last executing test programs: 4.303243417s ago: executing program 3 (id=4372): r0 = socket(0x10, 0x2, 0x0) write(r0, &(0x7f0000000000)="240000001e005f80004000000000000002000000000000000000080008000100000000ff", 0x24) 4.011963714s ago: executing program 3 (id=4375): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net\x00') mkdirat(r0, &(0x7f0000000200)='./file0\x00', 0x8) 3.915293903s ago: executing program 5 (id=4378): r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a0102030109022400010700800b0904bb06023ae504000905070020000508ce09050302"], &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000e80)={0x84, &(0x7f0000000140)=ANY=[@ANYBLOB="400d02000000e2"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.630903567s ago: executing program 3 (id=4379): r0 = socket$netlink(0x10, 0x3, 0x15) write(r0, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27) 3.225782012s ago: executing program 3 (id=4384): r0 = socket(0x28, 0x5, 0x0) setsockopt$sock_linger(r0, 0x1, 0x4b, &(0x7f0000000000), 0x8) 2.921386484s ago: executing program 3 (id=4387): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000001c0)={[{@acl}, {@heartbeat_none}, {@dir_resv_level={'dir_resv_level', 0x3d, 0x3}}, {@coherency_full}, {@resv_level}, {@localflocks}, {@coherency_full}, {@inode64}]}, 0x1, 0x4428, &(0x7f000000c300)="$eJzs3c9PHGUfAPBnBt630LftC7WHmpi4iU00agj0pNJESmkptFhTbWP0sF1g26IL28BiPPSAtyaeTDwYD40m3jg1HLzWP8GLx3puogcvJiaNmN2dBWbYDSthwTafT1Jm5vm9+5159pnDdOJE5fbcUm5uKVdYyJVnbi6dzn1aLi3PF0O8Tw66f9rTiTjV2/woiP3+u3LuwnvXT4fw4+zPj9fX19dDVXdoamjL/h+/353Zum2IM3Wq7TZvba98GEI4sW1cVV0hhA9+qO+fTdJGk21vCOFYCCEKIVy/+8WN3B6N5sGj4pn8k6l7a8OnJlfvr7X+7FEI35Sef/3W/K8vdQ3/8uoedQ8AAAAAAAAAAAAAAAAAwFNu/OqVa+8ODoWHUehejbY/rzuebFs9H7u+Z17s/IcFAAAAAAAAAAAAAAAAAACAf6nN5/9z0fEmz/+PJduRFvXX3+78GOmciXeujJ0fHEre/x5ty38jSfrtbFfob/Le9+z7389m6jd///v2fnarMb5Gv30higdSx3E8MBDCd8mL309Gh+NSeany2s3y8sLsng3jqdUs/qnoJC/0bzf+o5n2O//+/+e2nU3V4xt7d4o909Lx72pZ7vvPo7bify5Tbz/iz+6l499dS+vdWmCkPgFU4/9l987xH8u036n4Hwsh5KLqWHOpGaC6hqmmt1qvkJaO/39qaampM/kiW13/f2bifz7T/kHN/yvZHyKaSsf/v7W0nlSJzeu/P975+r+Qaf8g4l8d/4rf/7ak43+ontidKlL7Jtud/8cz7Xcq/tfiZJzHotQZsBrV01v9f3WkpePfsy1/8/4vbmv9dzFTf7/u/xr9Nu7/GtP/K1H9/o/m0vHvbVmu3et/IlOv0/P/SG39x26l43+4lpZeO/fV/rYb/8nN3drJ1Kn411YlPY34b84nfx2qp39r/deWdPz/V0+Mt5ZYqf2trf+indf/lzLtH8T6rzr+lbizvT4r0vE/0rJcNf4/tfH7fzlTr/PxD2HQWn/X0vE/2rJc7frv2Tn+U5l6nY7/y51sHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOApMJps+0IUD6SO43hgIIRzyfHJcDiaLszmp0vlmU+WQhhL0nPheHSrVJ4ulPJzC+XZYr5QKpVnQjif5J8IPdFSqVzJzxfuXNhoqze6XSwsVqaLhUoIYTxJfyEcbbQ1PVeZL9wJIVzcyPt/XF68c7uwkJ+dW3xrcHBwMExsjKE/Kn5WKS5U6r3Xc0OY3KjbF20ZXC370sZYjkQfl5cXFwqlWvrlLXVK5ZlCaUudqSTvq9AfVRaXF2YKlWK+VL7V6O8gjSTbsYmr71+9PLQt/0ZU347u77AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+IceDr/5dQihu34UhxByUbITJf9SHjwqnsk/mbq3NnxqcvX+2uNmZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPibHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzSP0oDQRQH4DdjoY3gMayW3c52RREtXBE8gR7Dw+hRvIR3sLBImyIEklkI+we2Sarvax7Mj5n3YB4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAcg+v3dtL3USky4vNecTPx+/fYf5U6tft9P2zE8zI8Tw+d3f3dVP+PY3ym3L03+Zdul59vsdE7X0P9mS4T3vjPkNz+zY3X9/3KlKuIqIt+XXKuaqWvQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoq+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBfAQAA//9cuB8u") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000040)='.\x00', 0x18920b5, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 2.815631552s ago: executing program 1 (id=4388): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x18, 0x2e, 0x9, 0x70bd27, 0x25dfdbfd, {0x4}, [@typed={0x4, 0x12}]}, 0x18}, 0x1, 0x0, 0x0, 0x42804}, 0x0) 2.584685483s ago: executing program 4 (id=4389): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x12, &(0x7f0000000000)=0x7, 0x4) 2.179458926s ago: executing program 2 (id=4392): syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1080c, &(0x7f00000007c0)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYRESOCT, @ANYBLOB="d1794da8c0ccda034276e28a25c45c8e1eb8b595a37ffdfe7d2a8c3972a6931d2cbb0d8dc920bbde15d8790d46ccb3a5f36ff41223626334f17545ccae880000", @ANYRES8=0x0, @ANYRES32, @ANYRES32, @ANYRESOCT=0x0, @ANYRESDEC=0x0, @ANYRESOCT, @ANYRESOCT], 0x1, 0xa8f, &(0x7f0000001400)="$eJzs3UuMHEfdAPCe3Z31M5/H+WxinJDYBJIIyG68a8zDgjiKL1gx4hYp4mI5TrBwDMKRQqJI2D5xI5FlboiHOOUSAUIiF2TlxCUSscQlp8CBA5aRInGABHvQzlbNzvw9k57ZV+/s/H5ST013VXdVz3b39quqCmBsTbQ+663Pq29dOf6Ph/6+beH74+0UjdbnVMfYQupaGp8Ky3t/cjG89cGrp3uFtWKu9ZnHJzvm3VEUxcXiQHGtaBT7r15//Z25p05eOnH54LtvHL2xBqsOAABj51vXjh7e+9c/37v7wzfvP1ZsaU/P5+eNNL4znfcfSyf+C8FULV8/LF0P1DqGTtMh3VQaJkK6yR7pio509Zxua/d8Mf/psNx6n3RbSvKfDNcotVAeGGV5O24UtYmZrvGJiZmZxWvyonVdP12bOX/23HMXKioosOr+9UBRFAcMhnEbmrvaO0HlZalu6PgVACoVnxfe4WK8s7Ay7aVNDZb/zScmes/frb6aZWR8rPf2L/+4/O5yrHf+Zev/60trvP6MlcG3pq1rWo7Vltcr70c703h8jhDfXxr2+JOXNxmWN+gJQL/nCKPyfKFfOSfXuRzL1a/8cbvYrL6Wwvw7fD3Ed+4/8W86Kn9joLd/b7j7/9uWCld5WQyGzT00qzz4ANUquayP7801kxwf3+uL8VtK4reWxG8rid++OLX9Gl+M31EyP4yz3734k+K1WtGzPl6xeP3f2lkGvR+W77PdlcL/G7I88X7ksPfj4nu/w1pp/vF9YtjI/nDq6TNffvaZ64vv/9fa2//ttL0fSOONtG9dSwny/cJ4X7397n+jO5+JPunuDuW5q0f61vc93elqe5aWU3QcZ+4ox77u+Xb1S3dfd7pGSLctDfF0KZ6fbA/z5fOPfFzNv9dUWN96WI/pUI58XNmdwtF6GsNGlbfHfu//5+1zX1GvPXf23JnH0njeTv80Wd+yMP3QOpcbWLlB6//sK7rr/+xsT69PdB4Xdi1Nr3UeFxph+lyf6fNpPP+f+87kttb0mdPfO/fsaq88jLkLL7/y3VPnzp35gS+++OJL+0vVRyZgrc2++ML3Zy+8/MqjZ1849fyZ58+cnz9yZH5u7shX5g/Pts7rZzvP7oHNZOmf/tCzetQFAAAAAAAAAAAAFXnpxPHrf3n7S+8t1v9fqv+X6//nN39z/f8fh/r/sZ58rgef6wHu7hHfShMaWJ0O6epp+P9Q3j0hn71hvk+ksN2PX6r/n7OL7brm8twTpsf2e3O60JzAHe2lTIc2SGJ/gZ9O4eUU/qqACtV+1ntyCsvat87ben4ZWLsUoyn/3XJ7Jrkdk1z/u1+7Tvn4v7v3Yn+02uVkda1HdcKq1xHo7Z8brv3vNRmWGvysvCwdVwyVl8Ww0YZbzWZzPfNrNj+uFw99TQHrp+r+P/N9zxye/+M3ti4MOdnNJ7qPl7H9UliJqvu/rCz/fGNxXNd/wPxXu//Pdv93Ax//Qo95jeXl+5+f33ivI9tif9/8txRd+cf1z+1A7xku/w9T/nltHi765d+9/s1fhvzjA6EBfRTy3z5g/nH9rwybccrwvyn//LM98uCg+S8uoDbRXY543zg//4v3jbNbYf1z257Drv9yO2q8nfKHcTYq/cwOq6v/30vN9e//d4U9DMX3ML6YxvOBML/nEPs7ubW1GKr8+f2K/H9gb1h+reT/m/5/R9tXU1i2P+T+f/P22OgxPtExXu/x227WYw2MqvdX7flfxxtzG+A5ymYYXtpVfRlGYajZ5pY9NJvNSh/yecJYrap//6qvE6rOv+rfv0zs/zeew8f+f2N87P83xsf+f2N8677iR0ud9sbfa3uYP8bH/n9j/D0h39g/8L6S+E+WxO8vib+3JP6+kvhPlcQfLIm/vyT+gZL4u0viHyyJ/0z4i8f4z5bM/1BJ/CMfHz//w5L5N7tcH2Vc1x/GWayfd+f+v8wHvMCGl5//9Nv/95TEA6Prp28eevKZ3367sVj/f7p9PyQ/xzuWxuvp2jleL8X7J5Mp7u00/rcQv9Hvd8A4ie1nxP/vD5fEA6Mrv+dl/4YxVOvdYs+g7Vb1O89ntHwuhZ9P4RdS+GgKZ1I4m8JDKZxbp/KxNp78ze+PvlZbut7fFeIHfR8+1geK7UTND1ieeH9g2PfxYzt+w1pp/susDgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZidbn4cP7akVx9a0rx58+eXZ2Ycrj7RSN1udUx1i9PV9RPJbCyRT+In259cGrpzvD2ymsFXNFrai1pxffvNnOaUdRFBeLA8W1olHsv3r99Xfmnjp56cTlg+++cfTG2v0CAAAAsPn9LwAA//+1ThxH") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_time\x00', 0x275a, 0x0) 2.176953184s ago: executing program 1 (id=4393): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x2, 0x4) 2.077925389s ago: executing program 0 (id=4394): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='cgroup\x00', 0x0, &(0x7f0000000380)='source') 2.033770163s ago: executing program 4 (id=4395): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0xec, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xb0, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x8, 0x2, 0x0, 0x1, [{0x4}]}, @NFTA_SET_DESC_CONCAT={0xa4, 0x2, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9539}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffffb}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffff7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x40}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fffffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xce72}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa}]}, {0xffffffffffffff3d, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x114}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 1.756158415s ago: executing program 5 (id=4396): r0 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt(r0, 0x28, 0x2, &(0x7f0000003180)=""/4106, &(0x7f0000000040)=0x100a) 1.725877591s ago: executing program 4 (id=4397): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x88200) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000000c80)={{0x5, 0x2, 0x1, 0xffffff63, 'syz1\x00', 0x6}, 0x0, [0x8, 0x1, 0x7ff, 0x8001, 0x1, 0x5, 0x9, 0x3, 0x7, 0x3, 0xffff, 0x5, 0x4, 0x6, 0x4, 0x8000000000000001, 0x2, 0x260000000000000, 0x2, 0x1000, 0xc, 0x0, 0x5, 0x4, 0x4, 0x6, 0x100, 0xffffffffffffff46, 0x8, 0x3, 0x7fffffffffffffff, 0x6, 0x3, 0x77f, 0x4, 0x401, 0x8, 0x6, 0x100, 0x4d2e, 0x20034b7062480000, 0x101, 0x6, 0x8, 0xf4e, 0xffffffffffffffff, 0x8001, 0x1, 0x8000000000000001, 0x5, 0x5, 0x5, 0x1, 0x1, 0x400, 0x9, 0x86e, 0x3, 0x0, 0x6, 0x4, 0x8000000000000000, 0x80c7, 0x27, 0x0, 0x5, 0xffffffff, 0x8000, 0xc2d0, 0x100000001, 0x9, 0x8001, 0x5, 0x1, 0x0, 0x1, 0x6, 0x3, 0x100, 0x10000, 0x2, 0x2e, 0x2, 0x2, 0x0, 0x6, 0x7, 0x9, 0x1ff, 0x5, 0x0, 0x4, 0x3, 0xfffffffffffffffa, 0x5, 0x1, 0xeb0, 0x2, 0x2, 0x7, 0x9, 0x4, 0x81, 0x9, 0xfffffffffffffffe, 0x5, 0xf1, 0xff, 0x1, 0x10001, 0x8, 0xffffffff, 0x4ff, 0x8, 0x6f, 0x4, 0xa, 0x0, 0xb, 0x1, 0x0, 0x4601c2c5, 0x92, 0x6, 0xfffffffffffffffa, 0x7, 0x9, 0x8000]}) 1.711320159s ago: executing program 0 (id=4398): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000040)={0x1, 0x0, {0x0, 0x0, 0x0, 0x4, 0x3, 0x130, 0x3, 0x4bcfbda9285ec008}}) 1.616416351s ago: executing program 1 (id=4399): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000880)={0x54, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0xf140}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}, 0x1, 0x0, 0x0, 0x20040001}, 0x20000000) 1.572685516s ago: executing program 2 (id=4400): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000dc0)=@newtaction={0x280, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfd, {}, [{0x26c, 0x1, [@m_tunnel_key={0x6c, 0x1, 0x0, 0x0, {{0xf}, {0x3c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x204, 0x7, 0x10000000, 0x200000, 0x6}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}, @TCA_TUNNEL_KEY_NO_CSUM={0x1, 0xa, 0x1}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_skbedit={0x94, 0xc, 0x0, 0x0, {{0xc}, {0x5c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x3, 0xe4e, 0x3, 0x4, 0x3}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x7}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0xff}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xfff1, 0xc}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x7}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x4}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x8}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x1}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x100}]}, {0xf, 0x6, "1abf842170b99b2d385cd0"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x168, 0x2, 0x0, 0x0, {{0x8}, {0xb0, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x6, 0x7b84, 0xffffffffffffffff, 0x0, 0x4000}, 0x1}}, @TCA_IFE_METALST={0x2c, 0x6, [@IFE_META_PRIO={0x8, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x696}, @IFE_META_PRIO={0x8, 0x3, @val=0x6}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0xa}, @IFE_META_SKBMARK={0x4, 0x1, @void}]}, @TCA_IFE_DMAC={0xa, 0x3, @remote}, @TCA_IFE_TYPE={0x6, 0x5, 0xc9}, @TCA_IFE_DMAC={0xa, 0x3, @random="8e626b6bfbf7"}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xe, 0x100000, 0x4, 0x6, 0x3}}}, @TCA_IFE_SMAC={0xa}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xd, 0x2, 0x1, 0x4}, 0x1}}]}, {0x92, 0x6, "0745eda98a44af97ae46a19127d038c5123f3cb17331ff9148552ed3e66c1ec3da02b7f8bf5c416577450e40e13f05636db4c6ad1b3b41745844ead184f6931b6094c2079d7cfc0e3261b4596fbfbc0d19da37719c7dae4fc8e453fa633c7fd941086e3a72eaace8b91ccace63675f74944e81a9c807e2e4fbfbfd06a5fa8083ba3da79908908e58145dc1ca9b47"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x7}}}}]}]}, 0x280}, 0x1, 0x0, 0x0, 0x20048840}, 0x1004) 1.416644854s ago: executing program 4 (id=4401): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x17, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xe7}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x25702020}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1000000}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.416431405s ago: executing program 5 (id=4402): r0 = fanotify_init(0x200, 0x0) fanotify_mark(r0, 0x161, 0x40000867, r0, 0x0) 1.409886236s ago: executing program 0 (id=4403): keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_load={'load ', 'ecryptfs', 0x20, 'user:', 'trusted:', 0x20, 0x40}, 0x32, 0xfffffffffffffffc) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 1.033216475s ago: executing program 5 (id=4404): r0 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f00000001c0)={'lo\x00', {0x2, 0x4e23, @rand_addr=0xc8000000}}) 998.509414ms ago: executing program 1 (id=4405): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x34, 0x0, 0xb, 0x101, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_COMPAT_NAME={0xd, 0x1, '--(^,-\\}\x00'}, @NFTA_COMPAT_TYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040000}, 0x800) 952.807004ms ago: executing program 0 (id=4406): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00') open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="20000000f100000002"], 0x440080) 915.840085ms ago: executing program 2 (id=4407): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0xc1105511, &(0x7f0000000040)={0xa, 0x0, 0x2, 0xfff, 'syz1\x00', 0x100001}) 740.237929ms ago: executing program 4 (id=4408): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002c40)={0x24, 0x25, 0x109, 0x870bd22, 0xfffffff9, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @binary='G\x00\x00\x00'}, @typed={0x8, 0x10b, 0x0, 0x0, @fd}]}, 0x24}, 0x1, 0x0, 0x0, 0x1000c957}, 0x0) 709.983856ms ago: executing program 3 (id=4409): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0xb20, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0xa88, 0x178, 0x178, 0xa88, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x3, {0x100000001}}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x888, 0x8c8, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[{0xb}]}}, @common=@unspec=@u32={{0x7e0}, {[{[{0x9}, {0x3}, {0x1, 0x1}, {0x0, 0x3}, {0x4, 0x2}, {0xb1d}, {0x3}, {0x8}, {0x2, 0x3}, {0x3}, {0x103}], [{0xe8f3, 0x5}, {0x1d, 0x6}, {0x4, 0x8}, {0x0, 0x4}, {0x4, 0xc3e}, {0x1, 0x100}, {0x6, 0x7}, {0x80000003, 0x3}, {0xf2, 0x3}, {0x3ff, 0x8}, {0x10, 0x3}], 0xe, 0x6}, {[{0x80, 0x3}, {0x2}, {0x6, 0x1}, {0x355cbec3, 0x2}, {0x0, 0x2}, {0x0, 0x2}, {0x7}, {0xe7, 0x2}, {0x3, 0x3}, {0x5598e8fe, 0x2}, {0x6, 0x1}], [{0x9, 0x9097}, {0x7, 0x9}, {0x7, 0xa}, {0x6, 0x8}, {0x20080, 0x5}, {0x13, 0xc0000000}, {0x40, 0xb}, {0x9, 0x6}, {0x4, 0x2}, {0x6, 0x7fffffff}, {0x7fffffff, 0x400}], 0x7}, {[{0x84, 0x2}, {}, {0x0, 0x2}, {0xffffffff, 0x1}, {}, {0x5, 0x1}, {0x5, 0x2}, {0x2, 0x3}, {0x2, 0x3}, {0x8, 0x1}, {0x7, 0x1}], [{0x9, 0x5}, {0x80, 0x32}, {0x0, 0xfffffff7}, {0xff, 0x1}, {0x7, 0x6}, {0xdb9, 0xff4}, {0x6, 0x3ff}, {0x3, 0x6}, {0x5, 0x10}, {0x9, 0x80000006}, {0x10000, 0x2}], 0x4, 0x2a}, {[{0x3, 0x2}, {0xa, 0x1}, {0x6, 0x1}, {0x10, 0x3}, {0x2, 0x2}, {0x2, 0x2}, {0x3, 0x1}, {0x2, 0x3}, {0x3, 0x1}, {0x2, 0x2}, {0x477d, 0x1}], [{0x4, 0xffffffff}, {0x200, 0x6}, {0x4be1, 0x4044}, {0x1}, {0x5, 0x10}, {0x3, 0x4}, {0x2, 0x4}, {0x800, 0x8000}, {0x8, 0x800}, {0x3, 0x2}, {0xe, 0x8000}], 0x4, 0xb}, {[{0x400, 0x1}, {0xd, 0x3}, {0x5}, {0x61}, {0x9}, {}, {0x2, 0x3}, {0x1}, {0x0, 0x2}, {0x9, 0x3}, {0x5, 0x3}], [{0x58d, 0x3ff}, {0x0, 0x7f}, {0x6}, {0xfc9b, 0x80000001}, {0x101, 0x7}, {0x7, 0x1}, {0x7, 0x8001}, {0x2, 0x1}, {0x2, 0x2}, {0x9, 0x4cf}, {0x7, 0x10000}], 0x1, 0x8}, {[{0x2}, {0x200009}, {0x8, 0x1}, {0x2, 0x3}, {0x71, 0x3}, {0x0, 0x2}, {0xe, 0x2}, {0x6, 0x2}, {0x5}, {0x3000000, 0x3}, {0x6, 0x1}], [{0x9, 0x3}, {0x5, 0x7fffffff}, {0xffff, 0x4}, {0x0, 0x7}, {0x8, 0xb502}, {0x1ff, 0x86}, {0x6, 0xffffffff}, {0x3, 0x4}, {0x5, 0x6}, {0xf, 0xf93}, {0x5, 0x4}], 0x3, 0x3}, {[{0x7, 0x1}, {0x3, 0x1}, {0x45d7}, {0xfff, 0x3}, {0xc4f, 0x3}, {0x0, 0x2}, {0x400, 0x1}, {0x2, 0x1}, {0x4, 0x2}, {0xfffffffd}, {0x2}], [{0x3, 0x6}, {0xed, 0xd}, {0x80, 0xb81d}, {0x2ca, 0x7ffffffd}, {0x8, 0xff}, {0x7, 0x45a8}, {0x8, 0x6}, {0x4, 0x5}, {0x2, 0x6}, {0xfc, 0x6}, {0x7, 0x138c}], 0x6}, {[{0x4, 0x1}, {0x800, 0x1}, {0x9, 0x2}, {0xf0000000, 0x2}, {0x6, 0x3}, {0x3, 0x2}, {0x8, 0x2}, {}, {0x9}, {0x400, 0x2}, {0x8, 0x3}], [{0x7, 0xfffffffd}, {0x2}, {0x2, 0x2}, {0x8f, 0x6}, {0x7, 0x5}, {0x8, 0x7}, {0xb, 0x82c6}, {0xb1b}, {0xbd5c, 0xffff}, {0x1, 0x9b8d}, {0xec, 0x5}], 0x2, 0x6}, {[{0x8}, {0x8, 0x1}, {0xac000000}, {0x6, 0x2}, {0x2d8, 0x3}, {0x7e3ea4bc}, {0x8, 0x1}, {0x4f, 0x3}, {0x4, 0x2}, {0xfffffff7}, {0x3, 0x2}], [{0x5, 0x42}, {0x76a74689, 0x10001}, {0x1}, {0x8000, 0x7}, {0x400, 0xdd}, {0xfff, 0x8}, {0x76b, 0xfffffffe}, {0xa6d00, 0xfffffff7}, {0x10001, 0xfc8d}, {0x0, 0x10001}, {0x4, 0x3}], 0x1, 0x9}, {[{0x8, 0x3}, {0x3, 0x3}, {0x18, 0x3}, {0x3ff, 0x3}, {0x7fffffff}, {0x8}, {0x1}, {0x8, 0x3}, {0xf1b6}, {0x80, 0x3}, {0x4, 0x2}], [{0x2, 0x4}, {0x3, 0xf}, {0x9, 0x6}, {0x7f, 0x8}, {0x7, 0x273e1899}, {0x4, 0x1}, {0x6, 0x3}, {0x1, 0xb7}, {0x8, 0x1}, {0x3, 0x1}, {0x7ff, 0x63}], 0xb, 0x3}, {[{0x1, 0x2}, {0x6, 0x3}, {0xffff, 0x1}, {0x1}, {0x4, 0x3}, {0x4, 0x3}, {0xaa7}, {0x100, 0x1}, {0x2}, {0xfffffff7, 0xb90af65875a5dc08}, {0x4, 0x3}], [{0x3}, {0x8001, 0x7}, {0x10000, 0x7524}, {0x73d, 0x4}, {0x0, 0x280000}, {0x3, 0x3af}, {0x5, 0x2}, {0x101, 0xbf}, {0x10000, 0x6}, {0x3, 0x800}], 0x8, 0x5}], 0x13}}]}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "f1c098b60204ed02d82cf440fef5497b80c29d381d41116000"}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0xb80) 700.665997ms ago: executing program 5 (id=4410): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@dellink={0x34, 0x11, 0x1, 0x70bd26, 0x5dfdbff, {0x0, 0x0, 0x0, 0x0, 0xde23, 0x40000}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'xfrm0\x00'}]}, 0x34}, 0x1, 0x200000000000000, 0x0, 0x4000002}, 0x0) 673.921229ms ago: executing program 0 (id=4411): syz_mount_image$ext4(&(0x7f00000009c0)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x800718, &(0x7f0000000080)={[{@nobh}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@usrjquota}, {@barrier}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x48f, &(0x7f0000000a00)="$eJzs289rHGUfAPDvTLJJ+/ZH8vbtq7ZWjRYhKCZNWrUHL0oFkYqCHuoxJtsSum2kiWJrsamIJ0EKehaPon+BJ0UQ9SR49eRJCkV7aespMpOZZLPd/KDZZNPu5wMz+zwzz+w8333mx7Pz7AbQsQayWRKxMyJ+j4i++ezSAgPzLzevXxy/df3ieBJzc6//leTlbly/OF4WLbfbUWQG04j0o6TYyVLT5y+cHqvVqueK/PDMmbeHp89feOrdM2OnqqeqZ0ePHj1yeOTZZ0afbkmcWVw39n8wdWDfS29eeWX8xJW3fv4mq+/OYn19HK0ykAX+91yucd3jrd5Zm+3K5735POluc2VYs66IyJqrkp//fdEVi43XFy9+2NbKARsquzf1Lr96dg64hyWx1pKVumsGcPcrb/TZ999y2oRux5Zx7fn5L0BZ3DeLaX5Nd6RFmcrC99vWG4iIE7P/fJFNsUHPIQAA6n0y/vnxnuiN9299/XLW9+hbWJPGffnrH/l8dzGG0h8R/42IPRHxv4jYGxH/j8jL3h8RD6yzPrf3f9Kr63zLFWX9v+eKsa2l/b+y9xf9XUVuVx5/JTk5WaseKj6Twaj0ZvmRFfbx/bHfPl1uXX3/L5uy/Zd9waIeV7sbHtBNjM2MRWU9US+6djlif3ez+JOFkYAkIvZFxP6FrdY0wLO7TEw+8dWB5QqtHv8KWjDONPdlFt5sFv9sNMRfSurHJydvG58c3ha16qHh8qi43S+/fvzacvtfV/wtcK06/1rX/o1F+pP68drp1u7/Do//tCd5Ix9n7inGHN8bm5k5NxLRkxzP898VzZcvH13ctsyX5bPjf/Bg8/N/T7FN9lYPRkR2ED8UEQ9HxCNF3R+NiMci4uAKMf70wurxR9qm9r8cMdH0+rdw/De0//kLp8tL4+KSFRNdp3/8drn9r639j+SpwWJJfv1bRbPqdDep8p1+bgAAAHA3SfPfwCfp0EI6TYeG5n/Dvzf+k9ampmeePDn1ztmJ+d/K90clLZ909RXPQ2uTtepIMlu8YyU5FrXqaPGsuHxeerh4bvxZ1/Y8PzQ+VZtoc+zQ6XYsc/5n/uxqd+2ADba96dLRnk2vCNAGjePo6dLspVfDxQDuVf6vDZ1rlfM/3ax6AJvP/R86V7Pz/1JD3lgA3Jvc/6FzOf+hQ6U/tLsGQBu5/0NHWvXP++1JbKtf0rNy4Z4tUueWJbZqo+SJiDKRbon6SGxQot1XJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNb4NwAA//9vGdqJ") umount2(&(0x7f00000001c0)='./file0\x00', 