last executing test programs: 2.467679471s ago: executing program 1 (id=3448): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) wait4(0x0, 0x0, 0x4, 0x0) 2.261258915s ago: executing program 1 (id=3452): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0100000003000000ec0b000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0xf, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xe}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x16}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.935738407s ago: executing program 1 (id=3454): r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$llc_int(r0, 0x10c, 0x2, &(0x7f0000000000)=0xa846, 0x4) 1.764751509s ago: executing program 1 (id=3456): syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x1000801, &(0x7f0000000140)=ANY=[], 0x2, 0x22d, &(0x7f0000000a40)="$eJzslb9v00AUx793dpy0gkoMMLCkQyWKRB3bBdSFoexISC0Cxoheq4DbVGmGthJSKxYWZsQfwMbM0ImBDSZmBkBCYqAjC0gcuvM5Ptd22igIhr6PlMv33t27H8/PzyAI4tTy5fOPT89uLixfAXAGM6gb+zcnm8Ot+R9fODUj325MPT6whhqqYQCkzIzuMft7AN4sOsBesqyUmfcr86/WXAbHjOnfAcdlo++CwU/PKjNvAYb7xvxwUw5u050wIhbsQTdeWe3EIlBNqJpotfOyljufOv/hPsOKuaDagVnjWzu7j9ox0EtELFJRk+k+haFUJDcDSoZyYlj89PkWOW5YIVDP697TJ/uq7xt7YMUvBEdo9DwYloxeQB2+7zdNV4TW/S+62fpO8tgS9qrPXRSNUSaPL87N5SzTUEJl+HD3iVio2/61Y/yWQ+bUR16Qmazycin476JansrA6F68WfTyius0zEW1RRzzkpxgd3bUwuyUuHB48K7o9fW/hnc8ARNAe+i5CtSHyTi+Vep1PmeZrnhlPJzVJaEyJZL6wVzgklWfXOur0Oqvb7a2dnbnOuvtNbEmNqJo/npwNQiuRS1dm5PWLndH6l9D16dJa/1aRa30mIftdr/fC7eBfi8c9KOktZJp6XX3u/bhuv5xzP6SMv286Bcv/VCy/B7M/Lj+V2rWqTgOQRAEQRAEQRAEQRAEQRDECfhp6SYY3k8NurIcN7qth/8EAAD//7LLT5w=") openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) 1.247836284s ago: executing program 2 (id=3463): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0100000003000000ec0b000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0xf, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xe}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x16}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.242991495s ago: executing program 1 (id=3471): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, 0x0, &(0x7f0000000080)) 1.182554889s ago: executing program 3 (id=3464): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2080062, &(0x7f0000000a80)={[{@resuid}], [{@dont_measure}, {@fsuuid={'fsuuid', 0x3d, {[0x63, 0x34, 0x62, 0x31, 0x63, 0x55, 0x33], 0x2d, [0x2, 0x36, 0x61, 0x34], 0x2d, [0x36, 0x65, 0x32, 0x31], 0x2d, [0x65, 0x35, 0x61, 0x34], 0x2d, [0x31, 0x65, 0x63, 0x38, 0x30, 0x33, 0x62, 0x39]}}}]}, 0x6, 0x50d, &(0x7f0000008340)="$eJzs3c9vI1cdAPDvOHabdANOC4dSiXZpt0oRrJM0/RFxKF0J6KkSotyzIXGiKE68Spx2E62oV/wBBbQCJE6cuCDxByDB/gkIaSW47Rm0gix74IKMZmxvEscOCevEbPz5SC/z5j3PfL/PP+d5RnEAQ+tyRLwfESMR8XpEFFvtuVaJerOkt3u4d2sxLUk0Gh/9PYmk1da5z0utzVLf+yDiB8nRuFs7u2sLlUp583Dz7tXV9YWV8kp5Y3Z25p25d+fenps+4UiS/HG94xHx3rce/eyzX3/nvd9//ZP7839744dpWtdb/d3G0Q/NoRditN1QP4sog5M+b/LZCAEAeBpciYgXIuLViPhqFGMkjj2MBgAAAJ5CjW+OP9uuAgAAABdTLrs2NsmVsut98zEeuVyp1LyG94vxXK5S3ap9bbm6vbHUvIZ2Igq55dVKebp1rfBEFJJ0fSar76+/2bE+GxHPR8Sd4li6nvUBAAAA5+PSofl/xKNic/4PAAAAXDBOxgMAAMDFd8L5/x/OOg8AAADg7Dj/DwAAABfadz/8MC2Nh3u3st8BWPp4Z3ut+vHVpfLWWml9e7G0WN28UVqpVlcq5dJIe6vev/ZcqVZvvBUb2zenavmt2tTWzu78enV7ozaf/a73fPmFcxoXAAAAsO/5V+7+JYmI+jfGspJ6ptXXe5YPDJkk39Fw/SsDygToi5HTbnB5+2wSAc5d52c6MDzM8YGks6HjwGA0a/nsJ0c2/OPpYznmAACAwZj8kvP/MKxyg04AGJgfDzoBYGDyDvNhaBVOfwUgcMF88F/6R3t1nPj8f6NxqoQAAIC+G28u6tE6FzgeuVyp9Pi0YLK8WilPR8TnI+LPxcKz6frMAPMFAAAAAAAAAAAAAAAAAAAAAAAAgKdRo5FEAwAAALjQInJ/TSIiLZPFK+Od3w88k/yrmC0j4pNffvTzmwu12uZM2v6Px+21X7Ta3xzENxgAAAAwjArH9rbn6e15PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD008O9W4vtcp5xH1yLsZjoFj8fo9lyNAoR8dw/k8gf2C6JiJE+xK/fjogXu8VP0rRiopVFZ/xcRIwNOP6lPsSHYXb3WkS83+31l4vL2bL76y/fKk/qwbXsRd41fvv9b6TH+9/nThjjpXu/neps+9FoK/7tiJfy3d9/2vGTHvFf6xWwcHj1+vd3d3vdtPGriMmunz/JoVhTtfUbU1s7u1dX1xdWyivljdnZmXfm3p17e256anm1Um797Rrjp1/+Xf1Oj/gPbuey5cH47XFONDP8tNf4r/QaVId/37u594VmtXA0fsQbr3V//F/Mlt3v//Q58XrrcyDtn2zX6836QS//5k8v98otjb/U4/5vPv7FRq/xn9CRMe/79OR7AQD6Zmtnd22hUilvnkPl1bf6t8PknHJW6VEZ/f9I47wr336yzaO82T4cfpL93E8rjaQP40rnDFlirSP6A6kCAAAXzP58YNCZAAAAAAAAAAAAAAAAAAAAwPD6n/552Cun26ozZn0wQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONZ/AgAA///0I8e2") process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 1.181843869s ago: executing program 0 (id=3473): r0 = syz_open_dev$vivid(&(0x7f0000000040), 0x2, 0x2) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000240)=@userptr={0xc00000, 0x8, 0x4, 0x201, 0x0, {}, {0x2, 0x1, 0x0, 0xa4, 0x4, 0x2, "1b4e4466"}, 0x10001, 0x2, {0x0}, 0x4}) 1.089592875s ago: executing program 1 (id=3465): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f0000000240)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@inode64}, {@heartbeat_none}, {@inode64}]}, 0x0, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000580)={{}, {0x1, 0x2}, [], {}, [], {0x10, 0x4}, {0x20, 0x7}}, 0x24, 0x0) 1.003835492s ago: executing program 0 (id=3466): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)={0x2, 0x18, 0xfc, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@multicast2}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}]}, 0xa0}}, 0x0) 1.003706231s ago: executing program 2 (id=3467): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="b70700000000000063115f0000000000070000000000000095000000000000001b95fc1a7c"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23) 896.077599ms ago: executing program 3 (id=3468): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x4, 0x7, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000900)=@framed={{0x18, 0x3}, [@map_fd={0x18, 0x2, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x1b}]}, &(0x7f0000000000)='GPL\x00'}, 0x80) 813.029704ms ago: executing program 0 (id=3469): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000100)={[{@journal_dev={'journal_dev', 0x3d, 0x6}}, {@debug}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") rmdir(&(0x7f00000004c0)='./file0\x00') 812.934974ms ago: executing program 2 (id=3470): r0 = socket(0x40000000015, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000240)={r0}) 723.3139ms ago: executing program 3 (id=3472): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000005c00), 0x8a140, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xa2) 673.946324ms ago: executing program 2 (id=3474): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/partitions\x00', 0x0, 0x0) preadv(r0, &(0x7f0000001500)=[{&(0x7f00000002c0)=""/4084, 0xff4}], 0x1, 0x202, 0x0) 579.70421ms ago: executing program 3 (id=3475): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x4c, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast2}}}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20008004}, 0x4) 507.498045ms ago: executing program 0 (id=3476): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000740)=@get={0x1, &(0x7f0000000680)=""/173, 0x9}) 408.642682ms ago: executing program 2 (id=3477): r0 = socket(0x1, 0x2, 0x0) getsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000004480), &(0x7f00000044c0)=0x4) 353.037916ms ago: executing program 3 (id=3478): r0 = syz_open_dev$video4linux(&(0x7f0000001380), 0x800000000005, 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040564a, &(0x7f0000000000)={0x0, 0x0, 0x300a}) 235.527824ms ago: executing program 2 (id=3479): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2080062, &(0x7f0000000a80)={[{@resuid}], [{@dont_measure}, {@fsuuid={'fsuuid', 0x3d, {[0x63, 0x34, 0x62, 0x31, 0x63, 0x55, 0x33], 0x2d, [0x2, 0x36, 0x61, 0x34], 0x2d, [0x36, 0x65, 0x32, 0x31], 0x2d, [0x65, 0x35, 0x61, 0x34], 0x2d, [0x31, 0x65, 0x63, 0x38, 0x30, 0x33, 0x62, 0x39]}}}]}, 0x6, 0x50d, &(0x7f0000008340)="$eJzs3c9vI1cdAPDvOHabdANOC4dSiXZpt0oRrJM0/RFxKF0J6KkSotyzIXGiKE68Spx2E62oV/wBBbQCJE6cuCDxByDB/gkIaSW47Rm0gix74IKMZmxvEscOCevEbPz5SC/z5j3PfL/PP+d5RnEAQ+tyRLwfESMR8XpEFFvtuVaJerOkt3u4d2sxLUk0Gh/9PYmk1da5z0utzVLf+yDiB8nRuFs7u2sLlUp583Dz7tXV9YWV8kp5Y3Z25p25d+fenps+4UiS/HG94xHx3rce/eyzX3/nvd9//ZP7839744dpWtdb/d3G0Q/NoRditN1QP4sog5M+b/LZCAEAeBpciYgXIuLViPhqFGMkjj2MBgAAAJ5CjW+OP9uuAgAAABdTLrs2NsmVsut98zEeuVyp1LyG94vxXK5S3ap9bbm6vbHUvIZ2Igq55dVKebp1rfBEFJJ0fSar76+/2bE+GxHPR8Sd4li6nvUBAAAA5+PSofl/xKNic/4PAAAAXDBOxgMAAMDFd8L5/x/OOg8AAADg7Dj/DwAAABfadz/8MC2Nh3u3st8BWPp4Z3ut+vHVpfLWWml9e7G0WN28UVqpVlcq5dJIe6vev/ZcqVZvvBUb2zenavmt2tTWzu78enV7ozaf/a73fPmFcxoXAAAAsO/5V+7+JYmI+jfGspJ6ptXXe5YPDJkk39Fw/SsDygToi5HTbnB5+2wSAc5d52c6MDzM8YGks6HjwGA0a/nsJ0c2/OPpYznmAACAwZj8kvP/MKxyg04AGJgfDzoBYGDyDvNhaBVOfwUgcMF88F/6R3t1nPj8f6NxqoQAAIC+G28u6tE6FzgeuVyp9Pi0YLK8WilPR8TnI+LPxcKz6frMAPMFAAAAAAAAAAAAAAAAAAAAAAAAgKdRo5FEAwAAALjQInJ/TSIiLZPFK+Od3w88k/yrmC0j4pNffvTzmwu12uZM2v6Px+21X7Ta3xzENxgAAAAwjArH9rbn6e15PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD008O9W4vtcp5xH1yLsZjoFj8fo9lyNAoR8dw/k8gf2C6JiJE+xK/fjogXu8VP0rRiopVFZ/xcRIwNOP6lPsSHYXb3WkS83+31l4vL2bL76y/fKk/qwbXsRd41fvv9b6TH+9/nThjjpXu/neps+9FoK/7tiJfy3d9/2vGTHvFf6xWwcHj1+vd3d3vdtPGriMmunz/JoVhTtfUbU1s7u1dX1xdWyivljdnZmXfm3p17e256anm1Um797Rrjp1/+Xf1Oj/gPbuey5cH47XFONDP8tNf4r/QaVId/37u594VmtXA0fsQbr3V//F/Mlt3v//Q58XrrcyDtn2zX6836QS//5k8v98otjb/U4/5vPv7FRq/xn9CRMe/79OR7AQD6Zmtnd22hUilvnkPl1bf6t8PknHJW6VEZ/f9I47wr336yzaO82T4cfpL93E8rjaQP40rnDFlirSP6A6kCAAAXzP58YNCZAAAAAAAAAAAAAAAAAAAAwPD6n/552Cun26ozZn0wQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONZ/AgAA///0I8e2") process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 213.467815ms ago: executing program 3 (id=3480): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4a20, 0x8, @mcast2={0xff, 0x5}, 0xffffffff}, 0x1c) 170.988889ms ago: executing program 0 (id=3481): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]}) munlockall() 0s ago: executing program 0 (id=3482): r0 = socket(0x40000000015, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000240)={r0}) kernel console output (not intermixed with test programs): 86] usb 3-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 233.300052][ T786] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 233.311625][ T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.320524][ T786] usb 3-1: Product: syz [ 233.324691][ T786] usb 3-1: Manufacturer: syz [ 233.329880][ T786] usb 3-1: SerialNumber: syz [ 233.337129][ T786] usb 3-1: config 0 descriptor?? [ 233.347228][ T786] yurex 3-1:0.50: USB YUREX device now attached to Yurex #0 [ 233.432965][ T23] usb 4-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 233.442425][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.450603][ T23] usb 4-1: Product: syz [ 233.455356][ T23] usb 4-1: Manufacturer: syz [ 233.460294][ T23] usb 4-1: SerialNumber: syz [ 233.467469][ T23] r8152-cfgselector 4-1: config 0 descriptor?? [ 233.594630][ C1] yurex 3-1:0.50: yurex_interrupt - overflow with length 8, actual length is 8 [ 233.797474][ T786] usb 3-1: USB disconnect, device number 15 [ 233.805852][ T786] yurex 3-1:0.50: USB YUREX #0 now disconnected [ 233.888064][ T23] r8152-cfgselector 4-1: Unknown version 0x0000 [ 233.896837][ T23] r8152-cfgselector 4-1: USB disconnect, device number 15 [ 234.645181][T10488] loop3: detected capacity change from 0 to 4096 [ 234.735585][T10488] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 234.774215][T10488] ntfs3: loop3: Failed to load $Extend (-22). [ 234.791675][T10488] ntfs3: loop3: Failed to initialize $Extend. [ 235.079232][T10508] loop0: detected capacity change from 0 to 4096 [ 235.118165][ T8101] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 235.179098][T10508] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 235.206981][T10508] ntfs3: loop0: Failed to load $Extend (-22). [ 235.208652][ T23] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 235.213451][T10508] ntfs3: loop0: Failed to initialize $Extend. [ 235.350488][ T8101] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 235.367371][ T8101] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.381002][T10514] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2162'. [ 235.395508][ T8101] usb 3-1: config 0 descriptor?? [ 235.416751][ T23] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 235.436960][ T23] usb 2-1: config 0 has no interface number 0 [ 235.453920][ T23] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 235.484937][ T23] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 235.512209][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.528252][ T23] usb 2-1: Product: syz [ 235.536209][ T23] usb 2-1: Manufacturer: syz [ 235.545674][ T23] usb 2-1: SerialNumber: syz [ 235.557280][ T23] usb 2-1: config 0 descriptor?? [ 235.583744][ T23] yurex 2-1:0.50: USB YUREX device now attached to Yurex #0 [ 235.717381][T10522] exfat: Deprecated parameter 'debug' [ 235.734228][T10522] syz.0.2165: attempt to access beyond end of device [ 235.734228][T10522] loop0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 235.747219][T10522] exFAT-fs (loop0): unable to read boot sector [ 235.753802][T10522] exFAT-fs (loop0): failed to read boot sector [ 235.760113][T10522] exFAT-fs (loop0): failed to recognize exfat type [ 235.831402][ T8101] [drm:udl_init] *ERROR* Selecting channel failed [ 235.838961][ C1] yurex 2-1:0.50: yurex_interrupt - overflow with length 8, actual length is 8 [ 235.883753][ T8101] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 235.918252][ T8101] [drm] Initialized udl on minor 2 [ 235.932219][ T8101] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 235.958396][ T8101] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 235.967317][ T8102] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 236.003169][ T8101] usb 3-1: USB disconnect, device number 16 [ 236.009320][ T8102] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 236.024570][ T8102] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 236.040336][ T23] usb 2-1: USB disconnect, device number 19 [ 236.074520][ T23] yurex 2-1:0.50: USB YUREX #0 now disconnected [ 236.253180][T10532] loop3: detected capacity change from 0 to 2048 [ 236.301212][T10532] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 236.516122][T10526] loop0: detected capacity change from 0 to 32768 [ 237.277356][T10560] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2184'. [ 237.569356][T10572] exfat: Deprecated parameter 'debug' [ 237.591451][T10572] syz.1.2188: attempt to access beyond end of device [ 237.591451][T10572] loop1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 237.646160][T10576] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2192'. [ 237.651913][T10572] exFAT-fs (loop1): unable to read boot sector [ 237.678171][T10572] exFAT-fs (loop1): failed to read boot sector [ 237.698045][T10572] exFAT-fs (loop1): failed to recognize exfat type [ 238.169001][ T28] audit: type=1326 audit(1775467056.850:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10599 comm="syz.2.2211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 238.217345][ T28] audit: type=1326 audit(1775467056.870:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10599 comm="syz.2.2211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 238.265701][ T28] audit: type=1326 audit(1775467056.870:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10599 comm="syz.2.2211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 238.297475][ T28] audit: type=1326 audit(1775467056.870:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10599 comm="syz.2.2211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 238.355828][ T28] audit: type=1326 audit(1775467056.870:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10599 comm="syz.2.2211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 238.393493][ T28] audit: type=1326 audit(1775467056.870:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10599 comm="syz.2.2211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 238.416828][ T8102] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 238.433966][ T28] audit: type=1326 audit(1775467056.870:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10599 comm="syz.2.2211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 238.464168][ T28] audit: type=1326 audit(1775467056.900:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10599 comm="syz.2.2211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 238.494937][ T28] audit: type=1326 audit(1775467056.900:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10599 comm="syz.2.2211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 238.633026][ T8102] usb 1-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 238.647849][ T8102] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.664877][ T8102] usb 1-1: Product: syz [ 238.672519][T10612] loop2: detected capacity change from 0 to 64 [ 238.685887][ T8102] usb 1-1: Manufacturer: syz [ 