on syz0 [ 148.566883][ T7390] fido_id[7390]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 148.879953][ T23] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 149.082281][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 149.092525][ T23] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 149.124837][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 149.176965][ T23] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 149.228327][ T23] usb 1-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 149.259973][ T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.279897][ T23] usb 1-1: Product: syz [ 149.284161][ T23] usb 1-1: Manufacturer: syz [ 149.288805][ T23] usb 1-1: SerialNumber: syz [ 149.336299][ T23] usb 1-1: config 0 descriptor?? [ 149.349394][ T7419] geneve1: entered allmulticast mode [ 149.364741][ T23] ums-isd200 1-1:0.0: USB Mass Storage device detected [ 149.475056][ T7421] loop2: detected capacity change from 0 to 4096 [ 149.604925][ T23] scsi host1: usb-storage 1-1:0.0 [ 149.632237][ T7427] bridge2: the hash_elasticity option has been deprecated and is always 16 [ 149.653653][ T7427] bridge2: entered promiscuous mode [ 149.664837][ T7427] bridge2: entered allmulticast mode [ 149.678382][ T23] usb 1-1: USB disconnect, device number 8 [ 149.933001][ T7434] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.722'. [ 150.420480][ T7442] loop0: detected capacity change from 0 to 256 [ 150.427908][ T7442] exfat: Deprecated parameter 'utf8' [ 150.458814][ T7442] exfat: Deprecated parameter 'utf8' [ 150.491501][ T7442] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 150.796237][ T7446] loop2: detected capacity change from 0 to 8192 [ 150.810175][ T7453] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 150.845477][ T7446] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 150.918828][ T7446] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 150.962331][ T7446] REISERFS (device loop2): using ordered data mode [ 150.969073][ T7446] reiserfs: using flush barriers [ 151.047209][ T7446] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 151.081177][ T7446] REISERFS (device loop2): checking transaction log (loop2) [ 151.133551][ T7446] REISERFS (device loop2): Using r5 hash to sort names [ 151.164068][ T7446] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 151.310092][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 151.456926][ T7473] netlink: 20 bytes leftover after parsing attributes in process `syz.0.741'. [ 151.511101][ T7473] veth2: entered promiscuous mode [ 151.511609][ T9] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 151.516872][ T7473] veth2: entered allmulticast mode [ 151.550312][ T9] usb 4-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 151.576376][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.617283][ T9] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 151.647278][ T7475] loop2: detected capacity change from 0 to 512 [ 151.714328][ T7475] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 151.753958][ T7475] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 151.953202][ T5766] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.049500][ T7471] loop1: detected capacity change from 0 to 32768 [ 152.061389][ T7471] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 152.124616][ T6606] I/O error, dev loop1, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 152.646910][ T7492] (null): rxe_set_mtu: Set mtu to 1024 [ 152.660934][ T9] stv0680 4-1:4.0: STV(e): camera ping failed!! [ 152.826748][ T7484] loop2: detected capacity change from 0 to 32768 [ 152.866906][ T7484] (syz.2.743,7484,0):ocfs2_find_slot:468 ERROR: no free slots available! [ 152.889711][ T9] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 152.896500][ T7484] (syz.2.743,7484,1):ocfs2_mount_volume:1807 ERROR: status = -22 [ 152.912378][ T7484] (syz.2.743,7484,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 152.941480][ T9] stv0680 4-1:4.0: last error: 0, command = 0x0 [ 152.970419][ T9] usb 4-1: USB disconnect, device number 5 [ 153.057845][ T7484] NILFS (loop2): couldn't find nilfs on the device [ 153.260057][ T7492] infiniband syz2: set active [ 153.275445][ T7492] infiniband syz2: added veth0_vlan [ 153.361667][ T7490] loop0: detected capacity change from 0 to 32768 [ 153.401185][ T7490] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 153.462428][ T28] audit: type=1326 audit(1775915866.531:3312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 153.532888][ T28] audit: type=1326 audit(1775915866.531:3313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 153.556698][ T28] audit: type=1326 audit(1775915866.531:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 153.580561][ T28] audit: type=1326 audit(1775915866.531:3315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 153.605696][ T28] audit: type=1326 audit(1775915866.531:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 153.635452][ T7492] RDS/IB: syz2: added [ 153.641927][ T7492] smc: adding ib device syz2 with port count 1 [ 153.661371][ T28] audit: type=1326 audit(1775915866.531:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 153.700728][ T7492] smc: ib device syz2 port 1 has pnetid [ 153.769373][ T28] audit: type=1326 audit(1775915866.541:3318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 153.876863][ T28] audit: type=1326 audit(1775915866.541:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 153.913430][ T7490] XFS (loop0): Ending clean mount [ 153.936298][ T28] audit: type=1326 audit(1775915866.551:3320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz.2.750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 154.108951][ T5765] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 154.130235][ T5827] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 154.310071][ T5827] usb 3-1: Using ep0 maxpacket: 16 [ 154.317637][ T5827] usb 3-1: config 0 has no interfaces? [ 154.328625][ T5827] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 154.348289][ T5827] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.359971][ T5773] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 154.373907][ T5827] usb 3-1: Product: syz [ 154.381826][ T5827] usb 3-1: Manufacturer: syz [ 154.400008][ T5827] usb 3-1: SerialNumber: syz [ 154.418041][ T5827] r8152-cfgselector 3-1: config 0 descriptor?? [ 154.565592][ T5773] usb 4-1: config 0 has an invalid interface number: 2 but max is 0 [ 154.582329][ T5773] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 154.609902][ T5773] usb 4-1: config 0 has no interface number 0 [ 154.620027][ T5773] usb 4-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f [ 154.629157][ T5773] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.659924][ T5773] usb 4-1: Product: syz [ 154.664346][ T5773] usb 4-1: Manufacturer: syz [ 154.668995][ T5773] usb 4-1: SerialNumber: syz [ 154.682311][ T5827] usbip-host 3-1: 3-1 is not in match_busid table... skip! [ 154.692492][ T5773] usb 4-1: config 0 descriptor?? [ 154.912768][ T5773] usb 4-1: Quirk or no altest; falling back to MIDI 1.0 [ 154.914446][ T5827] usb 3-1: USB disconnect, device number 10 [ 154.975792][ T7522] capability: warning: `syz.0.758' uses 32-bit capabilities (legacy support in use) [ 155.011865][ T5773] snd-usb-audio: probe of 4-1:0.2 failed with error -2 [ 155.054522][ T5941] udevd[5941]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 155.185307][ T5773] usb 4-1: USB disconnect, device number 6 [ 155.750842][ T7525] loop0: detected capacity change from 0 to 32768 [ 155.771770][ T7525] (syz.0.759,7525,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 155.836593][ T7525] (syz.0.759,7525,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 155.960786][ T7525] JBD2: Ignoring recovery information on journal [ 156.023588][ T7539] loop2: detected capacity change from 0 to 8192 [ 156.035515][ T7539] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 156.048907][ T7539] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 156.058309][ T7539] REISERFS (device loop2): using ordered data mode [ 156.065051][ T7539] reiserfs: using flush barriers [ 156.074119][ T7539] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 156.091049][ T7539] REISERFS (device loop2): checking transaction log (loop2) [ 156.147532][ T7544] loop3: detected capacity change from 0 to 64 [ 156.257848][ T7525] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 156.406118][ T7539] REISERFS (device loop2): Using tea hash to sort names [ 156.440541][ T7539] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 156.493290][ T7539] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 156.747158][ T5765] ocfs2: Unmounting device (7,0) on (node local) [ 156.960436][ T7557] set match dimension is over the limit! [ 156.968204][ T7556] loop2: detected capacity change from 0 to 1024 [ 157.255012][ T7556] hfsplus: inconsistency in B*Tree (128,1,255,1,0) [ 157.290720][ T7556] syz.2.773: attempt to access beyond end of device [ 157.290720][ T7556] loop2: rw=0, sector=917504, nr_sectors = 2 limit=1024 [ 157.321829][ T7556] Buffer I/O error on dev loop2, logical block 458752, async page read [ 157.335233][ T7556] syz.2.773: attempt to access beyond end of device [ 157.335233][ T7556] loop2: rw=0, sector=917504, nr_sectors = 2 limit=1024 [ 157.379111][ T7556] Buffer I/O error on dev loop2, logical block 458752, async page read [ 157.502809][ T7565] 8021q: adding VLAN 0 to HW filter on device bond0 [ 157.530404][ T7565] bond0: (slave sit0): The slave device specified does not support setting the MAC address [ 157.546193][ T7565] bond0: (slave sit0): Error -95 calling set_mac_address [ 157.901509][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.2.780'. [ 157.940792][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.2.780'. [ 157.949678][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.2.780'. [ 158.103523][ T7588] bond0: Unable to set up delay as MII monitoring is disabled [ 158.209946][ T5827] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 158.430290][ T5827] usb 4-1: Using ep0 maxpacket: 32 [ 158.452212][ T5827] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 158.479968][ T5827] usb 4-1: config 0 has no interface number 0 [ 158.486179][ T5827] usb 4-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 158.521757][ T5827] usb 4-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 158.541518][ T5827] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 158.559939][ T5827] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.568669][ T5827] usb 4-1: Product: syz [ 158.588495][ T5827] usb 4-1: Manufacturer: syz [ 158.629899][ T5827] usb 4-1: SerialNumber: syz [ 158.642773][ T5827] usb 4-1: config 0 descriptor?? [ 158.657904][ T5827] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 