0x4) 525.021021ms ago: executing program 2 (id=4412): r0 = syz_open_dev$radio(&(0x7f00000005c0), 0x2, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000002c0)={0x98f905, 0x8000, '\x00', @p_u32=&(0x7f0000000000)=0xfffffff2}}) 456.714668ms ago: executing program 1 (id=4413): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)={0x2c, 0x40, 0x107, 0x70bd2b, 0x0, {0x4, 0x7c}, [@nested={0x4, 0x1c2}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x84;'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x2}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) 424.556571ms ago: executing program 4 (id=4414): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) 271.226733ms ago: executing program 5 (id=4415): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_int(r0, 0x29, 0x35, 0x0, &(0x7f0000000200)) 251.471525ms ago: executing program 2 (id=4416): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@can_newroute={0x13, 0x18, 0x1, 0x1000000, 0x25dfdbfd, {0x1d, 0x1, 0x2}, [@CGW_DST_IF={0x8}, @CGW_SRC_IF={0x8}, @CGW_MOD_SET={0x15, 0x4, {{{0x3}, 0x0, 0x3, 0x0, 0x0, "4505a8b9e859abc0"}, 0x1}}, @CGW_MOD_UID={0x8}]}, 0x44}}, 0x0) 211.643439ms ago: executing program 0 (id=4417): capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x1, 0x3}) syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00') 721.133µs ago: executing program 1 (id=4418): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_GET_VERSION(r0, 0x8004552d, &(0x7f00000000c0)) 0s ago: executing program 2 (id=4419): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000280)='/dev/comedi4\x00', 0x200, 0x0) ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000040)={0xc000003, 0xf, &(0x7f0000000080)=[0x2000138d, 0x9, 0x2, 0x4, 0x4, 0xffffdffa, 0x2d7b, 0x40000003, 0x1, 0x5, 0xfffffffa, 0x8, 0x6, 0x880e, 0x5], 0x2, 0x2}) kernel console output (not intermixed with test programs): 2] netlink: 820 bytes leftover after parsing attributes in process `syz.4.2969'. [ 356.713744][T12584] exFAT-fs (loop5): error, in sector 160, dentry 12 should be unused, but 0x85 [ 356.728076][T12592] netlink: 820 bytes leftover after parsing attributes in process `syz.4.2969'. [ 356.919789][ T5642] usb 2-1: new full-speed USB device number 19 using dummy_hcd [ 357.106181][ T5642] usb 2-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62 [ 357.144924][ T5642] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 357.184224][ T5642] usb 2-1: Product: syz [ 357.198312][ T5642] usb 2-1: Manufacturer: syz [ 357.214184][ T5642] usb 2-1: SerialNumber: syz [ 357.251137][ T5642] usb 2-1: config 0 descriptor?? [ 357.415031][ T5642] usb 2-1: selecting invalid altsetting 3 [ 357.436032][ T5642] comedi comedi5: could not set alternate setting 3 in high speed [ 357.464009][T12574] loop0: detected capacity change from 0 to 32768 [ 357.477654][ T5642] usbdux 2-1:0.0: driver 'usbdux' failed to auto-configure device. [ 357.522168][T12574] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2960 (12574) [ 357.537630][ T10] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 357.552122][ T5642] usbdux 2-1:0.0: probe with driver usbdux failed with error -22 [ 357.577891][ T5642] usb 2-1: USB disconnect, device number 19 [ 357.601224][T12574] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 357.630499][T12574] BTRFS info (device loop0): using blake2b checksum algorithm [ 357.730299][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 357.748506][ T10] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 357.758149][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 357.766356][ T10] usb 4-1: Product: syz [ 357.770686][ T10] usb 4-1: Manufacturer: syz [ 357.775380][ T10] usb 4-1: SerialNumber: syz [ 357.786628][ T10] usb 4-1: config 0 descriptor?? [ 357.803173][ T10] visor 4-1:0.0: Sony Clie 3.5 converter detected [ 357.819474][T12574] BTRFS info (device loop0 state EC): setting nodatasum [ 357.869820][T12574] BTRFS info (device loop0 state EC): setting nodatacow [ 357.876988][T12574] BTRFS info (device loop0 state EC): disabling log replay at mount time [ 357.887222][T12574] BTRFS info (device loop0 state EC): enabling free space tree [ 357.896417][T12574] BTRFS info (device loop0 state EC): ignoring data csums [ 358.046330][ T10] usb 4-1: clie_3_5_startup: get config number bad return length: 0 [ 358.074204][ T10] visor 4-1:0.0: probe with driver visor failed with error -5 [ 358.178870][ T5626] BTRFS info (device loop0 state EC): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 358.345557][ T5797] usb 4-1: USB disconnect, device number 17 [ 358.529942][T12648] netlink: 124 bytes leftover after parsing attributes in process `syz.0.2987'. [ 358.706760][ T2078] I/O error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 2 [ 359.012453][T12669] ubi8: attaching mtd0 [ 359.048296][T12669] ubi8 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 359.462863][T12683] loop2: detected capacity change from 0 to 256 [ 359.478137][T12684] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3002'. [ 359.504948][T12683] exfat: Deprecated parameter 'utf8' [ 359.527391][T12684] netlink: 'syz.5.3002': attribute type 1 has an invalid length. [ 359.544460][T12683] exfat: Deprecated parameter 'utf8' [ 359.580544][T12684] netlink: 'syz.5.3002': attribute type 2 has an invalid length. [ 359.613740][T12684] netlink: 112 bytes leftover after parsing attributes in process `syz.5.3002'. [ 359.654547][T12683] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d) [ 359.761664][T12686] loop3: detected capacity change from 0 to 4096 [ 359.789802][T12683] exFAT-fs (loop2): error, in sector 160, dentry 12 should be unused, but 0x85 [ 359.823900][T12686] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 359.873423][T12692] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3007'. [ 359.931853][T12686] ntfs3(loop3): Failed to load $Extend (-22). [ 359.959553][T12686] ntfs3(loop3): Failed to initialize $Extend. [ 360.157704][T12702] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3011'. [ 360.200299][ T5797] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 360.225633][T12706] netlink: 'syz.1.3013': attribute type 10 has an invalid length. [ 360.268850][T12706] netlink: 228 bytes leftover after parsing attributes in process `syz.1.3013'. [ 360.413774][ T5797] usb 6-1: Using ep0 maxpacket: 16 [ 360.420109][ T29] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 360.449313][ T5797] usb 6-1: config 0 has an invalid interface number: 132 but max is 0 [ 360.498369][ T5797] usb 6-1: config 0 has no interface number 0 [ 360.537952][ T5797] usb 6-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 360.570311][ T5797] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.593662][ T29] usb 5-1: Using ep0 maxpacket: 32 [ 360.606830][ T5797] usb 6-1: Product: syz [ 360.614160][ T5797] usb 6-1: Manufacturer: syz [ 360.623574][ T5797] usb 6-1: SerialNumber: syz [ 360.625916][ T29] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 360.677545][ T29] usb 5-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 360.702705][ T5797] usb 6-1: config 0 descriptor?? [ 360.736055][ T29] usb 5-1: config 0 interface 0 has no altsetting 0 [ 360.776353][ T29] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 360.803001][ T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.817397][T12713] loop3: detected capacity change from 0 to 4096 [ 360.823214][ T5797] hub 6-1:0.132: bad descriptor, ignoring hub [ 360.836313][ T29] usb 5-1: Product: syz [ 360.842960][ T29] usb 5-1: Manufacturer: syz [ 360.847718][T12713] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 360.854574][ T5797] hub 6-1:0.132: probe with driver hub failed with error -5 [ 360.866444][ T29] usb 5-1: SerialNumber: syz [ 360.915552][ T29] usb 5-1: config 0 descriptor?? [ 360.920725][ T5797] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.132/input/input16 [ 361.015693][ T5797] usb 6-1: USB disconnect, device number 15 [ 361.031258][T12713] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 361.420636][ T29] gs_usb 5-1:0.0: Couldn't get device config: (err=-71) [ 361.470405][ T29] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -71 [ 361.537034][ T29] usb 5-1: USB disconnect, device number 15 [ 361.626326][T12735] netlink: 'syz.3.3023': attribute type 10 has an invalid length. [ 361.662452][T12735] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 361.714149][T12735] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 361.764677][T12735] bond0: (slave batadv_slave_1): Enslaving as an active interface with an up link [ 362.164921][T12750] loop3: detected capacity change from 0 to 64 [ 362.251869][T12754] binder: 12752:12754 ioctl c00c620f 2000000001c0 returned -22 [ 362.634271][T12762] netlink: 84 bytes leftover after parsing attributes in process `syz.2.3035'. [ 362.979480][T12781] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 363.005885][T12782] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3043'. [ 363.054839][T12782] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3043'. [ 363.131720][T12737] loop1: detected capacity change from 0 to 32768 [ 363.217789][T12737] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 363.354987][T12737] XFS (loop1): Ending clean mount [ 363.475201][T12806] loop5: detected capacity change from 0 to 64 [ 363.647768][ T5639] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 364.363109][T12831] netlink: 'syz.3.3060': attribute type 3 has an invalid length. [ 364.363139][T12831] netlink: 'syz.3.3060': attribute type 1 has an invalid length. [ 364.363160][T12831] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3060'. [ 364.378606][T12833] QAT: Invalid ioctl 21531 [ 364.753602][T12844] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3064'. [ 364.806291][T12844] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3064'. [ 365.294727][T12866] loop1: detected capacity change from 0 to 256 [ 365.397455][T12866] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 365.446152][T12866] FAT-fs (loop1): Filesystem has been set read-only [ 366.149724][ T5642] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 366.339671][ T5642] usb 4-1: Using ep0 maxpacket: 16 [ 366.394856][ T5642] usb 4-1: config 0 has an invalid interface number: 132 but max is 0 [ 366.427302][ T5642] usb 4-1: config 0 has no interface number 0 [ 366.448815][ T5642] usb 4-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 366.478602][ T5642] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 366.506047][ T5642] usb 4-1: Product: syz [ 366.533010][ T5642] usb 4-1: Manufacturer: syz [ 366.549262][ T5642] usb 4-1: SerialNumber: syz [ 366.583215][ T5642] usb 4-1: config 0 descriptor?? [ 366.617527][ T5642] hub 4-1:0.132: bad descriptor, ignoring hub [ 366.653007][ T5642] hub 4-1:0.132: probe with driver hub failed with error -5 [ 366.695502][ T5642] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.132/input/input17 [ 367.267679][T12937] loop1: detected capacity change from 0 to 24 [ 367.374445][T12937] romfs: read error for inode 0x8000 [ 367.724247][T12949] bad cache= option: no%e [ 367.724247][T12949] [ 367.774651][T12949] CIFS: VFS: bad cache= option: no%e [ 367.886903][T12912] loop2: detected capacity change from 0 to 32768 [ 367.962447][T12912] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 368.159167][T12912] XFS (loop2): Ending clean mount [ 368.357761][T12976] netlink: 'syz.0.3112': attribute type 14 has an invalid length. [ 368.400135][T12976] netlink: 164 bytes leftover after parsing attributes in process `syz.0.3112'. [ 368.486824][ T5646] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 369.112597][T12943] loop4: detected capacity change from 0 to 32768 [ 369.144000][ T5612] usb 4-1: reset high-speed USB device number 18 using dummy_hcd [ 369.166237][T12943] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3104 (12943) [ 369.275086][T12943] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 369.314007][T12943] BTRFS info (device loop4): using crc32c checksum algorithm [ 369.384516][ T5612] usb 4-1: device firmware changed [ 369.422840][ T29] usb 4-1: USB disconnect, device number 18 [ 369.445547][T13014] loop2: detected capacity change from 0 to 1024 [ 369.455258][T12943] BTRFS info (device loop4): enabling ssd optimizations [ 369.464705][T13015] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3125'. [ 369.479752][ T5642] usb 6-1: new full-speed USB device number 16 using dummy_hcd [ 369.491121][T12943] BTRFS info (device loop4): turning on flush-on-commit [ 369.492982][T13014] EXT4-fs (loop2): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 369.522270][T12943] BTRFS info (device loop4): enabling free space tree [ 369.555825][T12943] BTRFS info (device loop4): enabling auto defrag [ 369.591228][T13014] EXT4-fs error (device loop2): ext4_map_blocks:791: inode #3: block 2: comm syz.2.3117: lblock 2 mapped to illegal pblock 2 (length 1) [ 369.598290][T12943] BTRFS info (device loop4): use lzo compression, level 1 [ 369.622903][T13014] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 369.623233][T13014] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 369.632384][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 369.632416][ C0] EXT4-fs (loop2): initial error at time 1779196444: ext4_map_blocks:791: inode 3: block 2 [ 369.632483][ C0] EXT4-fs (loop2): last error at time 1779196444: ext4_map_blocks:791: inode 3: block 2 [ 369.672300][T12943] BTRFS info (device loop4): max_inline set to 4096 [ 369.714879][ T5642] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 369.755562][ T5642] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.777147][T13014] EXT4-fs error (device loop2): ext4_map_blocks:791: inode #3: block 48: comm syz.2.3117: lblock 0 mapped to illegal pblock 48 (length 1) [ 369.843637][T13014] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 369.845981][T13014] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 369.872203][T13014] EXT4-fs error (device loop2): ext4_acquire_dquot:7032: comm syz.2.3117: Failed to acquire dquot type 0 [ 369.880762][ T5642] usb 6-1: config 0 descriptor?? [ 369.885141][ T29] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 369.938735][ T5642] cp210x 6-1:0.0: cp210x converter detected [ 369.939193][T13014] loop2: lost filesystem error report for type 5 error -117 [ 369.970221][T13014] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 370.016195][T13014] loop2: lost filesystem error report for type 5 error -117 [ 370.017037][T13014] EXT4-fs error (device loop2): ext4_evict_inode:267: inode #11: comm syz.2.3117: mark_inode_dirty error [ 370.083744][T13014] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 370.085471][T13014] EXT4-fs warning (device loop2): ext4_evict_inode:269: couldn't mark inode dirty (err -117) [ 370.111495][ T29] usb 4-1: Using ep0 maxpacket: 16 [ 370.128090][T12985] loop0: detected capacity change from 0 to 32768 [ 370.150741][ T29] usb 4-1: unable to get BOS descriptor or descriptor too short [ 370.169730][ T29] usb 4-1: config 1 has an invalid interface number: 93 but max is 0 [ 370.184600][T13014] EXT4-fs (loop2): 1 orphan inode deleted [ 370.201238][T12985] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 370.222463][ T29] usb 4-1: config 1 has no interface number 0 [ 370.225641][T13014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 370.228831][ T36] EXT4-fs error (device loop2): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 370.285554][ T36] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 370.309565][ T29] usb 4-1: config 1 interface 93 has no altsetting 0 [ 370.317841][ T5642] cp210x 6-1:0.0: failed to get vendor val 0x370c size 13: -71 [ 370.338175][ T5642] cp210x 6-1:0.0: GPIO initialisation failed: -71 [ 370.345486][ T36] EXT4-fs error (device loop2): ext4_release_dquot:7068: comm kworker/u8:2: Failed to release dquot type 0 [ 370.364104][ T29] usb 4-1: New USB device found, idVendor=2c7c, idProduct=0203, bcdDevice=56.2a [ 370.392265][ T29] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 370.396849][ T5642] usb 6-1: cp210x converter now attached to ttyUSB0 [ 370.400697][T13014] EXT4-fs error (device loop2): __ext4_get_inode_loc:4884: comm syz.2.3117: Invalid inode table block 1 in block_group 0 [ 370.417109][ T5631] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 370.441350][T13014] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 370.444407][ T29] usb 4-1: Product: syz [ 370.473682][T13014] EXT4-fs error (device loop2): ext4_setattr:5946: inode #2: comm syz.2.3117: mark_inode_dirty error [ 370.479396][T12985] XFS (loop0): invalid iclog size (4096 bytes), using lsunit (32768 bytes) [ 370.484746][ T5642] usb 6-1: USB disconnect, device number 16 [ 370.504089][ T29] usb 4-1: Manufacturer: syz [ 370.517441][ T29] usb 4-1: SerialNumber: syz [ 370.532564][ T10] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 370.563267][T12985] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 370.625371][T12985] XFS (loop0): Starting recovery (logdev: internal) [ 370.649028][ T5642] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 370.696313][ T5642] cp210x 6-1:0.0: device disconnected [ 370.726931][T12985] XFS (loop0): Ending recovery (logdev: internal) [ 370.747202][ T5646] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.758654][ T36] EXT4-fs error (device loop2): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 370.796196][ T10] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88 [ 370.826365][ T29] option 4-1:1.93: GSM modem (1-port) converter detected [ 370.844637][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 370.860780][T12985] XFS (loop0): Quotacheck needed: Please wait. [ 370.868727][ T36] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 370.869040][ T36] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 370.909724][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7 [ 370.927920][ T29] usb 4-1: GSM modem (1-port) converter now attached to ttyUSB0 [ 370.962097][ T36] EXT4-fs error (device loop2): ext4_release_dquot:7068: comm kworker/u8:2: Failed to release dquot type 0 [ 370.974820][ T10] usb 2-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49 [ 370.985631][T13043] openvswitch: netlink: Unexpected mask (mask=240040, allowed=10048) [ 371.012924][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 371.015742][ T29] usb 4-1: USB disconnect, device number 19 [ 371.032459][ T36] loop2: lost filesystem error report for type 5 error -117 [ 371.043140][ T5646] EXT4-fs error (device loop2): __ext4_get_inode_loc:4884: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 371.066320][ T10] usb 2-1: Product: syz [ 371.082513][ T10] usb 2-1: Manufacturer: syz [ 371.100027][ T29] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0 [ 371.112514][T12985] XFS (loop0): Quotacheck: Done. [ 371.133121][ T10] usb 2-1: SerialNumber: syz [ 371.135971][ T5646] loop2: lost filesystem error report for type 5 error -117 [ 371.142491][ T29] option 4-1:1.93: device disconnected [ 371.157212][ T5646] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 371.167911][ T5646] loop2: lost filesystem error report for type 5 error -117 [ 371.168199][ T5646] EXT4-fs error (device loop2): ext4_quota_off:7318: inode #3: comm syz-executor: mark_inode_dirty error [ 371.193458][ T10] usb 2-1: config 0 descriptor?? [ 371.216445][ T5646] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 371.274734][T13046] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 371.478418][ T5626] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 371.517837][T13050] netlink: zone id is out of range [ 372.191454][T13062] netlink: 'syz.4.3138': attribute type 2 has an invalid length. [ 372.244973][T13062] netlink: 'syz.4.3138': attribute type 1 has an invalid length. [ 372.458427][T13069] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3140'. [ 372.621204][T13075] Bluetooth: hci0: Opcode 0x0401 failed: -22 [ 372.741177][T13081] netlink: 'syz.3.3142': attribute type 10 has an invalid length. [ 372.809388][T13081] netlink: 228 bytes leftover after parsing attributes in process `syz.3.3142'. [ 373.178779][T13084] geneve2: entered promiscuous mode [ 373.208942][T13084] geneve2: entered allmulticast mode [ 373.252859][T13092] loop5: detected capacity change from 0 to 2048 [ 373.337861][T13092] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 373.793090][T13108] loop2: detected capacity change from 0 to 256 [ 374.221885][T13118] openvswitch: netlink: Geneve opt len 2 is not a multiple of 4. [ 375.057725][T13131] xt_CT: No such helper "snmp_trap" [ 375.483728][T13150] 9p: Unknown access argument o: -22 [ 375.844165][T13110] loop1: detected capacity change from 0 to 32768 [ 375.874072][T13160] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3178'. [ 375.915447][T13110] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 376.005105][T13110] XFS (loop1): Ending clean mount [ 376.464617][T13184] netlink: 'syz.2.3184': attribute type 2 has an invalid length. [ 376.493186][T13184] netlink: 'syz.2.3184': attribute type 1 has an invalid length. [ 376.715906][T13192] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3188'. [ 376.741754][ T5639] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 376.977738][T13194] netlink: 'syz.3.3191': attribute type 12 has an invalid length. [ 377.300920][T13198] loop0: detected capacity change from 0 to 2048 [ 377.348442][T13198] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 377.507752][T13198] UDF-fs: unknown compression code (0) [ 377.811078][T13208] loop1: detected capacity change from 0 to 8 [ 377.895470][ T1310] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.049584][T13208] SQUASHFS error: xz decompression failed, data probably corrupt [ 378.100813][T13208] SQUASHFS error: Failed to read block 0x60: -5 [ 378.128910][T13208] SQUASHFS error: xz decompression failed, data probably corrupt [ 378.169048][T13208] SQUASHFS error: Failed to read block 0x60: -5 [ 378.201408][ T30] audit: type=1800 audit(1779196453.091:198): pid=13208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3189" name="file1" dev="loop1" ino=1 res=0 errno=0 [ 378.327529][T13186] loop4: detected capacity change from 0 to 32768 [ 378.890898][T13196] loop2: detected capacity change from 0 to 32768 [ 378.947501][T13196] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 379.173441][T13196] XFS (loop2): invalid iclog size (4096 bytes), using lsunit (32768 bytes) [ 379.269833][T13196] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 379.411240][T13196] XFS (loop2): Starting recovery (logdev: internal) [ 379.513155][T13196] XFS (loop2): Ending recovery (logdev: internal) [ 379.583498][T13196] XFS (loop2): Quotacheck needed: Please wait. [ 379.636501][T13251] loop0: detected capacity change from 0 to 512 [ 379.676696][T13196] XFS (loop2): Quotacheck: Done. [ 379.687348][T13251] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 379.819011][T13251] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 379.843621][T13251] ext4 filesystem being mounted at /565/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 379.933370][ T5646] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 380.030203][ T5626] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 380.292660][T13266] netlink: 5 bytes leftover after parsing attributes in process `syz.3.3221'. [ 380.343408][T13266] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 380.717446][T13276] loop0: detected capacity change from 0 to 64 [ 381.124331][T13288] loop3: detected capacity change from 0 to 256 [ 381.724618][T13302] loop4: detected capacity change from 0 to 2048 [ 381.739827][ T10] iguanair 2-1:0.0: failed to get version [ 381.773416][T13302] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 381.782015][ T10] iguanair 2-1:0.0: probe with driver iguanair failed with error -110 [ 381.789887][T13304] netlink: 200 bytes leftover after parsing attributes in process `syz.3.3236'. [ 381.853687][ T10] usb 2-1: USB disconnect, device number 20 [ 381.869750][ T803] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 381.879349][T13302] UDF-fs: unknown compression code (0) [ 382.051792][ T803] usb 1-1: Using ep0 maxpacket: 16 [ 382.083775][ T803] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 382.114413][ T803] usb 1-1: config 0 has no interface number 0 [ 382.145612][ T803] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 382.179835][ T803] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 382.215708][ T803] usb 1-1: Product: syz [ 382.229875][ T803] usb 1-1: SerialNumber: syz [ 382.270040][ T803] usb 1-1: config 0 descriptor?? [ 382.292644][ T803] cm109 1-1:0.8: invalid payload size 32, expected 4 [ 382.383314][ T803] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input19 [ 382.576820][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 382.585298][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 382.592488][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 382.599733][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 382.606922][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 382.614166][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 382.621345][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 382.628437][ T803] usb 1-1: USB disconnect, device number 11 [ 382.634428][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 382.634466][ C1] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 382.709592][ T803] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 382.902217][T13294] loop1: detected capacity change from 0 to 32768 [ 382.955233][T13294] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 383.134049][T13294] XFS (loop1): invalid iclog size (4096 bytes), using lsunit (32768 bytes) [ 383.202545][T13294] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 383.219253][T13345] loop4: detected capacity change from 0 to 16 [ 383.252796][T13345] erofs (device loop4): mounted with root inode @ nid 36. [ 383.283498][T13345] erofs (device loop4): not enough plain data on disk @ la 1024 of nid 36 [ 383.316857][T13345] erofs (device loop4): read error -117 @ 0 of nid 36 [ 383.342204][T13294] XFS (loop1): Starting recovery (logdev: internal) [ 383.447572][T13294] XFS (loop1): Ending recovery (logdev: internal) [ 383.500036][T13294] XFS (loop1): Quotacheck needed: Please wait. [ 383.545841][T13341] loop3: detected capacity change from 0 to 8192 [ 383.659132][T13294] XFS (loop1): Quotacheck: Done. [ 384.164241][ T5639] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 384.823125][T13382] bridge0: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms) [ 385.039083][T13394] loop1: detected capacity change from 0 to 8 [ 385.086821][T13394] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 385.196539][ T7026] udevd[7026]: incorrect cramfs checksum on /dev/loop1 [ 385.295418][ T7026] udevd[7026]: incorrect cramfs checksum on /dev/loop1 [ 385.472255][T13408] netlink: 'syz.2.3282': attribute type 1 has an invalid length. [ 385.497365][T13403] loop0: detected capacity change from 0 to 4096 [ 385.523915][T13403] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 385.648801][T13403] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 385.684859][T13403] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 385.975133][T13424] loop3: detected capacity change from 0 to 64 [ 386.114242][ T631] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22. [ 386.123627][T13428] loop4: detected capacity change from 0 to 256 [ 386.151707][ T5626] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 386.193061][ T5626] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 386.201807][T13429] veth6: entered allmulticast mode [ 386.234831][ T5626] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 386.286972][T13428] FAT-fs (loop4): Directory bread(block 64) failed [ 386.295259][ T631] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22. [ 386.320086][T13428] FAT-fs (loop4): Directory bread(block 65) failed [ 386.334621][T13428] FAT-fs (loop4): Directory bread(block 66) failed [ 386.344546][T13428] FAT-fs (loop4): Directory bread(block 67) failed [ 386.351483][T13428] FAT-fs (loop4): Directory bread(block 68) failed [ 386.359544][T13428] FAT-fs (loop4): Directory bread(block 69) failed [ 386.371934][T13428] FAT-fs (loop4): Directory bread(block 70) failed [ 386.378733][T13434] loop3: detected capacity change from 0 to 64 [ 386.386979][T13428] FAT-fs (loop4): Directory bread(block 71) failed [ 386.406744][T13428] FAT-fs (loop4): Directory bread(block 72) failed [ 386.425457][T13428] FAT-fs (loop4): Directory bread(block 73) failed [ 386.716070][T13443] loop3: detected capacity change from 0 to 1024 [ 386.744954][T13443] EXT4-fs: Ignoring removed bh option [ 386.827661][T13446] veth0_macvtap: left promiscuous mode [ 386.832464][T13443] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 386.960001][T13452] loop2: detected capacity change from 0 to 8 [ 386.969824][T13443] EXT4-fs error (device loop3): ext4_get_first_dir_block:3548: inode #11: comm syz.3.3312: directory missing '.' [ 387.008758][T13443] EXT4-fs (loop3): Remounting filesystem read-only [ 387.027519][T13452] SQUASHFS error: xz decompression failed, data probably corrupt [ 387.060567][T13452] SQUASHFS error: Failed to read block 0x60: -5 [ 387.071295][ T29] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 387.092226][T13452] SQUASHFS error: xz decompression failed, data probably corrupt [ 387.118588][T13452] SQUASHFS error: Failed to read block 0x60: -5 [ 387.139238][ T30] audit: type=1800 audit(1779196462.021:199): pid=13452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3303" name="file1" dev="loop2" ino=1 res=0 errno=0 [ 387.210098][ T5643] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 387.270830][ T29] usb 6-1: Using ep0 maxpacket: 16 [ 387.304079][ T29] usb 6-1: unable to get BOS descriptor or descriptor too short [ 387.348773][ T29] usb 6-1: config 1 has an invalid interface number: 93 but max is 0 [ 387.393543][ T29] usb 6-1: config 1 has no interface number 0 [ 387.429364][ T29] usb 6-1: config 1 interface 93 has no altsetting 0 [ 387.469437][ T29] usb 6-1: New USB device found, idVendor=2c7c, idProduct=0203, bcdDevice=56.2a [ 387.503773][ T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 387.531491][ T29] usb 6-1: Product: syz [ 387.540401][ T29] usb 6-1: Manufacturer: syz [ 387.553250][ T29] usb 6-1: SerialNumber: syz [ 387.715925][T13468] loop2: detected capacity change from 0 to 1764 [ 387.750268][ T5758] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 387.821263][ T29] option 6-1:1.93: GSM modem (1-port) converter detected [ 387.831217][ T30] audit: type=1800 audit(1779196462.711:200): pid=13468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3309" name="file0" dev="loop2" ino=1923 res=0 errno=0 [ 387.865467][ T29] usb 6-1: GSM modem (1-port) converter now attached to ttyUSB0 [ 387.920444][ T5758] usb 2-1: Using ep0 maxpacket: 32 [ 387.935846][ T29] usb 6-1: USB disconnect, device number 17 [ 387.952891][ T5758] usb 2-1: config 155 has an invalid interface number: 1 but max is 0 [ 387.972699][ T5758] usb 2-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config [ 388.025225][ T5758] usb 2-1: config 155 has 2 interfaces, different from the descriptor's value: 1 [ 388.047070][ T29] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0 [ 388.049284][ T7026] udevd[7026]: setting owner of /dev/ttyUSB0 to uid=0, gid=18 failed: No such file or directory [ 388.079508][ T5758] usb 2-1: config 155 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 11 [ 388.106070][ T29] option 6-1:1.93: device disconnected [ 388.158795][ T5758] usb 2-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30 [ 388.181578][ T5758] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 388.215281][ T5758] usb 2-1: Product: syz [ 388.232886][ T5758] usb 2-1: Manufacturer: syz [ 388.254629][ T5758] usb 2-1: SerialNumber: syz [ 388.363790][ T5758] imon:imon_find_endpoints: no valid input (IR) endpoint found [ 388.408573][ T5758] imon 2-1:155.0: unable to initialize intf0, err -19 [ 388.449848][ T5758] imon:imon_probe: failed to initialize context! [ 388.485341][ T5758] imon 2-1:155.0: unable to register, err -19 [ 388.535683][ T5758] imon 2-1:155.1: inconsistent driver matching [ 388.560688][T13490] cgroup: noprefix used incorrectly [ 388.566392][ T5758] imon 2-1:155.1: unable to register, err -22 [ 388.566425][ T5758] imon 2-1:155.1: probe with driver imon failed with error -22 [ 388.578760][ T5758] usb 2-1: USB disconnect, device number 21 [ 389.882868][T13525] loop1: detected capacity change from 0 to 4096 [ 390.073981][ T5284] veth0_macvtap: entered promiscuous mode [ 390.162201][T13542] tipc: Can't bind to reserved service type 0 [ 390.227550][T13525] ntfs3(loop1): ino=1f, mi_enum_attr [ 390.261821][T13525] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 390.350870][ T9] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 390.540064][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 390.572749][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 390.622014][ T9] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89 [ 390.670895][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 390.738024][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024 [ 390.778018][T13559] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3349'. [ 390.815422][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 390.855708][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 390.903786][ T9] usb 3-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8 [ 390.922250][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 390.952555][ T9] usb 3-1: Product: syz [ 390.953401][T13568] loop4: detected capacity change from 0 to 1764 [ 390.961759][ T9] usb 3-1: Manufacturer: syz [ 390.983464][ T9] usb 3-1: SerialNumber: syz [ 391.012522][ T9] usb 3-1: config 0 descriptor?? [ 391.044703][T13540] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 391.133161][T13568] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 391.284460][T13577] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 391.318725][T13580] loop5: detected capacity change from 0 to 16 [ 391.329424][T13580] erofs (device loop5): DAX unsupported by block device. Turning off DAX. [ 391.347393][T13580] erofs (device loop5): mounted with root inode @ nid 36. [ 391.411816][ T5642] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 391.426651][T13580] erofs (device loop5): corrupted dir block 1490945 @ nid 36 [ 391.592753][ T5642] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 391.592822][ T5642] usb 2-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 391.592864][ T5642] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.594763][T13584] loop4: detected capacity change from 0 to 2048 [ 391.618640][ T5642] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 391.633828][T13587] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 391.685634][T13589] loop5: detected capacity change from 0 to 16 [ 391.703500][T13589] erofs (device loop5): mounted with root inode @ nid 36. [ 391.760662][T13584] NILFS (loop4): vblocknr = 5121 has abnormal lifetime: start cno (= 100663298) > current cno (= 3) [ 391.760734][T13584] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=13) [ 391.785715][T13584] Remounting filesystem read-only [ 391.785733][T13584] NILFS (loop4): error -5 truncating bmap (ino=13) [ 391.943690][T13594] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 392.016947][ T5631] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer [ 392.670198][ T9] rc_core: IR keymap rc-snapstream-firefly not found [ 392.694591][ T9] Registered IR keymap rc-empty [ 392.704358][ T5642] stv0680 2-1:4.0: STV(e): camera ping failed!! [ 392.756687][ T9] rc rc0: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 392.817051][ T9] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input21 [ 392.909978][ T5642] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 392.926253][ T9] input: syz syz mouse as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input22 [ 392.952960][T13625] loop0: detected capacity change from 0 to 256 [ 392.979822][ T5642] stv0680 2-1:4.0: last error: 90, command = 0xeb [ 393.046224][ T5642] usb 2-1: USB disconnect, device number 22 [ 393.067841][ T9] usb 3-1: USB disconnect, device number 14 [ 393.067924][ C0] ati_remote 3-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19 [ 393.076627][T13625] FAT-fs (loop0): Directory bread(block 64) failed [ 393.107832][T13625] FAT-fs (loop0): Directory bread(block 65) failed [ 393.167633][T13625] FAT-fs (loop0): Directory bread(block 66) failed [ 393.205692][T13624] loop3: detected capacity change from 0 to 4096 [ 393.216385][T13625] FAT-fs (loop0): Directory bread(block 67) failed [ 393.254925][T13625] FAT-fs (loop0): Directory bread(block 68) failed [ 393.298800][T13625] FAT-fs (loop0): Directory bread(block 69) failed [ 393.337629][T13625] FAT-fs (loop0): Directory bread(block 70) failed [ 393.346821][T13634] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 393.373994][T13625] FAT-fs (loop0): Directory bread(block 71) failed [ 393.392595][T13625] FAT-fs (loop0): Directory bread(block 72) failed [ 393.418765][T13625] FAT-fs (loop0): Directory bread(block 73) failed [ 393.472610][T13624] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 393.597051][T13624] Remounting filesystem read-only [ 393.755848][ T30] audit: type=1800 audit(1779196468.641:201): pid=13625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3372" name="bus" dev="loop0" ino=1048666 res=0 errno=0 [ 394.633463][T13667] loop5: detected capacity change from 0 to 2048 [ 394.647624][T13670] veth0_to_team: entered promiscuous mode [ 394.690684][T13667] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 394.992892][T13679] loop3: detected capacity change from 0 to 16 [ 395.266307][T13687] loop4: detected capacity change from 0 to 256 [ 395.291379][T13688] loop2: detected capacity change from 0 to 8 [ 395.324250][T13687] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 395.716723][T13668] loop1: detected capacity change from 0 to 32768 [ 395.743389][T13668] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3391 (13668) [ 395.782043][T13668] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 395.818529][T13668] BTRFS info (device loop1): using sha256 checksum algorithm [ 395.969737][ T5758] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 