238.692295][ T8102] usb 1-1: SerialNumber: syz [ 238.699325][ T8102] r8152-cfgselector 1-1: config 0 descriptor?? [ 239.148256][ T8102] r8152-cfgselector 1-1: Unknown version 0x0000 [ 239.169281][ T8102] r8152-cfgselector 1-1: USB disconnect, device number 13 [ 239.491252][T10640] loop3: detected capacity change from 0 to 64 [ 240.069322][ T23] usb 1-1: new low-speed USB device number 14 using dummy_hcd [ 240.259830][ T23] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 240.277926][ T23] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 240.291337][T10668] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2237'. [ 240.308123][ T23] usb 1-1: config 1 interface 0 has no altsetting 0 [ 240.322086][ T23] usb 1-1: string descriptor 0 read error: -22 [ 240.338084][ T23] usb 1-1: New USB device found, idVendor=0644, idProduct=800e, bcdDevice= 0.40 [ 240.373946][ T23] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=3 [ 240.394852][ T23] usb 1-1: 0:2 : does not exist [ 240.505424][ T23] usb-storage 1-1:1.1: USB Mass Storage device detected [ 240.842321][ T23] us122l: couldn't allocate write buffer [ 240.861100][ T23] snd-usb-us122l: probe of 1-1:1.1 failed with error -22 [ 240.897856][ T23] usb 1-1: USB disconnect, device number 14 [ 241.095151][T10691] sg_write: data in/out 768/1 bytes for SCSI command 0x0-- guessing data in; [ 241.095151][T10691] program syz.2.2245 not setting count and/or reply_len properly [ 242.384508][T10741] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2268'. [ 242.463779][T10744] program syz.3.2269 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 242.488557][T10744] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 242.662347][T10756] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2275'. [ 243.263369][T10778] program syz.0.2286 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 243.284065][T10778] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 243.338094][ T8102] usb 4-1: new full-speed USB device number 16 using dummy_hcd [ 243.536400][T10789] loop0: detected capacity change from 0 to 2048 [ 243.555213][ T8102] usb 4-1: unable to get BOS descriptor or descriptor too short [ 243.599698][T10789] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 243.602734][ T8102] usb 4-1: not running at top speed; connect to a high speed hub [ 243.655513][ T8102] usb 4-1: config 5 has an invalid interface number: 246 but max is 0 [ 243.665286][ T8102] usb 4-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config [ 243.675872][ T8102] usb 4-1: config 5 has no interface number 0 [ 243.702410][T10795] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 243.703319][T10789] syz.0.2291: attempt to access beyond end of device [ 243.703319][T10789] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 243.732953][ T8102] usb 4-1: config 5 interface 246 altsetting 4 endpoint 0x3 has an invalid bInterval 0, changing to 4 [ 243.747865][ T8102] usb 4-1: config 5 interface 246 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 243.776327][ T8102] usb 4-1: config 5 interface 246 has no altsetting 0 [ 243.785899][ T8102] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=f5.e4 [ 243.797388][ T8102] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 243.814097][T10789] syz.0.2291: attempt to access beyond end of device [ 243.814097][T10789] loop0: rw=0, sector=9437254, nr_sectors = 2 limit=2048 [ 243.828015][ T8102] usb 4-1: Product: syz [ 243.832374][ T8102] usb 4-1: Manufacturer: syz [ 243.837008][ T8102] usb 4-1: SerialNumber: syz [ 243.851898][T10789] NILFS (loop0): I/O error reading meta-data file (ino=6, block-offset=0) [ 244.100360][ T8102] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 244.113433][ T48] usb 4-1: Failed to submit usb control message: -71 [ 244.145744][ T8102] usb 4-1: USB disconnect, device number 16 [ 244.168870][ T48] usb 4-1: unable to send the bmi data to the device: -71 [ 244.176032][ T48] usb 4-1: unable to get target info from device [ 244.248082][ T48] usb 4-1: could not get target info (-71) [ 244.282102][ T48] usb 4-1: could not probe fw (-71) [ 245.003315][T10841] loop0: detected capacity change from 0 to 512 [ 245.032281][T10841] EXT4-fs: Ignoring removed nomblk_io_submit option [ 245.108792][T10841] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 245.117580][T10841] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 245.211896][T10841] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4057: comm syz.0.2313: Allocating blocks 41-42 which overlap fs metadata [ 245.308018][T10841] EXT4-fs (loop0): Remounting filesystem read-only [ 245.344144][T10841] Quota error (device loop0): write_blk: dquota write failed [ 245.398170][T10841] Quota error (device loop0): find_free_dqentry: Can't write quota data block 5 [ 245.418053][ T28] audit: type=1326 audit(1775467064.090:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10854 comm="syz.2.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 245.418755][T10841] Quota error (device loop0): write_blk: dquota write failed [ 245.471938][ T28] audit: type=1326 audit(1775467064.090:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10854 comm="syz.2.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 245.515598][T10841] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 245.538380][T10841] EXT4-fs (loop0): 1 truncate cleaned up [ 245.559533][ T28] audit: type=1326 audit(1775467064.090:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10854 comm="syz.2.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 245.595062][T10841] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 245.608111][ T28] audit: type=1326 audit(1775467064.090:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10854 comm="syz.2.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 245.675122][ T28] audit: type=1326 audit(1775467064.090:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10854 comm="syz.2.2318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 245.780023][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 245.781218][T10834] loop1: detected capacity change from 0 to 32768 [ 245.842656][T10834] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 246.056870][T10834] XFS (loop1): Ending clean mount [ 246.073845][T10834] XFS (loop1): Quotacheck needed: Please wait. [ 246.148057][T10834] XFS (loop1): Quotacheck: Done. [ 246.265149][T10881] netlink: 'syz.0.2327': attribute type 21 has an invalid length. [ 246.273317][T10881] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2327'. [ 246.302481][ T5778] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 246.735833][ T28] audit: type=1326 audit(1775467065.410:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10893 comm="syz.1.2328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 246.839038][ T5832] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 247.020004][ T5832] usb 1-1: unable to get BOS descriptor or descriptor too short [ 247.028385][ T5832] usb 1-1: not running at top speed; connect to a high speed hub [ 247.037600][ T5832] usb 1-1: config 5 has an invalid interface number: 246 but max is 0 [ 247.046058][ T5832] usb 1-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config [ 247.056198][ T5832] usb 1-1: config 5 has no interface number 0 [ 247.062455][ T5832] usb 1-1: config 5 interface 246 altsetting 4 endpoint 0x3 has an invalid bInterval 0, changing to 4 [ 247.074206][ T5832] usb 1-1: config 5 interface 246 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 247.087597][ T5832] usb 1-1: config 5 interface 246 has no altsetting 0 [ 247.096965][ T5832] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=f5.e4 [ 247.106377][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 247.114659][ T5832] usb 1-1: Product: syz [ 247.119131][ T5832] usb 1-1: Manufacturer: syz [ 247.123755][ T5832] usb 1-1: SerialNumber: syz [ 247.351816][ T5832] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 247.359300][ T11] usb 1-1: Failed to submit usb control message: -71 [ 247.368892][ T11] usb 1-1: unable to send the bmi data to the device: -71 [ 247.376047][ T11] usb 1-1: unable to get target info from device [ 247.383577][ T11] usb 1-1: could not get target info (-71) [ 247.393420][ T11] usb 1-1: could not probe fw (-71) [ 247.398955][ T5832] usb 1-1: USB disconnect, device number 15 [ 248.248252][ T5807] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 248.307366][T10917] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2344'. [ 248.316597][T10917] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 248.447968][ T5807] usb 2-1: Using ep0 maxpacket: 32 [ 248.455975][ T5807] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 248.466933][ T5807] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 248.476731][ T5807] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 248.485964][ T5807] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.496239][ T5807] usb 2-1: config 0 descriptor?? [ 248.507263][ T5807] hub 2-1:0.0: USB hub found [ 248.713369][ T5807] hub 2-1:0.0: 1 port detected [ 248.919917][ T5807] hub 2-1:0.0: hub_hub_status failed (err = -71) [ 248.926578][ T5807] hub 2-1:0.0: config failed, can't get hub status (err -71) [ 248.939802][ T5807] usbhid 2-1:0.0: can't add hid device: -71 [ 248.945994][ T5807] usbhid: probe of 2-1:0.0 failed with error -71 [ 248.982232][ T5807] usb 2-1: USB disconnect, device number 20 [ 249.577824][T10921] 9pnet: Could not find request transport: f [ 249.783557][T10932] netlink: 'syz.2.2349': attribute type 3 has an invalid length. [ 249.791954][T10932] netlink: 'syz.2.2349': attribute type 1 has an invalid length. [ 249.800075][T10932] netlink: 220 bytes leftover after parsing attributes in process `syz.2.2349'. [ 249.827996][ T23] usb 2-1: new full-speed USB device number 21 using dummy_hcd [ 249.947437][T10936] netlink: 'syz.2.2351': attribute type 1 has an invalid length. [ 249.969666][T10936] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2351'. [ 250.054149][ T23] usb 2-1: unable to get BOS descriptor or descriptor too short [ 250.062671][ T23] usb 2-1: not running at top speed; connect to a high speed hub [ 250.072061][ T23] usb 2-1: config 5 has an invalid interface number: 246 but max is 0 [ 250.080338][ T23] usb 2-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config [ 250.091197][ T23] usb 2-1: config 5 has no interface number 0 [ 250.097391][ T23] usb 2-1: config 5 interface 246 altsetting 4 endpoint 0x3 has an invalid bInterval 0, changing to 4 [ 250.108521][ T23] usb 2-1: config 5 interface 246 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 250.122369][ T23] usb 2-1: config 5 interface 246 has no altsetting 0 [ 250.131959][ T23] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=f5.e4 [ 250.141541][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.150935][ T23] usb 2-1: Product: syz [ 250.155354][ T23] usb 2-1: Manufacturer: syz [ 250.161388][ T23] usb 2-1: SerialNumber: syz [ 250.238001][ T786] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 250.418322][ T23] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 250.425091][ T1309] usb 2-1: Failed to submit usb control message: -71 [ 250.438492][ T786] usb 4-1: config 0 has an invalid interface number: 69 but max is 0 [ 250.446659][ T786] usb 4-1: config 0 has no interface number 0 [ 250.458393][ T23] usb 2-1: USB disconnect, device number 21 [ 250.464768][ T786] usb 4-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 250.475340][ T786] usb 4-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 250.480656][ T1309] usb 2-1: unable to send the bmi data to the device: -71 [ 250.494617][ T786] usb 4-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 250.519903][ T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.533183][ T786] usb 4-1: Product: syz [ 250.537395][ T786] usb 4-1: Manufacturer: syz [ 250.541865][ T1309] usb 2-1: unable to get target info from device [ 250.544387][ T786] usb 4-1: SerialNumber: syz [ 250.562498][ T786] usb 4-1: config 0 descriptor?? [ 250.567936][ T1309] usb 2-1: could not get target info (-71) [ 250.578205][ T1309] usb 2-1: could not probe fw (-71) [ 250.582936][T10938] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 250.609250][ T786] cyberjack 4-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 250.645821][ T786] usb 4-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 250.886369][ C1] cyberjack ttyUSB0: cyberjack_read_int_callback - failed resubmitting read urb, error -22 [ 251.017746][T10953] netlink: 'syz.0.2368': attribute type 12 has an invalid length. [ 251.052212][T10955] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2360'. [ 251.061401][T10955] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2360'. [ 251.089531][ T23] usb 4-1: USB disconnect, device number 17 [ 251.138547][ T23] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 251.168446][ T23] cyberjack 4-1:0.69: device disconnected [ 251.276672][T10961] netlink: 'syz.0.2363': attribute type 3 has an invalid length. [ 251.298043][T10961] netlink: 'syz.0.2363': attribute type 1 has an invalid length. [ 251.326692][T10961] netlink: 220 bytes leftover after parsing attributes in process `syz.0.2363'. [ 251.405032][T10965] loop1: detected capacity change from 0 to 512 [ 251.429615][T10965] EXT4-fs: Ignoring removed nomblk_io_submit option [ 251.447177][T10965] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 251.468306][T10965] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 251.516449][T10965] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4057: comm syz.1.2364: Allocating blocks 41-42 which overlap fs metadata [ 251.519417][T10972] netlink: 'syz.2.2375': attribute type 1 has an invalid length. [ 251.538546][T10965] EXT4-fs (loop1): Remounting filesystem read-only [ 251.545275][T10965] __quota_error: 4 callbacks suppressed [ 251.545287][T10965] Quota error (device loop1): write_blk: dquota write failed [ 251.566239][T10965] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5 [ 251.577799][T10965] Quota error (device loop1): write_blk: dquota write failed [ 251.585849][T10965] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 251.596112][T10965] EXT4-fs (loop1): 1 truncate cleaned up [ 251.603361][T10965] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.774768][ T5778] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.929931][T10981] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2369'. [ 251.953320][T10981] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2369'. [ 252.255593][T10996] netlink: 'syz.1.2373': attribute type 21 has an invalid length. [ 252.264703][T10996] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2373'. [ 252.484165][T11004] loop3: detected capacity change from 0 to 512 [ 252.509731][T11004] EXT4-fs: Ignoring removed nomblk_io_submit option [ 252.538153][T11004] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 252.562528][T11004] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 252.580723][T11000] loop2: detected capacity change from 0 to 8192 [ 252.624292][T11009] loop0: detected capacity change from 0 to 1024 [ 252.643291][T11000] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 252.672684][T11004] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4057: comm syz.3.2378: Allocating blocks 41-42 which overlap fs metadata [ 252.712357][T11000] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 252.722398][T11000] REISERFS (device loop2): using ordered data mode [ 252.729500][T11000] reiserfs: using flush barriers [ 252.736454][T11000] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 252.753685][T11000] REISERFS (device loop2): checking transaction log (loop2) [ 252.761149][T11009] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 252.783053][T11004] EXT4-fs (loop3): Remounting filesystem read-only [ 252.809030][T11004] Quota error (device loop3): write_blk: dquota write failed [ 252.829550][T11004] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5 [ 252.871983][T11004] Quota error (device loop3): write_blk: dquota write failed [ 252.906363][T11004] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 252.954220][T11004] EXT4-fs (loop3): 1 truncate cleaned up [ 252.978771][T11000] REISERFS (device loop2): Using tea hash to sort names [ 252.987149][T11004] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 253.004205][T11000] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 253.240007][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.968088][ T8098] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 253.988455][ T23] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 