158.673753][ T7608] ipip0: entered promiscuous mode [ 158.910648][ T5827] usb 4-1: qt2_setup_urbs - submit read urb failed -90 [ 158.918024][ T5827] quatech2: probe of 4-1:0.51 failed with error -90 [ 159.153497][ T9] usb 4-1: USB disconnect, device number 7 [ 159.883285][ T7616] loop2: detected capacity change from 0 to 32768 [ 160.054452][ T7616] JBD2: Ignoring recovery information on journal [ 160.177159][ T7616] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 160.495506][ T7636] loop0: detected capacity change from 0 to 32768 [ 160.548776][ T7636] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.801 (7636) [ 160.570663][ T5766] ocfs2: Unmounting device (7,2) on (node local) [ 160.649924][ T7636] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 160.693546][ T7636] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 160.750737][ T7636] BTRFS info (device loop0): using free space tree [ 160.792922][ T7666] loop1: detected capacity change from 0 to 512 [ 160.888967][ T7666] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0022] [ 160.900045][ T7666] System zones: 1-12 [ 160.911730][ T7666] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.812: Directory hole found for htree index block 0 [ 160.945761][ T7666] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 160.990276][ T7666] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.812: Directory hole found for htree index block 0 [ 161.015831][ T7636] BTRFS info (device loop0): enabling ssd optimizations [ 161.071144][ T7636] BTRFS info (device loop0): auto enabling async discard [ 161.094520][ T7666] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 161.131418][ T7666] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.298596][ T7666] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 161.414912][ T5765] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 161.451378][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.609421][ T28] audit: type=1326 audit(1775915874.671:3321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7695 comm=162E44A480DB682108B49543019E91 exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9fad59c819 code=0x0 [ 161.828802][ T5941] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 9 /dev/loop0 scanned by udevd (5941) [ 162.266265][ T7708] geneve2: entered promiscuous mode [ 162.279988][ T7708] geneve2: entered allmulticast mode [ 162.305358][ T7685] loop3: detected capacity change from 0 to 32768 [ 162.344020][ T7685] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9 [ 162.437066][ T6606] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 163.007373][ T7703] loop1: detected capacity change from 0 to 32768 [ 163.054211][ T7703] (syz.1.816,7703,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 163.112408][ T7703] (syz.1.816,7703,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 163.160737][ T7703] JBD2: Ignoring recovery information on journal [ 163.253233][ T7703] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 163.328427][ T7730] netlink: 8 bytes leftover after parsing attributes in process `syz.0.828'. [ 163.440155][ T5773] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 163.622944][ T5770] ocfs2: Unmounting device (7,1) on (node local) [ 163.654763][ T5773] usb 3-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55 [ 163.690006][ T5773] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 163.698094][ T5773] usb 3-1: Product: syz [ 163.715681][ T5773] usb 3-1: Manufacturer: syz [ 163.739673][ T5773] usb 3-1: SerialNumber: syz [ 163.755916][ T5773] usb 3-1: config 0 descriptor?? [ 163.767070][ T5773] gspca_main: sonixb-2.14.0 probing 0c45:6005 [ 164.237169][ T5773] sonixb 3-1:0.0: Error writing register 01: -71 [ 164.255553][ T5773] sonixb: probe of 3-1:0.0 failed with error -71 [ 164.277405][ T5773] usb 3-1: USB disconnect, device number 11 [ 164.719311][ T7763] loop0: detected capacity change from 0 to 2048 [ 164.777004][ T7744] loop1: detected capacity change from 0 to 32768 [ 164.790673][ T7763] GPT:first_usable_lbas don't match. [ 164.796524][ T7763] GPT:34 != 290 [ 164.800994][ T7744] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 164.830097][ T7763] GPT: Use GNU Parted to correct GPT errors. [ 164.836329][ T7763] loop0: p1 p2 p3 [ 165.036723][ T5782] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 165.422178][ T7780] loop0: detected capacity change from 0 to 16 [ 165.450135][ T6606] udevd[6606]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 165.460582][ T6110] udevd[6110]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 165.474092][ T5941] udevd[5941]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 165.500378][ T7780] erofs: (device loop0): mounted with root inode @ nid 36. [ 165.562249][ T7780] syz.0.853: attempt to access beyond end of device [ 165.562249][ T7780] loop0: rw=524288, sector=1056, nr_sectors = 16 limit=16 [ 165.630663][ T7780] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -32 in[46, 4050] out[4096] [ 165.667334][ T28] audit: type=1800 audit(1775915878.721:3322): pid=7780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.853" name="file2" dev="loop0" ino=89 res=0 errno=0 [ 166.750051][ T5827] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 166.905026][ T7810] loop2: detected capacity change from 0 to 32768 [ 166.945116][ T7810] (syz.2.867,7810,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 166.962549][ T5827] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 166.990295][ T5827] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.999230][ T7810] (syz.2.867,7810,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 167.021462][ T5827] usb 4-1: config 0 descriptor?? [ 167.035737][ T5827] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 167.089858][ T7810] JBD2: Ignoring recovery information on journal [ 167.212262][ T7810] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 167.359479][ T7819] loop0: detected capacity change from 0 to 32768 [ 167.394513][ T7819] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 167.481632][ T5827] gp8psk: usb in 137 operation failed. [ 167.502631][ T5827] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 167.532798][ T5827] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 167.549155][ T5827] usb 4-1: USB disconnect, device number 8 [ 167.615740][ T6606] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 167.651134][ T7829] netlink: 'syz.0.876': attribute type 21 has an invalid length. [ 167.669247][ T7829] netlink: 128 bytes leftover after parsing attributes in process `syz.0.876'. [ 167.690722][ T7829] netlink: 'syz.0.876': attribute type 5 has an invalid length. [ 167.698453][ T7829] netlink: 'syz.0.876': attribute type 6 has an invalid length. [ 167.731773][ T7829] netlink: 3 bytes leftover after parsing attributes in process `syz.0.876'. [ 167.807787][ T5766] ocfs2: Unmounting device (7,2) on (node local) [ 168.157960][ T7826] loop1: detected capacity change from 0 to 32768 [ 168.188936][ T7826] (syz.1.875,7826,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 168.244465][ T7826] (syz.1.875,7826,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 168.359257][ T7826] JBD2: Ignoring recovery information on journal [ 168.456011][ T7826] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 168.838416][ T5770] ocfs2: Unmounting device (7,1) on (node local) [ 168.855762][ T5771] Bluetooth: Wrong link type (-22) [ 169.679993][ T5777] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 169.849295][ T7868] loop0: detected capacity change from 0 to 32768 [ 169.867902][ T7868] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 169.883260][ T7871] loop2: detected capacity change from 0 to 32768 [ 169.889907][ T5777] usb 2-1: Using ep0 maxpacket: 16 [ 169.906736][ T5777] usb 2-1: config 0 has no interfaces? [ 169.916669][ T5777] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 169.917129][ T7871] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 169.925939][ T5777] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.925963][ T5777] usb 2-1: Product: syz [ 169.925978][ T5777] usb 2-1: Manufacturer: syz [ 169.953294][ T5777] usb 2-1: SerialNumber: syz [ 169.978977][ T5777] r8152-cfgselector 2-1: config 0 descriptor?? [ 169.983738][ T7881] netlink: 'syz.3.898': attribute type 21 has an invalid length. [ 170.000079][ T7881] netlink: 'syz.3.898': attribute type 1 has an invalid length. [ 170.210859][ T7871] XFS (loop2): Ending clean mount [ 170.248925][ T5941] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9 [ 170.330263][ T5777] r8152-cfgselector 2-1: Unknown version 0x0000 [ 170.534398][ T5777] r8152-cfgselector 2-1: USB disconnect, device number 6 [ 170.550634][ T5766] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 171.175552][ T7911] netlink: 12 bytes leftover after parsing attributes in process `syz.3.910'. [ 172.098277][ T7947] loop1: detected capacity change from 0 to 16 [ 172.124364][ T7947] erofs: (device loop1): mounted with root inode @ nid 36. [ 172.195368][ T5771] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress 4876 in[4096, 0] out[9000] [ 172.211562][ T7947] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress 4876 in[4096, 0] out[8192] [ 172.223490][ T28] audit: type=1800 audit(1775915885.291:3323): pid=7947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.929" name="file2" dev="loop1" ino=89 res=0 errno=0 [ 172.396204][ T7951] loop0: detected capacity change from 0 to 4096 [ 172.554859][ T7951] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 172.605448][ T7961] netlink: 48 bytes leftover after parsing attributes in process `syz.3.936'. [ 172.648007][ T7951] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 172.929329][ T7969] loop1: detected capacity change from 0 to 736 [ 173.163454][ T7969] tmpfs: Unknown parameter '$TaFmI(9טz6m+N`1x*40 ?W ̄ ' [ 173.320305][ T5773] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 173.534990][ T5773] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 173.565293][ T5773] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.576888][ T5773] usb 1-1: Product: syz [ 173.584333][ T5773] usb 1-1: Manufacturer: syz [ 173.589199][ T5773] usb 1-1: SerialNumber: syz [ 173.600169][ T5777] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 173.608908][ T5773] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 173.650395][ T8] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 173.808250][ T5777] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 173.830777][ T5777] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 173.876414][ T5777] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 173.897731][ T5777] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 173.919300][ T5777] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 173.936349][ T5777] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.947665][ T5777] usb 2-1: Product: syz [ 173.957840][ T5777] usb 2-1: Manufacturer: syz [ 173.966700][ T5777] usb 2-1: SerialNumber: syz [ 173.976697][ T5777] usb 2-1: config 0 descriptor?? [ 173.996809][ T5777] ums-isd200 2-1:0.0: USB Mass Storage device detected [ 174.091532][ T23] usb 1-1: USB disconnect, device number 9 [ 174.290282][ T5777] ums-isd200: probe of 2-1:0.0 failed with error -22 [ 174.472573][ T5777] usb 2-1: USB disconnect, device number 7 [ 174.750442][ T8] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 174.765081][ T8003] loop3: detected capacity change from 0 to 40427 [ 174.780296][ T8] ath9k_htc: Failed to initialize the device [ 174.787232][ T23] usb 1-1: ath9k_htc: USB layer deinitialized [ 174.822228][ T8003] F2FS-fs (loop3): build fault injection attr: rate: 14, type: 0x7ffff [ 174.856428][ T8003] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0xe4 [ 174.888714][ T8003] F2FS-fs (loop3): invalid crc value [ 174.914270][ T8003] F2FS-fs (loop3): Found nat_bits in checkpoint [ 174.956016][ T8020] netlink: 8 bytes leftover after parsing attributes in process `syz.2.962'. [ 174.976119][ T8003] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x68b/0x9b0 [ 175.014571][ T8021] netlink: 'syz.0.963': attribute type 28 has an invalid length. [ 175.108129][ T8003] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 175.373182][ T5769] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_grab_meta_page+0x67/0x200 [ 175.429152][ T8030] loop2: detected capacity change from 0 to 128 [ 175.684290][ T8038] netlink: 'syz.0.972': attribute type 8 has an invalid length. [ 175.807825][ T8040] xt_cgroup: xt_cgroup: no path or classid specified [ 175.893525][ T8043] loop1: detected capacity change from 0 to 8 [ 175.999796][ T8043] SQUASHFS error: Failed to read block 0xdfa: -5 [ 176.017909][ T8043] SQUASHFS error: Unable to read metadata cache entry [dfa] [ 176.062871][ T8043] SQUASHFS error: Failed to read block 0x4e8: -5 [ 176.101653][ T8043] SQUASHFS error: Failed to read block 0xed04f1: -5 [ 176.115615][ T8043] SQUASHFS error: Failed to read block 0x4de: -5 [ 176.123853][ T8043] SQUASHFS error: Failed to read block 0x4de: -5 [ 176.135627][ T8043] SQUASHFS error: Failed to read block 0x4de: -5 [ 176.143782][ T8043] SQUASHFS error: Failed to read block 0x4de: -5 [ 176.167756][ T8043] SQUASHFS error: Failed to read block 0x4de: -5 [ 176.177864][ T8043] SQUASHFS error: Failed to read block 0x4de: -5 [ 176.201637][ T8043] SQUASHFS error: Failed to read block 0x4e8: -5 [ 176.219265][ T28] audit: type=1800 audit(1775915889.281:3324): pid=8043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.974" name="file1" dev="loop1" ino=5 res=0 errno=0 [ 176.719691][ T8061] loop3: detected capacity change from 0 to 1024 [ 177.343456][ T8052] loop2: detected capacity change from 0 to 32768 [ 177.371471][ T8052] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 177.417306][ T8052] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 177.451275][ T8052] BTRFS info (device loop2): using free space tree [ 177.670138][ T8052] BTRFS info (device loop2): enabling ssd optimizations [ 177.677193][ T8052] BTRFS info (device loop2): auto enabling async discard [ 177.932780][ T5766] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 178.273520][ T28] audit: type=1326 audit(1775915891.331:3325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8114 comm="syz.2.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 178.378154][ T28] audit: type=1326 audit(1775915891.331:3326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8114 comm="syz.2.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 178.468181][ T28] audit: type=1326 audit(1775915891.371:3327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8114 comm="syz.2.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 178.569918][ T28] audit: type=1326 audit(1775915891.371:3328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8114 comm="syz.2.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 178.641389][ T28] audit: type=1326 audit(1775915891.371:3329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8114 comm="syz.2.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 179.408085][ T8147] loop3: detected capacity change from 0 to 512 [ 179.441454][ T8147] EXT4-fs: Ignoring removed bh option [ 179.487561][ T8147] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 179.557229][ T8147] EXT4-fs (loop3): 1 truncate cleaned up [ 179.590795][ T8147] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 179.884490][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.888474][ T8126] loop1: detected capacity change from 0 to 40427 [ 179.927561][ T8126] F2FS-fs (loop1): build fault injection attr: rate: 14, type: 0x7ffff [ 179.953933][ T8126] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0xe4 [ 179.992024][ T8126] F2FS-fs (loop1): invalid crc value [ 180.084824][ T8126] F2FS-fs (loop1): Found nat_bits in checkpoint [ 180.231541][ T8126] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x68b/0x9b0 [ 180.320074][ T8126] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 180.568289][ T5770] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_grab_meta_page+0x67/0x200 [ 181.321428][ T8205] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1043'. [ 181.331672][ T8206] tc_dump_action: action bad kind [ 181.424114][ T8208] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1045'. [ 181.627989][ T8214] loop1: detected capacity change from 0 to 64 [ 182.038936][ T23] IPVS: starting estimator thread 0... [ 182.160216][ T8227] IPVS: using max 17 ests per chain, 40800 per kthread [ 182.397817][ T8240] cifs: Unknown parameter '[bITH&S)&:"1:ӭ'4,Zz-#F<]%gC [ 182.397817][ T8240] SȘȞZ6' [ 183.138370][ T8259] loop3: detected capacity change from 0 to 8192 [ 183.187037][ T8259] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 183.250028][ T8259] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 183.259384][ T8259] REISERFS (device loop3): using ordered data mode [ 183.275107][ T8259] reiserfs: using flush barriers [ 183.283894][ T8259] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 183.301328][ T8259] REISERFS (device loop3): checking transaction log (loop3) [ 183.516012][ T8259] REISERFS (device loop3): Using tea hash to sort names [ 183.536135][ T8259] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 183.570019][ T8259] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 184.240958][ T8293] loop2: detected capacity change from 0 to 4096 [ 184.297547][ T8293] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 185.114394][ T8321] netlink: 'syz.1.1099': attribute type 21 has an invalid length. [ 185.160079][ T8321] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1099'. [ 185.612168][ T5773] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 185.837141][ T5773] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 185.867272][ T5773] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 185.897432][ T5773] usb 3-1: Product: syz [ 185.908965][ T5773] usb 3-1: Manufacturer: syz [ 185.922808][ T5773] usb 3-1: SerialNumber: syz [ 185.965314][ T5773] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 185.997917][ T9] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 186.103668][ T8359] loop0: detected capacity change from 0 to 8 [ 186.136046][ T8359] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 186.196501][ T6606] udevd[6606]: incorrect cramfs checksum on /dev/loop0 [ 186.228156][ T8359] cramfs: Error -5 while decompressing! [ 186.265124][ T8359] cramfs: ffffffff973fa368(26)->ffff888057797000(4096) [ 186.293723][ T8359] cramfs: Error -3 while decompressing! [ 186.313855][ T8359] cramfs: ffffffff973fa382(26)->ffff88806c75a000(4096) [ 186.354274][ T5941] udevd[5941]: incorrect cramfs checksum on /dev/loop0 [ 186.363932][ T8359] cramfs: Error -3 while decompressing! [ 186.381857][ T8359] cramfs: ffffffff973fa39c(16)->ffff888074181000(4096) [ 186.403363][ T8359] cramfs: Error -5 while decompressing! [ 186.419465][ T8359] cramfs: ffffffff973fa368(26)->ffff888057797000(4096) [ 186.448211][ T28] audit: type=1800 audit(1775915899.511:3330): pid=8359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1114" name="file2" dev="loop0" ino=348 res=0 errno=0 [ 186.713124][ T8] usb 3-1: USB disconnect, device number 12 [ 186.928002][ T8376] loop0: detected capacity change from 0 to 4096 [ 186.964129][ T8380] loop1: detected capacity change from 0 to 64 [ 186.983685][ T8376] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 187.039281][ T8376] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 187.079668][ T9] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 187.098857][ T9] ath9k_htc: Failed to initialize the device [ 187.127707][ T8376] ntfs: volume version 3.1. [ 187.133311][ T8] usb 3-1: ath9k_htc: USB layer deinitialized [ 187.459937][ T5809] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 187.683040][ T5809] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 187.712103][ T5809] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 187.750126][ T5809] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 187.790187][ T5809] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.809896][ T8382] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 187.823311][ T28] audit: type=1400 audit(1775915900.891:3331): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A3A0AE10CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=8398 comm="syz.1.1133" [ 187.855094][ C1] vkms_vblank_simulate: vblank timer overrun [ 187.858321][ T5809] usb 4-1: Quirk or no altest; falling back to MIDI 1.0 [ 188.343929][ T8] usb 4-1: USB disconnect, device number 9 [ 188.461371][ T8413] loop0: detected capacity change from 0 to 512 [ 188.553591][ T8413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 188.567622][ T8413] ext4 filesystem being mounted at /288/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 188.599162][ T8413] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 188.712858][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.123172][ T28] audit: type=1326 audit(1775915902.181:3332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8431 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc61619c819 code=0x7ffc0000 [ 189.210188][ T28] audit: type=1326 audit(1775915902.181:3333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8431 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc61619c819 code=0x7ffc0000 [ 189.243982][ T8434] netlink: 'syz.2.1148': attribute type 2 has an invalid length. [ 189.320024][ T28] audit: type=1326 audit(1775915902.191:3334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8431 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7fc61619c819 