395.994206][T13668] BTRFS info (device loop1): setting nodatasum [ 396.055314][T13668] BTRFS info (device loop1): enabling ssd optimizations [ 396.099796][T13668] BTRFS info (device loop1): turning on async discard [ 396.123002][T13668] BTRFS info (device loop1): enabling free space tree [ 396.190978][ T5758] usb 3-1: Using ep0 maxpacket: 8 [ 396.214433][T13727] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3410'. [ 396.222095][ T5758] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 396.291102][T13727] netlink: 31 bytes leftover after parsing attributes in process `syz.5.3410'. [ 396.291631][ T5758] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 396.377054][ T5758] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 396.377627][T13727] netlink: 'syz.5.3410': attribute type 3 has an invalid length. [ 396.411043][T13727] netlink: 'syz.5.3410': attribute type 2 has an invalid length. [ 396.428719][ T5758] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 396.463475][T13727] netlink: 31 bytes leftover after parsing attributes in process `syz.5.3410'. [ 396.495645][ T5758] usb 3-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 396.520467][ T5758] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 396.556375][ T5758] usb 3-1: Product: syz [ 396.568852][ T5758] usb 3-1: Manufacturer: syz [ 396.585214][ T5758] usb 3-1: SerialNumber: syz [ 396.623188][ T5758] usb 3-1: config 0 descriptor?? [ 396.687525][ T5639] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 396.884943][ T5758] radio-si470x 3-1:0.0: si470x_get_report: usb_control_msg returned -71 [ 396.918375][ T5758] radio-si470x 3-1:0.0: probe with driver radio-si470x failed with error -5 [ 397.009302][ T5758] usb 3-1: USB disconnect, device number 15 [ 397.388167][T13754] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3420'. [ 397.832751][ T5758] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 397.982298][ T5758] usb 4-1: unable to get BOS descriptor or descriptor too short [ 397.983625][ T5758] usb 4-1: config 63 has an invalid interface number: 66 but max is 0 [ 397.983667][ T5758] usb 4-1: config 63 has an invalid descriptor of length 0, skipping remainder of the config [ 397.983702][ T5758] usb 4-1: config 63 has no interface number 0 [ 397.983745][ T5758] usb 4-1: config 63 interface 66 has no altsetting 0 [ 397.995035][ T5758] usb 4-1: string descriptor 0 read error: -22 [ 397.995177][ T5758] usb 4-1: New USB device found, idVendor=174f, idProduct=8acf, bcdDevice=39.f4 [ 397.995220][ T5758] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 398.013942][ T5758] uvcvideo 4-1:63.66: Found UVC 0.07 device (174f:8acf) [ 398.014094][ T5758] uvcvideo 4-1:63.66: No valid video chain found. [ 398.264197][ T5758] usb 4-1: USB disconnect, device number 20 [ 398.306466][T13778] loop0: detected capacity change from 0 to 16 [ 398.311346][T13778] erofs (device loop0): mounted with root inode @ nid 36. [ 398.353489][T13779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3431'. [ 398.377884][T13779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3431'. [ 398.467602][ T5284] veth0_macvtap: left promiscuous mode [ 398.761105][T13788] loop2: detected capacity change from 0 to 2048 [ 398.866728][T13793] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 398.969108][T13788] NILFS (loop2): vblocknr = 5121 has abnormal lifetime: start cno (= 100663298) > current cno (= 3) [ 399.032383][T13788] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=13) [ 399.103526][T13788] Remounting filesystem read-only [ 399.122622][T13788] NILFS (loop2): error -5 truncating bmap (ino=13) [ 399.340239][ T5646] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 399.825925][T13825] xt_l2tp: invalid flags combination: c [ 400.064450][T13832] loop5: detected capacity change from 0 to 256 [ 400.145989][T13838] veth0_to_team: entered promiscuous mode [ 400.666190][T13854] loop1: detected capacity change from 0 to 2048 [ 400.728465][T13856] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 401.067801][T13867] loop3: detected capacity change from 0 to 256 [ 401.529376][T13881] netlink: 'syz.4.3471': attribute type 1 has an invalid length. [ 401.585359][T13881] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3471'. [ 401.616914][T13886] loop2: detected capacity change from 0 to 16 [ 401.658839][T13886] erofs (device loop2): mounted with root inode @ nid 36. [ 401.750206][ T5642] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 401.839361][T13865] loop5: detected capacity change from 0 to 32768 [ 401.856218][T13865] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3465 (13865) [ 401.894415][T13865] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 401.915575][T13865] BTRFS info (device loop5): using sha256 checksum algorithm [ 401.993571][ T5642] usb 1-1: config 10 has an invalid descriptor of length 0, skipping remainder of the config [ 402.064689][ T5642] usb 1-1: config 10 interface 0 altsetting 178 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 402.084965][ T5642] usb 1-1: config 10 interface 0 has no altsetting 0 [ 402.097602][ T5642] usb 1-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47 [ 402.107550][ T5642] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 402.119266][ T5642] usb 1-1: Product: syz [ 402.123632][ T5642] usb 1-1: Manufacturer: syz [ 402.128384][ T5642] usb 1-1: SerialNumber: syz [ 402.138035][T13865] BTRFS info (device loop5): enabling ssd optimizations [ 402.189523][T13865] BTRFS info (device loop5): turning on async discard [ 402.196748][T13865] BTRFS info (device loop5): enabling free space tree [ 402.402395][T13917] loop4: detected capacity change from 0 to 256 [ 402.403175][ T5642] ims_pcu 1-1:10.0: probe with driver ims_pcu failed with error -22 [ 402.494499][ T5642] usb 1-1: USB disconnect, device number 12 [ 402.521247][ T5638] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 402.548294][T13917] FAT-fs (loop4): Directory bread(block 64) failed [ 402.560838][T13917] FAT-fs (loop4): Directory bread(block 65) failed [ 402.598755][T13917] FAT-fs (loop4): Directory bread(block 66) failed [ 402.651242][T13917] FAT-fs (loop4): Directory bread(block 67) failed [ 402.711173][T13917] FAT-fs (loop4): Directory bread(block 68) failed [ 402.748490][T13917] FAT-fs (loop4): Directory bread(block 69) failed [ 402.775142][T13923] loop1: detected capacity change from 0 to 8 [ 402.780169][T13917] FAT-fs (loop4): Directory bread(block 70) failed [ 402.817754][T13917] FAT-fs (loop4): Directory bread(block 71) failed [ 402.852752][T13923] SQUASHFS error: zlib decompression failed, data probably corrupt [ 402.865270][T13917] FAT-fs (loop4): Directory bread(block 72) failed [ 402.889020][T13917] FAT-fs (loop4): Directory bread(block 73) failed [ 402.905052][T13923] SQUASHFS error: Failed to read block 0x4de: -5 [ 402.941481][T13923] SQUASHFS error: zlib decompression failed, data probably corrupt [ 402.981342][T13923] SQUASHFS error: Failed to read block 0x4df: -5 [ 403.015746][T13923] SQUASHFS error: zlib decompression failed, data probably corrupt [ 403.057540][T13923] SQUASHFS error: Failed to read block 0x4e0: -5 [ 403.092446][T13923] SQUASHFS error: zlib decompression failed, data probably corrupt [ 403.125181][T13923] SQUASHFS error: Failed to read block 0x4de: -5 [ 403.148664][ T30] audit: type=1800 audit(1779196478.031:202): pid=13923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3483" name="file1" dev="loop1" ino=5 res=0 errno=0 [ 403.233822][ T30] audit: type=1800 audit(1779196478.081:203): pid=13917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3479" name="bus" dev="loop4" ino=1048672 res=0 errno=0 [ 403.859724][ T5642] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 403.923345][T13912] loop2: detected capacity change from 0 to 32768 [ 404.008034][T13912] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 404.064129][ T5642] usb 5-1: New USB device found, idVendor=046d, idProduct=08b6, bcdDevice=ca.8e [ 404.113833][ T5642] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.157232][T13912] XFS (loop2): Ending clean mount [ 404.188475][ T5642] pwc: Logitech/Cisco VT Camera webcam detected. [ 404.245153][T13961] loop3: detected capacity change from 0 to 4096 [ 404.348053][T13961] ntfs3(loop3): ino=19, mi_enum_attr [ 404.466431][ T30] audit: type=1326 audit(1779196479.351:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13967 comm="syz.5.3500" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb2af9ce59 code=0x7ffc0000 [ 404.495442][ T5646] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 404.572236][ T5797] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 404.578961][ T30] audit: type=1326 audit(1779196479.351:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13967 comm="syz.5.3500" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb2af9ce59 code=0x7ffc0000 [ 404.625968][ T5642] pwc: send_video_command error -71 [ 404.669807][ T30] audit: type=1326 audit(1779196479.351:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13967 comm="syz.5.3500" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fcb2af9ce59 code=0x7ffc0000 [ 404.672460][ T5642] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 404.726335][ T30] audit: type=1326 audit(1779196479.351:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13967 comm="syz.5.3500" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb2af9ce59 code=0x7ffc0000 [ 404.778560][ T5797] usb 2-1: Using ep0 maxpacket: 16 [ 404.809077][ T5797] usb 2-1: config 0 has an invalid descriptor of length 55, skipping remainder of the config [ 404.852913][ T5797] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81 [ 404.863001][T13974] loop5: detected capacity change from 0 to 256 [ 404.892499][ T30] audit: type=1326 audit(1779196479.351:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13967 comm="syz.5.3500" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb2af9ce59 code=0x7ffc0000 [ 404.901453][ T5642] Philips webcam 5-1:127.0: probe with driver Philips webcam failed with error -71 [ 404.936621][ T5797] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 405.012074][ T5797] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 405.059235][ T5797] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 405.080033][ T5642] usb 5-1: USB disconnect, device number 16 [ 405.086591][ T5797] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 405.125181][ T5797] usb 2-1: Product: syz [ 405.125845][T13974] FAT-fs (loop5): Directory bread(block 64) failed [ 405.145882][ T5797] usb 2-1: Manufacturer: syz [ 405.173024][ T5797] usb 2-1: SerialNumber: syz [ 405.195258][T13974] FAT-fs (loop5): Directory bread(block 65) failed [ 405.224743][ T5797] usb 2-1: config 0 descriptor?? [ 405.231311][T13974] FAT-fs (loop5): Directory bread(block 66) failed [ 405.268437][T13974] FAT-fs (loop5): Directory bread(block 67) failed [ 405.307404][T13974] FAT-fs (loop5): Directory bread(block 68) failed [ 405.325994][T13974] FAT-fs (loop5): Directory bread(block 69) failed [ 405.345896][T13974] FAT-fs (loop5): Directory bread(block 70) failed [ 405.377850][T13974] FAT-fs (loop5): Directory bread(block 71) failed [ 405.407265][T13974] FAT-fs (loop5): Directory bread(block 72) failed [ 405.432681][T13974] FAT-fs (loop5): Directory bread(block 73) failed [ 405.463448][ T5797] appledisplay 2-1:0.0: Error while getting initial brightness: -90 [ 405.524106][ T5797] appledisplay 2-1:0.0: probe with driver appledisplay failed with error -90 [ 405.686536][ T5797] usb 2-1: USB disconnect, device number 23 [ 405.721081][ T30] audit: type=1800 audit(1779196480.611:209): pid=13974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3502" name="bus" dev="loop5" ino=1048673 res=0 errno=0 [ 406.522865][T14014] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3520'. [ 406.922106][T14033] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3527'. [ 406.968066][T14033] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3527'. [ 407.131362][T14038] loop0: detected capacity change from 0 to 64 [ 407.299018][T14047] xt_connbytes: Forcing CT accounting to be enabled [ 407.334796][T14047] xt_bpf: check failed: parse error [ 407.840180][ T803] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 408.032288][ T803] usb 1-1: unable to get BOS descriptor or descriptor too short [ 408.059181][ T803] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 408.101063][ T803] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 408.117591][T14073] netlink: 'syz.5.3543': attribute type 11 has an invalid length. [ 408.155339][ T803] usb 1-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40 [ 408.185963][ T803] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 408.227512][ T803] usb 1-1: Product: syz [ 408.241189][ T803] usb 1-1: Manufacturer: syz [ 408.262517][ T803] usb 1-1: SerialNumber: syz [ 408.324440][ T803] usb 1-1: selecting invalid altsetting 1 [ 408.344817][ T803] usb 1-1: unit 6 not found! [ 408.578016][T14042] loop1: detected capacity change from 0 to 32768 [ 408.643420][T14042] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 408.716604][T14093] netlink: 'syz.3.3549': attribute type 1 has an invalid length. [ 408.743584][ T803] usb 1-1: 2:0: cannot get min/max values for control 1 (id 2) [ 408.793778][T14093] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3549'. [ 408.900527][ T803] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 408.913584][ T803] usb 1-1: USB disconnect, device number 13 [ 409.112808][ T7026] udevd[7026]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 409.353973][ T5639] ocfs2: Unmounting device (7,1) on (node local) [ 409.791343][T14084] loop5: detected capacity change from 0 to 32768 [ 409.792331][T14118] netlink: 'syz.4.3560': attribute type 13 has an invalid length. [ 410.420621][ T5758] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 410.590366][ T5758] usb 2-1: Using ep0 maxpacket: 8 [ 410.604080][ T5758] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 410.616588][ T5758] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 410.649700][ T5758] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 410.691246][ T5758] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 410.715329][ T5758] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 410.744104][ T5758] usb 2-1: Product: syz [ 410.762048][ T5758] usb 2-1: Manufacturer: syz [ 410.788786][ T5758] usb 2-1: SerialNumber: syz [ 410.796504][T14145] netlink: 'syz.0.3570': attribute type 7 has an invalid length. [ 410.824503][T14145] netlink: 'syz.0.3570': attribute type 8 has an invalid length. [ 410.838716][ T5758] cdc_ncm 2-1:1.0: NCM or ECM functional descriptors missing [ 410.873229][ T5758] cdc_ncm 2-1:1.0: bind() failure [ 410.899894][T14149] nfs: Unknown parameter 'ntext' [ 411.073671][ T5758] cdc_mbim 2-1:1.1: CDC Union missing and no IAD found [ 411.099138][ T5758] cdc_mbim 2-1:1.1: bind() failure [ 411.380885][ T5758] usb 2-1: USB disconnect, device number 24 [ 411.639788][ T5642] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 411.827134][T14179] bond0: Error: Cannot enslave bond to itself. [ 411.833458][ T5642] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 411.833497][ T5642] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 411.833532][ T5642] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 411.833570][ T5642] usb 6-1: config 1 has no interface number 0 [ 411.833613][ T5642] usb 6-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30 [ 411.833668][ T5642] usb 6-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32 [ 411.841301][ T5642] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 411.941013][ T5642] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 412.020928][ T5642] usb 6-1: Product: syz [ 412.062265][ T5642] usb 6-1: Manufacturer: syz [ 412.069177][ T5642] usb 6-1: SerialNumber: syz [ 412.098651][T14184] loop4: detected capacity change from 0 to 64 [ 412.461869][T14198] loop0: detected capacity change from 0 to 256 [ 412.547031][T14198] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 412.604077][ T5642] usb 6-1: USB disconnect, device number 18 [ 412.720985][T14206] loop3: detected capacity change from 0 to 256 [ 412.769406][T14206] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d) [ 412.980159][T14211] netlink: 'syz.2.3602': attribute type 11 has an invalid length. [ 413.248758][ T30] audit: type=1326 audit(1779196488.131:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14217 comm="syz.2.3606" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 413.388555][ T30] audit: type=1326 audit(1779196488.171:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14217 comm="syz.2.3606" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 413.472176][ T30] audit: type=1326 audit(1779196488.181:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14217 comm="syz.2.3606" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 413.489196][T14224] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3608'. [ 413.509881][T14218] loop0: detected capacity change from 0 to 4096 [ 413.529999][T14218] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 413.589543][ T30] audit: type=1326 audit(1779196488.181:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14217 comm="syz.2.3606" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 413.657685][ T30] audit: type=1326 audit(1779196488.181:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14217 comm="syz.2.3606" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 413.683856][T14218] ntfs3(loop0): ino=19, mi_enum_attr [ 413.693873][T14218] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 413.708712][T14201] loop1: detected capacity change from 0 to 32768 [ 413.726600][T14201] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3596 (14201) [ 413.742708][ T30] audit: type=1326 audit(1779196488.181:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14217 comm="syz.2.3606" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 413.798695][T14201] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 413.831404][T14201] BTRFS info (device loop1): using sha256 checksum algorithm [ 413.892761][ T30] audit: type=1326 audit(1779196488.181:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14217 comm="syz.2.3606" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 413.979746][ T30] audit: type=1326 audit(1779196488.181:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14217 comm="syz.2.3606" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 414.126606][T14250] loop2: detected capacity change from 0 to 1024 [ 414.135977][ T30] audit: type=1326 audit(1779196488.181:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14217 comm="syz.2.3606" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 414.253210][T14201] BTRFS info (device loop1): enabling ssd optimizations [ 414.281186][T14201] BTRFS info (device loop1): turning on async discard [ 414.299842][T14201] BTRFS info (device loop1): enabling free space tree [ 414.323566][T14250] hfsplus: invalid file type 0174377 for inode 21 [ 414.454938][T14257] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3617'. [ 414.515801][T14257] netlink: 276 bytes leftover after parsing attributes in process `syz.5.3617'. [ 414.625883][ T5639] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 