254.079411][T11043] loop0: detected capacity change from 0 to 64 [ 254.160489][ T8098] usb 2-1: config 0 has an invalid interface number: 69 but max is 0 [ 254.178160][ T8098] usb 2-1: config 0 has no interface number 0 [ 254.193691][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10 [ 254.208079][ T8098] usb 2-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 254.228152][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24929, setting to 1024 [ 254.241337][ T8098] usb 2-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 254.264709][ T23] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf [ 254.278185][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.295444][ T23] usb 3-1: Product: syz [ 254.300325][ T23] usb 3-1: Manufacturer: syz [ 254.305241][ T23] usb 3-1: SerialNumber: syz [ 254.311217][ T8098] usb 2-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 254.321798][ T8098] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.331072][ T23] usb 3-1: config 0 descriptor?? [ 254.337042][ T8098] usb 2-1: Product: syz [ 254.345232][ T23] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 254.352224][ T8098] usb 2-1: Manufacturer: syz [ 254.356867][ T8098] usb 2-1: SerialNumber: syz [ 254.363214][ T23] usb 3-1: No valid video chain found. [ 254.374720][ T8098] usb 2-1: config 0 descriptor?? [ 254.380882][T11030] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 254.391068][ T8098] cyberjack 2-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 254.405922][ T8098] usb 2-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 254.533204][T11037] loop3: detected capacity change from 0 to 32768 [ 254.540969][T11037] XFS: attr2 mount option is deprecated. [ 254.585439][ T8098] usb 3-1: USB disconnect, device number 17 [ 254.596127][T11037] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 254.668125][ C1] cyberjack ttyUSB0: cyberjack_read_int_callback - failed resubmitting read urb, error -22 [ 254.697551][T11037] XFS (loop3): Ending clean mount [ 254.710462][T11037] XFS (loop3): Quotacheck needed: Please wait. [ 254.774321][T11037] XFS (loop3): Quotacheck: Done. [ 254.836441][ T5772] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 254.870393][ T8098] usb 2-1: USB disconnect, device number 22 [ 254.904295][ T8098] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 254.917712][ T8098] cyberjack 2-1:0.69: device disconnected [ 255.433946][ T8102] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 255.434171][T11057] [U] ˆ¹Báuìq&a|Å&P½K•œ yº [ 255.448752][T11056] [U] ô [ 255.513444][T11061] netlink: 'syz.1.2401': attribute type 1 has an invalid length. [ 255.528298][T11061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2401'. [ 255.573385][T11063] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2405'. [ 255.655677][ T8102] usb 4-1: config 0 has an invalid interface number: 117 but max is 0 [ 255.668015][ T8102] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 255.696438][ T8102] usb 4-1: config 0 has no interface number 0 [ 255.703272][ T8102] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 255.732207][ T8102] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 255.778693][ T8102] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 255.788393][ T8102] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.796452][ T8102] usb 4-1: Product: syz [ 255.837961][ T8102] usb 4-1: Manufacturer: syz [ 255.853808][ T8102] usb 4-1: SerialNumber: syz [ 255.881497][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.888106][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.900644][ T8102] usb 4-1: config 0 descriptor?? [ 256.204397][T11084] bridge3: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 256.217412][T11084] bridge3: entered promiscuous mode [ 256.223066][T11084] bridge3: entered allmulticast mode [ 256.416076][ T5832] usb 4-1: USB disconnect, device number 18 [ 256.448578][T11093] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2417'. [ 256.468937][T11093] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2417'. [ 256.873772][T11108] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 256.900097][T11108] bridge1: entered promiscuous mode [ 256.906264][T11108] bridge1: entered allmulticast mode [ 257.321888][T11119] loop2: detected capacity change from 0 to 4096 [ 257.335016][T11119] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 257.672284][T11136] netlink: 'syz.1.2440': attribute type 12 has an invalid length. [ 258.191182][T11130] loop0: detected capacity change from 0 to 32768 [ 258.252199][T11156] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2448'. [ 258.288248][T11154] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 258.292376][T11130] ea_get: invalid extended attribute [ 258.332136][T11130] ffff88805b82e8f0: 04 00 00 00 .... [ 258.628284][T11167] netlink: 'syz.1.2455': attribute type 21 has an invalid length. [ 258.767983][ T8098] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 258.959683][ T8098] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10 [ 258.971056][ T8098] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24929, setting to 1024 [ 258.985476][ T8098] usb 4-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf [ 258.994610][ T8098] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 259.002753][ T8098] usb 4-1: Product: syz [ 259.007072][ T8098] usb 4-1: Manufacturer: syz [ 259.011799][ T8098] usb 4-1: SerialNumber: syz [ 259.018749][ T8098] usb 4-1: config 0 descriptor?? [ 259.028729][ T8098] usb 4-1: Found UVC 0.00 device syz (18ec:3288) [ 259.035106][ T8098] usb 4-1: No valid video chain found. [ 259.243125][ T5832] usb 4-1: USB disconnect, device number 19 [ 259.853649][T11174] netlink: 'syz.3.2457': attribute type 12 has an invalid length. [ 259.873163][T11175] loop2: detected capacity change from 0 to 1024 [ 259.906443][T11175] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 260.288103][ T8098] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 260.339051][T11186] loop0: detected capacity change from 0 to 8192 [ 260.404390][T11186] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 260.432973][T11186] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 260.457549][T11186] REISERFS (device loop0): using ordered data mode [ 260.478393][T11186] reiserfs: using flush barriers [ 260.485698][ T8098] usb 2-1: config 0 has an invalid interface number: 117 but max is 0 [ 260.494950][ T8098] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 260.506525][ T8098] usb 2-1: config 0 has no interface number 0 [ 260.512852][ T8098] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 260.522991][ T8098] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 260.536662][T11186] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 260.558208][ T8098] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 260.567783][T11186] REISERFS (device loop0): checking transaction log (loop0) [ 260.588290][ T8098] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.596342][ T8098] usb 2-1: Product: syz [ 260.621978][ T8098] usb 2-1: Manufacturer: syz [ 260.642205][ T8098] usb 2-1: SerialNumber: syz [ 260.666009][ T8098] usb 2-1: config 0 descriptor?? [ 260.707479][T11196] [U] ˆ¹Báuìq&a|Å&P½K•œ yº [ 260.720573][T11194] [U] ô [ 260.841230][T11186] REISERFS (device loop0): Using tea hash to sort names [ 260.856235][T11199] loop2: detected capacity change from 0 to 16 [ 260.860868][T11186] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 260.881629][T11199] erofs: (device loop2): mounted with root inode @ nid 36. [ 260.945342][T11199] syz.2.2473: attempt to access beyond end of device [ 260.945342][T11199] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 261.002492][T11199] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -20 in[62, 4034] out[4096] [ 261.026344][ T28] audit: type=1800 audit(1775467079.700:97): pid=11199 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2473" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 261.158695][ T8098] usb 2-1: USB disconnect, device number 23 [ 261.609462][T11215] loop2: detected capacity change from 0 to 4096 [ 261.639454][T11219] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 261.703375][T11215] NILFS (loop2): the device already has a read/write mount. [ 262.172333][T11233] loop1: detected capacity change from 0 to 8192 [ 262.215541][T11233] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 262.245499][T11233] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 262.255052][T11233] REISERFS (device loop1): using ordered data mode [ 262.266778][T11233] reiserfs: using flush barriers [ 262.274315][T11233] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 262.329651][T11233] REISERFS (device loop1): checking transaction log (loop1) [ 262.566673][T11233] REISERFS (device loop1): Using tea hash to sort names [ 262.581916][T11233] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 262.703082][T11252] loop3: detected capacity change from 0 to 4096 [ 262.768267][T11253] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 262.851256][T11252] NILFS (loop3): the device already has a read/write mount. [ 263.679062][T11255] loop0: detected capacity change from 0 to 40427 [ 263.695726][T11255] F2FS-fs (loop0): Fix alignment : done, start(4096) end(16896) block(12288) [ 263.728459][T11255] F2FS-fs (loop0): invalid crc value [ 263.737005][ T28] audit: type=1326 audit(1775467082.400:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.3.2508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 263.773546][T11255] F2FS-fs (loop0): invalid crc value [ 263.790272][T11255] F2FS-fs (loop0): Failed to get valid F2FS checkpoint [ 263.813055][ T28] audit: type=1326 audit(1775467082.410:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.3.2508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 263.908483][ T28] audit: type=1326 audit(1775467082.420:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.3.2508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 263.987580][ T28] audit: type=1326 audit(1775467082.420:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.3.2508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 264.060506][ T28] audit: type=1326 audit(1775467082.420:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.3.2508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 264.356516][T11285] loop1: detected capacity change from 0 to 8192 [ 264.383515][T11285] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 264.397062][T11285] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 264.406479][T11285] REISERFS (device loop1): using ordered data mode [ 264.413987][T11285] reiserfs: using flush barriers [ 264.427752][T11285] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 264.445758][T11285] REISERFS (device loop1): checking transaction log (loop1) [ 264.561213][T11273] loop2: detected capacity change from 0 to 32768 [ 264.578607][T11292] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 264.638197][T11273] ea_get: invalid extended attribute [ 264.677698][T11285] REISERFS (device loop1): Using tea hash to sort names [ 264.678505][T11273] ffff88805b82bab0: 04 00 00 00 .... [ 264.712022][T11285] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 265.031824][T11301] netlink: 'syz.0.2521': attribute type 21 has an invalid length. [ 265.509228][T11317] netlink: zone id is out of range [ 265.545805][T11317] netlink: set zone limit has 4 unknown bytes [ 265.745962][T11322] loop3: detected capacity change from 0 to 1024 [ 265.760406][T11322] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 265.858866][T11322] hfsplus: filesystem is marked journaled, leaving read-only. [ 266.146637][T11336] loop3: detected capacity change from 0 to 2048 [ 266.234452][T11336] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 266.999679][T11368] loop0: detected capacity change from 0 to 64 [ 267.210601][T11372] loop1: detected capacity change from 0 to 2048 [ 267.280145][T11372] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 267.762532][T11392] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2565'. [ 267.778264][T11392] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 267.838184][ T8102] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 268.018020][ T23] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 268.038601][ T8102] usb 4-1: Using ep0 maxpacket: 8 [ 268.045921][ T8102] usb 4-1: config 0 has an invalid interface number: 31 but max is 0 [ 268.055953][ T8102] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 268.098570][ T8102] usb 4-1: config 0 has no interface number 0 [ 268.107788][ T8102] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 268.118477][ T8102] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.126513][ T8102] usb 4-1: Product: syz [ 268.153640][ T8102] usb 4-1: Manufacturer: syz [ 268.159625][ T8102] usb 4-1: SerialNumber: syz [ 268.167833][ T8102] usb 4-1: config 0 descriptor?? [ 268.211079][ T23] usb 3-1: config index 0 descriptor too short (expected 1316, got 36) [ 268.228625][ T23] usb 3-1: config 7 has an invalid interface number: 204 but max is -1 [ 268.257320][ T23] usb 3-1: config 7 has 1 interface, different from the descriptor's value: 0 [ 268.294577][ T23] usb 3-1: config 7 has no interface number 0 [ 268.301107][ T23] usb 3-1: config 7 interface 204 has no altsetting 0 [ 268.316429][ T23] usb 3-1: New USB device found, idVendor=0424, idProduct=9904, bcdDevice=d1.ce [ 268.326397][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.337952][ T23] usb 3-1: Product: syz [ 268.342159][ T23] usb 3-1: Manufacturer: syz [ 268.367140][ T23] usb 3-1: SerialNumber: syz [ 268.409398][ T8102] usb 4-1: Found UVC 0.04 device syz (046d:08c3) [ 268.415831][ T8102] usb 4-1: No valid video chain found. [ 268.496511][T11412] netlink: 'syz.0.2574': attribute type 10 has an invalid length. [ 268.507742][T11412] hsr0: entered promiscuous mode [ 268.535244][T11412] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 268.558233][T11412] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 268.569287][T11412] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 268.582758][T11412] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 268.624170][ T8102] usb 4-1: USB disconnect, device number 20 [ 268.654769][ T23] smsc95xx v2.0.0 [ 268.663348][ T23] smsc95xx 3-1:7.204 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 268.676116][ T23] smsc95xx: probe of 3-1:7.204 failed with error -22 [ 268.686713][ T23] usbhid 3-1:7.204: couldn't find an input interrupt endpoint [ 268.720636][ T23] usb 3-1: USB disconnect, device number 18 [ 268.771391][T11414] xt_TCPMSS: Only works on TCP SYN packets [ 269.818545][T11438] loop2: detected capacity change from 0 to 32768 [ 269.849207][T11440] loop3: detected capacity change from 0 to 32768 [ 269.862174][T11438] XFS (loop2): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 269.903646][T11440] jfs_lookup: iget failed on inum 4 [ 270.240988][T11438] XFS (loop2): Starting recovery (logdev: internal) [ 270.301199][T11460] loop0: detected capacity change from 0 to 2048 [ 270.311248][T11438] XFS (loop2): Ending recovery (logdev: internal) [ 270.330891][T11460] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 270.384388][T11461] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 270.408110][ T8098] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 270.426546][ T5760] udevd[5760]: incorrect nilfs2 checksum on /dev/loop0 [ 270.437417][T11460] NILFS (loop0): error -2 truncating bmap (ino=16) [ 270.582458][ T5774] XFS (loop2): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 270.591853][ T8098] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 270.608140][ T8098] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 270.627936][ T8098] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 270.653088][ T8098] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 270.683430][ T8098] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 270.695495][T11465] loop3: detected capacity change from 0 to 2048 [ 270.721134][ T8098] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 270.729435][T11465] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 270.748081][ T8098] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 270.766357][ T8098] usb 2-1: Product: syz [ 270.778941][ T8098] usb 2-1: Manufacturer: syz [ 270.816327][ T9780] udevd[9780]: incorrect nilfs2 checksum on /dev/loop3 [ 270.828577][ T8098] cdc_wdm 2-1:1.0: skipping garbage [ 270.838414][T11468] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 270.850008][ T8098] cdc_wdm 2-1:1.0: skipping garbage [ 270.878845][ T8098] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 270.895051][ T8098] cdc_wdm 2-1:1.0: Unknown control protocol [ 270.946374][T11465] NILFS (loop3): error -2 truncating bmap (ino=16) [ 271.085489][T11458] cdc_wdm 2-1:1.0: Error submitting int urb - -90 [ 271.103470][ T8098] usb 2-1: USB disconnect, device number 24 [ 271.288268][T11478] (syz.3.2601,11478,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 271.298535][T11478] (syz.3.2601,11478,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 271.458069][ T786] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 271.502087][T11484] netlink: 'syz.0.2605': attribute type 1 has an invalid length. [ 271.514758][T11484] netlink: 112865 bytes leftover after parsing attributes in process `syz.0.2605'. [ 271.614875][T11486] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 271.658761][ T786] usb 3-1: Using ep0 maxpacket: 8 [ 271.683488][ T786] usb 3-1: config 0 has an invalid interface number: 31 but max is 0 [ 271.719749][ T786] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 271.752823][ T786] usb 3-1: config 0 has no interface number 0 [ 271.773658][ T786] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 271.790445][T11482] loop3: detected capacity change from 0 to 32768 [ 271.803308][ T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.826844][ T786] usb 3-1: Product: syz [ 271.835877][ T786] usb 3-1: Manufacturer: syz [ 271.836246][T11482] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 271.841158][ T786] usb 3-1: SerialNumber: syz [ 271.860359][ T786] usb 3-1: config 0 descriptor?? [ 271.995111][T11482] XFS (loop3): Ending clean mount [ 272.111040][ T786] usb 3-1: Found UVC 0.04 device syz (046d:08c3) [ 272.138154][ T786] usb 3-1: No valid video chain found. [ 272.190149][ T5772] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 272.233909][T11506] loop1: detected capacity change from 0 to 256 [ 272.355371][T11506] FAT-fs (loop1): Directory bread(block 64) failed [ 272.368136][T11506] FAT-fs (loop1): Directory bread(block 65) failed [ 272.399369][T11506] FAT-fs (loop1): Directory bread(block 66) failed [ 272.406661][ T5832] usb 3-1: USB disconnect, device number 19 [ 272.428530][T11506] FAT-fs (loop1): Directory bread(block 67) failed [ 272.446822][T11506] FAT-fs (loop1): Directory bread(block 68) failed [ 272.467190][T11506] FAT-fs (loop1): Directory bread(block 69) failed [ 272.494411][T11506] FAT-fs (loop1): Directory bread(block 70) failed [ 272.514240][T11506] FAT-fs (loop1): Directory bread(block 71) failed [ 272.532176][T11506] FAT-fs (loop1): Directory bread(block 72) failed [ 272.543987][T11506] FAT-fs (loop1): Directory bread(block 73) failed [ 272.627992][ T5807] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 272.840037][ T5807] usb 1-1: config index 0 descriptor too short (expected 1316, got 36) [ 272.857926][ T5807] usb 1-1: config 7 has an invalid interface number: 204 but max is -1 [ 272.866296][ T5807] usb 1-1: config 7 has 1 interface, different from the descriptor's value: 0 [ 272.898985][ T5807] usb 1-1: config 7 has no interface number 0 [ 272.915906][ T5807] usb 1-1: config 7 interface 204 has no altsetting 0 [ 272.926228][ T5807] usb 1-1: New USB device found, idVendor=0424, idProduct=9904, bcdDevice=d1.ce [ 272.954565][T11519] loop3: detected capacity change from 0 to 64 [ 272.960913][ T5807] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 272.974195][ T5807] usb 1-1: Product: syz [ 272.982789][ T5807] usb 1-1: Manufacturer: syz [ 272.987445][ T5807] usb 1-1: SerialNumber: syz [ 273.123002][T11521] loop2: detected capacity change from 0 to 2048 [ 273.150138][T11521] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 273.196847][ T9782] udevd[9782]: incorrect nilfs2 checksum on /dev/loop2 [ 273.208078][T11522] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 273.249423][T11521] NILFS (loop2): error -2 truncating bmap (ino=16) [ 273.255723][ T5807] smsc95xx v2.0.0 [ 273.260251][ T5807] smsc95xx 1-1:7.204 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 273.271652][ T5807] smsc95xx: probe of 1-1:7.204 failed with error -22 [ 273.280088][ T5807] usbhid 1-1:7.204: couldn't find an input interrupt endpoint [ 273.299507][ T5807] usb 1-1: USB disconnect, device number 16 [ 273.534827][T11531] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 274.054996][T11553] xt_TCPMSS: Only works on TCP SYN packets [ 274.364601][T11565] (syz.2.2638,11565,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 274.390980][T11565] (syz.2.2638,11565,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 274.816438][T11551] loop1: detected capacity change from 0 to 32768 [ 274.835799][T11577] netlink: 'syz.2.2654': attribute type 2 has an invalid length. [ 274.846727][T11579] loop3: detected capacity change from 0 to 8 [ 274.859231][T11577] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.2654'. [ 274.911232][T11551] jfs_lookup: iget failed on inum 4 [ 275.148033][T11586] netlink: 'syz.2.2645': attribute type 1 has an invalid length. [ 275.280905][T11590] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2651'. [ 275.683082][T11595] loop1: detected capacity change from 0 to 4096 [ 275.779453][T11595] ntfs: volume version 3.1. [ 275.790609][T11595] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 275.817962][T11595] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 275.846147][T11595] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 275.901622][T11595] ntfs: (device loop1): ntfs_read_locked_attr_inode(): Failed with error code -2 while reading attribute inode (mft_no 0x1a, type 0x80, name_len 4). Marking corrupt inode and base inode 0x1a as bad. Run chkdsk. [ 275.975679][T11595] ntfs: (device loop1): load_and_init_usnjrnl(): Failed to load $UsnJrnl/$DATA/$Max attribute. [ 275.993309][T11595] ntfs: (device loop1): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 276.016516][T11595] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Found already allocated name in phase 2. Please run chkdsk and if that doesn't find any errors please report you saw this message to linux-ntfs-dev@lists.sourceforge.net. [ 276.045034][T11595] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Corrupt directory. Aborting lookup. [ 276.064275][T11595] ntfs: (device loop1): ntfs_lookup(): ntfs_lookup_ino_by_name() failed with error code 5. [ 276.098557][T11611] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2663'. [ 277.060204][T11647] netlink: 'syz.3.2681': attribute type 2 has an invalid length. [ 277.084727][T11647] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.2681'. [ 277.558133][ T8098] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 277.751452][ T8098] usb 4-1: Using ep0 maxpacket: 32 [ 277.768159][ T8098] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 277.788774][T11673] netlink: 'syz.1.2694': attribute type 2 has an invalid length. [ 277.800151][ T8098] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 277.818043][T11673] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.2694'. [ 277.827475][ T8098] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 277.837591][ T8098] usb 4-1: Product: syz [ 277.849254][ T8098] usb 4-1: Manufacturer: syz [ 277.868704][ T8098] usb 4-1: SerialNumber: syz [ 277.889037][ T8098] usb 4-1: config 0 descriptor?? [ 277.900396][ T8098] usb 4-1: bad CDC descriptors [ 277.918662][ T8098] usb 4-1: unsupported MDLM descriptors [ 278.083566][T11665] loop0: detected capacity change from 0 to 32768 [ 278.133531][ T5807] usb 4-1: USB disconnect, device number 21 [ 278.161241][T11665] XFS (loop0): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 278.245227][T11665] XFS (loop0): Starting recovery (logdev: internal) [ 278.268418][T11665] XFS (loop0): Ending recovery (logdev: internal) [ 278.331942][ T5769] XFS (loop0): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 278.963780][T11708] loop1: detected capacity change from 0 to 16 [ 279.020445][T11708] erofs: (device loop1): mounted with root inode @ nid 36. [ 279.072817][T11708] syz.1.2715: attempt to access beyond end of device [ 279.072817][T11708] loop1: rw=524288, sector=131758, nr_sectors = 2 limit=16 [ 279.141995][T11708] syz.1.2715: attempt to access beyond end of device [ 279.141995][T11708] loop1: rw=524288, sector=74, nr_sectors = 2 limit=16 [ 279.176276][T11708] syz.1.2715: attempt to access beyond end of device [ 279.176276][T11708] loop1: rw=524288, sector=262336, nr_sectors = 2 limit=16 [ 279.213177][T11708] syz.1.2715: attempt to access beyond end of device [ 279.213177][T11708] loop1: rw=524288, sector=172, nr_sectors = 2 limit=16 [ 279.241282][T11708] syz.1.2715: attempt to access beyond end of device [ 279.241282][T11708] loop1: rw=524288, sector=131274, nr_sectors = 2 limit=16 [ 279.275862][T11708] syz.1.2715: attempt to access beyond end of device [ 279.275862][T11708] loop1: rw=524288, sector=178, nr_sectors = 2 limit=16 [ 279.308227][T11708] syz.1.2715: attempt to access beyond end of device [ 279.308227][T11708] loop1: rw=524288, sector=131284, nr_sectors = 2 limit=16 [ 279.330707][T11708] syz.1.2715: attempt to access beyond end of device [ 279.330707][T11708] loop1: rw=524288, sector=178, nr_sectors = 2 limit=16 [ 279.353776][T11708] syz.1.2715: attempt to access beyond end of device [ 279.353776][T11708] loop1: rw=524288, sector=4830, nr_sectors = 2 limit=16 [ 279.382864][T11713] loop2: detected capacity change from 0 to 4096 [ 279.393741][T11708] syz.1.2715: attempt to access beyond end of device [ 279.393741][T11708] loop1: rw=524288, sector=1556797440, nr_sectors = 2 limit=16 [ 279.435518][T11713] ntfs: volume version 3.1. [ 279.486043][T11713] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 279.857409][T11725] netlink: 'syz.1.2723': attribute type 1 has an invalid length. [ 279.886544][T11725] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2723'. [ 280.148313][ T8102] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 280.161461][T11715] loop3: detected capacity change from 0 to 32768 [ 280.215077][T11715] XFS (loop3): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 280.358298][ T8102] usb 3-1: Using ep0 maxpacket: 32 [ 280.387890][T11747] ieee802154 phy0 wpan0: encryption failed: -22 [ 280.398010][ T8102] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 280.432216][ T8102] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 280.460224][ T8102] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.482625][ T8102] usb 3-1: Product: syz [ 280.486848][ T8102] usb 3-1: Manufacturer: syz [ 280.496164][ T8102] usb 3-1: SerialNumber: syz [ 280.506073][ T8102] usb 3-1: config 0 descriptor?? [ 280.518801][ T8102] usb 3-1: bad CDC descriptors [ 280.526242][ T8102] usb 3-1: unsupported MDLM descriptors [ 280.639859][T11715] XFS (loop3): Starting recovery (logdev: internal) [ 280.674510][T11715] XFS (loop3): Ending recovery (logdev: internal) [ 280.761531][ T8102] usb 3-1: USB disconnect, device number 20 [ 280.890924][ T5772] XFS (loop3): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 281.353242][T11774] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2736'. [ 281.464218][T11776] loop0: detected capacity change from 0 to 1024 [ 281.683610][ T28] kauditd_printk_skb: 13 callbacks suppressed [ 281.683624][ T28] audit: type=1326 audit(1775467100.360:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11783 comm="syz.1.2749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 281.719210][ T1309] hfsplus: b-tree write err: -5, ino 25 [ 281.725022][ T1309] hfsplus: b-tree write err: -5, ino 4 [ 281.742464][T11787] loop3: detected capacity change from 0 to 16 [ 281.759706][ T1309] hfsplus: b-tree write err: -5, ino 2 [ 281.765383][ T1309] hfsplus: b-tree write err: -5, ino 20 [ 281.788009][ T28] audit: type=1326 audit(1775467100.360:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11783 comm="syz.1.2749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 281.838431][T11787] erofs: (device loop3): mounted with root inode @ nid 36. [ 281.868753][ T28] audit: type=1326 audit(1775467100.400:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11783 comm="syz.1.2749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 281.928141][ T28] audit: type=1326 audit(1775467100.400:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11783 comm="syz.1.2749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 282.038891][ T28] audit: type=1326 audit(1775467100.400:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11783 comm="syz.1.2749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 282.337187][T11802] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2748'. [ 282.483892][T11805] loop0: detected capacity change from 0 to 16 [ 282.537112][ T28] audit: type=1326 audit(1775467101.210:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11809 comm="syz.2.2752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 282.599788][T11805] erofs: (device loop0): mounted with root inode @ nid 36. [ 282.625400][ T28] audit: type=1326 audit(1775467101.240:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11809 comm="syz.2.2752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 282.656427][ T28] audit: type=1326 audit(1775467101.260:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11809 comm="syz.2.2752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 282.715718][T11812] loop3: detected capacity change from 0 to 8 [ 282.734022][ T28] audit: type=1326 audit(1775467101.260:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11809 comm="syz.2.2752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 282.773528][ T28] audit: type=1326 audit(1775467101.260:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11809 comm="syz.2.2752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6ab9c819 code=0x7ffc0000 [ 283.323629][T11830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2762'. [ 283.492534][T11836] loop2: detected capacity change from 0 to 16 [ 283.507533][T11837] loop1: detected capacity change from 0 to 1024 [ 283.580111][T11836] erofs: (device loop2): mounted with root inode @ nid 36. [ 283.648501][ T3476] hfsplus: b-tree write err: -5, ino 25 [ 283.654310][ T3476] hfsplus: b-tree write err: -5, ino 4 [ 283.688124][ T3476] hfsplus: b-tree write err: -5, ino 2 [ 283.693805][ T3476] hfsplus: b-tree write err: -5, ino 20 [ 283.982024][T11848] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 284.045028][T11850] loop0: detected capacity change from 0 to 2048 [ 284.079999][T11850] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 284.116632][T11853] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 284.225738][T11850] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 262144 [ 284.263102][T11850] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15) [ 284.312122][T11850] Remounting filesystem read-only [ 284.317280][T11850] NILFS (loop0): error -5 truncating bmap (ino=15) [ 284.385664][T11861] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2777'. [ 284.408995][ T5769] NILFS (loop0): discard dirty page: offset=0, ino=6 [ 284.419340][ T5769] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 284.435103][ T5769] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 284.453614][ T5769] NILFS (loop0): discard dirty block: blocknr=37, size=1024 [ 284.461406][ T5769] NILFS (loop0): discard dirty block: blocknr=38, size=1024 [ 284.471577][ T5769] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 284.486009][ T5769] NILFS (loop0): discard dirty page: offset=0, ino=15 [ 284.527737][ T5769] NILFS (loop0): discard dirty block: blocknr=22, size=1024 [ 284.539893][ T5769] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 284.549650][ T5769] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 284.559713][ T5769] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 284.583868][T11865] loop2: detected capacity change from 0 to 1024 [ 284.724732][ T1140] hfsplus: b-tree write err: -5, ino 25 [ 284.755686][ T1140] hfsplus: b-tree write err: -5, ino 4 [ 284.778985][ T1140] hfsplus: b-tree write err: -5, ino 2 [ 284.784740][ T1140] hfsplus: b-tree write err: -5, ino 20 [ 284.911284][T11877] loop2: detected capacity change from 0 to 8 [ 285.438204][T11897] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2794'. [ 285.846298][T11914] loop0: detected capacity change from 0 to 8 [ 286.303808][T11928] loop1: detected capacity change from 0 to 2048 [ 286.328849][T11928] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 286.335358][T11934] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2808'. [ 286.372146][T11935] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 