code=0x7ffc0000 [ 189.386916][ T8438] xt_l2tp: wrong L2TP version: 0 [ 189.397744][ T28] audit: type=1326 audit(1775915902.191:3335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8431 comm="syz.3.1147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc61619c819 code=0x7ffc0000 [ 189.750069][ T8] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 189.933339][ T8458] syz.1.1161: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 189.970442][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 189.981232][ T8458] CPU: 1 PID: 8458 Comm: syz.1.1161 Not tainted syzkaller #0 [ 189.988760][ T8458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 189.998877][ T8458] Call Trace: [ 190.002208][ T8458] [ 190.005182][ T8458] dump_stack_lvl+0x18c/0x250 [ 190.009934][ T8458] ? show_regs_print_info+0x20/0x20 [ 190.015194][ T8458] ? load_image+0x420/0x420 [ 190.019745][ T8458] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 190.026203][ T8458] ? cpuset_print_current_mems_allowed+0x2e7/0x360 [ 190.032835][ T8458] warn_alloc+0x246/0x340 [ 190.037217][ T8458] ? stack_trace_save+0xaa/0x100 [ 190.042195][ T8458] ? zone_watermark_ok_safe+0x230/0x230 [ 190.047796][ T8458] ? kasan_set_track+0x5f/0x70 [ 190.052625][ T8458] ? kasan_set_track+0x4e/0x70 [ 190.057425][ T8458] ? __kasan_kmalloc+0x8f/0xa0 [ 190.062231][ T8458] ? xsk_init_queue+0xad/0x100 [ 190.067038][ T8458] ? xsk_setsockopt+0x42e/0x760 [ 190.071926][ T8458] ? do_sock_setsockopt+0x175/0x1a0 [ 190.077162][ T8458] ? __x64_sys_setsockopt+0x182/0x200 [ 190.082572][ T8458] __vmalloc_node_range+0x126/0x1330 [ 190.087937][ T8458] ? free_vm_area+0x50/0x50 [ 190.092495][ T8458] vmalloc_user+0x74/0x80 [ 190.096865][ T8458] ? xskq_create+0xbf/0x170 [ 190.101409][ T8458] xskq_create+0xbf/0x170 [ 190.105778][ T8458] xsk_init_queue+0xad/0x100 [ 190.110423][ T8458] xsk_setsockopt+0x42e/0x760 [ 190.115157][ T8458] ? xsk_poll+0x680/0x680 [ 190.119639][ T8458] ? __fget_files+0x28/0x4b0 [ 190.124269][ T8458] ? __fget_files+0x28/0x4b0 [ 190.128902][ T8458] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 190.134665][ T8458] ? security_socket_setsockopt+0x7e/0xa0 [ 190.140511][ T8458] ? xsk_poll+0x680/0x680 [ 190.144887][ T8458] do_sock_setsockopt+0x175/0x1a0 [ 190.149957][ T8458] ? __fdget+0x180/0x210 [ 190.154612][ T8458] __x64_sys_setsockopt+0x182/0x200 [ 190.159852][ T8458] do_syscall_64+0x55/0xa0 [ 190.164388][ T8458] ? clear_bhb_loop+0x40/0x90 [ 190.169099][ T8458] ? clear_bhb_loop+0x40/0x90 [ 190.173812][ T8458] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 190.179776][ T8458] RIP: 0033:0x7f4645f9c819 [ 190.184249][ T8458] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 190.203890][ T8458] RSP: 002b:00007f4646d99028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 190.212355][ T8458] RAX: ffffffffffffffda RBX: 00007f4646215fa0 RCX: 00007f4645f9c819 [ 190.220483][ T8458] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 190.229014][ T8458] RBP: 00007f4646032c91 R08: 0000000000000004 R09: 0000000000000000 [ 190.237478][ T8458] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.245488][ T8458] R13: 00007f4646216038 R14: 00007f4646215fa0 R15: 00007ffdf2a61548 [ 190.253513][ T8458] [ 190.261897][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 190.271888][ T8] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 190.287997][ T8] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 190.297281][ T8458] Mem-Info: [ 190.300691][ T8458] active_anon:5803 inactive_anon:0 isolated_anon:0 [ 190.300691][ T8458] active_file:1110 inactive_file:40337 isolated_file:0 [ 190.300691][ T8458] unevictable:768 dirty:383 writeback:0 [ 190.300691][ T8458] slab_reclaimable:10428 slab_unreclaimable:94523 [ 190.300691][ T8458] mapped:24909 shmem:1362 pagetables:583 [ 190.300691][ T8458] sec_pagetables:0 bounce:0 [ 190.300691][ T8458] kernel_misc_reclaimable:0 [ 190.300691][ T8458] free:1364332 free_pcp:6266 free_cma:0 [ 190.347270][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.361440][ T8] usb 3-1: Product: syz [ 190.365688][ T8] usb 3-1: Manufacturer: syz [ 190.374572][ T8] usb 3-1: SerialNumber: syz [ 190.392244][ T8] usb 3-1: config 0 descriptor?? [ 190.397540][ T8458] Node 0 active_anon:23036kB inactive_anon:0kB active_file:4440kB inactive_file:161148kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99628kB dirty:1556kB writeback:0kB shmem:3912kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10640kB pagetables:2212kB sec_pagetables:0kB all_unreclaimable? no [ 190.460542][ T8458] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 190.521046][ T8458] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 190.549201][ T8458] lowmem_reserve[]: 0 2521 2522 2522 2522 [ 190.557778][ T8458] Node 0 DMA32 free:1543832kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:23100kB inactive_anon:0kB active_file:4440kB inactive_file:160316kB unevictable:1536kB writepending:1556kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:6940kB local_pcp:2380kB free_cma:0kB [ 190.617242][ T8458] lowmem_reserve[]: 0 0 0 0 0 [ 190.627360][ T8458] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 190.661932][ T8458] lowmem_reserve[]: 0 0 0 0 0 [ 190.666942][ T8458] Node 1 Normal free:3897884kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18564kB local_pcp:11808kB free_cma:0kB [ 190.716823][ T8458] lowmem_reserve[]: 0 0 0 0 0 [ 190.732897][ T8458] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 190.788627][ T8458] Node 0 DMA32: 431*4kB (UME) 848*8kB (UME) 480*16kB (UME) 675*32kB (UME) 288*64kB (UME) 68*128kB (UM) 30*256kB (UME) 11*512kB (UME) 3*1024kB (ME) 4*2048kB (UM) 355*4096kB (UM) = 1543580kB [ 190.908883][ T8458] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 190.950042][ T8458] Node 1 Normal: 217*4kB (UM) 53*8kB (UME) 35*16kB (UME) 57*32kB (UME) 15*64kB (UME) 4*128kB (UME) 4*256kB (UME) 5*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 948*4096kB (M) = 3897884kB [ 191.009344][ T8458] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 191.034872][ T8458] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 191.060448][ T8458] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 191.093916][ T8458] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 191.097441][ T5827] usb 3-1: USB disconnect, device number 13 [ 191.121214][ T8458] 42693 total pagecache pages [ 191.140162][ T8458] 0 pages in swap cache [ 191.144470][ T8458] Free swap = 124984kB [ 191.166269][ T8458] Total swap = 124996kB [ 191.184305][ T8458] 2097051 pages RAM [ 191.188218][ T8458] 0 pages HighMem/MovableOnly [ 191.218297][ T8458] 416927 pages reserved [ 191.237798][ T8458] 0 pages cma reserved [ 191.443408][ T8482] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 191.459341][ T8485] loop0: detected capacity change from 0 to 512 [ 191.524318][ T8485] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 191.550523][ T8485] ext4 filesystem being mounted at /299/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 191.668904][ T8485] EXT4-fs error (device loop0): ext4_xattr_block_get:597: inode #15: comm syz.0.1173: corrupted xattr block 33: e_value out of bounds [ 191.722089][ T8485] EXT4-fs (loop0): Remounting filesystem read-only [ 191.729539][ T28] audit: type=1800 audit(1775915904.791:3336): pid=8485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1173" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 191.835494][ T8496] netlink: 'syz.3.1177': attribute type 10 has an invalid length. [ 191.903168][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.923155][ T12] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 191.947944][ T12] Quota error (device loop0): write_blk: dquota write failed [ 191.960688][ T8496] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 191.974176][ T12] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries [ 192.010020][ T12] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 192.039948][ T12] Quota error (device loop0): write_blk: dquota write failed [ 192.047466][ T12] Quota error (device loop0): free_dqentry: Can't move quota data block (5) to free list [ 192.071158][ T12] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started [ 192.109960][ T12] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 192.356229][ T8512] loop1: detected capacity change from 0 to 512 [ 192.391014][ T8512] EXT4-fs: Ignoring removed oldalloc option [ 192.436214][ T8512] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1185: invalid indirect mapped block 4294967295 (level 1) [ 192.530253][ T8512] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1185: invalid indirect mapped block 4294967295 (level 1) [ 192.584228][ T8512] EXT4-fs (loop1): 2 truncates cleaned up [ 192.637804][ T8512] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 192.807865][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.044124][ T8531] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1194'. [ 193.080268][ T8531] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 193.185767][ T8535] ip6gre1: entered promiscuous mode [ 193.199751][ T8537] loop2: detected capacity change from 0 to 16 [ 193.207005][ T8535] ip6gre1: entered allmulticast mode [ 193.227206][ T8537] erofs: (device loop2): mounted with root inode @ nid 36. [ 193.748231][ T8555] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 193.784457][ T8555] CIFS mount error: No usable UNC path provided in device string! [ 193.784457][ T8555] [ 193.798270][ T8555] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 193.840127][ T8558] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 193.949916][ T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 194.105287][ T8567] loop3: detected capacity change from 0 to 4096 [ 194.165418][ T8569] netlink: 'syz.2.1211': attribute type 10 has an invalid length. [ 194.173423][ T9] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 194.173455][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.185085][ T9] usb 2-1: config 0 descriptor?? [ 194.221688][ T8569] team0: Device veth0_vlan is up. Set it down before adding it as a team port [ 194.234645][ T9] cp210x 2-1:0.0: cp210x converter detected [ 194.234866][ T8570] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 194.340718][ T5827] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 194.352041][ T5771] Bluetooth: hci2: command tx timeout [ 194.479444][ T9] usb 2-1: cp210x converter now attached to ttyUSB0 [ 194.539494][ T5827] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 194.549533][ T5827] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.589930][ T5827] usb 1-1: Product: syz [ 194.594203][ T5827] usb 1-1: Manufacturer: syz [ 194.598947][ T5827] usb 1-1: SerialNumber: syz [ 194.634572][ T5827] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 194.695615][ T5777] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 194.726685][ T8] usb 2-1: USB disconnect, device number 8 [ 194.747872][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.754591][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.791078][ T8] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 194.825441][ T8] cp210x 2-1:0.0: device disconnected [ 194.995246][ C1] usb 1-1: ath: unknown panic pattern! [ 195.256019][ T5827] usb 1-1: USB disconnect, device number 10 [ 195.471586][ T8582] loop2: detected capacity change from 0 to 32768 [ 195.536131][ T8582] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 195.589173][ T8582] XFS (loop2): Ending clean mount [ 195.603572][ T8] XFS (loop2): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x10 [ 195.640055][ T23] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 195.663292][ T8] XFS (loop2): Unmount and run xfs_repair [ 195.679415][ T8] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 195.710371][ T8] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff FIB3............ [ 195.724699][ T8] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10 ................ [ 195.742593][ T8] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d ..BNy.B..... ... [ 195.773156][ T8] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37 ..............@7 [ 195.781213][ T5777] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 195.800122][ T5777] ath9k_htc: Failed to initialize the device [ 195.807649][ T8602] loop3: detected capacity change from 0 to 512 [ 195.812587][ T5827] usb 1-1: ath9k_htc: USB layer deinitialized [ 195.815415][ T8] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 195.832437][ T23] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 195.860046][ T8] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 195.869492][ T8] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00 ................ [ 195.877510][ T23] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 195.894550][ T8602] EXT4-fs (loop3): orphan cleanup on readonly fs [ 195.901515][ T8] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 195.918390][ T8602] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 195.932758][ T8602] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 195.936018][ T8582] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x10 len 4 error 74 [ 195.951864][ T8602] EXT4-fs error (device loop3): ext4_acquire_dquot:6953: comm syz.3.1223: Failed to acquire dquot type 1 [ 195.980216][ T23] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 195.981423][ T8602] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 196.000722][ T8602] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 196.011058][ T8602] EXT4-fs error (device loop3): ext4_acquire_dquot:6953: comm syz.3.1223: Failed to acquire dquot type 1 [ 196.023597][ T8582] XFS (loop2): Failed to initialize disk quotas. [ 196.030648][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.058086][ T8586] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 196.083125][ T8602] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.1223: bg 0: block 248: padding at end of block bitmap is not set [ 196.087706][ T23] usb 2-1: Quirk or no altest; falling back to MIDI 1.0 [ 196.136565][ T8602] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 196.177900][ T8602] EXT4-fs error (device loop3): ext4_acquire_dquot:6953: comm syz.3.1223: Failed to acquire dquot type 1 [ 196.262659][ T8602] EXT4-fs (loop3): 1 orphan inode deleted [ 196.291292][ T8602] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 196.326374][ T5766] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 196.511533][ T8602] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 196.590372][ T5827] usb 2-1: USB disconnect, device number 9 [ 196.607972][ T8602] EXT4-fs: error -4 creating inode table initialization thread [ 196.688699][ T8602] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 196.700768][ T8611] binder: binder_mmap: 8609 200000001000-20000000b000 bad vm_flags failed -1 [ 196.723974][ T8602] ext4 filesystem being remounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 196.840010][ T8613] i2c i2c-0: Invalid block read size 255 [ 196.848108][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.098730][ T8621] loop0: detected capacity change from 0 to 764 [ 197.187926][ T8621] Symlink component flag not implemented [ 197.217998][ T8621] Symlink component flag not implemented [ 197.261482][ T8621] Symlink component flag not implemented (129) [ 197.280208][ T8621] Symlink component flag not implemented (6) [ 197.340916][ T8627] syz.2.1234 uses obsolete (PF_INET,SOCK_PACKET) [ 197.568169][ T8633] IPv6: sit1: Disabled Multicast RS [ 197.789026][ T8642] loop2: detected capacity change from 0 to 164 [ 197.861183][ T8642] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 198.263787][ T8655] loop3: detected capacity change from 0 to 2048 [ 198.304806][ T8655] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 198.640656][ T8666] netlink: 'syz.3.1251': attribute type 1 has an invalid length. [ 199.176605][ T8680] loop1: detected capacity change from 0 to 2048 [ 199.230790][ T8680] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 199.587311][ T8668] loop2: detected capacity change from 0 to 32768 [ 199.913655][ T8684] syz.0.1261 (8684): drop_caches: 2 [ 199.975556][ T8668] JBD2: Ignoring recovery information on journal [ 199.990103][ T23] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 200.026410][ T8668] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 200.196527][ T23] usb 2-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=c7.b3 [ 200.227643][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 200.246648][ T23] usb 2-1: Product: syz [ 200.257783][ T23] usb 2-1: Manufacturer: syz [ 200.270295][ T23] usb 2-1: SerialNumber: syz [ 200.286451][ T23] usb 2-1: config 0 descriptor?? [ 200.307077][ T23] cypress_cy7c63 2-1:0.0: Cypress CY7C63xxx device now attached [ 200.367325][ T5766] ocfs2: Unmounting device (7,2) on (node local) [ 200.561709][ T23] usb 2-1: USB disconnect, device number 10 [ 200.588961][ T23] cypress_cy7c63 2-1:0.0: Cypress CY7C63xxx device now disconnected [ 200.602828][ T8701] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1270'. [ 200.789558][ T8705] QAT: Stopping all acceleration devices. [ 200.947382][ T8711] loop0: detected capacity change from 0 to 512 [ 200.988978][ T8711] EXT4-fs (loop0): orphan cleanup on readonly fs [ 200.998835][ T8711] EXT4-fs error (device loop0): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.0.1274: EA inode 11 ref wraparound: ref_count=0 ref_change=-1 [ 201.033267][ T8711] EXT4-fs warning (device loop0): ext4_xattr_inode_dec_ref_all:1231: inode #11: comm syz.0.1274: ea_inode dec ref err=-117 [ 201.047114][ T8711] EXT4-fs (loop0): 1 orphan inode deleted [ 201.054483][ T8711] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 201.163236][ T8714] xt_TCPMSS: Only works on TCP SYN packets [ 201.171277][ T5765] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.436853][ T8723] loop2: detected capacity change from 0 to 1024 [ 201.631315][ T1114] hfsplus: b-tree write err: -5, ino 25 [ 201.650202][ T1114] hfsplus: b-tree write err: -5, ino 4 [ 201.656372][ T1114] hfsplus: b-tree write err: -5, ino 2 [ 202.131662][ T8746] loop3: detected capacity change from 0 to 8 [ 202.165229][ T8746] SQUASHFS error: Unable to read inode 0xa7 [ 202.311800][ T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 202.338893][ T8752] loop3: detected capacity change from 0 to 164 [ 202.377423][ T8754] comedi comedi1: pcl711: I/O port conflict (0x10000,16) [ 202.405041][ T8756] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1295'. [ 202.417895][ T8756] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1295'. [ 202.529985][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 202.568425][ T9] usb 2-1: config index 0 descriptor too short (expected 51443, got 18) [ 202.607413][ T9] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 202.647489][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.673398][ T9] usb 2-1: Product: syz [ 202.677794][ T9] usb 2-1: Manufacturer: syz [ 202.704889][ T9] usb 2-1: SerialNumber: syz [ 202.732996][ T9] r8152-cfgselector 2-1: config 0 descriptor?? [ 203.000493][ T9] usbip-host 2-1: 2-1 is not in match_busid table... skip! [ 203.203093][ T9] usb 2-1: USB disconnect, device number 11 [ 203.566918][ T8790] loop2: detected capacity change from 0 to 512 [ 203.594543][ T8790] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 203.612385][ T8790] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=42c028, mo2=0002] [ 203.620922][ T8790] EXT4-fs (loop2): orphan cleanup on readonly fs [ 203.650309][ T8790] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4059: comm syz.2.1313: Allocating blocks 41-42 which overlap fs metadata [ 203.675246][ T8790] EXT4-fs (loop2): Remounting filesystem read-only [ 203.683597][ T8790] __quota_error: 2 callbacks suppressed [ 203.683614][ T8790] Quota error (device loop2): write_blk: dquota write failed [ 203.697642][ T8790] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 203.708290][ T8790] EXT4-fs (loop2): 1 truncate cleaned up [ 203.735573][ T8790] EXT4-fs (loop2): pa ffff8880789e3658: logic 1, phys. 41, len 23 [ 203.750192][ T8790] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 203.961721][ T5766] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.230249][ T5827] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 204.420142][ T5827] usb 4-1: Using ep0 maxpacket: 8 [ 204.432485][ T5827] usb 4-1: config 64 has an invalid interface number: 19 but max is 0 [ 204.454181][ T5827] usb 4-1: config 64 has no interface number 0 [ 204.469961][ T5827] usb 4-1: config 64 interface 19 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 33 [ 204.509915][ T5827] usb 4-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0 [ 204.529514][ T5827] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.566785][ T8799] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 204.583092][ T5827] usb 4-1: probing VID:PID(2201:012C) [ 204.614579][ T5827] usb 4-1: vub300 testing BULK OUT EndPoint(0) 03 [ 204.630905][ T5827] usb 4-1: Could not find two sets of bulk-in/out endpoint pairs [ 204.691764][ T5827] vub300: probe of 4-1:64.19 failed with error -22 [ 204.767927][ T8821] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1327'. [ 204.868657][ T8] usb 4-1: USB disconnect, device number 10 [ 204.951247][ T8805] loop2: detected capacity change from 0 to 32768 [ 205.015759][ T8805] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 205.173954][ T8805] XFS (loop2): Ending clean mount [ 205.381066][ T5766] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 206.420636][ T8873] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1350'. [ 206.777821][ T8859] loop1: detected capacity change from 0 to 32768 [ 207.063037][ T5784] Bluetooth: hci1: command 0x0406 tx timeout [ 207.069469][ T5784] Bluetooth: hci3: command 0x0406 tx timeout [ 207.076921][ T5781] Bluetooth: hci2: command 0x0406 tx timeout [ 207.082516][ T5783] Bluetooth: hci0: command 0x0406 tx timeout [ 207.280035][ T8895] netlink: 'syz.0.1360': attribute type 28 has an invalid length. [ 207.935278][ T8910] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 207.982961][ T8877] syz.2.1352 (8877): drop_caches: 2 [ 208.170870][ T8916] netlink: 'syz.2.1370': attribute type 3 has an invalid length. [ 208.577530][ T28] audit: type=1326 audit(1775915921.641:3337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8930 comm="syz.3.