415.001288][T14272] xt_cgroup: xt_cgroup: no path or classid specified [ 415.067914][T14274] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3622'. [ 415.549800][ T5642] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 415.741773][ T5642] usb 5-1: config 0 has an invalid interface number: 117 but max is 0 [ 415.778949][ T5642] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 415.836985][ T5642] usb 5-1: config 0 has no interface number 0 [ 415.859370][ T5642] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 415.873682][ T30] audit: type=1326 audit(1779196490.761:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14302 comm="syz.1.3636" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f924ab9ce59 code=0x7ffc0000 [ 415.904926][ T5642] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 415.957334][ T5642] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 416.039492][ T5642] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 416.083612][ T5642] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 416.125467][ T5642] usb 5-1: Product: syz [ 416.146140][ T5642] usb 5-1: Manufacturer: syz [ 416.165638][ T5642] usb 5-1: SerialNumber: syz [ 416.201123][ T5642] usb 5-1: config 0 descriptor?? [ 416.220725][T14314] CIFS: bad ip= option (%‹R¯HÖe'ì»Ë /Ïâµüë1ýC¸ £~—1W–쯑ë¨eþxEA®ÁþeSb{~Rð) [ 416.574972][T14323] loop2: detected capacity change from 0 to 512 [ 416.608364][T14323] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 416.645501][T14323] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 416.667434][ T5642] usbtouchscreen 5-1:0.117: probe with driver usbtouchscreen failed with error -71 [ 416.692958][ T5642] usb 5-1: USB disconnect, device number 17 [ 416.717337][T14323] System zones: 0-1, 15-15, 18-18, 34-34 [ 416.723495][T14323] EXT4-fs (loop2): orphan cleanup on readonly fs [ 416.733165][T14323] EXT4-fs warning (device loop2): ext4_enable_quotas:7265: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 416.751211][T14323] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 416.758246][T14323] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.3644: bad orphan inode 16 [ 416.768800][T14323] loop2: lost filesystem error report for type 5 error -117 [ 416.769079][T14323] ext4_test_bit(bit=15, block=18) = 1 [ 416.776475][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 416.776505][ C0] EXT4-fs (loop2): initial error at time 1779196491: ext4_orphan_get:1423 [ 416.776546][ C0] EXT4-fs (loop2): last error at time 1779196491: ext4_orphan_get:1423 [ 416.809728][T14323] is_bad_inode(inode)=0 [ 416.835146][T14323] NEXT_ORPHAN(inode)=0 [ 416.860151][T14323] max_ino=32 [ 416.895953][T14323] i_nlink=2 [ 416.938871][T14323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 417.321647][ T5646] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 417.382605][T14348] loop1: detected capacity change from 0 to 164 [ 417.394446][T14349] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 417.847955][T14365] nbd: couldn't find device at index 12138126 [ 417.954546][T14368] loop4: detected capacity change from 0 to 256 [ 418.034133][T14368] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 418.070167][T14368] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 418.115144][T14368] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 418.247510][T14379] netlink: 'syz.0.3667': attribute type 1 has an invalid length. [ 418.290127][ T803] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 418.462567][ T803] usb 3-1: unable to get BOS descriptor or descriptor too short [ 418.489135][ T803] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 418.522509][T14387] netlink: 'syz.0.3671': attribute type 2 has an invalid length. [ 418.532617][T14384] netlink: 'syz.3.3670': attribute type 32 has an invalid length. [ 418.548938][ T803] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 418.587728][ T803] usb 3-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40 [ 418.628609][ T803] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.665227][ T803] usb 3-1: Product: syz [ 418.677372][ T803] usb 3-1: Manufacturer: syz [ 418.702941][ T803] usb 3-1: SerialNumber: syz [ 418.752736][ T803] usb 3-1: selecting invalid altsetting 1 [ 418.786110][ T803] usb 3-1: unit 6 not found! [ 419.164528][ T803] usb 3-1: 2:0: cannot get min/max values for control 1 (id 2) [ 419.510310][ T803] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 419.562889][T14411] loop3: detected capacity change from 0 to 256 [ 419.563350][ T803] usb 3-1: USB disconnect, device number 16 [ 419.632353][T14411] exfat: Deprecated parameter 'utf8' [ 419.695334][T14411] exfat: Deprecated parameter 'utf8' [ 419.724216][T14411] exfat: Deprecated parameter 'utf8' [ 419.769739][ T7026] udevd[7026]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 419.797319][T14411] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x0afbdf60, utbl_chksum : 0xe619d30d) [ 419.922918][T14417] loop5: detected capacity change from 0 to 256 [ 420.062747][T14417] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 420.065592][T14419] capability: warning: `syz.1.3682' uses 32-bit capabilities (legacy support in use) [ 420.112023][T14417] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 420.121594][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 420.121616][ T30] audit: type=1326 audit(1779196495.001:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14420 comm="syz.2.3683" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 420.183418][T14417] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 420.308102][ T30] audit: type=1326 audit(1779196495.041:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14420 comm="syz.2.3683" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 420.415484][ T30] audit: type=1326 audit(1779196495.061:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14420 comm="syz.2.3683" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 420.497600][ T30] audit: type=1326 audit(1779196495.061:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14420 comm="syz.2.3683" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff177f9ce59 code=0x7ffc0000 [ 420.586674][T14431] loop5: detected capacity change from 0 to 1024 [ 420.604266][ T30] audit: type=1800 audit(1779196495.141:233): pid=14417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3681" name="file1" dev="loop5" ino=1048676 res=0 errno=0 [ 420.619882][T14407] loop4: detected capacity change from 0 to 32768 [ 420.651104][T14431] hfsplus: failed to extend attributes file [ 420.672046][T14407] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3677 (14407) [ 420.716200][T14407] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 420.776191][T14407] BTRFS info (device loop4): using sha256 checksum algorithm [ 420.962202][T14453] loop0: detected capacity change from 0 to 4096 [ 420.964611][T14407] BTRFS info (device loop4): enabling ssd optimizations [ 420.988668][T14407] BTRFS info (device loop4): turning on async discard [ 420.996266][T14407] BTRFS info (device loop4): enabling free space tree [ 421.146936][T14453] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 421.185543][T14453] ntfs3(loop0): Failed to load $Extend (-22). [ 421.213797][T14453] ntfs3(loop0): Failed to initialize $Extend. [ 421.435410][ T5631] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 421.549553][ T5626] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22. [ 422.150013][ T803] usb 5-1: new full-speed USB device number 18 using dummy_hcd [ 422.243681][T14488] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3709'. [ 422.283266][T14488] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3709'. [ 422.323452][ T803] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 422.329330][T14488] netlink: 716 bytes leftover after parsing attributes in process `syz.5.3709'. [ 422.364547][ T803] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 422.406942][ T803] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 422.420459][ T10] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 422.448804][ T803] usb 5-1: config 220 has no interface number 2 [ 422.465285][ T803] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 422.523498][ T803] usb 5-1: config 220 interface 0 has no altsetting 0 [ 422.559319][ T803] usb 5-1: config 220 interface 76 has no altsetting 0 [ 422.599809][ T10] usb 4-1: Using ep0 maxpacket: 8 [ 422.601226][ T803] usb 5-1: config 220 interface 1 has no altsetting 0 [ 422.623845][ T10] usb 4-1: config index 0 descriptor too short (expected 30482, got 18) [ 422.638818][ T803] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 422.662818][ T10] usb 4-1: config 0 has too many interfaces: 101, using maximum allowed: 32 [ 422.668037][ T803] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.705194][ T10] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 101 [ 422.715608][ T803] usb 5-1: Product: syz [ 422.735848][ T803] usb 5-1: Manufacturer: syz [ 422.744080][ T10] usb 4-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 5.00 [ 422.750177][ T803] usb 5-1: SerialNumber: syz [ 422.774435][ T10] usb 4-1: New USB device strings: Mfr=253, Product=255, SerialNumber=0 [ 422.810111][ T10] usb 4-1: Product: syz [ 422.824718][ T10] usb 4-1: Manufacturer: syz [ 422.860836][ T10] usb 4-1: config 0 descriptor?? [ 422.881019][ T10] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 422.908301][ T10] usb 4-1: Detected FT2232C/D [ 423.019550][ T803] usb 5-1: selecting invalid altsetting 0 [ 423.055685][ T803] uvcvideo 5-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 423.082025][ T803] uvcvideo 5-1:220.0: No valid video chain found. [ 423.125400][ T803] usb 5-1: selecting invalid altsetting 0 [ 423.152152][ T803] usbtest 5-1:220.1: probe with driver usbtest failed with error -22 [ 423.207807][ T803] usb 5-1: USB disconnect, device number 18 [ 423.322366][ T10] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 423.373579][ T10] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 423.434605][ T10] usb 4-1: USB disconnect, device number 21 [ 423.478256][ T10] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 423.507046][ T10] ftdi_sio 4-1:0.0: device disconnected [ 423.790608][T14497] loop1: detected capacity change from 0 to 32768 [ 423.847667][T14497] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3713 (14497) [ 423.902522][T14497] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 423.957948][T14497] BTRFS info (device loop1): using sha256 checksum algorithm [ 424.163938][T14497] BTRFS info (device loop1): enabling ssd optimizations [ 424.234594][ T5642] hid (null): invalid report_size 58537 [ 424.235320][T14497] BTRFS info (device loop1): turning on async discard [ 424.241346][ T5642] hid (null): unknown global tag 0xd [ 424.258426][ T5642] hid (null): unknown global tag 0xc [ 424.266141][ T5642] hid (null): unknown global tag 0xe4 [ 424.272137][ T5642] hid (null): unknown global tag 0x52 [ 424.277661][ T5642] hid (null): global environment stack underflow [ 424.284890][T14497] BTRFS info (device loop1): enabling free space tree [ 424.294729][ T5642] hid (null): invalid report_size 222345300 [ 424.302013][ T5642] hid (null): unknown global tag 0xf4 [ 424.308520][ T5642] hid (null): invalid report_size 34522 [ 424.315734][ T5642] hid (null): report_id 1483988276 is invalid [ 424.336200][ T5642] hid (null): global environment stack underflow [ 424.356253][ T5642] hid (null): unknown global tag 0x56 [ 424.382259][ T5642] hid (null): unknown global tag 0xe [ 424.412040][ T5642] hid (null): report_id 2864353419 is invalid [ 424.456953][ T5642] hid (null): global environment stack underflow [ 424.494249][ T5642] hid (null): invalid report_count 703512408 [ 424.533115][ T5639] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 424.602832][T14559] loop0: detected capacity change from 0 to 164 [ 424.695868][ T5642] hid-generic BD41:B7F614B1:9D708363.0001: unknown main item tag 0x0 [ 424.727170][ T5642] hid-generic BD41:B7F614B1:9D708363.0001: unknown main item tag 0x2 [ 424.735836][ T5642] hid-generic BD41:B7F614B1:9D708363.0001: unknown main item tag 0x4 [ 424.744032][ T5642] hid-generic BD41:B7F614B1:9D708363.0001: unexpected long global item [ 424.754529][ T5642] hid-generic BD41:B7F614B1:9D708363.0001: probe with driver hid-generic failed with error -22 [ 425.496401][T14581] block nbd2: NBD_DISCONNECT [ 425.802289][T14591] loop1: detected capacity change from 0 to 256 [ 425.912964][T14595] xt_addrtype: ipv6 does not support BROADCAST matching [ 426.001870][T14591] FAT-fs (loop1): Directory bread(block 64) failed [ 426.033549][T14591] FAT-fs (loop1): Directory bread(block 65) failed [ 426.076259][T14591] FAT-fs (loop1): Directory bread(block 66) failed [ 426.111280][T14591] FAT-fs (loop1): Directory bread(block 67) failed [ 426.149659][T14591] FAT-fs (loop1): Directory bread(block 68) failed [ 426.173330][T14591] FAT-fs (loop1): Directory bread(block 69) failed [ 426.225658][T14591] FAT-fs (loop1): Directory bread(block 70) failed [ 426.264367][T14591] FAT-fs (loop1): Directory bread(block 71) failed [ 426.296154][T14591] FAT-fs (loop1): Directory bread(block 72) failed [ 426.330392][T14591] FAT-fs (loop1): Directory bread(block 73) failed [ 426.491455][T14609] loop4: detected capacity change from 0 to 2048 [ 426.529274][T14609] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 426.789744][ T29] usb 1-1: new full-speed USB device number 14 using dummy_hcd [ 426.985243][ T29] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 65535, setting to 64 [ 427.001758][T14627] loop3: detected capacity change from 0 to 256 [ 427.008170][ T5642] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 427.027847][ T29] usb 1-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9 [ 427.035690][T14627] exfat: Deprecated parameter 'utf8' [ 427.055738][ T29] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 427.088719][T14627] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d) [ 427.104405][ T29] usb 1-1: Product: syz [ 427.127536][ T29] usb 1-1: Manufacturer: syz [ 427.139398][ T29] usb 1-1: SerialNumber: syz [ 427.172404][ T29] usb 1-1: config 0 descriptor?? [ 427.188555][T14614] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 427.198517][T14629] sctp: [Deprecated]: syz.2.3771 (pid 14629) Use of int in maxseg socket option. [ 427.198517][T14629] Use struct sctp_assoc_value instead [ 427.220295][ T5642] usb 6-1: Using ep0 maxpacket: 8 [ 427.235692][ T5642] usb 6-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 427.263054][ T5642] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 427.271893][ T29] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input25 [ 427.285427][ T5642] usb 6-1: Product: syz [ 427.309702][ T5642] usb 6-1: Manufacturer: syz [ 427.329715][ T5642] usb 6-1: SerialNumber: syz [ 427.358538][ T5642] usb 6-1: config 0 descriptor?? [ 427.413647][ T5642] gspca_main: sq930x-2.14.0 probing 2770:930c [ 427.467047][T14635] netlink: 'syz.4.3775': attribute type 3 has an invalid length. [ 427.551231][ T803] usb 1-1: USB disconnect, device number 14 [ 427.813425][ T5642] gspca_sq930x: ucbus_write failed -71 [ 427.829213][T14645] loop3: detected capacity change from 0 to 128 [ 427.834956][ T5642] sq930x 6-1:0.0: probe with driver sq930x failed with error -71 [ 427.896563][T14645] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 427.912150][ T5642] usb 6-1: USB disconnect, device number 19 [ 427.973291][T14645] ext4 filesystem being mounted at /618/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 428.103987][ T5643] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 428.160072][T14652] loop2: detected capacity change from 0 to 2048 [ 428.216194][T14654] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 428.593447][T14637] loop1: detected capacity change from 0 to 32768 [ 428.717924][T14637] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 428.832436][T14674] CIFS: VFS: UNC: missing delimiter between hostname and share name [ 428.841222][T14674] CIFS: VFS: Malformed UNC in devname [ 428.867515][ T5639] ocfs2: Unmounting device (7,1) on (node local) [ 428.909784][ T29] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 429.091240][T14681] loop4: detected capacity change from 0 to 512 [ 429.096334][ T29] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 429.149849][ T29] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 429.198982][T14681] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 429.229050][ T29] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.328882][T14681] ext4 filesystem being mounted at /644/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 429.350977][ T29] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 429.552130][ T5631] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.710883][ T5751] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 429.778905][T14698] loop4: detected capacity change from 0 to 512 [ 429.847919][T14698] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 429.892637][ T5751] usb 2-1: unable to get BOS descriptor or descriptor too short [ 429.910560][ T5751] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 37, changing to 7 [ 429.935322][ T5751] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 116, changing to 7 [ 429.959344][ T5751] usb 2-1: string descriptor 0 read error: -22 [ 429.965893][ T5751] usb 2-1: New USB device found, idVendor=1235, idProduct=8012, bcdDevice= 0.40 [ 429.980292][ T5751] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 430.093643][T14666] loop3: detected capacity change from 0 to 32768 [ 430.126875][T14666] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3789 (14666) [ 430.166184][T14666] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 430.209009][ T5631] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 430.222120][T14666] BTRFS info (device loop3): using sha256 checksum algorithm [ 430.412431][T14666] BTRFS info (device loop3): setting nodatasum [ 430.471563][ T29] stv0680 1-1:4.0: STV(e): camera ping failed!! [ 430.485237][T14666] BTRFS info (device loop3): enabling ssd optimizations [ 430.544371][T14666] BTRFS info (device loop3): turning on async discard [ 430.565140][T14666] BTRFS info (device loop3): enabling free space tree [ 430.657792][ T5751] usb 2-1: USB disconnect, device number 25 [ 430.675028][ T29] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 430.715679][ T29] stv0680 1-1:4.0: last error: 86, command = 0x0 [ 430.754264][ T29] usb 1-1: USB disconnect, device number 15 [ 431.272133][ T5643] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 431.379340][T14740] loop4: detected capacity change from 0 to 16 [ 431.435958][T14740] erofs (device loop4): mounted with root inode @ nid 36. [ 431.585379][T14747] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3819'. [ 431.975973][T14755] loop0: detected capacity change from 0 to 1764 [ 432.342402][ T30] audit: type=1326 audit(1779196507.231:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.3.3829" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 432.444093][ T30] audit: type=1326 audit(1779196507.271:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.3.3829" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 432.516973][ T30] audit: type=1326 