last executing test programs: 2.175433622s ago: executing program 4 (id=6763): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000580)={0x3d, 0x2, 0x3, "ac84ec97dc7936edd43f6f46193b9701ffc550aadacd5da6cd2ce06e1c034265", 0x4c47504a}) 2.080309767s ago: executing program 4 (id=6766): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x24d, 0x78, 0x3e00, 0x0, 0x3e, 0x180, 0x8, 0x0, {}, {}, {}, {}, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8}) 1.943069873s ago: executing program 4 (id=6771): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e06bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b27663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3800000000000000009c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488a0200000000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e4a59414329a7c7f2fad6bc871f5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561fe589e0d12969bc982ff3f0000006c0c6c747d9a1cc500bb89283a16ff10feea20bdac0000000000000000ca06f256a55591019465f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ee40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a3dc4e97f7fda840bcdd3afaa0d7c3c229de4f0f4ac4d04f1a4e52e38325ca2e5f1f9caaa7234053eca09ec3c8c16940bc3edfb2e016f355391c0e7"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632177fbac141416ac14141689089f034d2f87e5940c04ab845013f2325f1a39018302038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) 1.758478162s ago: executing program 4 (id=6778): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000180)={0x53, 0xfffffffffffffffc, 0x4, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000240)="5169aa3a", 0x0, 0xfffffff9, 0x0, 0x3, 0x0}) 1.626116759s ago: executing program 4 (id=6781): syz_mount_image$ocfs2(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000002c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x4445, &(0x7f0000000380)="$eJzs3b9vHFkdAPDvjH13drgc9nHFISGxEieBAFn2VYBPwnGc+OyLCQokQjSbtb1JDGtvZK8RRSRMF4kKiQJRRCDRuYpc0IY/gYYy1JGgoEGKFGG0u7O2Z3ZXXoLXIdHnU3g87/f6O/P2TTF+aaZxb2OntLFTqmyV6mt3dj4u/axe292svh0R6Xno2f9b1fPpnIH1uU7+pzgNo00Gc/3y1R/c+jjiz+t/fXZ4eHgYTaPR08yJ3//1zwdrJ48daaFOs93erZ2VH0fEB13jahqJiB/9KSKJiEtZ2nx2HI+Ii9HOu/XgV7dLZzSax0+rn5RfrDw8mP1oef/RQf/PnkT8rvbFb97d/PtXRmb/9vUz6h4AAAAAAAAAAAAAAAAAgNfc4o3rN78/PRNPkhjdT7rf113Mjv3ejz08M18e/ocFAAAAAAAAAAAAAAAAAACA/1PH7/+Xkvd7vP+/kB3n+tQ//O7wx8jwLH3v+sKV6Zls//ekK/9bWdI/Lo3EZI9934v7v18q1O+9/3t3Py+rM75OvxMxlk7lztN0airiD9nG7x8mF9JafafxjTv13a31MxvGaysf//bu/bnoZBv6Dxr/+UL7w9///wtdV1Pz/PbZXWJvtHz8R/qW++Mvk4Hif7lQ7zziH/HWcLt4g+XjP9pKGz9ZYK49ATTj/+vR0+O/UGh/WPF/LyJKSXOspdwM0FzDNNP7rVfIy8e/fR/lps7sD9nv/n9eiP+VQvuvav7fK34R0VM+/m+30sZyJY7v/8n09Pv/aqH9VxH/5vj3fP8PJB//d9qJoxHPs//K1pkOBp3/FwvtDyv+N9P2OOO9JHcF7Cft9H7/r468fPzHuvKPn//SgdZ/nxbqn9fzX6ffiUhaz3+d6f9rSfv5j97y8R/vW27Q+3+pUG/Y8/9ca/3Hy8rH/0IrLb92nmj9HDT+y4X2hxX/1qpkrBP/4/nk3++0039v/TeQfPw/105MT5bYa/1srf+S09f/nxXab8X/8BdD/ATd67/m+PfSIXb5BsnH/92+5Zrx/8sA3//XCvWGv/7vzFC8jHz8L/Yt17r/x06P/0qh3rDj/9VhNg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwGpjPjhORpFO58zSdmoq4nJ1/GBeS1cp6ebVWX/vpTsRCll6K95O7tfpqpVbe2KqvV8uVWq2+FnEly/8gxpKdWr1R3qzcv3rU1nhyr1rZbqxWK42IWMzSvxQXO22tbjQ2K/cj4tOjvM+n9e379ypb5fWN7e9MT09Px9LRGCaT6s8b1a1Gu/d2bsTyUd2J5MTgWtmfHY3l3eQn9d3trUqtlX7tRJ1afa1SO1FnJcv7TUwmje3drbVKo1qu1e92+nuV5rLjwtKNH964NtOVfztpH+fPd1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/JeezH77txEx2j5LI2Ku80vSq/zjp9VPyi9WHh7MfrS8/+jgWb9yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLh2jRAwFYQCe9xTUzmNYhaSzjSiihRHBE+gxPIwexUt4BwsL2y2Whd0XWLIJhMB239cM5GcyA28AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ77l+71uW4iUpyvzyK+339+9/PHUj9vxvtPlgw9XdLEMTw8dbd3dVPePR3k1+XTX5u36er/4y1Gau9rcCfDe9rp51xM7jV1b1P79XMvI+UqItqSX6Wcq2revwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA07cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZR9G0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//yGeKG8=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000900)='freezer.state\x00', 0x275a, 0x0) 1.515610175s ago: executing program 0 (id=6784): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newsa={0x1a0, 0x10, 0x1, 0x0, 0x0, {{@in, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {@in=@multicast1, 0x0, 0x32}, @in=@local, {}, {}, {}, 0x0, 0x0, 0xa, 0x0, 0x0, 