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc61619c819 code=0x7ffc0000 [ 208.670405][ T28] audit: type=1326 audit(1775915921.641:3338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8930 comm="syz.3.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc61619c819 code=0x7ffc0000 [ 208.789947][ T28] audit: type=1326 audit(1775915921.671:3339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8930 comm="syz.3.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7fc61619c819 code=0x7ffc0000 [ 208.846406][ T28] audit: type=1326 audit(1775915921.671:3340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8930 comm="syz.3.1376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc61619c819 code=0x7ffc0000 [ 209.124343][ T8947] netlink: 'syz.2.1383': attribute type 3 has an invalid length. [ 209.555129][ T8955] erspan1: entered allmulticast mode [ 209.914329][ T8967] loop2: detected capacity change from 0 to 256 [ 210.060207][ T5809] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 210.175696][ T8939] syz.3.1378 (8939): drop_caches: 2 [ 210.216553][ T8967] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 210.270399][ T5809] usb 2-1: Using ep0 maxpacket: 32 [ 210.318919][ T5809] usb 2-1: config index 0 descriptor too short (expected 156, got 27) [ 210.340180][ T5809] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 210.377115][ T5809] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 210.400496][ T5809] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 210.440074][ T5809] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 210.472292][ T5809] usb 2-1: config 0 interface 0 has no altsetting 0 [ 210.499003][ T5809] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 210.535621][ T5809] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 210.558293][ T5809] usb 2-1: Product: syz [ 210.569871][ T5809] usb 2-1: Manufacturer: syz [ 210.574574][ T5809] usb 2-1: SerialNumber: syz [ 210.602428][ T5809] usb 2-1: config 0 descriptor?? [ 210.636839][ T5809] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 210.670300][ T5809] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 210.780107][ T8982] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1401'. [ 210.849267][ T8963] ldusb 2-1:0.0: Couldn't submit interrupt_in_urb -90 [ 210.894612][ T9] usb 2-1: USB disconnect, device number 12 [ 210.913952][ T9] ldusb 2-1:0.0: LD USB Device #0 now disconnected [ 210.966254][ T8987] x_tables: duplicate underflow at hook 3 [ 211.036696][ T8984] loop3: detected capacity change from 0 to 4096 [ 211.759992][ T9008] x_tables: unsorted entry at hook 2 [ 212.135531][ T9019] netlink: 'syz.2.1418': attribute type 3 has an invalid length. [ 212.149006][ T9019] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1418'. [ 212.306849][ T9023] loop1: detected capacity change from 0 to 128 [ 212.401427][ T9023] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 212.428502][ T9023] FAT-fs (loop1): Filesystem has been set read-only [ 212.888712][ T9038] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 212.917247][ T9039] loop0: detected capacity change from 0 to 764 [ 212.976126][ T9041] netlink: 'syz.2.1429': attribute type 1 has an invalid length. [ 212.988129][ T9039] Symlink component flag not implemented [ 212.994512][ T9041] netlink: 220 bytes leftover after parsing attributes in process `syz.2.1429'. [ 213.259210][ T9046] genirq: Flags mismatch irq 10. 00000000 (das16m1) vs. 00000080 (virtio2) [ 213.440142][ T9047] loop0: detected capacity change from 0 to 4096 [ 213.459087][ T9051] kAFS: unable to lookup cell '.,' [ 213.533298][ T9047] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 213.642912][ T9047] ntfs3: loop0: Failed to load $Extend (-22). [ 213.659417][ T9047] ntfs3: loop0: Failed to initialize $Extend. [ 213.706054][ T9059] netlink: 'syz.2.1438': attribute type 1 has an invalid length. [ 213.858961][ T9061] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 214.210026][ T9073] xt_CT: You must specify a L4 protocol and not use inversions on it [ 214.250035][ T9075] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1446'. [ 214.476610][ T9085] loop1: detected capacity change from 0 to 128 [ 214.542443][ T9085] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 214.652490][ T9085] EXT4-fs (loop1): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w. [ 214.672119][ T9092] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1453'. [ 214.687933][ T9085] ext4 filesystem being remounted at /332/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 214.702696][ T9095] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1455'. [ 214.727760][ T9092] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1453'. [ 214.762621][ T9092] netlink: 31 bytes leftover after parsing attributes in process `syz.0.1453'. [ 214.813112][ T9092] netlink: 'syz.0.1453': attribute type 2 has an invalid length. [ 214.869891][ T9092] netlink: 31 bytes leftover after parsing attributes in process `syz.0.1453'. [ 214.920595][ T5770] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 214.921542][ T9098] netlink: 'syz.3.1457': attribute type 1 has an invalid length. [ 214.964024][ T9098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1457'. [ 215.241498][ T9102] loop1: detected capacity change from 0 to 4096 [ 215.280118][ T9102] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 215.549926][ T9102] ntfs3: loop1: failed to convert "c46c" to cp437 [ 215.741363][ T9] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 215.773474][ T9124] loop2: detected capacity change from 0 to 256 [ 215.832883][ T9124] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 215.863822][ T9124] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 215.894763][ T9124] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c91aa, utbl_chksum : 0xe619d30d) [ 215.942211][ T9] usb 1-1: Using ep0 maxpacket: 32 [ 215.950706][ T9] usb 1-1: unable to get BOS descriptor or descriptor too short [ 215.971469][ T9] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 120, changing to 7 [ 216.019203][ T9] usb 1-1: string descriptor 0 read error: -22 [ 216.036141][ T9] usb 1-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice= 0.40 [ 216.055310][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.114647][ T9130] tc_dump_action: action bad kind [ 216.329731][ T9136] netlink: 'syz.2.1477': attribute type 64 has an invalid length. [ 216.358734][ T9] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 216.360938][ T9136] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1477'. [ 216.400660][ T9136] netlink: 'syz.2.1477': attribute type 64 has an invalid length. [ 216.570222][ T9] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 216.648133][ T9] usb 1-1: USB disconnect, device number 11 [ 216.687434][ T6606] udevd[6606]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 216.817429][ T9150] [U] Buq&a|&PK y [ 216.839749][ T9149] [U] [ 217.026585][ T9158] xt_TPROXY: Can be used only with -p tcp or -p udp [ 217.303025][ T9167] netlink: 'syz.3.1490': attribute type 10 has an invalid length. [ 217.350020][ T9167] macvlan0: entered promiscuous mode [ 217.355458][ T9167] macvlan0: entered allmulticast mode [ 217.393061][ T9167] veth1_vlan: entered allmulticast mode [ 217.428193][ T9167] team0: Port device macvlan0 added [ 217.546991][ T9172] loop0: detected capacity change from 0 to 4096 [ 217.574650][ T9172] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 217.588728][ T9174] loop2: detected capacity change from 0 to 4096 [ 217.604569][ T9174] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 217.837292][ T9174] ntfs3: loop2: failed to convert "c46c" to cp437 [ 217.896427][ T9172] ntfs3: loop0: failed to convert "c46c" to cp862 [ 218.759960][ T5827] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 218.950028][ T5827] usb 4-1: Using ep0 maxpacket: 32 [ 218.963177][ T5827] usb 4-1: unable to get BOS descriptor or descriptor too short [ 219.008233][ T5827] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 120, changing to 7 [ 219.050347][ T5827] usb 4-1: string descriptor 0 read error: -22 [ 219.060313][ T5827] usb 4-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice= 0.40 [ 219.069964][ T5827] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 219.127149][ T9206] __nla_validate_parse: 3 callbacks suppressed [ 219.127168][ T9206] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1507'. [ 219.318856][ T9196] loop0: detected capacity change from 0 to 32768 [ 219.326188][ T5827] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 219.525441][ T5827] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 219.594753][ T5827] usb 4-1: USB disconnect, device number 11 [ 219.685525][ T9216] loop1: detected capacity change from 0 to 128 [ 219.715127][ T9216] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 219.749493][ T9216] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 219.763498][ T9218] netlink: 'syz.2.1516': attribute type 10 has an invalid length. [ 219.789693][ T9218] macvlan0: entered promiscuous mode [ 219.795185][ T9218] macvlan0: entered allmulticast mode [ 219.825897][ T9218] veth1_vlan: entered allmulticast mode [ 219.844072][ T9218] team0: Port device macvlan0 added [ 220.032197][ T9224] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 220.042321][ T9224] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 220.408885][ T9235] netlink: 'syz.1.1524': attribute type 1 has an invalid length. [ 220.436083][ T9235] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.1524'. [ 220.609441][ T9239] loop3: detected capacity change from 0 to 512 [ 220.687645][ T9239] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1526: invalid indirect mapped block 256 (level 2) [ 220.784769][ T9239] EXT4-fs (loop3): 2 truncates cleaned up [ 220.799495][ T9239] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 221.031085][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.171394][ T9255] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1533'. [ 