audit(1779196507.321:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.3.3829" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 432.616457][ T30] audit: type=1326 audit(1779196507.321:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.3.3829" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 432.999975][ T10] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 433.102792][T14793] loop5: detected capacity change from 0 to 64 [ 433.171071][ T10] usb 4-1: Using ep0 maxpacket: 8 [ 433.188653][ T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 433.200161][T14793] hfs: cannot create new inode: file count exceeds limit [ 433.235807][ T10] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82 [ 433.278780][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 433.304987][ T10] usb 4-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1 [ 433.319336][ T10] usb 4-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3 [ 433.361158][ T10] usb 4-1: Product: syz [ 433.385573][ T10] usb 4-1: Manufacturer: syz [ 433.407580][ T10] usb 4-1: SerialNumber: syz [ 433.445355][ T10] usb 4-1: config 0 descriptor?? [ 433.714352][ T10] rc_core: IR keymap rc-imon-rsc not found [ 433.735753][ T10] Registered IR keymap rc-empty [ 433.770541][ T10] rc rc0: iMON Station as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 433.788094][T14810] tmpfs: Bad value for 'mpol' [ 433.818947][ T10] input: iMON Station as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input26 [ 433.913897][ T10] usb 4-1: USB disconnect, device number 22 [ 434.351110][T14830] loop5: detected capacity change from 0 to 1024 [ 435.205267][T14855] sctp: [Deprecated]: syz.2.3871 (pid 14855) Use of int in max_burst socket option deprecated. [ 435.205267][T14855] Use struct sctp_assoc_value instead [ 435.266379][T14849] loop4: detected capacity change from 0 to 8192 [ 435.398751][T14859] loop3: detected capacity change from 0 to 1024 [ 435.446326][T14859] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 435.582955][T14827] loop0: detected capacity change from 0 to 32768 [ 435.614613][T14827] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 435.752027][T14875] openvswitch: netlink: Unexpected mask (mask=2200040, allowed=2010048) [ 435.885758][T14877] loop3: detected capacity change from 0 to 256 [ 435.985959][T14827] XFS (loop0): Ending clean mount [ 436.051864][T14827] XFS (loop0): Quotacheck needed: Please wait. [ 436.303827][T14889] loop3: detected capacity change from 0 to 64 [ 436.334470][T14827] XFS (loop0): Quotacheck: Done. [ 436.539270][T14896] ip6t_srh: unknown srh invflags 4000 [ 436.742108][ T5626] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 436.894127][T14908] loop1: detected capacity change from 0 to 256 [ 436.994339][T14902] loop2: detected capacity change from 0 to 4096 [ 437.014657][T14908] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d) [ 437.106719][T14902] ntfs3(loop2): ino=19, mi_enum_attr [ 437.125587][T14902] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 437.582478][T14922] IPVS: ip_vs_add_dest(): server weight less than zero [ 437.892691][T14935] dlm: non-version read from control device 36 [ 438.127638][T14946] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3912'. [ 438.159999][ T5642] usb 2-1: new full-speed USB device number 26 using dummy_hcd [ 438.210285][ T10] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 438.311552][T14950] loop0: detected capacity change from 0 to 128 [ 438.332263][ T5642] usb 2-1: not running at top speed; connect to a high speed hub [ 438.333573][T14954] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 438.355805][ T5642] usb 2-1: config 11 has an invalid interface number: 95 but max is 0 [ 438.380016][T14954] overlayfs: missing 'lowerdir' [ 438.389694][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 438.400825][ T5642] usb 2-1: config 11 has no interface number 0 [ 438.409266][T14950] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 438.442346][ T5642] usb 2-1: config 11 interface 95 altsetting 64 has an endpoint descriptor with address 0xC6, changing to 0x86 [ 438.454873][T14958] loop5: detected capacity change from 0 to 136 [ 438.466502][ T10] usb 4-1: config 0 has an invalid interface number: 119 but max is 0 [ 438.499468][ T10] usb 4-1: config 0 has no interface number 0 [ 438.507115][T14958] Attempt to read inode for relocated directory [ 438.530303][ T5642] usb 2-1: config 11 interface 95 altsetting 64 has an invalid descriptor for endpoint zero, skipping [ 438.549527][ T10] usb 4-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 438.550650][T14950] ext4 filesystem being mounted at /676/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 438.576546][ T5642] usb 2-1: config 11 interface 95 has no altsetting 0 [ 438.607005][ T10] usb 4-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 438.656179][ T10] usb 4-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 27 [ 438.687036][ T10] usb 4-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 438.708640][ T5642] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=b1.4d [ 438.722682][ T5642] usb 2-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 438.735801][ T10] usb 4-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73 [ 438.745011][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 438.754012][ T5642] usb 2-1: Manufacturer: syz [ 438.759339][ T10] usb 4-1: Product: syz [ 438.763609][ T10] usb 4-1: Manufacturer: syz [ 438.772435][ T10] usb 4-1: SerialNumber: syz [ 438.782507][T14936] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 438.804618][ T10] usb 4-1: config 0 descriptor?? [ 438.823381][T14940] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 438.871410][ T10] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.119/input/input27 [ 438.878043][ T5626] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 438.917265][ T4974] usb 4-1: BOGUS urb xfer, pipe 1 != type 3 [ 439.153134][ T5642] usb 2-1: USB disconnect, device number 26 [ 439.185096][ T5758] usb 4-1: USB disconnect, device number 23 [ 439.331727][ T1310] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.484711][T14979] loop0: detected capacity change from 0 to 1024 [ 439.536943][T14979] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 439.540962][T14981] usb usb8: usbfs: process 14981 (syz.2.3928) did not claim interface 0 before use [ 439.617566][T14985] loop4: detected capacity change from 0 to 512 [ 439.692043][T14985] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 49, start 00000103) [ 439.764788][T14985] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000103) [ 440.250423][T15006] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 440.455464][T15013] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3940'. [ 440.885620][T15026] loop1: detected capacity change from 0 to 512 [ 440.959040][T15026] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 49, start 00000103) [ 440.998501][T15031] xt_cgroup: path and classid specified [ 441.008347][T15026] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000103) [ 441.341344][T15033] loop2: detected capacity change from 0 to 4096 [ 441.373270][T15033] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 441.488311][T15033] ntfs3(loop2): ino=1a, mi_enum_attr [ 441.502826][T15033] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 441.516751][T15003] loop4: detected capacity change from 0 to 32768 [ 441.551589][T15003] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3934 (15003) [ 441.635974][T15003] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 441.686157][T15003] BTRFS info (device loop4): using sha256 checksum algorithm [ 441.847118][T15003] BTRFS info (device loop4): setting nodatasum [ 441.901334][T15003] BTRFS info (device loop4): enabling ssd optimizations [ 441.948710][T15003] BTRFS info (device loop4): turning on async discard [ 442.004105][T15003] BTRFS info (device loop4): enabling free space tree [ 442.509673][T15043] loop5: detected capacity change from 0 to 32768 [ 442.565446][T15043] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 442.981437][ T5638] ocfs2: Unmounting device (7,5) on (node local) [ 443.132933][T15082] netlink: 'syz.0.3969': attribute type 10 has an invalid length. [ 443.184125][ T5631] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 443.213283][T15084] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3970'. [ 443.369349][T15088] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3973'. [ 443.538727][T15092] loop1: detected capacity change from 0 to 256 [ 443.581245][T15092] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 444.147833][T15106] loop0: detected capacity change from 0 to 128 [ 444.429349][T15115] x_tables: arp_tables: NFQUEUE target: not valid for this family [ 444.985106][T15098] loop5: detected capacity change from 0 to 32768 [ 445.106301][T15098] JBD2: Ignoring recovery information on journal [ 445.127921][T15142] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 445.231642][T15098] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 445.676927][ T5638] ocfs2: Unmounting device (7,5) on (node local) [ 446.320446][T15177] loop4: detected capacity change from 0 to 16 [ 446.355707][T15177] erofs (device loop4): mounted with root inode @ nid 36. [ 446.427251][T15177] cifs: Unknown parameter 'cache_strategy' [ 446.803569][T15197] netlink: 'syz.5.4035': attribute type 6 has an invalid length. [ 447.260442][T15213] xt_ecn: cannot match TCP bits for non-tcp packets [ 447.353980][T15220] netlink: 'syz.4.4036': attribute type 1 has an invalid length. [ 447.358659][T15222] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4033'. [ 447.397290][T15220] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 447.578367][T15225] loop2: detected capacity change from 0 to 256 [ 447.624668][T15225] exfat: Deprecated parameter 'namecase' [ 447.675905][T15225] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001ff53, chksum : 0xa3a8d5f0, utbl_chksum : 0xe619d30d) [ 447.700603][T15235] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4042'. [ 447.759856][T15234] loop4: detected capacity change from 0 to 1024 [ 448.191525][T15249] loop1: detected capacity change from 0 to 64 [ 448.201214][T15248] netlink: 256 bytes leftover after parsing attributes in process `syz.5.4051'. [ 448.535894][T15256] loop5: detected capacity change from 0 to 1024 [ 448.633716][T15256] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 448.784062][T15256] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2859: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 448.877967][T15256] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #11: comm syz.5.4054: missing EA_INODE flag [ 448.943922][T15256] EXT4-fs (loop5): Remounting filesystem read-only [ 449.063293][ T5638] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.240952][T15281] loop3: detected capacity change from 0 to 64 [ 449.687050][T15300] netlink: 'syz.3.4071': attribute type 10 has an invalid length. [ 450.019545][T15307] netlink: 'syz.2.4076': attribute type 11 has an invalid length. [ 450.061721][T15307] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.4076'. [ 450.274858][T15313] loop4: detected capacity change from 0 to 512 [ 450.382597][T15313] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 450.445240][T15313] System zones: 0-2, 18-18, 34-34 [ 450.463361][T15313] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.4079: bg 0: block 248: padding at end of block bitmap is not set [ 450.483857][T15313] loop4: lost filesystem error report for type 5 error -117 [ 450.492865][T15313] Quota error (device loop4): write_blk: dquota write failed [ 450.500262][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 450.500295][ C0] EXT4-fs (loop4): last error at time 1779196525: ext4_validate_block_bitmap:440 [ 450.541549][T15313] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 450.557818][T15322] loop2: detected capacity change from 0 to 1024 [ 450.576752][T15313] EXT4-fs error (device loop4): ext4_acquire_dquot:7032: comm syz.4.4079: Failed to acquire dquot type 1 [ 450.627296][T15313] loop4: lost filesystem error report for type 5 error -117 [ 450.653826][T15313] EXT4-fs (loop4): 1 truncate cleaned up [ 450.710283][T15313] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 450.777123][T15313] ext4 filesystem being mounted at /692/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 450.911327][T15299] loop5: detected capacity change from 0 to 32768 [ 451.158625][ T5631] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 451.447348][T15341] netlink: 'syz.3.4093': attribute type 21 has an invalid length. [ 451.484963][T15341] netlink: 128 bytes leftover after parsing attributes in process `syz.3.4093'. [ 451.525182][T15341] netlink: 'syz.3.4093': attribute type 5 has an invalid length. [ 451.555800][T15341] netlink: 'syz.3.4093': attribute type 6 has an invalid length. [ 451.584652][T15341] netlink: 3 bytes leftover after parsing attributes in process `syz.3.4093'. [ 451.763719][T15348] netlink: 5252 bytes leftover after parsing attributes in process `syz.5.4096'. [ 451.845509][T15348] nbd: must specify a size in bytes for the device [ 451.962760][T15354] loop3: detected capacity change from 0 to 256 [ 452.039155][T15324] loop0: detected capacity change from 0 to 32768 [ 452.087935][T15324] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4083 (15324) [ 452.117187][T15356] libceph: resolve '0' (ret=-3): failed [ 452.168484][T15324] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 452.226952][T15324] BTRFS info (device loop0): using sha256 checksum algorithm [ 452.387690][T15372] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4102'. [ 452.463033][T15324] BTRFS info (device loop0): setting nodatasum [ 452.532221][T15324] BTRFS info (device loop0): enabling ssd optimizations [ 452.570903][T15324] BTRFS info (device loop0): turning on async discard [ 452.621288][T15324] BTRFS info (device loop0): enabling free space tree [ 452.672972][T15384] bond0: (slave bond_slave_0): Releasing backup interface [ 452.734932][T15384] bond0: (slave bond_slave_1): Releasing backup interface [ 452.830130][T15384] team0: Port device team_slave_0 removed [ 452.902851][T15384] team0: Port device team_slave_1 removed [ 452.933354][T15384] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 452.966994][T15384] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 453.009151][T15384] bond0: (slave batadv_slave_1): Releasing backup interface [ 453.103181][T15384] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 453.167757][ T5626] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 453.379306][T15403] netlink: 'syz.2.4115': attribute type 1 has an invalid length. [ 453.429303][T15403] netlink: 'syz.2.4115': attribute type 1 has an invalid length. [ 453.528582][T15405] xt_l2tp: wrong L2TP version: 0 [ 453.567499][T15410] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4118'. [ 453.905866][T15419] openvswitch: netlink: VXLAN extension message has 16 unknown bytes. [ 454.489944][T15442] netlink: 180 bytes leftover after parsing attributes in process `syz.2.4134'. [ 455.627838][T15484] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 455.880366][ T5758] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 456.038923][T15497] loop4: detected capacity change from 0 to 64 [ 456.052591][ T5758] usb 3-1: unable to get BOS descriptor or descriptor too short [ 456.096490][ T5758] usb 3-1: New USB device found, idVendor=04b4, idProduct=9320, bcdDevice= 0.40 [ 456.114454][T15497] syz.4.4161: attempt to access beyond end of device [ 456.114454][T15497] loop4: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 456.127926][ T5758] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 456.149215][T15497] Buffer I/O error on dev loop4, logical block 134217734, async page read [ 456.158423][ T5758] usb 3-1: Product: syz [ 456.158454][ T5758] usb 3-1: Manufacturer: syz [ 456.194971][ T5758] usb 3-1: SerialNumber: syz [ 456.242285][T15497] Trying to free block not in datazone [ 456.287717][ T5758] usb 3-1: Audio class v2/v3 interfaces need an interface association [ 456.376420][T15506] loop3: detected capacity change from 0 to 1764 [ 456.552182][ T5758] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 456.667098][ T5758] snd-usb-hiface 3-1:1.0: probe with driver snd-usb-hiface failed with error -22 [ 456.806103][ T5758] usb 3-1: can't set first interface for hiFace device. [ 456.837744][ T5758] snd-usb-hiface 3-1:1.1: probe with driver snd-usb-hiface failed with error -5 [ 456.885483][ T5758] usb 3-1: can't set first interface for hiFace device. [ 456.903230][ T5758] snd-usb-hiface 3-1:1.2: probe with driver snd-usb-hiface failed with error -5 [ 456.912957][T15524] netlink: 'syz.1.4174': attribute type 2 has an invalid length. [ 456.959276][ T5758] usb 3-1: USB disconnect, device number 17 [ 457.239084][T15534] netlink: 'syz.5.4190': attribute type 21 has an invalid length. [ 457.302617][ T7026] udevd[7026]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 457.659706][ T5642] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 457.693818][T15549] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 457.842903][ T5642] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 959 [ 457.882450][ T5642] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 457.933118][ T5642] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 457.993650][ T5642] usb 5-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38 [ 458.021411][ T5642] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 458.038730][ T5642] usb 5-1: Product: syz [ 458.063677][ T5642] usb 5-1: Manufacturer: syz [ 458.085797][ T5642] usb 5-1: SerialNumber: syz [ 458.123927][ T5642] usb 5-1: config 0 descriptor?? [ 458.150967][T15540] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 458.189178][T15559] loop3: detected capacity change from 0 to 4096 [ 458.210930][T15559] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 458.265649][T15559] ntfs3(loop3): ino=1a, mi_enum_attr [ 458.285991][T15559] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 458.377596][T15559] ntfs3(loop3): ino=1e, "file1" ntfs3_write_inode failed, -22. [ 458.562993][ T5642] usb 5-1: USB disconnect, device number 19 [ 458.713239][ T30] audit: type=1326 audit(1779196533.601:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15574 comm="syz.3.4199" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 458.733772][T15544] loop5: detected capacity change from 0 to 32768 [ 458.771238][T15544] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4180 (15544) [ 458.832911][ T30] audit: type=1326 audit(1779196533.621:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15574 comm="syz.3.4199" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 458.849484][T15544] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 458.932995][T15544] BTRFS info (device loop5): using sha256 checksum algorithm [ 458.955347][ T30] audit: type=1326 audit(1779196533.641:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15574 comm="syz.3.4199" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 459.031242][T15582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4202'. [ 459.076325][ T30] audit: type=1326 audit(1779196533.641:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15574 comm="syz.3.4199" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 