286.418732][T11928] NILFS (loop1): DAT doesn't have a block to manage vblocknr = 262144 [ 286.427093][T11928] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=15) [ 286.488904][T11928] Remounting filesystem read-only [ 286.494119][T11928] NILFS (loop1): error -5 truncating bmap (ino=15) [ 286.622657][T11939] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 286.692020][ T5778] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 286.710619][ T5778] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 286.738350][ T5778] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 286.762994][ T5778] NILFS (loop1): discard dirty block: blocknr=37, size=1024 [ 286.785361][ T5778] NILFS (loop1): discard dirty block: blocknr=38, size=1024 [ 286.828265][ T5778] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 286.837271][ T5778] NILFS (loop1): discard dirty page: offset=0, ino=15 [ 286.857926][ T5778] NILFS (loop1): discard dirty block: blocknr=22, size=1024 [ 286.879264][ T5778] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 286.902748][ T5778] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 286.937923][ T5778] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 287.783350][T11983] futex_wake_op: syz.2.2835 tries to shift op by 32; fix this program [ 288.307830][T11995] loop0: detected capacity change from 0 to 4096 [ 288.332371][T11995] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 288.598505][ T23] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 288.712608][T12008] loop3: detected capacity change from 0 to 2048 [ 288.769503][T12008] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 288.802766][T12010] Cannot find del_set index 2 as target [ 288.808172][ T23] usb 3-1: Using ep0 maxpacket: 8 [ 288.815810][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 288.818174][ T9782] udevd[9782]: incorrect nilfs2 checksum on /dev/loop3 [ 288.845144][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 288.863615][T12013] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 288.876455][ T23] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 288.910417][ T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 288.955131][ T23] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 288.981640][ T23] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 288.992361][T12008] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 262144 [ 289.013759][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.022869][T12008] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=15) [ 289.036476][ T23] usb 3-1: config 0 descriptor?? [ 289.049138][T12002] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 289.074410][T12008] Remounting filesystem read-only [ 289.099387][T12008] NILFS (loop3): error -5 truncating bmap (ino=15) [ 289.180959][ T5772] NILFS (loop3): discard dirty page: offset=0, ino=6 [ 289.188616][ T5772] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 289.197630][ T5772] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 289.207373][ T5772] NILFS (loop3): discard dirty block: blocknr=37, size=1024 [ 289.216551][ T5772] NILFS (loop3): discard dirty block: blocknr=38, size=1024 [ 289.225704][ T5772] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 289.234818][ T5772] NILFS (loop3): discard dirty page: offset=0, ino=15 [ 289.242520][ T5772] NILFS (loop3): discard dirty block: blocknr=22, size=1024 [ 289.249974][ T5810] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 289.258575][ T5772] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 289.268786][ T5772] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 289.277711][ T5772] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024 [ 289.321452][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.323943][ C0] Bluetooth: hci4: Unexpected continuation: 1 bytes [ 289.330880][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.344335][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.351631][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.358525][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.365820][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.372714][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.379733][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.386629][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.393785][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.400771][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.407619][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.414535][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.422695][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.429712][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.436612][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.443839][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.450751][ T5810] usb 2-1: Using ep0 maxpacket: 16 [ 289.456083][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.463504][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.470927][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.477801][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.484983][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.491898][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.498855][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.505708][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.512632][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.519621][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.526479][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.533427][ T51] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 289.543710][ T5807] usb 3-1: USB disconnect, device number 21 [ 289.549870][ T5084] Bluetooth: hci4: Opcode 0x0c03 failed: -71 [ 289.554528][ T5810] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 289.565806][ T5810] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.574438][ T5810] usb 2-1: Product: syz [ 289.578707][ T5810] usb 2-1: Manufacturer: syz [ 289.583381][ T5810] usb 2-1: SerialNumber: syz [ 289.595857][ T5810] r8152-cfgselector 2-1: config 0 descriptor?? [ 290.012566][ T5810] r8152-cfgselector 2-1: Unknown version 0x0000 [ 290.020823][ T5810] r8152-cfgselector 2-1: USB disconnect, device number 25 [ 290.488066][ T23] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 290.525494][T12037] Cannot find del_set index 2 as target [ 290.697982][ T23] usb 4-1: Using ep0 maxpacket: 8 [ 290.711440][ T23] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 290.739549][ T23] usb 4-1: config 1 interface 0 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 290.774888][ T23] usb 4-1: config 1 interface 0 has no altsetting 0 [ 290.790761][ T23] usb 4-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.40 [ 290.818005][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.826123][ T23] usb 4-1: Product: syz [ 290.847471][ T23] usb 4-1: Manufacturer: syz [ 290.855147][T12047] loop2: detected capacity change from 0 to 1764 [ 290.861668][ T23] usb 4-1: SerialNumber: syz [ 291.115987][T12025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 291.158625][T12025] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 291.198848][ T23] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input15 [ 291.243581][ T5124] bcm5974 4-1:1.0: could not read from device [ 291.253805][ T23] usb 4-1: USB disconnect, device number 22 [ 291.393896][ T5760] udevd[5760]: Error opening device "/dev/input/event4": No such file or directory [ 291.438146][ T5760] udevd[5760]: Unable to EVIOCGABS device "/dev/input/event4" [ 291.445817][ T5760] udevd[5760]: Unable to EVIOCGABS device "/dev/input/event4" [ 291.488087][ T5760] udevd[5760]: Unable to EVIOCGABS device "/dev/input/event4" [ 291.495718][ T5760] udevd[5760]: Unable to EVIOCGABS device "/dev/input/event4" [ 291.751852][T12068] loop2: detected capacity change from 0 to 1024 [ 291.760617][T12068] EXT4-fs: Ignoring removed nomblk_io_submit option [ 291.795108][T12068] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.909858][T12068] VFS: Lookup of 'file0' in ext4 loop2 would have caused loop [ 292.044990][ T5774] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.519881][T12099] loop0: detected capacity change from 0 to 1024 [ 292.548560][T12093] loop2: detected capacity change from 0 to 4096 [ 292.557113][T12099] EXT4-fs: Ignoring removed nomblk_io_submit option [ 292.580538][T12093] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 292.612155][T12099] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 292.668227][T12099] VFS: Lookup of 'file0' in ext4 loop0 would have caused loop [ 292.676742][T12101] loop3: detected capacity change from 0 to 1764 [ 292.698136][ T8102] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 292.768637][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.924416][ T8102] usb 2-1: Using ep0 maxpacket: 8 [ 292.929980][ T8102] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 292.930028][ T8102] usb 2-1: config 1 interface 0 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 292.930054][ T8102] usb 2-1: config 1 interface 0 has no altsetting 0 [ 292.935063][ T8102] usb 2-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.40 [ 292.935094][ T8102] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.935116][ T8102] usb 2-1: Product: syz [ 292.935132][ T8102] usb 2-1: Manufacturer: syz [ 292.935148][ T8102] usb 2-1: SerialNumber: syz [ 293.171517][T12097] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 293.203756][T12097] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 293.242097][ T8102] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input16 [ 293.290039][ T5124] bcm5974 2-1:1.0: could not read from device [ 293.299604][ T8102] usb 2-1: USB disconnect, device number 26 [ 294.789478][ T5810] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 294.818665][ T8102] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 294.978453][ T5810] usb 2-1: Using ep0 maxpacket: 8 [ 294.999855][ T5810] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 295.018052][ T5810] usb 2-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 295.019351][ T8102] usb 1-1: Using ep0 maxpacket: 8 [ 295.040766][ T5810] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.050779][ T8102] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 295.058220][ T5810] usb 2-1: Product: syz [ 295.067927][ T8102] usb 1-1: config 1 interface 0 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 295.078768][ T5810] usb 2-1: Manufacturer: syz [ 295.089228][ T5810] usb 2-1: SerialNumber: syz [ 295.105193][ T8102] usb 1-1: config 1 interface 0 has no altsetting 0 [ 295.116002][ T5810] usb 2-1: config 0 descriptor?? [ 295.142089][ T8102] usb 1-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.40 [ 295.146067][ T5810] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 295.168515][ T8102] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.176569][ T8102] usb 1-1: Product: syz [ 295.181137][ T5810] usb 2-1: selecting invalid altsetting 1 [ 295.199520][ T8102] usb 1-1: Manufacturer: syz [ 295.204286][ T8102] usb 1-1: SerialNumber: syz [ 295.484954][T12151] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 295.509986][T12151] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 295.531418][ T8102] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input17 [ 295.584590][ T5124] bcm5974 1-1:1.0: could not read from device [ 295.604303][ T8102] usb 1-1: USB disconnect, device number 17 [ 295.663351][ T5810] usb 2-1: USB disconnect, device number 27 [ 295.697340][ T9782] udevd[9782]: Error opening device "/dev/input/event4": No such file or directory [ 295.749143][ T9782] udevd[9782]: Unable to EVIOCGABS device "/dev/input/event4" [ 295.756786][ T9782] udevd[9782]: Unable to EVIOCGABS device "/dev/input/event4" [ 295.764704][ T9782] udevd[9782]: Unable to EVIOCGABS device "/dev/input/event4" [ 295.777640][ T9782] udevd[9782]: Unable to EVIOCGABS device "/dev/input/event4" [ 295.903612][T12183] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2931'. [ 295.912869][T12183] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 296.583631][T12205] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2942'. [ 296.758293][T12202] loop2: detected capacity change from 0 to 8192 [ 296.798495][T12213] SET target dimension over the limit! [ 296.803948][T12202] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 296.804061][T12202] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 296.804353][T12202] REISERFS (device loop2): using ordered data mode [ 296.833301][T12202] reiserfs: using flush barriers [ 296.902194][T12202] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 297.019492][T12202] REISERFS (device loop2): checking transaction log (loop2) [ 297.295191][T12202] REISERFS (device loop2): Using tea hash to sort names [ 297.309207][T12202] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 297.433847][T12229] loop3: detected capacity change from 0 to 4096 [ 297.452544][T12229] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 297.561076][T12229] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 297.575809][T12229] ntfs3: loop3: ino=1f, "file2" failed to open parent directory r=5 to update [ 297.738644][ T1309] ntfs3: loop3: ino=1f, failed to open parent directory r=5 to update [ 297.951067][T12241] SET target dimension over the limit! [ 298.239080][ T5807] IPVS: starting estimator thread 0... [ 298.348074][T12256] IPVS: using max 22 ests per chain, 52800 per kthread [ 298.417357][T12264] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2969'. [ 298.445104][T12258] loop0: detected capacity change from 0 to 8192 [ 298.467205][T12260] loop1: detected capacity change from 0 to 4096 [ 298.482210][T12258] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 298.513739][T12260] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 298.531859][T12264] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2969'. [ 298.542775][T12258] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 298.553057][T12258] REISERFS (device loop0): using ordered data mode [ 298.559710][T12258] reiserfs: using flush barriers [ 298.578532][T12258] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 298.596395][T12258] REISERFS (device loop0): checking transaction log (loop0) [ 298.745628][T12264] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2969'. [ 298.756496][T12260] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 298.775215][T12260] ntfs3: loop1: ino=1f, "file2" failed to open parent directory r=5 to update [ 298.833326][T12258] REISERFS (device loop0): Using tea hash to sort names [ 298.841173][T12258] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 298.990800][ T12] ntfs3: loop1: ino=1f, failed to open parent directory r=5 to update [ 299.025040][T12270] netlink: 'syz.2.2971': attribute type 10 has an invalid length. [ 299.079063][T12270] bridge0: port 2(bridge_slave_1) entered disabled state [ 299.140697][T12270] bridge0: port 2(bridge_slave_1) entered blocking state [ 299.147995][T12270] bridge0: port 2(bridge_slave_1) entered forwarding state [ 299.196336][T12270] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 299.372780][T12278] SET target dimension over the limit! [ 299.756203][T12290] team0: entered promiscuous mode [ 299.777934][T12290] team_slave_0: entered promiscuous mode [ 299.798002][T12296] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2990'. [ 299.808109][T12290] team_slave_1: entered promiscuous mode [ 299.821038][T12290] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 299.921540][T12298] vim2m vim2m.0: Fourcc format (0x47425247) invalid. [ 299.931020][T12295] loop2: detected capacity change from 0 to 4096 [ 299.973332][T12295] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 300.148286][T12295] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 300.176335][T12295] ntfs3: loop2: ino=1f, "file2" failed to open parent directory r=5 to update [ 300.308307][ T1140] ntfs3: loop2: ino=1f, failed to open parent directory r=5 to update [ 300.402640][ T5807] IPVS: starting estimator thread 0... [ 300.497975][T12311] IPVS: using max 20 ests per chain, 48000 per kthread [ 301.041132][T12328] team0: entered promiscuous mode [ 301.060160][T12328] team_slave_0: entered promiscuous mode [ 301.067375][T12328] team_slave_1: entered promiscuous mode [ 301.101491][T12328] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 301.276787][T12336] loop0: detected capacity change from 0 to 1024 [ 301.438293][ T3476] hfsplus: b-tree write err: -5, ino 25 [ 301.444081][ T3476] hfsplus: b-tree write err: -5, ino 4 [ 301.467997][ T3476] hfsplus: b-tree write err: -5, ino 2 [ 301.633037][T12350] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3009'. [ 301.804876][T12350] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3009'. [ 301.824750][T12358] netlink: 'syz.1.3013': attribute type 10 has an invalid length. [ 301.845123][T12358] bridge0: port 2(bridge_slave_1) entered disabled state [ 301.872365][T12358] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.879618][T12358] bridge0: port 2(bridge_slave_1) entered forwarding state [ 301.899649][T12358] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 302.026231][T12350] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3009'. [ 302.247217][T12365] team0: entered promiscuous mode [ 302.252442][T12365] team_slave_0: entered promiscuous mode [ 302.259370][T12369] loop2: detected capacity change from 0 to 2048 [ 302.268070][T12365] team_slave_1: entered promiscuous mode [ 302.288588][T12365] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 302.337487][T12369] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 302.541072][T12376] vim2m vim2m.0: Fourcc format (0x47425247) invalid. [ 302.562394][T12377] netlink: 'syz.3.3023': attribute type 30 has an invalid length. [ 302.625988][T12380] netlink: 'syz.0.3024': attribute type 10 has an invalid length. [ 302.685993][T12380] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.693877][T12380] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.722681][T12380] bridge0: port 2(bridge_slave_1) entered blocking state [ 302.729935][T12380] bridge0: port 2(bridge_slave_1) entered forwarding state [ 302.737478][T12380] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.744728][T12380] bridge0: port 1(bridge_slave_0) entered forwarding state [ 302.772844][T12380] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 302.953178][T12392] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3027'. [ 303.034604][T12392] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3027'. [ 303.180859][T12397] loop0: detected capacity change from 0 to 2048 [ 303.217406][T12400] team0: entered promiscuous mode [ 303.222483][T12397] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 303.239893][T12400] team_slave_0: entered promiscuous mode [ 303.272792][T12400] team_slave_1: entered promiscuous mode [ 303.283065][T12400] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 303.339110][T12392] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3027'. [ 303.530976][T12404] loop3: detected capacity change from 0 to 2048 [ 303.620991][T12404] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 303.742830][T12413] vim2m vim2m.0: Fourcc format (0x47425247) invalid. [ 303.938093][T12419] netlink: 'syz.3.3038': attribute type 10 has an invalid length. [ 303.973381][T12419] bridge0: port 2(bridge_slave_1) entered disabled state [ 303.982013][T12419] bridge0: port 1(bridge_slave_0) entered disabled state [ 304.055824][T12419] bridge0: port 2(bridge_slave_1) entered blocking state [ 304.063103][T12419] bridge0: port 2(bridge_slave_1) entered forwarding state [ 304.070688][T12419] bridge0: port 1(bridge_slave_0) entered blocking state [ 304.077930][T12419] bridge0: port 1(bridge_slave_0) entered forwarding state [ 304.143683][T12419] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 304.193458][T12427] loop2: detected capacity change from 0 to 16 [ 304.238878][T12427] erofs: (device loop2): mounted with root inode @ nid 36. [ 304.263281][T12427] bio_check_eod: 1386 callbacks suppressed [ 304.263295][T12427] syz.2.3045: attempt to access beyond end of device [ 304.263295][T12427] loop2: rw=0, sector=48, nr_sectors = 16 limit=16 [ 304.788114][T12447] netlink: 'syz.0.3056': attribute type 10 has an invalid length. [ 304.841056][T12447] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.848375][T12447] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.211473][T12466] netlink: 'syz.1.3065': attribute type 30 has an invalid length. [ 305.533525][T12482] netlink: 'syz.2.3071': attribute type 10 has an invalid length. [ 305.561573][T12482] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.788259][ T28] audit: type=1326 audit(1775467124.460:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.3.3075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 305.858412][ T28] audit: type=1326 audit(1775467124.460:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.3.3075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 305.916944][ T28] audit: type=1326 audit(1775467124.510:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.3.3075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 305.969309][ T28] audit: type=1326 audit(1775467124.510:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.3.3075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 306.067954][ T28] audit: type=1326 audit(1775467124.510:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.3.3075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 306.298190][T12510] netlink: 'syz.3.3085': attribute type 10 has an invalid length. [ 306.342862][T12510] bridge0: port 2(bridge_slave_1) entered disabled state [ 306.350263][T12510] bridge0: port 1(bridge_slave_0) entered disabled state [ 306.543781][T12520] loop0: detected capacity change from 0 to 16 [ 306.594720][T12520] erofs: (device loop0): mounted with root inode @ nid 36. [ 306.630874][T12520] syz.0.3088: attempt to access beyond end of device [ 306.630874][T12520] loop0: rw=0, sector=48, nr_sectors = 16 limit=16 [ 307.339524][T12556] loop3: detected capacity change from 0 to 16 [ 307.365603][T12556] erofs: (device loop3): mounted with root inode @ nid 36. [ 307.374867][ T28] audit: type=1326 audit(1775467126.050:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12555 comm="syz.0.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4559c819 code=0x7ffc0000 [ 307.414319][ T28] audit: type=1326 audit(1775467126.050:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12555 comm="syz.0.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4559c819 code=0x7ffc0000 [ 307.436702][ C0] vkms_vblank_simulate: vblank timer overrun [ 307.462436][T12556] syz.3.3104: attempt to access beyond end of device [ 307.462436][T12556] loop3: rw=0, sector=48, nr_sectors = 16 limit=16 [ 307.495341][ T28] audit: type=1326 audit(1775467126.130:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12555 comm="syz.0.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7fee4559c819 code=0x7ffc0000 [ 307.517772][ C0] vkms_vblank_simulate: vblank timer overrun [ 307.548367][ T28] audit: type=1326 audit(1775467126.130:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12555 comm="syz.0.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4559c819 code=0x7ffc0000 [ 307.601035][T12559] netlink: 'syz.2.3108': attribute type 10 has an invalid length. [ 307.611672][ T28] audit: type=1326 audit(1775467126.130:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12555 comm="syz.0.3106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4559c819 code=0x7ffc0000 [ 307.634017][ C0] vkms_vblank_simulate: vblank timer overrun [ 307.651714][T12559] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3108'. [ 307.675220][T12559] veth0_vlan: entered allmulticast mode [ 307.702579][T12559] bridge0: port 3(veth0_vlan) entered blocking state [ 307.723823][T12559] bridge0: port 3(veth0_vlan) entered disabled state [ 307.774153][T12559] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 308.038798][ T8102] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 308.248049][ T8102] usb 4-1: Using ep0 maxpacket: 16 [ 308.287593][ T8102] usb 4-1: unable to get BOS descriptor or descriptor too short [ 308.300596][ T8102] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 308.339461][ T8102] usb 4-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 308.366209][ T8102] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 308.374740][ T8102] usb 4-1: Product: syz [ 308.382989][ T8102] usb 4-1: Manufacturer: syz [ 308.392878][ T8102] usb 4-1: SerialNumber: syz [ 308.489495][T12589] loop1: detected capacity change from 0 to 4096 [ 308.529006][T12593] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 308.668510][ T5810] usb 4-1: USB disconnect, device number 23 [ 308.822016][ C1] sd 0:0:1:0: [sda] tag#3572 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 308.832518][ C1] sd 0:0:1:0: [sda] tag#3572 CDB: Read(6) 08 00 9f d1 fe de [ 309.368806][ C1] sd 0:0:1:0: [sda] tag#3573 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 309.379318][ C1] sd 0:0:1:0: [sda] tag#3573 CDB: Read(6) 08 00 9f d1 fe de [ 309.468189][ T5810] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 309.658934][ T5810] usb 2-1: Using ep0 maxpacket: 16 [ 309.686473][ T5810] usb 2-1: unable to get BOS descriptor or descriptor too short [ 309.705246][ T5810] usb 2-1: config 198 has an invalid interface number: 59 but max is 0 [ 309.716859][ T5810] usb 2-1: config 198 has no interface number 0 [ 309.735559][ T5810] usb 2-1: config 198 interface 59 altsetting 6 endpoint 0xC has invalid maxpacket 1024, setting to 64 [ 309.757963][ T5810] usb 2-1: config 198 interface 59 altsetting 6 endpoint 0xB has invalid maxpacket 1024, setting to 64 [ 309.791638][ T5810] usb 2-1: config 198 interface 59 has no altsetting 0 [ 309.810564][ T5810] usb 2-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=58.84 [ 309.826457][ T5810] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.857985][ T5810] usb 2-1: Product: syz [ 309.862208][ T5810] usb 2-1: Manufacturer: syz [ 309.884478][ T5810] usb 2-1: SerialNumber: syz [ 310.096054][T12649] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3151'. [ 310.140221][ T5810] comedi comedi5: Endpoint has wrong direction [ 310.146795][ T5810] dt9812 2-1:198.59: driver 'dt9812' failed to auto-configure device. [ 310.171919][ T5807] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 310.205512][ T5810] usb 2-1: USB disconnect, device number 28 [ 310.225521][ T5760] udevd[5760]: setting owner of /dev/bus/usb/002/028 to uid=0, gid=0 failed: No such file or directory [ 310.378008][ T5807] usb 1-1: Using ep0 maxpacket: 16 [ 310.391138][ T5807] usb 1-1: unable to get BOS descriptor or descriptor too short [ 310.411353][ T5807] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 310.440501][T12655] loop2: detected capacity change from 0 to 4096 [ 310.460047][ T5807] usb 1-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 310.484047][ T5807] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.502576][T12659] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 310.508666][ T5807] usb 1-1: Product: syz [ 310.534827][ T5807] usb 1-1: Manufacturer: syz [ 310.541835][ T5807] usb 1-1: SerialNumber: syz [ 310.793652][ T5807] usb 1-1: USB disconnect, device number 18 [ 311.016146][T12660] loop3: detected capacity change from 0 to 32768 [ 311.102524][T12660] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 311.405010][ T5772] ocfs2: Unmounting device (7,3) on (node local) [ 311.501245][T12682] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3166'. [ 311.668927][ T23] usb 2-1: new full-speed USB device number 29 using dummy_hcd [ 311.884614][ T23] usb 2-1: config 2 has an invalid interface number: 174 but max is 0 [ 311.923419][ T23] usb 2-1: config 2 has no interface number 0 [ 311.944645][ T23] usb 2-1: config 2 interface 174 altsetting 0 has an invalid endpoint with address 0x9E, skipping [ 311.965987][T12697] loop3: detected capacity change from 0 to 512 [ 311.972434][ T23] usb 2-1: config 2 interface 174 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 312.027592][ T23] usb 2-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=22.7e [ 312.041031][ T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.067283][ T23] usb 2-1: Product: syz [ 312.077896][ T23] usb 2-1: Manufacturer: syz [ 312.107755][ T23] usb 2-1: SerialNumber: syz [ 312.139909][T12680] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 312.338822][T12706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3176'. [ 312.371873][ T23] usb 2-1: probing VID:PID(0424:012C) [ 312.409257][ T23] usb 2-1: vub300 testing BULK IN EndPoint(0) 82 [ 312.427956][ T23] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs [ 312.468899][ T23] vub300: probe of 2-1:2.174 failed with error -22 [ 312.515383][ T23] usb 2-1: USB disconnect, device number 29 [ 312.863135][T12726] loop0: detected capacity change from 0 to 512 [ 312.870779][T12725] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3187'. [ 313.693673][T12732] loop2: detected capacity change from 0 to 32768 [ 313.737408][T12732] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 313.869311][ T23] usb 1-1: new full-speed USB device number 19 using dummy_hcd [ 313.898084][ T5832] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 313.909426][ T5774] ocfs2: Unmounting device (7,2) on (node local) [ 314.070016][ T23] usb 1-1: unable to get BOS descriptor or descriptor too short [ 314.109158][ T23] usb 1-1: not running at top speed; connect to a high speed hub [ 314.118015][ T5832] usb 4-1: Using ep0 maxpacket: 16 [ 314.138299][ T23] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 314.140029][ T5832] usb 4-1: unable to get BOS descriptor or descriptor too short [ 314.159120][ T5832] usb 4-1: config 198 has an invalid interface number: 59 but max is 0 [ 314.169599][ T5832] usb 4-1: config 198 has no interface number 0 [ 314.175932][ T5832] usb 4-1: config 198 interface 59 altsetting 6 endpoint 0xC has invalid maxpacket 1024, setting to 64 [ 314.192339][T12766] netlink: 'syz.2.3206': attribute type 21 has an invalid length. [ 314.203931][ T5832] usb 4-1: config 198 interface 59 altsetting 6 endpoint 0xB has invalid maxpacket 1024, setting to 64 [ 314.215288][T12766] netlink: 'syz.2.3206': attribute type 15 has an invalid length. [ 314.216382][ T23] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 314.223168][ T5832] usb 4-1: config 198 interface 59 has no altsetting 0 [ 314.223537][T12766] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3206'. [ 314.264901][ T23] usb 1-1: too many endpoints for config 1 interface 1 altsetting 23: 170, using maximum allowed: 30 [ 314.286231][ T23] usb 1-1: config 1 interface 1 altsetting 23 has 0 endpoint descriptors, different from the interface descriptor's value: 170 [ 314.293277][ T5832] usb 4-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=58.84 [ 314.304501][T12766] IPv6: NLM_F_CREATE should be specified when creating new route [ 314.327498][ T5832] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 314.329555][ T23] usb 1-1: config 1 interface 1 has no altsetting 0 [ 314.346935][ T5832] usb 4-1: Product: syz [ 314.359727][T12766] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 314.366973][T12766] IPv6: NLM_F_CREATE should be set when creating new route [ 314.372057][ T5832] usb 4-1: Manufacturer: syz [ 314.374508][T12766] IPv6: NLM_F_CREATE should be set when creating new route [ 314.386115][T12766] IPv6: NLM_F_CREATE should be set when creating new route [ 314.400294][ T5832] usb 4-1: SerialNumber: syz [ 314.413511][ T23] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 314.423162][ T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 314.435469][ T23] usb 1-1: Product: syz [ 314.444038][ T23] usb 1-1: Manufacturer: syz [ 314.454515][ T23] usb 1-1: SerialNumber: syz [ 314.465203][T12748] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 314.676123][ T5832] comedi comedi5: Endpoint has wrong direction [ 314.697901][ T5832] dt9812 4-1:198.59: driver 'dt9812' failed to auto-configure device. [ 314.739782][ T23] cdc_acm: probe of 1-1:1.0 failed with error -22 [ 314.763150][ T5832] usb 4-1: USB disconnect, device number 24 [ 314.794882][ T23] usb 1-1: USB disconnect, device number 19 [ 315.427959][ T23] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 315.629708][ T23] usb 3-1: Using ep0 maxpacket: 16 [ 315.661290][ T23] usb 3-1: unable to get BOS descriptor or descriptor too short [ 315.670910][ T23] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 315.692711][ T23] usb 3-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 315.716629][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.737989][ T23] usb 3-1: Product: syz [ 315.742230][ T23] usb 3-1: Manufacturer: syz [ 315.757420][ T23] usb 3-1: SerialNumber: syz [ 316.073642][ T23] usb 3-1: USB disconnect, device number 22 [ 316.200965][T12818] mac80211_hwsim hwsim7 : renamed from wlan1 (while UP) [ 316.342039][T12820] loop3: detected capacity change from 0 to 8 [ 316.390960][T12823] loop1: detected capacity change from 0 to 136 [ 316.556342][T12826] loop0: detected capacity change from 0 to 1024 [ 316.701383][ T11] hfsplus: b-tree write err: -5, ino 25 [ 316.716361][ T11] hfsplus: b-tree write err: -5, ino 4 [ 316.735618][ T11] hfsplus: b-tree write err: -5, ino 2 [ 316.996393][T12842] netlink: 'syz.1.3252': attribute type 21 has an invalid length. [ 317.004767][T12842] netlink: 'syz.1.3252': attribute type 15 has an invalid length. [ 317.015347][T12842] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3252'. [ 317.025632][T12842] IPv6: NLM_F_CREATE should be specified when creating new route [ 317.046616][T12842] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 317.053921][T12842] IPv6: NLM_F_CREATE should be set when creating new route [ 317.061267][T12842] IPv6: NLM_F_CREATE should be set when creating new route [ 317.068553][T12842] IPv6: NLM_F_CREATE should be set when creating new route [ 317.325213][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.331687][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.340326][T12852] loop3: detected capacity change from 0 to 8 [ 317.396449][T12855] loop0: detected capacity change from 0 to 136 [ 317.420649][T12858] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3250'. [ 317.595840][T12862] tipc: Can't bind to reserved service type 0 [ 317.658032][ T5832] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 317.859258][T12870] netlink: 'syz.0.3258': attribute type 21 has an invalid length. [ 317.867254][T12870] netlink: 'syz.0.3258': attribute type 15 has an invalid length. [ 317.882848][ T5832] usb 2-1: Using ep0 maxpacket: 16 [ 317.885075][T12870] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3258'. [ 317.897657][T12870] IPv6: NLM_F_CREATE should be specified when creating new route [ 317.905734][T12870] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 317.912051][ T5832] usb 2-1: unable to get BOS descriptor or descriptor too short [ 317.913169][T12870] IPv6: NLM_F_CREATE should be set when creating new route [ 317.928015][T12870] IPv6: NLM_F_CREATE should be set when creating new route [ 317.935300][T12870] IPv6: NLM_F_CREATE should be set when creating new route [ 317.948697][ T5832] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 317.976927][ T5832] usb 2-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 317.986113][ T5832] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.995283][ T5832] usb 2-1: Product: syz [ 318.002411][ T5832] usb 2-1: Manufacturer: syz [ 318.007132][ T5832] usb 2-1: SerialNumber: syz [ 318.163301][T12880] loop3: detected capacity change from 0 to 136 [ 318.263104][ T23] usb 2-1: USB disconnect, device number 30 [ 318.362726][T12884] mac80211_hwsim hwsim9 : renamed from wlan1 (while UP) [ 318.607968][ T5832] usb 1-1: new full-speed USB device number 20 using dummy_hcd [ 318.659188][ T5810] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 318.775627][T12898] loop2: detected capacity change from 0 to 1024 [ 318.819256][ T5832] usb 1-1: config 2 has an invalid interface number: 174 but max is 0 [ 318.835784][ T5832] usb 1-1: config 2 has no interface number 0 [ 318.856767][ T5810] usb 4-1: Using ep0 maxpacket: 16 [ 318.863702][ T5832] usb 1-1: config 2 interface 174 altsetting 0 has an invalid endpoint with address 0x9E, skipping [ 318.892630][ T5832] usb 1-1: config 2 interface 174 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 318.902211][ T5810] usb 4-1: config 1 has an invalid interface number: 105 but max is 0 [ 318.913464][ T5810] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 1 [ 318.923758][ T5832] usb 1-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=22.7e [ 318.929945][ T5810] usb 4-1: config 1 has no interface number 1 [ 318.940417][ T5810] usb 4-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 318.941309][ T3476] hfsplus: b-tree write err: -5, ino 25 [ 318.952419][ T5810] usb 4-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 318.974544][ T5832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.976036][ T5810] usb 4-1: config 1 interface 105 has no altsetting 0 [ 318.989569][ T5832] usb 1-1: Product: syz [ 318.989587][ T5832] usb 1-1: Manufacturer: syz [ 318.989601][ T5832] usb 1-1: SerialNumber: syz [ 319.006475][T12882] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 319.015172][ T3476] hfsplus: b-tree write err: -5, ino 4 [ 319.021214][ T3476] hfsplus: b-tree write err: -5, ino 2 [ 319.031717][ T5810] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 319.043672][ T5810] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.055391][ T5810] usb 4-1: Product: syz [ 319.063421][ T5810] usb 4-1: Manufacturer: syz [ 319.095615][ T5810] usb 4-1: SerialNumber: syz [ 319.122235][T12886] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 319.187492][T12903] loop2: detected capacity change from 0 to 1024 [ 319.281230][ T5832] usb 1-1: probing VID:PID(0424:012C) [ 319.295906][ T5832] usb 1-1: vub300 testing BULK IN EndPoint(0) 82 [ 319.311239][ T5832] usb 1-1: Could not find two sets of bulk-in/out endpoint pairs [ 319.319605][ T3476] hfsplus: b-tree write err: -5, ino 25 [ 319.325435][ T3476] hfsplus: b-tree write err: -5, ino 4 [ 319.331807][ T5832] vub300: probe of 1-1:2.174 failed with error -22 [ 319.349470][ T5832] usb 1-1: USB disconnect, device number 20 [ 319.366946][ T3476] hfsplus: b-tree write err: -5, ino 2 [ 319.409501][ T5810] aqc111: probe of 4-1:1.105 failed with error -22 [ 319.624877][ T5832] usb 4-1: USB disconnect, device number 25 [ 319.954669][T12913] ip6tnl1: entered allmulticast mode [ 320.106595][T12918] loop2: detected capacity change from 0 to 8 [ 320.998074][ T5810] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 321.037955][ T5832] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 321.116196][T12957] loop0: detected capacity change from 0 to 1024 [ 321.197939][ T32] hfsplus: b-tree write err: -5, ino 25 [ 321.208669][ T5810] usb 3-1: Using ep0 maxpacket: 16 [ 321.216907][ T32] hfsplus: b-tree write err: -5, ino 4 [ 321.218612][ T5832] usb 2-1: Using ep0 maxpacket: 16 [ 321.230128][ T5810] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 321.248024][ T32] hfsplus: b-tree write err: -5, ino 2 [ 321.257464][ T5832] usb 2-1: config 1 has an invalid interface number: 105 but max is 0 [ 321.268455][ T5810] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 321.288078][ T5832] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 1 [ 321.297090][ T5832] usb 2-1: config 1 has no interface number 1 [ 321.300041][ T5810] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 321.322125][ T5810] usb 3-1: Product: syz [ 321.326346][ T5810] usb 3-1: Manufacturer: syz [ 321.339008][ T5832] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 321.348971][ T5810] usb 3-1: SerialNumber: syz [ 321.370085][ T5810] usb 3-1: config 0 descriptor?? [ 321.377879][ T5832] usb 2-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 321.392608][ T5810] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 321.409243][ T5832] usb 2-1: config 1 interface 105 has no altsetting 0 [ 321.433930][ T5832] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 321.443882][ T5810] usb 3-1: Detected FT232R [ 321.456113][ T5832] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 321.487923][ T5832] usb 2-1: Product: syz [ 321.492160][ T5832] usb 2-1: Manufacturer: syz [ 321.503442][ T5832] usb 2-1: SerialNumber: syz [ 321.520016][T12944] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 321.733120][T12955] loop3: detected capacity change from 0 to 32768 [ 321.780887][ T5832] aqc111: probe of 2-1:1.105 failed with error -22 [ 321.789304][ T5810] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 321.810945][ T5810] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71 [ 321.836515][T12955] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 321.857296][ T5810] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 321.921651][ T5810] usb 3-1: USB disconnect, device number 23 [ 322.018763][ T5810] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 322.056530][ T5810] ftdi_sio 3-1:0.0: device disconnected [ 322.065095][ T23] usb 2-1: USB disconnect, device number 31 [ 322.141581][ T5772] ocfs2: Unmounting device (7,3) on (node local) [ 322.545056][T12977] ip6tnl1: entered allmulticast mode [ 322.586771][T12981] loop3: detected capacity change from 0 to 1024 [ 322.763437][ T12] hfsplus: b-tree write err: -5, ino 25 [ 322.786135][ T12] hfsplus: b-tree write err: -5, ino 4 [ 322.806327][ T12] hfsplus: b-tree write err: -5, ino 2 [ 323.481552][T12983] loop1: detected capacity change from 0 to 32768 [ 323.511263][T12983] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 323.577949][ T5832] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 323.714058][ T9780] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 9 [ 323.787932][ T5832] usb 3-1: Using ep0 maxpacket: 16 [ 323.802248][ T5832] usb 3-1: config 1 has an invalid interface number: 105 but max is 0 [ 323.827900][ T5832] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 1 [ 323.854244][ T5832] usb 3-1: config 1 has no interface number 1 [ 323.869047][ T5832] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 323.900365][ T5832] usb 3-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 323.958103][ T5832] usb 3-1: config 1 interface 105 has no altsetting 0 [ 324.003685][ T5832] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 324.038239][ T5832] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 324.046386][ T5832] usb 3-1: Product: syz [ 324.073329][ T5832] usb 3-1: Manufacturer: syz [ 324.085508][ T5832] usb 3-1: SerialNumber: syz [ 324.105741][T13002] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 324.154173][T13023] __vm_enough_memory: pid: 13023, comm: syz.1.3329, not enough memory for the allocation [ 324.354088][ T5832] aqc111: probe of 3-1:1.105 failed with error -22 [ 324.587223][ T5832] usb 3-1: USB disconnect, device number 24 [ 324.812519][T13043] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 324.831352][T13043] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 325.013516][T13031] loop3: detected capacity change from 0 to 32768 [ 325.039902][T13031] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9 [ 325.253930][ T9780] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9 [ 325.802769][T13051] loop1: detected capacity change from 0 to 32768 [ 325.938086][T13075] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 325.964808][T13075] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 326.370576][T13074] loop2: detected capacity change from 0 to 32768 [ 326.383041][T13074] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 9 [ 326.398053][ T5832] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 326.525101][ T9780] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 9 [ 326.587940][ T5832] usb 2-1: Using ep0 maxpacket: 16 [ 326.595110][ T5832] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 326.625391][ T5832] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 326.647873][ T5832] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.655923][ T5832] usb 2-1: Product: syz [ 326.690096][ T5832] usb 2-1: Manufacturer: syz [ 326.694768][ T5832] usb 2-1: SerialNumber: syz [ 326.723515][ T5832] usb 2-1: config 0 descriptor?? [ 326.741813][ T5832] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 326.779121][ T5832] usb 2-1: Detected FT232R [ 326.980649][T13095] netlink: 'syz.0.3366': attribute type 3 has an invalid length. [ 326.989176][T13095] netlink: 201372 bytes leftover after parsing attributes in process `syz.0.3366'. [ 327.168944][ T5832] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 327.198331][ T5832] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71 [ 327.224345][ T5832] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 327.261214][ T5832] usb 2-1: USB disconnect, device number 32 [ 327.301152][ T5832] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 327.317005][ T5832] ftdi_sio 2-1:0.0: device disconnected [ 327.904025][T13102] loop0: detected capacity change from 0 to 32768 [ 327.956148][T13102] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 327.972645][T13122] netlink: 'syz.3.3378': attribute type 10 has an invalid length. [ 327.981663][T13121] netlink: 'syz.1.3377': attribute type 3 has an invalid length. [ 327.988210][T13102] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 328.004180][T13102] BTRFS info (device loop0): using free space tree [ 328.020810][T13121] netlink: 201372 bytes leftover after parsing attributes in process `syz.1.3377'. [ 328.043178][T13122] bond0: (slave bridge0): Releasing backup interface [ 328.108373][T13122] bridge0: port 2(bridge_slave_1) entered blocking state [ 328.116528][T13122] bridge0: port 2(bridge_slave_1) entered forwarding state [ 328.124912][T13122] bridge0: port 1(bridge_slave_0) entered blocking state [ 328.132192][T13122] bridge0: port 1(bridge_slave_0) entered forwarding state [ 328.173008][T13122] bridge0: entered promiscuous mode [ 328.179682][T13122] team0: Port device bridge0 added [ 328.299310][T13102] BTRFS info (device loop0): enabling ssd optimizations [ 328.347876][T13102] BTRFS info (device loop0): auto enabling async discard [ 328.513412][T13102] BTRFS info (device loop0): resizing devid 73709551615 [ 328.538101][T13102] BTRFS info (device loop0): resizer unable to find device 73709551615 [ 328.698366][ T5769] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 328.758240][T13153] sctp: [Deprecated]: syz.3.3386 (pid 13153) Use of int in max_burst socket option. [ 328.758240][T13153] Use struct sctp_assoc_value instead [ 328.979924][T13159] netlink: 'syz.2.3390': attribute type 3 has an invalid length. [ 329.031797][T13159] netlink: 201372 bytes leftover after parsing attributes in process `syz.2.3390'. [ 329.597738][T13179] sctp: [Deprecated]: syz.2.3400 (pid 13179) Use of int in max_burst socket option. [ 329.597738][T13179] Use struct sctp_assoc_value instead [ 329.776816][T13186] sctp: [Deprecated]: syz.0.3410 (pid 13186) Use of int in max_burst socket option. [ 329.776816][T13186] Use struct sctp_assoc_value instead [ 329.830677][T13189] netlink: 'syz.3.3402': attribute type 3 has an invalid length. [ 329.838891][T13189] netlink: 201372 bytes leftover after parsing attributes in process `syz.3.3402'. [ 330.041138][T13197] netlink: 'syz.2.3408': attribute type 10 has an invalid length. [ 330.068904][T13197] bond0: (slave bridge0): Releasing backup interface [ 330.083520][T13197] bridge0: port 2(bridge_slave_1) entered blocking state [ 330.091671][T13197] bridge0: port 2(bridge_slave_1) entered forwarding state [ 330.103508][T13197] bridge0: entered promiscuous mode [ 330.110045][T13197] team0: Port device bridge0 added [ 330.328768][T13205] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3421'. [ 330.806923][T13227] netlink: 'syz.1.3423': attribute type 10 has an invalid length. [ 330.859305][T13227] bridge0: port 2(bridge_slave_1) entered disabled state [ 330.871037][T13227] bond0: (slave bridge0): Releasing backup interface [ 330.879548][T13231] loop3: detected capacity change from 0 to 16 [ 330.911812][T13227] bridge0: port 2(bridge_slave_1) entered blocking state [ 330.919335][T13227] bridge0: port 2(bridge_slave_1) entered forwarding state [ 330.938521][T13231] erofs: (device loop3): mounted with root inode @ nid 36. [ 330.992807][T13227] bridge0: entered promiscuous mode [ 331.003671][T13227] team0: Port device bridge0 added [ 331.048551][T13231] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 331.095288][T13235] loop2: detected capacity change from 0 to 512 [ 331.114644][T13231] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[1851] [ 331.137379][T13231] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 331.194883][T13235] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a000c018, mo2=0002] [ 331.208036][T13235] System zones: 0-2, 18-18, 34-35 [ 331.238297][T13235] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 331.298575][T13235] ext4 filesystem being mounted at /872/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 331.343237][T13235] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz.2.3428: invalid size [ 331.417193][T13240] loop0: detected capacity change from 0 to 4096 [ 331.455855][ T5774] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.655137][T13240] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 331.798807][ T28] audit: type=1326 audit(1775467150.480:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13253 comm="syz.3.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 331.831336][ T28] audit: type=1326 audit(1775467150.480:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13253 comm="syz.3.