221.394415][ T9247] loop0: detected capacity change from 0 to 32768 [ 221.451988][ T9263] ip6tnl1: entered allmulticast mode [ 221.473948][ T9247] [ 221.473948][ T9247] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 221.473948][ T9247] [ 221.548814][ T9247] jfs_lookup: dtSearch returned -5 [ 221.696858][ T5765] [ 221.696858][ T5765] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 221.696858][ T5765] [ 221.728979][ T5765] [ 221.728979][ T5765] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 221.728979][ T5765] [ 222.000902][ T3444] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 222.009386][ T3444] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 222.039438][ T8] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 222.060208][ T8] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 222.219925][ T5777] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 222.307208][ T9285] loop1: detected capacity change from 0 to 4096 [ 222.416321][ T5777] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 222.449667][ T5777] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 248, changing to 7 [ 222.469717][ T9285] ntfs: volume version 3.1. [ 222.478537][ T5777] usb 3-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 222.502242][ T5777] usb 3-1: New USB device found, idVendor=2b73, idProduct=0017, bcdDevice= 0.40 [ 222.515205][ T5777] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.535093][ T5777] usb 3-1: Product: syz [ 222.539489][ T5777] usb 3-1: Manufacturer: syz [ 222.545034][ T5777] usb 3-1: SerialNumber: syz [ 222.550204][ T9293] netlink: 'syz.3.1550': attribute type 10 has an invalid length. [ 222.558098][ T9293] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1550'. [ 222.613613][ T9293] batman_adv: batadv0: Adding interface: vlan1 [ 222.622070][ T9285] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -28). [ 222.634804][ T9285] ntfs: (device loop1): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x43, attribute type 0x80, because the allocation of clusters failed with error code -28. [ 222.651294][ T9293] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.681272][ T8] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 222.729677][ T9293] batman_adv: batadv0: Interface activated: vlan1 [ 222.820280][ T42] ntfs: (device loop1): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 222.851095][ T5777] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 222.956443][ T5777] snd-usb-audio: probe of 3-1:1.0 failed with error -71 [ 223.004421][ T5777] usb 3-1: USB disconnect, device number 14 [ 223.120755][ T5941] udevd[5941]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 223.640324][ T28] audit: type=1326 audit(1775915936.701:3341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.2.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 223.728749][ T28] audit: type=1326 audit(1775915936.701:3342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.2.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 223.813341][ T28] audit: type=1326 audit(1775915936.701:3343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.2.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 223.877425][ T28] audit: type=1326 audit(1775915936.701:3344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.2.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fad59c819 code=0x7ffc0000 [ 223.944020][ T28] audit: type=1326 audit(1775915936.701:3345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.2.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9fad59e087 code=0x7ffc0000 [ 223.973122][ T28] audit: type=1326 audit(1775915936.701:3346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.2.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f9fad55d04e code=0x7ffc0000 [ 223.983459][ T5777] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 224.054516][ T9331] loop3: detected capacity change from 0 to 256 [ 224.063390][ T28] audit: type=1326 audit(1775915936.711:3347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.2.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f9fad55d04e code=0x7ffc0000 [ 224.235652][ T9331] FAT-fs (loop3): Directory bread(block 64) failed [ 224.246832][ T9331] FAT-fs (loop3): Directory bread(block 65) failed [ 224.254903][ T9331] FAT-fs (loop3): Directory bread(block 66) failed [ 224.263431][ T5777] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 224.294021][ T5777] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 224.303503][ T9331] FAT-fs (loop3): Directory bread(block 67) failed [ 224.324012][ T9331] FAT-fs (loop3): Directory bread(block 68) failed [ 224.332846][ T9331] FAT-fs (loop3): Directory bread(block 69) failed [ 224.339646][ T9331] FAT-fs (loop3): Directory bread(block 70) failed [ 224.344424][ T5777] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.362068][ T9331] FAT-fs (loop3): Directory bread(block 71) failed [ 224.369326][ T9331] FAT-fs (loop3): Directory bread(block 72) failed [ 224.380742][ T9331] FAT-fs (loop3): Directory bread(block 73) failed [ 224.393764][ T5777] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 225.473939][ T9353] loop2: detected capacity change from 0 to 32768 [ 225.484649][ T5777] stv0680 1-1:4.0: STV(e): camera ping failed!! [ 225.501545][ T9353] XFS: attr2 mount option is deprecated. [ 225.545514][ T9372] loop3: detected capacity change from 0 to 128 [ 225.562510][ T9372] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 225.577108][ T9372] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 225.598996][ T9353] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 225.672491][ T5777] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 225.706124][ T5777] stv0680 1-1:4.0: last error: 50, command = 0x65 [ 225.713078][ T23] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 225.751965][ T5777] usb 1-1: USB disconnect, device number 12 [ 225.770743][ T9353] XFS (loop2): Ending clean mount [ 225.802934][ T9353] XFS (loop2): Quotacheck needed: Please wait. [ 225.911048][ T23] usb 2-1: Using ep0 maxpacket: 16 [ 225.918215][ T9353] XFS (loop2): Quotacheck: Done. [ 225.932340][ T23] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 225.950036][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 225.964850][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.991743][ T23] usb 2-1: config 0 descriptor?? [ 226.011106][ T23] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 226.074311][ T5766] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 226.238904][ T23] usb 2-1: Detected FT232B [ 226.246924][ T9385] netlink: 209820 bytes leftover after parsing attributes in process `syz.3.1594'. [ 226.437911][ T23] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 226.448563][ T23] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 226.466942][ T23] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 226.503676][ T23] usb 2-1: USB disconnect, device number 13 [ 226.528925][ T23] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 226.580680][ T23] ftdi_sio 2-1:0.0: device disconnected [ 226.626911][ T9387] loop3: detected capacity change from 0 to 4096 [ 226.692411][ T9387] ntfs3: loop3: Failed to load $Extend (-22). [ 226.698604][ T9387] ntfs3: loop3: Failed to initialize $Extend. [ 227.193883][ T9402] netlink: 'syz.1.1602': attribute type 33 has an invalid length. [ 227.215169][ T9402] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1602'. [ 227.351583][ T9389] loop0: detected capacity change from 0 to 32768 [ 227.395481][ T9389] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 227.720948][ T9389] XFS (loop0): Ending clean mount [ 227.772388][ T9389] XFS (loop0): Quotacheck needed: Please wait. [ 227.948917][ T9389] XFS (loop0): Quotacheck: Done. [ 228.198878][ T5765] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 228.207572][ T9435] loop1: detected capacity change from 0 to 2048 [ 228.291836][ T9435] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 229.814406][ T9483] loop2: detected capacity change from 0 to 2048 [ 229.936819][ T9490] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 230.051596][ T9483] NILFS (loop2): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 230.069685][ T9483] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 230.092602][ T9483] Remounting filesystem read-only [ 230.108315][ T9483] NILFS (loop2): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 230.128338][ T9483] NILFS error (device loop2): nilfs_bmap_last_key: broken bmap (inode number=16) [ 230.138748][ T9483] NILFS (loop2): error -5 truncating bmap (ino=16) [ 230.269360][ T5766] NILFS (loop2): discard dirty page: offset=4096, ino=6 [ 230.311041][ T5766] NILFS (loop2): discard dirty block: blocknr=39, size=1024 [ 230.338872][ T5766] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 230.356639][ T9495] qrtr: Invalid version 0 [ 230.376122][ T5766] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 230.400830][ T5766] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 230.427248][ T5766] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 230.484194][ T9497] loop0: detected capacity change from 0 to 4096 [ 230.599903][ T9500] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 230.646739][ T9502] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1644'. [ 230.748727][ T9485] loop1: detected capacity change from 0 to 32768 [ 230.812741][ T9485] JBD2: Ignoring recovery information on journal [ 230.936475][ T9485] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 231.037034][ T9485] [ 231.039452][ T9485] ====================================================== [ 231.046514][ T9485] WARNING: possible circular locking dependency detected [ 231.053627][ T9485] syzkaller #0 Not tainted [ 231.058090][ T9485] ------------------------------------------------------ [ 231.065164][ T9485] syz.1.1639/9485 is trying to acquire lock: [ 231.071217][ T9485] ffff88805b0f5f58 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 231.084621][ T9485] [ 231.084621][ T9485] but task is already holding lock: [ 231.092034][ T9485] ffff88805b0f3ff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0 [ 231.101613][ T9485] [ 231.101613][ T9485] which lock already depends on the new lock. [ 231.101613][ T9485] [ 231.112058][ T9485] [ 231.112058][ T9485] the existing dependency chain (in reverse order) is: [ 231.121125][ T9485] [ 231.121125][ T9485] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 231.129122][ T9485] down_read+0x46/0x2e0 [ 231.133865][ T9485] ocfs2_init_acl+0x30a/0x770 [ 231.139137][ T9485] ocfs2_mknod+0x140f/0x2300 [ 231.144313][ T9485] ocfs2_mkdir+0x196/0x430 [ 231.149311][ T9485] vfs_mkdir+0x296/0x440 [ 231.154138][ T9485] do_mkdirat+0x1dc/0x450 [ 231.159036][ T9485] __x64_sys_mkdirat+0x89/0xa0 [ 231.164426][ T9485] do_syscall_64+0x55/0xa0 [ 231.169503][ T9485] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 231.175983][ T9485] [ 231.175983][ T9485] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 231.184569][ T9485] down_read+0x46/0x2e0 [ 231.189299][ T9485] ocfs2_start_trans+0x3a8/0x6f0 [ 231.194817][ T9485] ocfs2_modify_bh+0xe4/0x4c0 [ 231.200122][ T9485] ocfs2_local_read_info+0x1445/0x1800 [ 231.206241][ T9485] dquot_load_quota_sb+0x757/0xb80 [ 231.211942][ T9485] dquot_load_quota_inode+0x2dc/0x5d0 [ 231.217899][ T9485] ocfs2_enable_quotas+0x1c9/0x490 [ 231.223591][ T9485] ocfs2_fill_super+0x417d/0x5010 [ 231.229185][ T9485] mount_bdev+0x221/0x2d0 [ 231.234091][ T9485] legacy_get_tree+0xea/0x180 [ 231.239351][ T9485] vfs_get_tree+0x8c/0x280 [ 231.244340][ T9485] do_new_mount+0x24b/0xa40 [ 231.249410][ T9485] __se_sys_mount+0x2e7/0x3d0 [ 231.254657][ T9485] do_syscall_64+0x55/0xa0 [ 231.259641][ T9485] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 231.266195][ T9485] [ 231.266195][ T9485] -> #2 (sb_internal#3){.