459.130119][T15582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4202'. [ 459.139778][ T30] audit: type=1326 audit(1779196533.641:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15574 comm="syz.3.4199" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 459.183640][ T30] audit: type=1326 audit(1779196533.641:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15574 comm="syz.3.4199" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 459.232165][ T30] audit: type=1326 audit(1779196533.641:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15574 comm="syz.3.4199" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 459.258123][ T30] audit: type=1326 audit(1779196533.641:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15574 comm="syz.3.4199" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 459.306752][T15544] BTRFS info (device loop5): enabling ssd optimizations [ 459.345763][T15544] BTRFS info (device loop5): turning on async discard [ 459.374944][ T30] audit: type=1326 audit(1779196533.641:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15574 comm="syz.3.4199" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f7b5c39ce59 code=0x7ffc0000 [ 459.385612][T15544] BTRFS info (device loop5): enabling free space tree [ 459.457166][T15604] netlink: 9 bytes leftover after parsing attributes in process `syz.2.4206'. [ 459.498344][T15604] 0·: renamed from hsr0 (while UP) [ 459.552285][T15604] 0·: entered allmulticast mode [ 459.578153][T15604] hsr_slave_0: entered allmulticast mode [ 459.588101][T15604] hsr_slave_1: entered allmulticast mode [ 459.608942][T15604] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 459.638053][T15612] loop3: detected capacity change from 0 to 164 [ 459.787251][ T5638] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 460.125797][T15622] loop3: detected capacity change from 0 to 16 [ 460.183530][T15622] erofs (device loop3): dirblkbits 7 isn't supported [ 460.298191][T15628] openvswitch: netlink: Key type 51 is out of range max 32 [ 460.535801][T15634] netlink: 'syz.5.4221': attribute type 21 has an invalid length. [ 460.572996][T15634] netlink: 128 bytes leftover after parsing attributes in process `syz.5.4221'. [ 460.617555][T15634] netlink: 'syz.5.4221': attribute type 4 has an invalid length. [ 460.644296][T15634] netlink: 'syz.5.4221': attribute type 5 has an invalid length. [ 460.648846][T15644] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4224'. [ 460.677872][T15634] netlink: 3 bytes leftover after parsing attributes in process `syz.5.4221'. [ 460.693386][T15644] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4224'. [ 461.301980][ T5758] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 461.492054][ T5758] usb 4-1: Using ep0 maxpacket: 32 [ 461.504244][T15669] netlink: 'syz.1.4238': attribute type 21 has an invalid length. [ 461.528718][ T5758] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 461.556184][ T5758] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 461.589727][ T5758] usb 4-1: config 0 has no interface number 0 [ 461.614226][ T5758] usb 4-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 461.645158][T15667] loop2: detected capacity change from 0 to 4096 [ 461.672301][ T5758] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 461.691200][ T5758] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 461.719530][ T5758] usb 4-1: Product: syz [ 461.736905][ T5758] usb 4-1: Manufacturer: syz [ 461.747929][ T5758] usb 4-1: SerialNumber: syz [ 461.779003][ T5758] usb 4-1: config 0 descriptor?? [ 461.788603][T15677] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4242'. [ 461.821010][ T5758] radio-si470x 4-1:0.35: could not find interrupt in endpoint [ 461.841913][T15667] ntfs3(loop2): ino=19, mi_enum_attr [ 461.865770][T15667] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 461.873097][ T5758] radio-si470x 4-1:0.35: probe with driver radio-si470x failed with error -5 [ 462.046139][ T5758] radio-raremono 4-1:0.35: this is not Thanko's Raremono. [ 462.076746][ T5758] usbhid 4-1:0.35: couldn't find an input interrupt endpoint [ 462.129966][T15684] netlink: 5012 bytes leftover after parsing attributes in process `syz.0.4245'. [ 462.163018][ T30] audit: type=1326 audit(1779196537.051:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15685 comm="syz.1.4246" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f924ab9ce59 code=0x7ffc0000 [ 462.310495][ T5758] usb 4-1: USB disconnect, device number 24 [ 462.364757][T15690] bridge_slave_0: left allmulticast mode [ 462.390342][T15690] bridge_slave_0: left promiscuous mode [ 462.418316][T15690] bridge0: port 1(bridge_slave_0) entered disabled state [ 462.497722][T15690] bridge_slave_1: left allmulticast mode [ 462.521860][T15690] bridge_slave_1: left promiscuous mode [ 462.530963][T15698] netlink: 'syz.5.4252': attribute type 2 has an invalid length. [ 462.551333][T15690] bridge0: port 2(bridge_slave_1) entered disabled state [ 462.637805][T15690] bond0: (slave bond_slave_0): Releasing backup interface [ 462.751531][T15690] bond0: (slave bond_slave_1): Releasing backup interface [ 462.826359][T15690] team0: Port device team_slave_0 removed [ 462.905669][T15690] team0: Port device team_slave_1 removed [ 462.933682][T15690] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 462.976887][T15690] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 463.023837][T15690] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 463.043945][T15690] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 463.077893][T15690] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 463.510017][ T5758] usb 6-1: new low-speed USB device number 20 using dummy_hcd [ 463.586270][T15727] ipvlan0: entered promiscuous mode [ 463.604088][T15727] ipvlan0: entered allmulticast mode [ 463.627056][T15727] veth0_vlan: entered allmulticast mode [ 463.693500][ T5758] usb 6-1: config index 0 descriptor too short (expected 1307, got 27) [ 463.727559][ T5758] usb 6-1: config 0 has an invalid interface number: 0 but max is -1 [ 463.756248][ T5758] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 463.795430][ T5758] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 463.836641][ T5758] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 463.872360][ T5758] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 463.906916][ T5758] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 463.957558][ T5758] usb 6-1: language id specifier not provided by device, defaulting to English [ 464.009023][ T5758] usb 6-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 464.035883][ T5758] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 464.044854][ T5758] usb 6-1: Manufacturer: 躔 [ 464.096012][ T5758] usb 6-1: config 0 descriptor?? [ 464.112480][ T5758] hub 6-1:0.0: bad descriptor, ignoring hub [ 464.142364][ T5758] hub 6-1:0.0: probe with driver hub failed with error -5 [ 464.184686][ T5758] input: 躔 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input29 [ 464.439041][T15749] bond0: (slave team0): Releasing backup interface [ 464.476403][ T5758] usb 6-1: USB disconnect, device number 20 [ 464.521579][T15749] bridge_slave_0: left allmulticast mode [ 464.547754][T15749] bridge_slave_0: left promiscuous mode [ 464.567966][T15749] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.624540][T15749] bridge_slave_1: left allmulticast mode [ 464.646578][T15749] bridge_slave_1: left promiscuous mode [ 464.660863][T15749] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.682299][T15749] bond0: (slave bond_slave_0): Releasing backup interface [ 464.717274][T15749] bond0: (slave bond_slave_1): Releasing backup interface [ 464.759734][ T5751] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 464.791719][T15749] team0: Port device team_slave_0 removed [ 464.861975][T15749] team0: Port device team_slave_1 removed [ 464.871895][T15760] sctp: [Deprecated]: syz.0.4282 (pid 15760) Use of struct sctp_assoc_value in delayed_ack socket option. [ 464.871895][T15760] Use struct sctp_sack_info instead [ 464.882052][T15749] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 464.909740][ T5751] usb 4-1: Using ep0 maxpacket: 8 [ 464.921565][ T5751] usb 4-1: config 0 has an invalid interface number: 200 but max is 0 [ 464.943568][ T5751] usb 4-1: config 0 has no interface number 0 [ 464.950586][T15749] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 464.961571][ T5751] usb 4-1: config 0 interface 200 altsetting 2 has an endpoint descriptor with address 0x24, changing to 0x4 [ 464.976861][T15749] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 464.984726][ T5751] usb 4-1: config 0 interface 200 altsetting 2 endpoint 0x4 has invalid maxpacket 37761, setting to 64 [ 464.996112][T15749] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 465.004333][ T5751] usb 4-1: config 0 interface 200 has no altsetting 0 [ 465.017506][T15749] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 465.052396][ T5751] usb 4-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39 [ 465.067616][ T5751] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 465.096434][ T5751] usb 4-1: Product: syz [ 465.112335][T15762] netlink: 'syz.4.4283': attribute type 21 has an invalid length. [ 465.113558][ T5751] usb 4-1: Manufacturer: syz [ 465.161583][ T5751] usb 4-1: SerialNumber: syz [ 465.183564][ T5751] usb 4-1: config 0 descriptor?? [ 465.438422][ T5751] input: Hanwang Art Master III 0906 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.200/input/input30 [ 465.523308][ T5751] usb 4-1: USB disconnect, device number 25 [ 465.791117][T15781] netlink: 10 bytes leftover after parsing attributes in process `syz.1.4292'. [ 466.024318][T15790] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 466.218718][T15795] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4299'. [ 466.333470][T15801] bridge_slave_0: left allmulticast mode [ 466.368589][T15801] bridge_slave_0: left promiscuous mode [ 466.402444][T15801] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.459768][T15801] bridge_slave_1: left allmulticast mode [ 466.486886][T15801] bridge_slave_1: left promiscuous mode [ 466.508292][T15801] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.621400][T15801] bond0: (slave bond_slave_0): Releasing backup interface [ 466.694886][T15813] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4305'. [ 466.778684][T15801] bond0: (slave bond_slave_1): Releasing backup interface [ 466.907893][T15801] team0: Port device team_slave_0 removed [ 467.009134][T15801] team0: Port device team_slave_1 removed [ 467.044957][T15801] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 467.083459][T15801] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 467.243683][T15801] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 467.281483][T15801] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 467.324193][T15801] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 467.387022][T15829] TCP: TCP_TX_DELAY enabled [ 467.461682][T15813] veth1_to_bond: entered allmulticast mode [ 468.002445][T15845] loop1: detected capacity change from 0 to 1024 [ 468.017965][T15850] loop2: detected capacity change from 0 to 256 [ 468.030438][T15845] EXT4-fs: Ignoring removed orlov option [ 468.121628][T15845] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 468.284865][ T5639] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.397859][T15864] loop4: detected capacity change from 0 to 512 [ 468.428084][T15864] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 468.440284][ T5642] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 468.536992][T15864] EXT4-fs (loop4): 1 truncate cleaned up [ 468.577067][T15864] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 468.630674][ T5642] usb 4-1: Using ep0 maxpacket: 16 [ 468.667807][ T5642] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 468.673523][T15864] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.704238][ T5642] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 468.750856][ T5642] usb 4-1: config 0 has no interface number 0 [ 468.782141][ T5642] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 468.804990][T15877] loop2: detected capacity change from 0 to 64 [ 468.810983][ T5642] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 468.838830][ T5642] usb 4-1: Product: syz [ 468.853548][ T5642] usb 4-1: Manufacturer: syz [ 468.870531][ T5642] usb 4-1: SerialNumber: syz [ 468.900366][ T5642] usb 4-1: config 0 descriptor?? [ 468.924974][T15879] netlink: 140 bytes leftover after parsing attributes in process `syz.0.4338'. [ 468.934277][ T5642] uvcvideo 4-1:0.105: Found UVC 0.00 device syz (046d:08f3) [ 468.968890][ T5642] uvcvideo 4-1:0.105: No valid video chain found. [ 469.180471][ T5642] usb 4-1: USB disconnect, device number 26 [ 469.350722][T15888] usb usb1: usbfs: process 15888 (syz.2.4341) did not claim interface 0 before use [ 470.194371][T15912] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4353'. [ 470.788542][T15897] loop2: detected capacity change from 0 to 32768 [ 470.821808][T15930] fuse: blksize only supported for fuseblk [ 470.903025][T15897] Bad next:5 of the last slot in dtroot [ 470.903025][T15897] [ 470.966901][T15897] ERROR: (device loop2): copy_from_dinode: Corrupt dtroot [ 470.966901][T15897] [ 471.020897][T15897] ERROR: (device loop2): remounting filesystem as read-only [ 471.060507][T15933] set match dimension is over the limit! [ 471.080985][T15897] jfs_lookup: iget failed on inum 32 [ 471.369536][T15939] xt_recent: hitcount (4294967293) is larger than allowed maximum (65535) [ 471.423482][T15943] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 471.563212][T15915] loop0: detected capacity change from 0 to 32768 [ 472.074378][T15961] netlink: zone id is out of range [ 472.093606][T15961] netlink: zone id is out of range [ 472.115530][T15961] netlink: zone id is out of range [ 472.133440][T15961] netlink: zone id is out of range [ 472.151386][T15961] netlink: get zone limit has 8 unknown bytes [ 472.319801][ T10] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 472.369381][T15965] netlink: 'syz.3.4379': attribute type 1 has an invalid length. [ 472.414030][T15965] netlink: 3 bytes leftover after parsing attributes in process `syz.3.4379'. [ 472.489840][ T10] usb 6-1: Using ep0 maxpacket: 32 [ 472.513818][ T10] usb 6-1: unable to get BOS descriptor or descriptor too short [ 472.538355][ T10] usb 6-1: config 7 has an invalid interface number: 187 but max is 0 [ 472.564116][ T10] usb 6-1: config 7 has no interface number 0 [ 472.594437][ T10] usb 6-1: config 7 interface 187 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0 [ 472.632951][ T10] usb 6-1: config 7 interface 187 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 0 [ 472.664471][T15969] netlink: 'syz.2.4382': attribute type 1 has an invalid length. [ 472.673931][ T10] usb 6-1: config 7 interface 187 has no altsetting 0 [ 472.696383][T15969] netlink: 'syz.2.4382': attribute type 2 has an invalid length. [ 472.706537][ T10] usb 6-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 472.740440][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.755411][T15947] loop4: detected capacity change from 0 to 32768 [ 472.771766][ T10] usb 6-1: Product: syz [ 472.780354][ T10] usb 6-1: Manufacturer: syz [ 472.792060][T15947] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4371 (15947) [ 472.806858][ T10] usb 6-1: SerialNumber: syz [ 472.848219][T15947] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 472.877818][T15947] BTRFS info (device loop4): using sha256 checksum algorithm [ 472.968652][T15947] BTRFS info (device loop4): enabling ssd optimizations [ 473.028874][T15947] BTRFS info (device loop4): turning on async discard [ 473.036711][T15947] BTRFS info (device loop4): enabling free space tree [ 473.121978][ T10] usb 6-1: Unknown endpoint type found, address 0x07 [ 473.128751][ T10] usb 6-1: Not enough endpoints found in device, aborting! [ 473.243829][ T5631] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 473.405532][ T5642] usb 6-1: USB disconnect, device number 21 [ 473.823966][T16004] loop2: detected capacity change from 0 to 2048 [ 473.852545][T16004] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 473.868580][T16006] Non-string source [ 473.978018][T16011] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 474.422112][T15995] loop3: detected capacity change from 0 to 32768 [ 474.444979][T16020] netlink: 172 bytes leftover after parsing attributes in process `syz.2.4400'. [ 474.492611][T16020] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4400'. [ 474.522357][T15995] JBD2: Ignoring recovery information on journal [ 474.541083][T16020] netlink: 172 bytes leftover after parsing attributes in process `syz.2.4400'. [ 474.591255][T16028] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 474.621562][T16020] netlink: 100 bytes leftover after parsing attributes in process `syz.2.4400'. [ 474.686239][T16020] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4400'. [ 474.718863][T15995] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 475.191921][ T5643] ocfs2: Unmounting device (7,3) on (node local) [ 475.544828][T16050] openvswitch: netlink: Actions may not be safe on all matching packets [ 475.567693][T16049] loop4: detected capacity change from 0 to 64 [ 475.602401][T16049] hfs: unable to locate alternate MDB [ 475.637457][T16049] hfs: continuing without an alternate MDB [ 475.678249][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 475.678271][ T30] audit: type=1800 audit(1779196550.561:256): pid=16049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4414" name="file1" dev="loop4" ino=22 res=0 errno=0 [ 475.848815][ T48] [ 475.851170][ T48] ====================================================== [ 475.858189][ T48] WARNING: possible circular locking dependency detected [ 475.865203][ T48] syzkaller #0 Not tainted [ 475.869616][ T48] ------------------------------------------------------ [ 475.876627][ T48] kworker/u8:3/48 is trying to acquire lock: [ 475.882601][ T48] ffff8880544ae4f0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xa6/0xcf0 [ 475.893374][ T48] [ 475.893374][ T48] but task is already holding lock: [ 475.900733][ T48] ffff88802cfa20a8 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330 [ 475.910111][ T48] [ 475.910111][ T48] which lock already depends on the new lock. [ 475.910111][ T48] [ 475.920508][ T48] [ 475.920508][ T48] the existing dependency chain (in reverse order) is: [ 475.929519][ T48] [ 475.929519][ T48] -> #1 (&tree->tree_lock/1){+.+.