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 331.839119][ T5769] ntfs3: loop0: ino=9, ntfs_sync_fs failed, -22. [ 331.896779][ T28] audit: type=1326 audit(1775467150.500:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13253 comm="syz.3.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 332.011054][ T28] audit: type=1326 audit(1775467150.500:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13253 comm="syz.3.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 332.068592][ T28] audit: type=1326 audit(1775467150.500:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13253 comm="syz.3.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e6a59c819 code=0x7ffc0000 [ 332.171105][T13264] loop2: detected capacity change from 0 to 16 [ 332.200921][T13264] erofs: (device loop2): mounted with root inode @ nid 36. [ 332.248806][T13264] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 332.291487][T13264] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[1851] [ 332.322875][T13264] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 332.636837][ T28] audit: type=1326 audit(1775467151.310:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13277 comm="syz.1.3448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 332.728087][ T28] audit: type=1326 audit(1775467151.310:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13277 comm="syz.1.3448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 332.807569][T13283] loop0: detected capacity change from 0 to 512 [ 332.832972][ T28] audit: type=1326 audit(1775467151.340:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13277 comm="syz.1.3448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 332.868926][ T28] audit: type=1326 audit(1775467151.340:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13277 comm="syz.1.3448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 332.899093][ T28] audit: type=1326 audit(1775467151.340:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13277 comm="syz.1.3448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f341479c819 code=0x7ffc0000 [ 332.948780][ T9780] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 333.135890][T13294] loop3: detected capacity change from 0 to 512 [ 333.147435][T13296] netlink: 'syz.0.3453': attribute type 10 has an invalid length. [ 333.169579][T13296] bond0: (slave bridge0): Releasing backup interface [ 333.221055][T13296] bridge0: port 2(bridge_slave_1) entered blocking state [ 333.228580][T13296] bridge0: port 2(bridge_slave_1) entered forwarding state [ 333.237560][T13296] bridge0: port 1(bridge_slave_0) entered blocking state [ 333.244939][T13296] bridge0: port 1(bridge_slave_0) entered forwarding state [ 333.247192][T13294] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a000c018, mo2=0002] [ 333.293352][T13294] System zones: 0-2, 18-18, 34-35 [ 333.311406][T13294] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.324432][T13294] ext4 filesystem being mounted at /897/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 333.366993][T13296] bridge0: entered promiscuous mode [ 333.376670][T13296] team0: Port device bridge0 added [ 333.404378][T13294] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz.3.3455: invalid size [ 333.430222][T13302] loop1: detected capacity change from 0 to 16 [ 333.465824][T13302] erofs: (device loop1): mounted with root inode @ nid 36. [ 333.503582][T13302] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 333.531016][T13302] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[1851] [ 333.542197][T13302] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 333.571556][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.893203][T13315] loop3: detected capacity change from 0 to 512 [ 333.965429][ T5760] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 334.261482][T13328] loop0: detected capacity change from 0 to 512 [ 334.332021][T13328] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a000c018, mo2=0002] [ 334.368007][T13328] System zones: 0-2, 18-18, 34-35 [ 334.388366][T13328] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.402038][T13328] ext4 filesystem being mounted at /862/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 334.430461][T13328] EXT4-fs error (device loop0): ext4_empty_dir:3136: inode #12: comm syz.0.3469: invalid size [ 334.546154][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.867094][T13344] loop2: detected capacity change from 0 to 512 [ 334.895198][T13318] (syz.1.3465,13318,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 334.923985][T13318] (syz.1.3465,13318,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 334.955788][T13318] JBD2: Ignoring recovery information on journal [ 335.015607][ T5760] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 335.041627][T13318] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 335.122861][T13318] [ 335.125252][T13318] ====================================================== [ 335.132393][T13318] WARNING: possible circular locking dependency detected [ 335.139476][T13318] syzkaller #0 Not tainted [ 335.143908][T13318] ------------------------------------------------------ [ 335.150939][T13318] syz.1.3465/13318 is trying to acquire lock: [ 335.157018][T13318] ffff88807737df58 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 335.170278][T13318] [ 335.170278][T13318] but task is already holding lock: [ 335.177662][T13318] ffff8880773eb1b8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0 [ 335.187184][T13318] [ 335.187184][T13318] which lock already depends on the new lock. [ 335.187184][T13318] [ 335.197603][T13318] [ 335.197603][T13318] the existing dependency chain (in reverse order) is: [ 335.206653][T13318] [ 335.206653][T13318] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 335.214585][T13318] down_read+0x46/0x2e0 [ 335.219287][T13318] ocfs2_init_acl+0x30a/0x770 [ 335.224505][T13318] ocfs2_mknod+0x140f/0x2300 [ 335.229646][T13318] ocfs2_create+0x196/0x430 [ 335.234710][T13318] path_openat+0x12a0/0x3230 [ 335.239848][T13318] do_filp_open+0x1f5/0x430 [ 335.244908][T13318] do_sys_openat2+0x134/0x1d0 [ 335.250125][T13318] __x64_sys_openat+0x139/0x160 [ 335.255527][T13318] do_syscall_64+0x55/0xa0 [ 335.260484][T13318] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 335.266929][T13318] [ 335.266929][T13318] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 335.275459][T13318] down_read+0x46/0x2e0 [ 335.280148][T13318] ocfs2_start_trans+0x3a8/0x6f0 [ 335.285634][T13318] ocfs2_modify_bh+0xe4/0x4c0 [ 335.290850][T13318] ocfs2_local_read_info+0x1445/0x1800 [ 335.296849][T13318] dquot_load_quota_sb+0x757/0xb80 [ 335.302511][T13318] dquot_load_quota_inode+0x2dc/0x5d0 [ 335.308430][T13318] ocfs2_enable_quotas+0x1c9/0x490 [ 335.314092][T13318] ocfs2_fill_super+0x417d/0x5010 [ 335.319656][T13318] mount_bdev+0x221/0x2d0 [ 335.324521][T13318] legacy_get_tree+0xea/0x180 [ 335.329737][T13318] vfs_get_tree+0x8c/0x280 [ 335.334692][T13318] do_new_mount+0x24b/0xa40 [ 335.339736][T13318] __se_sys_mount+0x2e7/0x3d0 [ 335.344966][T13318] do_syscall_64+0x55/0xa0 [ 335.349923][T13318] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 335.356360][T13318] [ 335.356360][T13318] -> #2 (sb_internal#5){.+.+}-{0:0}: [ 335.363861][T13318] ocfs2_start_trans+0x2a9/0x6f0 [ 335.369331][T13318] ocfs2_mknod+0xf1d/0x2300 [ 335.374366][T13318] ocfs2_create+0x196/0x430 [ 335.379410][T13318] path_openat+0x12a0/0x3230 [ 335.384539][T13318] do_filp_open+0x1f5/0x430 [ 335.389608][T13318] do_sys_openat2+0x134/0x1d0 [ 335.394825][T13318] __x64_sys_openat+0x139/0x160 [ 335.400217][T13318] do_syscall_64+0x55/0xa0 [ 335.405178][T13318] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 335.411617][T13318] [ 335.411617][T13318] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}: [ 335.422163][T13318] down_write+0x97/0x200 [ 335.426942][T13318] ocfs2_reserve_local_alloc_bits+0x120/0x2600 [ 335.433643][T13318] ocfs2_reserve_clusters_with_limit+0x1ba/0xc20 [ 335.440518][T13318] ocfs2_mknod+0xebb/0x2300 [ 335.445573][T13318] ocfs2_create+0x196/0x430 [ 335.450614][T13318] path_openat+0x12a0/0x3230 [ 335.455740][T13318] do_filp_open+0x1f5/0x430 [ 335.460776][T13318] do_sys_openat2+0x134/0x1d0 [ 335.465986][T13318] __x64_sys_openat+0x139/0x160 [ 335.471374][T13318] do_syscall_64+0x55/0xa0 [ 335.476336][T13318] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 335.482769][T13318] [ 335.482769][T13318] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}: [ 335.493497][T13318] __lock_acquire+0x2df1/0x7d40 [ 335.498915][T13318] lock_acquire+0x19e/0x420 [ 335.503954][T13318] down_write+0x97/0x200 [ 335.508729][T13318] ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 335.515159][T13318] ocfs2_reserve_new_metadata_blocks+0x416/0x9a0 [ 335.522041][T13318] ocfs2_init_xattr_set_ctxt+0x30b/0x710 [ 335.528236][T13318] ocfs2_xattr_set+0xc3f/0x13e0 [ 335.533622][T13318] ocfs2_set_acl+0x4e1/0x590 [ 335.538746][T13318] ocfs2_iop_set_acl+0x1b2/0x2b0 [ 335.544225][T13318] vfs_set_acl+0x803/0xa60 [ 335.549186][T13318] do_set_acl+0xf5/0x180 [ 335.553965][T13318] path_setxattr+0x41d/0x5d0 [ 335.559098][T13318] __x64_sys_setxattr+0xbb/0xd0 [ 335.564523][T13318] do_syscall_64+0x55/0xa0 [ 335.569477][T13318] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 335.575907][T13318] [ 335.575907][T13318] other info that might help us debug this: [ 335.575907][T13318] [ 335.586136][T13318] Chain exists of: [ 335.586136][T13318] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5 --> &journal->j_trans_barrier --> &oi->ip_xattr_sem [ 335.586136][T13318] [ 335.603104][T13318] Possible unsafe locking scenario: [ 335.603104][T13318] [ 335.610564][T13318] CPU0 CPU1 [ 335.615935][T13318] ---- ---- [ 335.621312][T13318] lock(&oi->ip_xattr_sem); [ 335.625922][T13318] lock(&journal->j_trans_barrier); [ 335.633751][T13318] lock(&oi->ip_xattr_sem); [ 335.640886][T13318] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5); [ 335.648202][T13318] [ 335.648202][T13318] *** DEADLOCK *** [ 335.648202][T13318] [ 335.656358][T13318] 3 locks held by syz.1.3465/13318: [ 335.661564][T13318] #0: ffff888025e5a418 (sb_writers#26){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 335.670835][T13318] #1: ffff8880773eb498 (&type->i_mutex_dir_key#23){+.+.}-{3:3}, at: vfs_set_acl+0x37a/0xa60 [ 335.681043][T13318] #2: ffff8880773eb1b8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0 [ 335.690994][T13318] [ 335.690994][T13318] stack backtrace: [ 335.696914][T13318] CPU: 1 PID: 13318 Comm: syz.1.3465 Not tainted syzkaller #0 [ 335.704397][T13318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 335.714573][T13318] Call Trace: [ 335.717884][T13318] [ 335.720832][T13318] dump_stack_lvl+0x18c/0x250 [ 335.725535][T13318] ? load_image+0x420/0x420 [ 335.730070][T13318] ? show_regs_print_info+0x20/0x20 [ 335.735308][T13318] ? print_circular_bug+0x12b/0x1a0 [ 335.740534][T13318] check_noncircular+0x2fc/0x400 [ 335.745494][T13318] ? look_up_lock_class+0x75/0x140 [ 335.750636][T13318] ? print_deadlock_bug+0x5d0/0x5d0 [ 335.755852][T13318] ? lockdep_lock+0xf5/0x230 [ 335.760461][T13318] ? _find_first_zero_bit+0xd3/0x100 [ 335.765776][T13318] __lock_acquire+0x2df1/0x7d40 [ 335.770651][T13318] ? __lock_acquire+0x7d40/0x7d40 [ 335.775705][T13318] ? verify_lock_unused+0x140/0x140 [ 335.780923][T13318] ? __mutex_unlock_slowpath+0x1b4/0x6c0 [ 335.786572][T13318] ? do_raw_spin_lock+0x11f/0x2c0 [ 335.791667][T13318] ? mutex_unlock+0x10/0x10 [ 335.796188][T13318] lock_acquire+0x19e/0x420 [ 335.800723][T13318] ? ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 335.806820][T13318] ? ocfs2_get_system_file_inode+0x202/0x850 [ 335.812830][T13318] ? __might_sleep+0xe0/0xe0 [ 335.817447][T13318] ? read_lock_is_recursive+0x20/0x20 [ 335.822857][T13318] ? ocfs2_fast_symlink_read_folio+0x550/0x550 [ 335.829057][T13318] ? verify_lock_unused+0x140/0x140 [ 335.834295][T13318] ? check_noncircular+0x18a/0x400 [ 335.839436][T13318] down_write+0x97/0x200 [ 335.843702][T13318] ? ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 335.849798][T13318] ? down_read_killable+0x340/0x340 [ 335.855035][T13318] ocfs2_reserve_suballoc_bits+0x16e/0x44c0 [ 335.860967][T13318] ? mark_lock+0x94/0x320 [ 335.865338][T13318] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 335.871359][T13318] ? lock_chain_count+0x20/0x20 [ 335.876240][T13318] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 335.882150][T13318] ? lockdep_hardirqs_on+0x98/0x150 [ 335.887382][T13318] ? ocfs2_block_group_search+0x470/0x470 [ 335.893118][T13318] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 335.899046][T13318] ? _raw_spin_unlock+0x40/0x40 [ 335.903915][T13318] ? stack_trace_save+0xaa/0x100 [ 335.908878][T13318] ? stack_trace_snprint+0xf0/0xf0 [ 335.914010][T13318] ? __stack_depot_save+0x560/0x630 [ 335.919246][T13318] ? kasan_set_track+0x5f/0x70 [ 335.924021][T13318] ? kasan_set_track+0x4e/0x70 [ 335.928800][T13318] ? __kasan_kmalloc+0x8f/0xa0 [ 335.933597][T13318] ? ocfs2_reserve_new_metadata_blocks+0x10d/0x9a0 [ 335.940120][T13318] ? ocfs2_init_xattr_set_ctxt+0x30b/0x710 [ 335.945951][T13318] ? ocfs2_xattr_set+0xc3f/0x13e0 [ 335.950992][T13318] ? ocfs2_set_acl+0x4e1/0x590 [ 335.955779][T13318] ? ocfs2_iop_set_acl+0x1b2/0x2b0 [ 335.960918][T13318] ? vfs_set_acl+0x803/0xa60 [ 335.965526][T13318] ? do_set_acl+0xf5/0x180 [ 335.970040][T13318] ? path_setxattr+0x41d/0x5d0 [ 335.974828][T13318] ? __x64_sys_setxattr+0xbb/0xd0 [ 335.979868][T13318] ? do_syscall_64+0x55/0xa0 [ 335.984489][T13318] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 335.990611][T13318] ocfs2_reserve_new_metadata_blocks+0x416/0x9a0 [ 335.996976][T13318] ? ocfs2_init_steal_slots+0x160/0x160 [ 336.002551][T13318] ? ocfs2_xattr_block_set+0x2e30/0x2e30 [ 336.008216][T13318] ocfs2_init_xattr_set_ctxt+0x30b/0x710 [ 336.013881][T13318] ? ocfs2_xattr_set+0xc05/0x13e0 [ 336.018927][T13318] ? ocfs2_prepare_refcount_xattr+0xff0/0xff0 [ 336.025016][T13318] ? ocfs2_truncate_log_needs_flush+0x130/0x310 [ 336.031285][T13318] ? ocfs2_remove_btree_range+0x15e0/0x15e0 [ 336.037232][T13318] ? down_write+0x16e/0x200 [ 336.041760][T13318] ? down_read_killable+0x340/0x340 [ 336.046975][T13318] ? up_write+0x1c3/0x410 [ 336.051455][T13318] ocfs2_xattr_set+0xc3f/0x13e0 [ 336.056355][T13318] ? __ocfs2_xattr_set_handle+0xf40/0xf40 [ 336.062116][T13318] ? __kasan_kmalloc+0x8f/0xa0 [ 336.066906][T13318] ? ocfs2_set_acl+0x11e/0x590 [ 336.071691][T13318] ? ocfs2_iop_set_acl+0x1b2/0x2b0 [ 336.076817][T13318] ? vfs_set_acl+0x803/0xa60 [ 336.081417][T13318] ? path_setxattr+0x41d/0x5d0 [ 336.086195][T13318] ? do_syscall_64+0x55/0xa0 [ 336.090821][T13318] ? ocfs2_set_acl+0x11e/0x590 [ 336.095601][T13318] ? rcu_is_watching+0x15/0xb0 [ 336.100394][T13318] ? ocfs2_set_acl+0x11e/0x590 [ 336.105172][T13318] ? __kmalloc+0xe2/0x230 [ 336.109520][T13318] ? ocfs2_inode_lock_atime+0x530/0x530 [ 336.115082][T13318] ocfs2_set_acl+0x4e1/0x590 [ 336.119708][T13318] ocfs2_iop_set_acl+0x1b2/0x2b0 [ 336.124688][T13318] ? ocfs2_xattr_get+0x260/0x260 [ 336.129639][T13318] ? evm_inode_set_acl+0xbc/0x430 [ 336.134698][T13318] ? down_read_killable+0x340/0x340 [ 336.139917][T13318] ? evm_revalidate_status+0x4f/0xb0 [ 336.145222][T13318] ? posix_acl_valid+0x352/0x3d0 [ 336.150183][T13318] vfs_set_acl+0x803/0xa60 [ 336.154614][T13318] do_set_acl+0xf5/0x180 [ 336.158867][T13318] path_setxattr+0x41d/0x5d0 [ 336.163494][T13318] ? simple_xattrs_free+0x150/0x150 [ 336.168748][T13318] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 336.174751][T13318] ? lock_chain_count+0x20/0x20 [ 336.179620][T13318] __x64_sys_setxattr+0xbb/0xd0 [ 336.184495][T13318] do_syscall_64+0x55/0xa0 [ 336.188931][T13318] ? clear_bhb_loop+0x40/0x90 [ 336.193635][T13318] ? clear_bhb_loop+0x40/0x90 [ 336.198335][T13318] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 336.204256][T13318] RIP: 0033:0x7f341479c819 [ 336.208699][T13318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 336.228337][T13318] RSP: 002b:00007f34155d7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 336.236783][T13318] RAX: ffffffffffffffda RBX: 00007f3414a15fa0 RCX: 00007f341479c819 [ 336.244772][T13318] RDX: 0000200000000580 RSI: 0000200000000000 RDI: 00002000000000c0 [ 336.252753][T13318] RBP: 00007f3414832c91 R08: 0000000000000000 R09: 0000000000000000 [ 336.260754][T13318] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000000 [ 336.268783][T13318] R13: 00007f3414a16038 R14: 00007f3414a15fa0 R15: 00007ffc93cb2868 [ 336.276807][T13318] [ 336.394848][ T5778] ocfs2: Unmounting device (7,1) on (node local)