+.+}-{0:0}: [ 231.273751][ T9485] ocfs2_start_trans+0x2a9/0x6f0 [ 231.279262][ T9485] ocfs2_reserve_suballoc_bits+0x7ad/0x44c0 [ 231.285810][ T9485] ocfs2_reserve_new_metadata_blocks+0x416/0x9a0 [ 231.292702][ T9485] ocfs2_extend_dir+0xcca/0x48b0 [ 231.298207][ T9485] ocfs2_prepare_dir_for_insert+0x315b/0x56b0 [ 231.304847][ T9485] ocfs2_mknod+0x81b/0x2300 [ 231.309927][ T9485] ocfs2_mkdir+0x196/0x430 [ 231.314943][ T9485] vfs_mkdir+0x296/0x440 [ 231.319758][ T9485] do_mkdirat+0x1dc/0x450 [ 231.324664][ T9485] __x64_sys_mkdirat+0x89/0xa0 [ 231.330386][ T9485] do_syscall_64+0x55/0xa0 [ 231.335475][ T9485] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 231.342229][ T9485] [ 231.342229][ T9485] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}: [ 231.352835][ T9485] down_write+0x97/0x200 [ 231.357666][ T9485] ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 231.364236][ T9485] ocfs2_reserve_clusters_with_limit+0x3bd/0xc20 [ 231.371148][ T9485] ocfs2_reserve_suballoc_bits+0x78b/0x44c0 [ 231.377626][ T9485] ocfs2_reserve_new_metadata_blocks+0x416/0x9a0 [ 231.384543][ T9485] ocfs2_extend_dir+0xcca/0x48b0 [ 231.390074][ T9485] ocfs2_prepare_dir_for_insert+0x315b/0x56b0 [ 231.396732][ T9485] ocfs2_mknod+0x81b/0x2300 [ 231.401825][ T9485] ocfs2_mkdir+0x196/0x430 [ 231.406832][ T9485] vfs_mkdir+0x296/0x440 [ 231.411747][ T9485] do_mkdirat+0x1dc/0x450 [ 231.416667][ T9485] __x64_sys_mkdirat+0x89/0xa0 [ 231.422003][ T9485] do_syscall_64+0x55/0xa0 [ 231.426997][ T9485] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 231.433652][ T9485] [ 231.433652][ T9485] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}: [ 231.444244][ T9485] __lock_acquire+0x2df1/0x7d40 [ 231.449689][ T9485] lock_acquire+0x19e/0x420 [ 231.454782][ T9485] down_write+0x97/0x200 [ 231.459610][ T9485] ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 231.466076][ T9485] ocfs2_reserve_new_metadata_blocks+0x416/0x9a0 [ 231.472979][ T9485] ocfs2_init_xattr_set_ctxt+0x30b/0x710 [ 231.479191][ T9485] ocfs2_xattr_set+0xc3f/0x13e0 [ 231.484663][ T9485] ocfs2_set_acl+0x4e1/0x590 [ 231.489831][ T9485] ocfs2_iop_set_acl+0x1b2/0x2b0 [ 231.495338][ T9485] vfs_set_acl+0x803/0xa60 [ 231.500333][ T9485] do_set_acl+0xf5/0x180 [ 231.505156][ T9485] path_setxattr+0x41d/0x5d0 [ 231.510323][ T9485] __x64_sys_setxattr+0xbb/0xd0 [ 231.515752][ T9485] do_syscall_64+0x55/0xa0 [ 231.520743][ T9485] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 231.527264][ T9485] [ 231.527264][ T9485] other info that might help us debug this: [ 231.527264][ T9485] [ 231.537534][ T9485] Chain exists of: [ 231.537534][ T9485] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2 --> &journal->j_trans_barrier --> &oi->ip_xattr_sem [ 231.537534][ T9485] [ 231.554574][ T9485] Possible unsafe locking scenario: [ 231.554574][ T9485] [ 231.562079][ T9485] CPU0 CPU1 [ 231.567495][ T9485] ---- ---- [ 231.572989][ T9485] lock(&oi->ip_xattr_sem); [ 231.577891][ T9485] lock(&journal->j_trans_barrier); [ 231.585840][ T9485] lock(&oi->ip_xattr_sem); [ 231.593394][ T9485] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2); [ 231.600915][ T9485] [ 231.600915][ T9485] *** DEADLOCK *** [ 231.600915][ T9485] [ 231.609113][ T9485] 3 locks held by syz.1.1639/9485: [ 231.614377][ T9485] #0: ffff88801eec2418 (sb_writers#21){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 231.623699][ T9485] #1: ffff88805b0f42d8 (&type->i_mutex_dir_key#20){+.+.}-{3:3}, at: vfs_set_acl+0x37a/0xa60 [ 231.634101][ T9485] #2: ffff88805b0f3ff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0 [ 231.644111][ T9485] [ 231.644111][ T9485] stack backtrace: [ 231.650037][ T9485] CPU: 0 PID: 9485 Comm: syz.1.1639 Not tainted syzkaller #0 [ 231.657465][ T9485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 231.667576][ T9485] Call Trace: [ 231.671005][ T9485] [ 231.674076][ T9485] dump_stack_lvl+0x18c/0x250 [ 231.678838][ T9485] ? load_image+0x420/0x420 [ 231.683413][ T9485] ? show_regs_print_info+0x20/0x20 [ 231.688688][ T9485] ? print_circular_bug+0x12b/0x1a0 [ 231.693958][ T9485] check_noncircular+0x2fc/0x400 [ 231.698960][ T9485] ? look_up_lock_class+0x75/0x140 [ 231.704181][ T9485] ? print_deadlock_bug+0x5d0/0x5d0 [ 231.709443][ T9485] ? lockdep_lock+0xf5/0x230 [ 231.714094][ T9485] ? _find_first_zero_bit+0xd3/0x100 [ 231.719440][ T9485] __lock_acquire+0x2df1/0x7d40 [ 231.724372][ T9485] ? __lock_acquire+0x7d40/0x7d40 [ 231.729467][ T9485] ? verify_lock_unused+0x140/0x140 [ 231.734729][ T9485] ? __mutex_unlock_slowpath+0x1b4/0x6c0 [ 231.740423][ T9485] ? do_raw_spin_lock+0x11f/0x2c0 [ 231.745506][ T9485] ? mutex_unlock+0x10/0x10 [ 231.750070][ T9485] lock_acquire+0x19e/0x420 [ 231.754681][ T9485] ? ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 231.760809][ T9485] ? ocfs2_get_system_file_inode+0x202/0x850 [ 231.766861][ T9485] ? __might_sleep+0xe0/0xe0 [ 231.771564][ T9485] ? read_lock_is_recursive+0x20/0x20 [ 231.777022][ T9485] ? ocfs2_fast_symlink_read_folio+0x550/0x550 [ 231.783253][ T9485] ? verify_lock_unused+0x140/0x140 [ 231.788512][ T9485] ? check_noncircular+0x18a/0x400 [ 231.793794][ T9485] down_write+0x97/0x200 [ 231.798104][ T9485] ? ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 231.804226][ T9485] ? down_read_killable+0x340/0x340 [ 231.809577][ T9485] ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 231.815534][ T9485] ? mark_lock+0x94/0x320 [ 231.820013][ T9485] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 231.826149][ T9485] ? lock_chain_count+0x20/0x20 [ 231.831076][ T9485] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 231.837035][ T9485] ? lockdep_hardirqs_on+0x98/0x150 [ 231.842305][ T9485] ? ocfs2_block_group_search+0x470/0x470 [ 231.848093][ T9485] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 231.854111][ T9485] ? _raw_spin_unlock+0x40/0x40 [ 231.859039][ T9485] ? stack_trace_save+0xaa/0x100 [ 231.864052][ T9485] ? stack_trace_snprint+0xf0/0xf0 [ 231.869228][ T9485] ? __stack_depot_save+0x560/0x630 [ 231.874664][ T9485] ? kasan_set_track+0x5f/0x70 [ 231.879483][ T9485] ? kasan_set_track+0x4e/0x70 [ 231.884300][ T9485] ? __kasan_kmalloc+0x8f/0xa0 [ 231.889121][ T9485] ? ocfs2_reserve_new_metadata_blocks+0x10d/0x9a0 [ 231.895747][ T9485] ? ocfs2_init_xattr_set_ctxt+0x30b/0x710 [ 231.901723][ T9485] ? ocfs2_xattr_set+0xc3f/0x13e0 [ 231.906816][ T9485] ? ocfs2_set_acl+0x4e1/0x590 [ 231.911632][ T9485] ? ocfs2_iop_set_acl+0x1b2/0x2b0 [ 231.916800][ T9485] ? vfs_set_acl+0x803/0xa60 [ 231.921450][ T9485] ? do_set_acl+0xf5/0x180 [ 231.925936][ T9485] ? path_setxattr+0x41d/0x5d0 [ 231.930767][ T9485] ? __x64_sys_setxattr+0xbb/0xd0 [ 231.935885][ T9485] ? do_syscall_64+0x55/0xa0 [ 231.940528][ T9485] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 231.946688][ T9485] ocfs2_reserve_new_metadata_blocks+0x416/0x9a0 [ 231.953086][ T9485] ? ocfs2_init_steal_slots+0x160/0x160 [ 231.958720][ T9485] ? ocfs2_xattr_block_set+0x2e30/0x2e30 [ 231.964436][ T9485] ocfs2_init_xattr_set_ctxt+0x30b/0x710 [ 231.970145][ T9485] ? ocfs2_xattr_set+0xc05/0x13e0 [ 231.975245][ T9485] ? ocfs2_prepare_refcount_xattr+0xff0/0xff0 [ 231.981493][ T9485] ? ocfs2_truncate_log_needs_flush+0x130/0x310 [ 231.987804][ T9485] ? ocfs2_remove_btree_range+0x15e0/0x15e0 [ 231.993769][ T9485] ? down_write+0x16e/0x200 [ 231.998327][ T9485] ? down_read_killable+0x340/0x340 [ 232.003588][ T9485] ? up_write+0x1c3/0x410 [ 232.007971][ T9485] ocfs2_xattr_set+0xc3f/0x13e0 [ 232.012916][ T9485] ? __ocfs2_xattr_set_handle+0xf40/0xf40 [ 232.018720][ T9485] ? __kasan_kmalloc+0x8f/0xa0 [ 232.023544][ T9485] ? ocfs2_set_acl+0x11e/0x590 [ 232.028357][ T9485] ? ocfs2_iop_set_acl+0x1b2/0x2b0 [ 232.033562][ T9485] ? vfs_set_acl+0x803/0xa60 [ 232.038219][ T9485] ? path_setxattr+0x41d/0x5d0 [ 232.043046][ T9485] ? do_syscall_64+0x55/0xa0 [ 232.047742][ T9485] ? ocfs2_set_acl+0x11e/0x590 [ 232.052558][ T9485] ? rcu_is_watching+0x15/0xb0 [ 232.057382][ T9485] ? ocfs2_set_acl+0x11e/0x590 [ 232.062200][ T9485] ? __kmalloc+0xe2/0x230 [ 232.066598][ T9485] ? ocfs2_inode_lock_atime+0x530/0x530 [ 232.072209][ T9485] ocfs2_set_acl+0x4e1/0x590 [ 232.076858][ T9485] ocfs2_iop_set_acl+0x1b2/0x2b0 [ 232.081855][ T9485] ? ocfs2_xattr_get+0x260/0x260 [ 232.086843][ T9485] ? evm_inode_set_acl+0xbc/0x430 [ 232.092020][ T9485] ? down_read_killable+0x340/0x340 [ 232.097278][ T9485] ? evm_revalidate_status+0x4f/0xb0 [ 232.102632][ T9485] ? posix_acl_valid+0x352/0x3d0 [ 232.107640][ T9485] vfs_set_acl+0x803/0xa60 [ 232.112115][ T9485] do_set_acl+0xf5/0x180 [ 232.116419][ T9485] path_setxattr+0x41d/0x5d0 [ 232.121080][ T9485] ? simple_xattrs_free+0x150/0x150 [ 232.126386][ T9485] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 232.132433][ T9485] ? lock_chain_count+0x20/0x20 [ 232.137437][ T9485] __x64_sys_setxattr+0xbb/0xd0 [ 232.142351][ T9485] do_syscall_64+0x55/0xa0 [ 232.146820][ T9485] ? clear_bhb_loop+0x40/0x90 [ 232.151557][ T9485] ? clear_bhb_loop+0x40/0x90 [ 232.156293][ T9485] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 232.162240][ T9485] RIP: 0033:0x7f4645f9c819 [ 232.166729][ T9485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 232.186405][ T9485] RSP: 002b:00007f4646d99028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 232.194878][ T9485] RAX: ffffffffffffffda RBX: 00007f4646215fa0 RCX: 00007f4645f9c819 [ 232.202904][ T9485] RDX: 00002000000003c0 RSI: 0000200000002a40 RDI: 0000200000002a00 [ 232.210935][ T9485] RBP: 00007f4646032c91 R08: 0000000000000002 R09: 0000000000000000 [ 232.218961][ T9485] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000000 [ 232.226979][ T9485] R13: 00007f4646216038 R14: 00007f4646215fa0 R15: 00007ffdf2a61548 [ 232.235011][ T9485] [ 232.324626][ T5770] ocfs2: Unmounting device (7,1) on (node local) [ 233.780126][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!