}-{4:4}: [ 475.937473][ T48] __mutex_lock+0x1a4/0x1b10 [ 475.942601][ T48] hfs_find_init+0x273/0x330 [ 475.947735][ T48] hfs_ext_read_extent+0x19d/0x9d0 [ 475.953402][ T48] hfs_extend_file+0x4ff/0xcf0 [ 475.958726][ T48] hfs_bmap_reserve+0x2ab/0x3a0 [ 475.964125][ T48] hfs_cat_create+0x348/0x980 [ 475.969351][ T48] hfs_mkdir+0x7d/0x100 [ 475.974059][ T48] vfs_mkdir+0x361/0x850 [ 475.978851][ T48] filename_mkdirat+0x48b/0x5e0 [ 475.984228][ T48] __x64_sys_mkdirat+0x89/0xc0 [ 475.989518][ T48] do_syscall_64+0x10b/0xf80 [ 475.994628][ T48] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 476.001045][ T48] [ 476.001045][ T48] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 476.010273][ T48] __lock_acquire+0x14b8/0x2630 [ 476.015653][ T48] lock_acquire+0x1b1/0x370 [ 476.020681][ T48] __mutex_lock+0x1a4/0x1b10 [ 476.025791][ T48] hfs_extend_file+0xa6/0xcf0 [ 476.031010][ T48] hfs_bmap_reserve+0x2ab/0x3a0 [ 476.036395][ T48] __hfs_ext_write_extent+0x3c4/0x510 [ 476.042309][ T48] hfs_ext_write_extent+0x1b7/0x200 [ 476.048076][ T48] hfs_write_inode+0xce/0xab0 [ 476.053272][ T48] __writeback_single_inode+0xcd4/0x1350 [ 476.059450][ T48] writeback_sb_inodes+0x766/0x1c60 [ 476.065188][ T48] wb_writeback+0x1bf/0xb90 [ 476.070233][ T48] wb_workfn+0x14f/0xc00 [ 476.075018][ T48] process_one_work+0xa0e/0x1980 [ 476.080484][ T48] worker_thread+0x5ef/0xe50 [ 476.085611][ T48] kthread+0x370/0x450 [ 476.090225][ T48] ret_from_fork+0x72b/0xd50 [ 476.095342][ T48] ret_from_fork_asm+0x1a/0x30 [ 476.100640][ T48] [ 476.100640][ T48] other info that might help us debug this: [ 476.100640][ T48] [ 476.110854][ T48] Possible unsafe locking scenario: [ 476.110854][ T48] [ 476.118289][ T48] CPU0 CPU1 [ 476.123638][ T48] ---- ---- [ 476.129012][ T48] lock(&tree->tree_lock/1); [ 476.133706][ T48] lock(&HFS_I(tree->inode)->extents_lock); [ 476.142210][ T48] lock(&tree->tree_lock/1); [ 476.149417][ T48] lock(&HFS_I(tree->inode)->extents_lock); [ 476.155404][ T48] [ 476.155404][ T48] *** DEADLOCK *** [ 476.155404][ T48] [ 476.163534][ T48] 3 locks held by kworker/u8:3/48: [ 476.168635][ T48] #0: ffff88801c6c3940 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980 [ 476.179397][ T48] #1: ffffc90000b97d08 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x973/0x1980 [ 476.191293][ T48] #2: ffff88802cfa20a8 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfs_find_init+0x273/0x330 [ 476.201115][ T48] [ 476.201115][ T48] stack backtrace: [ 476.206994][ T48] CPU: 0 UID: 0 PID: 48 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) [ 476.207033][ T48] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 476.207056][ T48] Workqueue: writeback wb_workfn (flush-7:4) [ 476.207116][ T48] Call Trace: [ 476.207128][ T48] [ 476.207141][ T48] dump_stack_lvl+0x100/0x190 [ 476.207176][ T48] print_circular_bug.cold+0x178/0x1c7 [ 476.207232][ T48] check_noncircular+0x146/0x160 [ 476.207268][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.207315][ T48] __lock_acquire+0x14b8/0x2630 [ 476.207358][ T48] ? __pfx_stack_trace_save+0x10/0x10 [ 476.207393][ T48] lock_acquire+0x1b1/0x370 [ 476.207431][ T48] ? hfs_extend_file+0xa6/0xcf0 [ 476.207488][ T48] ? __pfx___might_resched+0x10/0x10 [ 476.207533][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.207573][ T48] ? add_lock_to_list+0x99/0x110 [ 476.207606][ T48] __mutex_lock+0x1a4/0x1b10 [ 476.207638][ T48] ? hfs_extend_file+0xa6/0xcf0 [ 476.207688][ T48] ? hfs_extend_file+0xa6/0xcf0 [ 476.207741][ T48] ? hfs_write_inode+0xce/0xab0 [ 476.207770][ T48] ? __writeback_single_inode+0xcd4/0x1350 [ 476.207824][ T48] ? __pfx___mutex_lock+0x10/0x10 [ 476.207856][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.207896][ T48] ? lock_acquire+0x1b1/0x370 [ 476.207938][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.207978][ T48] ? trace_contention_end+0x122/0x170 [ 476.208022][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.208065][ T48] ? hfs_extend_file+0xa6/0xcf0 [ 476.208114][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.208154][ T48] hfs_extend_file+0xa6/0xcf0 [ 476.208207][ T48] ? __pfx_hfs_extend_file+0x10/0x10 [ 476.208258][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.208304][ T48] hfs_bmap_reserve+0x2ab/0x3a0 [ 476.208356][ T48] __hfs_ext_write_extent+0x3c4/0x510 [ 476.208406][ T48] ? hfs_find_init+0x273/0x330 [ 476.208443][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.208490][ T48] hfs_ext_write_extent+0x1b7/0x200 [ 476.208542][ T48] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 476.208598][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.208638][ T48] ? __mpage_writepages+0x1a8/0x210 [ 476.208672][ T48] ? __pfx___mpage_writepages+0x10/0x10 [ 476.208718][ T48] hfs_write_inode+0xce/0xab0 [ 476.208751][ T48] ? __pfx_hfs_write_inode+0x10/0x10 [ 476.208781][ T48] ? __lock_acquire+0x4a5/0x2630 [ 476.208832][ T48] ? __writeback_single_inode+0x454/0x1350 [ 476.208885][ T48] ? __writeback_single_inode+0x454/0x1350 [ 476.208936][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.208982][ T48] __writeback_single_inode+0xcd4/0x1350 [ 476.209039][ T48] ? __pfx___writeback_single_inode+0x10/0x10 [ 476.209091][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.209131][ T48] ? do_raw_spin_unlock+0x145/0x1e0 [ 476.209178][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.209220][ T48] writeback_sb_inodes+0x766/0x1c60 [ 476.209283][ T48] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 476.209334][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.209402][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.209441][ T48] ? rcu_is_watching+0x12/0xc0 [ 476.209493][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.209533][ T48] ? queue_io+0x287/0x540 [ 476.209577][ T48] wb_writeback+0x1bf/0xb90 [ 476.209638][ T48] ? __pfx_wb_writeback+0x10/0x10 [ 476.209696][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.209736][ T48] ? mark_held_locks+0x40/0x70 [ 476.209774][ T48] ? _raw_spin_unlock_irq+0x23/0x50 [ 476.209825][ T48] wb_workfn+0x14f/0xc00 [ 476.209878][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.209918][ T48] ? try_to_wake_up+0x15f/0x1900 [ 476.209970][ T48] ? __pfx_wb_workfn+0x10/0x10 [ 476.210023][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.210065][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.210106][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.210146][ T48] ? rcu_is_watching+0x12/0xc0 [ 476.210193][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.210236][ T48] process_one_work+0xa0e/0x1980 [ 476.210286][ T48] ? __pfx_process_one_work+0x10/0x10 [ 476.210325][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.210372][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.210415][ T48] worker_thread+0x5ef/0xe50 [ 476.210462][ T48] ? kthread+0x13a/0x450 [ 476.210501][ T48] ? __pfx_worker_thread+0x10/0x10 [ 476.210540][ T48] kthread+0x370/0x450 [ 476.210573][ T48] ? __pfx_kthread+0x10/0x10 [ 476.210611][ T48] ret_from_fork+0x72b/0xd50 [ 476.210651][ T48] ? __pfx_ret_from_fork+0x10/0x10 [ 476.210691][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.210730][ T48] ? __switch_to+0x800/0x1100 [ 476.210777][ T48] ? __switch_to_asm+0x39/0x70 [ 476.210821][ T48] ? __pfx_kthread+0x10/0x10 [ 476.210858][ T48] ret_from_fork_asm+0x1a/0x30 [ 476.210914][ T48] [ 476.708797][T16066] comedi: No check for data length of config insn id 536875917 is implemented [ 476.716916][ T48] hfs: new node 0 already hashed? [ 476.723366][ T48] ------------[ cut here ]------------ [ 476.728839][ T48] 1 [ 476.728864][ T48] WARNING: fs/hfs/bnode.c:520 at hfs_bnode_create.cold+0x41/0x49, CPU#0: kworker/u8:3/48 [ 476.741047][T16066] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c [ 476.741637][ T48] Modules linked in: [ 476.755150][ T48] CPU: 0 UID: 0 PID: 48 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) [ 476.764497][ T48] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 476.774772][ T48] Workqueue: writeback wb_workfn (flush-7:4) [ 476.781483][ T48] RIP: 0010:hfs_bnode_create.cold+0x41/0x49 [ 476.787408][ T48] Code: 75 31 65 0a e9 47 41 d1 01 e8 7b 1f e1 00 4c 89 f7 e8 63 31 65 0a e8 6e 1f e1 00 89 ee 48 c7 c7 40 e9 d1 8b e8 a0 df fa ff 90 <0f> 0b 90 e9 49 44 d1 01 e8 52 1f e1 00 e8 9d 5b 4d 00 e9 a5 46 d1 [ 476.807497][ T48] RSP: 0018:ffffc90000b97020 EFLAGS: 00010282 [ 476.807783][T16066] comedi: Assuming n=15 is correct [ 476.813596][ T48] RAX: 000000000000001f RBX: ffff88807be5a400 RCX: 0000000000000000 [ 476.813625][ T48] RDX: 000000000000001f RSI: ffffffff81e72d69 RDI: fffff52000172df5 [ 476.813651][ T48] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 476.813675][ T48] R10: 0000000080000000 R11: 77656e203a736668 R12: dffffc0000000000 [ 476.850698][ T48] R13: ffff88802cfa2000 R14: ffff88802cfa20d8 R15: 0000000000000000 [ 476.858687][ T48] FS: 0000000000000000(0000) GS:ffff88812436d000(0000) knlGS:0000000000000000 [ 476.867667][ T48] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 476.874284][ T48] CR2: 00007ff178217dac CR3: 000000005a4c3000 CR4: 0000000000350ef0 [ 476.882306][ T48] Call Trace: [ 476.886237][ T48] [ 476.889171][ T48] ? _raw_spin_unlock+0x28/0x50 [ 476.894446][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.900136][ T48] ? hfs_bnode_put+0x208/0x480 [ 476.904937][ T48] hfs_bmap_alloc+0x5a7/0x6b0 [ 476.909670][ T48] ? __pfx_hfs_bmap_alloc+0x10/0x10 [ 476.914903][ T48] ? __asan_memcpy+0x3c/0x60 [ 476.919517][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.925196][ T48] ? hfs_bnode_read.part.0+0x298/0x330 [ 476.930732][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.936392][ T48] ? folio_mark_accessed+0xf3/0x1040 [ 476.941762][ T48] hfs_btree_inc_height.isra.0+0xff/0x820 [ 476.947515][ T48] ? rcu_is_watching+0x12/0xc0 [ 476.952342][ T48] ? __pfx_hfs_btree_inc_height.isra.0+0x10/0x10 [ 476.958704][ T48] ? do_raw_spin_unlock+0x145/0x1e0 [ 476.963966][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.969653][ T48] ? _raw_spin_unlock+0x28/0x50 [ 476.974541][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 476.980227][ T48] ? hfs_bnode_put+0x208/0x480 [ 476.985023][ T48] hfs_brec_insert+0x8ba/0xc20 [ 476.990507][ T48] ? __pfx_hfs_brec_insert+0x10/0x10 [ 476.995828][ T48] ? hfs_bmap_reserve+0x2c5/0x3a0 [ 477.001314][ T48] __hfs_ext_write_extent+0x3ef/0x510 [ 477.006735][ T48] ? hfs_find_init+0x273/0x330 [ 477.011567][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.017242][ T48] hfs_ext_write_extent+0x1b7/0x200 [ 477.022502][ T48] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 477.028272][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.033960][ T48] ? __mpage_writepages+0x1a8/0x210 [ 477.039181][ T48] ? __pfx___mpage_writepages+0x10/0x10 [ 477.044779][ T48] hfs_write_inode+0xce/0xab0 [ 477.049474][ T48] ? __pfx_hfs_write_inode+0x10/0x10 [ 477.054804][ T48] ? __lock_acquire+0x4a5/0x2630 [ 477.059817][ T48] ? __writeback_single_inode+0x454/0x1350 [ 477.065663][ T48] ? __writeback_single_inode+0x454/0x1350 [ 477.071545][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.077213][ T48] __writeback_single_inode+0xcd4/0x1350 [ 477.082912][ T48] ? __pfx___writeback_single_inode+0x10/0x10 [ 477.089676][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.095336][ T48] ? do_raw_spin_unlock+0x145/0x1e0 [ 477.101104][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.106771][ T48] writeback_sb_inodes+0x766/0x1c60 [ 477.112048][ T48] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 477.117718][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.123439][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.129104][ T48] ? rcu_is_watching+0x12/0xc0 [ 477.133932][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.139588][ T48] ? queue_io+0x287/0x540 [ 477.143984][ T48] wb_writeback+0x1bf/0xb90 [ 477.148533][ T48] ? __pfx_wb_writeback+0x10/0x10 [ 477.153633][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.159291][ T48] ? mark_held_locks+0x40/0x70 [ 477.164112][ T48] ? _raw_spin_unlock_irq+0x23/0x50 [ 477.169354][ T48] wb_workfn+0x14f/0xc00 [ 477.173712][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.179370][ T48] ? try_to_wake_up+0x15f/0x1900 [ 477.184400][ T48] ? __pfx_wb_workfn+0x10/0x10 [ 477.189211][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.195550][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.201631][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.207291][ T48] ? rcu_is_watching+0x12/0xc0 [ 477.212121][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.217794][ T48] process_one_work+0xa0e/0x1980 [ 477.222784][ T48] ? __pfx_process_one_work+0x10/0x10 [ 477.228180][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.233855][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.239518][ T48] worker_thread+0x5ef/0xe50 [ 477.244172][ T48] ? kthread+0x13a/0x450 [ 477.248429][ T48] ? __pfx_worker_thread+0x10/0x10 [ 477.253577][ T48] kthread+0x370/0x450 [ 477.257671][ T48] ? __pfx_kthread+0x10/0x10 [ 477.262298][ T48] ret_from_fork+0x72b/0xd50 [ 477.266912][ T48] ? __pfx_ret_from_fork+0x10/0x10 [ 477.272068][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.277727][ T48] ? __switch_to+0x800/0x1100 [ 477.282461][ T48] ? __switch_to_asm+0x39/0x70 [ 477.287257][ T48] ? __pfx_kthread+0x10/0x10 [ 477.291900][ T48] ret_from_fork_asm+0x1a/0x30 [ 477.297345][ T48] [ 477.300811][ T48] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 477.308118][ T48] CPU: 0 UID: 0 PID: 48 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) [ 477.317482][ T48] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 477.327528][ T48] Workqueue: writeback wb_workfn (flush-7:4) [ 477.333556][ T48] Call Trace: [ 477.336825][ T48] [ 477.339744][ T48] dump_stack_lvl+0x100/0x190 [ 477.344420][ T48] vpanic+0x552/0x970 [ 477.348398][ T48] ? __pfx_vpanic+0x10/0x10 [ 477.352898][ T48] ? lock_release+0x245/0x310 [ 477.357672][ T48] panic+0xd1/0xe0 [ 477.361395][ T48] ? __pfx_panic+0x10/0x10 [ 477.365812][ T48] ? check_panic_on_warn+0x1f/0x90 [ 477.370922][ T48] check_panic_on_warn.cold+0x19/0x34 [ 477.376325][ T48] ? hfs_bnode_create.cold+0x41/0x49 [ 477.381611][ T48] __warn.cold+0x191/0x328 [ 477.386026][ T48] __report_bug+0x296/0x3d0 [ 477.390542][ T48] ? hfs_bnode_create.cold+0x41/0x49 [ 477.395877][ T48] ? __pfx___report_bug+0x10/0x10 [ 477.400918][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.406569][ T48] ? irq_work_queue+0xce/0x100 [ 477.411347][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.416994][ T48] ? __wake_up_klogd+0xe2/0x140 [ 477.421856][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.427499][ T48] ? vprintk_emit+0x1c9/0x6b0 [ 477.432199][ T48] ? __pfx_vprintk_emit+0x10/0x10 [ 477.437246][ T48] ? hfs_bnode_create.cold+0x41/0x49 [ 477.442541][ T48] report_bug+0xb2/0x220 [ 477.446805][ T48] ? hfs_bnode_create.cold+0x41/0x49 [ 477.452098][ T48] handle_bug+0x16a/0x2a0 [ 477.456433][ T48] exc_invalid_op+0x17/0x50 [ 477.460942][ T48] asm_exc_invalid_op+0x1a/0x20 [ 477.465826][ T48] RIP: 0010:hfs_bnode_create.cold+0x41/0x49 [ 477.471732][ T48] Code: 75 31 65 0a e9 47 41 d1 01 e8 7b 1f e1 00 4c 89 f7 e8 63 31 65 0a e8 6e 1f e1 00 89 ee 48 c7 c7 40 e9 d1 8b e8 a0 df fa ff 90 <0f> 0b 90 e9 49 44 d1 01 e8 52 1f e1 00 e8 9d 5b 4d 00 e9 a5 46 d1 [ 477.491344][ T48] RSP: 0018:ffffc90000b97020 EFLAGS: 00010282 [ 477.497416][ T48] RAX: 000000000000001f RBX: ffff88807be5a400 RCX: 0000000000000000 [ 477.505389][ T48] RDX: 000000000000001f RSI: ffffffff81e72d69 RDI: fffff52000172df5 [ 477.513359][ T48] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 477.521324][ T48] R10: 0000000080000000 R11: 77656e203a736668 R12: dffffc0000000000 [ 477.529292][ T48] R13: ffff88802cfa2000 R14: ffff88802cfa20d8 R15: 0000000000000000 [ 477.537266][ T48] ? vprintk_emit+0x1c9/0x6b0 [ 477.541974][ T48] ? _raw_spin_unlock+0x28/0x50 [ 477.546842][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.552492][ T48] ? hfs_bnode_put+0x208/0x480 [ 477.557277][ T48] hfs_bmap_alloc+0x5a7/0x6b0 [ 477.561980][ T48] ? __pfx_hfs_bmap_alloc+0x10/0x10 [ 477.567194][ T48] ? __asan_memcpy+0x3c/0x60 [ 477.571793][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.577436][ T48] ? hfs_bnode_read.part.0+0x298/0x330 [ 477.582908][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.588557][ T48] ? folio_mark_accessed+0xf3/0x1040 [ 477.593865][ T48] hfs_btree_inc_height.isra.0+0xff/0x820 [ 477.599602][ T48] ? rcu_is_watching+0x12/0xc0 [ 477.604389][ T48] ? __pfx_hfs_btree_inc_height.isra.0+0x10/0x10 [ 477.610738][ T48] ? do_raw_spin_unlock+0x145/0x1e0 [ 477.615959][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.621599][ T48] ? _raw_spin_unlock+0x28/0x50 [ 477.626467][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.632110][ T48] ? hfs_bnode_put+0x208/0x480 [ 477.636891][ T48] hfs_brec_insert+0x8ba/0xc20 [ 477.641681][ T48] ? __pfx_hfs_brec_insert+0x10/0x10 [ 477.646984][ T48] ? hfs_bmap_reserve+0x2c5/0x3a0 [ 477.652029][ T48] __hfs_ext_write_extent+0x3ef/0x510 [ 477.657421][ T48] ? hfs_find_init+0x273/0x330 [ 477.662193][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.667838][ T48] hfs_ext_write_extent+0x1b7/0x200 [ 477.673058][ T48] ? __pfx_hfs_ext_write_extent+0x10/0x10 [ 477.678803][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.684444][ T48] ? __mpage_writepages+0x1a8/0x210 [ 477.689648][ T48] ? __pfx___mpage_writepages+0x10/0x10 [ 477.695201][ T48] hfs_write_inode+0xce/0xab0 [ 477.699880][ T48] ? __pfx_hfs_write_inode+0x10/0x10 [ 477.705167][ T48] ? __lock_acquire+0x4a5/0x2630 [ 477.710131][ T48] ? __writeback_single_inode+0x454/0x1350 [ 477.715968][ T48] ? __writeback_single_inode+0x454/0x1350 [ 477.721796][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.727446][ T48] __writeback_single_inode+0xcd4/0x1350 [ 477.733109][ T48] ? __pfx___writeback_single_inode+0x10/0x10 [ 477.739200][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.744843][ T48] ? do_raw_spin_unlock+0x145/0x1e0 [ 477.750061][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.755706][ T48] writeback_sb_inodes+0x766/0x1c60 [ 477.760938][ T48] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 477.766630][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.772301][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.777943][ T48] ? rcu_is_watching+0x12/0xc0 [ 477.782729][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.788370][ T48] ? queue_io+0x287/0x540 [ 477.792713][ T48] wb_writeback+0x1bf/0xb90 [ 477.797243][ T48] ? __pfx_wb_writeback+0x10/0x10 [ 477.802292][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.807933][ T48] ? mark_held_locks+0x40/0x70 [ 477.812712][ T48] ? _raw_spin_unlock_irq+0x23/0x50 [ 477.817934][ T48] wb_workfn+0x14f/0xc00 [ 477.822203][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.827844][ T48] ? try_to_wake_up+0x15f/0x1900 [ 477.832803][ T48] ? __pfx_wb_workfn+0x10/0x10 [ 477.837590][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.843233][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.848878][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.854520][ T48] ? rcu_is_watching+0x12/0xc0 [ 477.859303][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.864948][ T48] process_one_work+0xa0e/0x1980 [ 477.869911][ T48] ? __pfx_process_one_work+0x10/0x10 [ 477.875295][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.880947][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.886600][ T48] worker_thread+0x5ef/0xe50 [ 477.891209][ T48] ? kthread+0x13a/0x450 [ 477.895457][ T48] ? __pfx_worker_thread+0x10/0x10 [ 477.900576][ T48] kthread+0x370/0x450 [ 477.904652][ T48] ? __pfx_kthread+0x10/0x10 [ 477.909252][ T48] ret_from_fork+0x72b/0xd50 [ 477.913856][ T48] ? __pfx_ret_from_fork+0x10/0x10 [ 477.918980][ T48] ? srso_alias_return_thunk+0x5/0xfbef5 [ 477.924620][ T48] ? __switch_to+0x800/0x1100 [ 477.929313][ T48] ? __switch_to_asm+0x39/0x70 [ 477.934091][ T48] ? __pfx_kthread+0x10/0x10 [ 477.938689][ T48] ret_from_fork_asm+0x1a/0x30 [ 477.943479][ T48] [ 477.946712][ T48] Kernel Offset: disabled [ 477.951024][ T48] Rebooting in 86400 seconds..