0xaf}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_esn_val={0x1c}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x1a0}}, 0x0) 1.411139609s ago: executing program 3 (id=6786): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000880)=@newchain={0x24, 0x1e, 0x1, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff3}, {0x10, 0x10}, {0xe}}}, 0x24}}, 0x80) 1.372913931s ago: executing program 2 (id=6787): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000500)={0x3, @sdr={0x35303553, 0x1000}}) 1.355858522s ago: executing program 3 (id=6788): r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$apparmor_current(r0, &(0x7f0000000040)=@profile={'permprofile ', '&\x00\x00\x02'}, 0x10) 1.244811288s ago: executing program 0 (id=6789): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet6_int(r0, 0x29, 0x10, 0x0, 0x0) 1.179115511s ago: executing program 2 (id=6790): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet6_int(r0, 0x29, 0x4c, 0x0, &(0x7f0000000100)) 1.074696537s ago: executing program 0 (id=6791): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="0e0000000400"}) 1.074499226s ago: executing program 3 (id=6792): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c188008ac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0) 976.500701ms ago: executing program 2 (id=6794): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00') pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000000)='0', 0x1}, {&(0x7f0000000140)='2', 0x1}], 0x2, 0x0, 0x0) 861.124297ms ago: executing program 1 (id=6795): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip6_flowlabel\x00') read$FUSE(r0, &(0x7f00000000c0)={0x2020}, 0x2020) 702.020465ms ago: executing program 2 (id=6796): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000a00)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd25, 0x25dfdbfc, {{@in=@remote, @in=@broadcast, 0x4e24, 0x6, 0x4e20, 0x8, 0x2, 0x20, 0x100, 0x6}, {0x9e, 0x7ff, 0x20f, 0x9, 0x9, 0x9, 0x9e85, 0x1}, {0x9f, 0x9, 0x6, 0x5}, 0xa9, 0x6e6bba, 0x0, 0x1, 0x0, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x44}, 0x0) 626.991879ms ago: executing program 1 (id=6797): r0 = syz_open_dev$video(&(0x7f0000000180), 0x101, 0xab02) ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000000)={0x2, "7cc1a5c73129191131400588218436a0bf3bccd2f7fcee81d4bd9d88aea62bc4", 0x3, 0xffff, 0x3, 0x20, 0x30406, 0x4}) 583.686351ms ago: executing program 1 (id=6798): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000080)={0x8, 0x2, 0x7}) 550.323042ms ago: executing program 0 (id=6799): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x80040, 0x0) ioctl$KVM_GET_SUPPORTED_HV_CPUID_sys(r0, 0xc008aec1, &(0x7f0000000380)={0xa00}) 526.325463ms ago: executing program 2 (id=6800): setresuid(0xee00, 0xee01, 0x0) pivot_root(0x0, 0x0) 525.361964ms ago: executing program 3 (id=6801): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000003c0)={0x60, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x8}]}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x60}}, 0x0) 399.194ms ago: executing program 0 (id=6802): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x11}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x810}, 0x20004000) 399.12422ms ago: executing program 2 (id=6803): syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@nojournal_checksum}]}, 0x1, 0x5bc, &(0x7f0000001440)="$eJzs3V2IXGcdB+D/md1N87E1H7Zqa2xWQ20gdGez2YREvLDEj1qTWlG8CIWwZKe7IbM7a3YD3algizeiIII3IggVe2FFNJCbSqntRYs3Ckr9oKIxoIIIRSsFEdSRdz620+akCe7uHJrzPHBm3/Oe2X3f2eE355w57zkngNIaSw9ZxGhEXIyI7Z3Z1z9hrPOjefDCXJqyaLU+/bes/byZgxfmek/t/d629DAcsTkidh3LYu/Ile0urTTPTtfrtXPd+ery/GJ1aaV595n56dnabG3h0JGpo5OHp45Mrd9rnfjZ1lv/fOf9l594/p///tZvDv8g9Xe0u6z/dayXsRjr/k9GYmdf/XAWcd96N1aQoc5bHXf21WXDBXaI69Zq7fp+ev/eHhF72/nfHkPRefNeevrBf2yPX91bdB+BjdPqyV/8Sgu4YVXa28BZZTwiOuVKZXy8sw1/S2yt1BtLy/sfapxfmOlsK++IkcpDZ+q1ie6+wo4YydL8gXb5tfnJN8wfjGhvA39paEt7fvx0oz4z6A87oG004tLFz53etO0N+f/LUCf/wI0r5f+XLzz1bCq/OlR0b4BBSvn/3qvznwj5h9KRfygv+Yfykn8oL/mH8pJ/KC/5h/KSfygv+Yfykn8or17+HzhxIh44caLV7J7/vtCYPXN2bvHo5MT4/PnT46cb5xbHZxuN2fYZO/PX/rv1RmPxwGScf7i6XFtari6tNE/NN84vLJ9qn9d/qpZzKQCgACcvb75v557nXsoi4tEPbGlPyabuclmFG1urlUXR5yADxbDrD+XlUm1QXvbxgewayzdfbUF9/fsCDEal6A4AhbnrNsf/oKx8/w/l5ft/KC/b+IDv/6F8fP8P5TV6lft/3dx3766JiHhbRPx0aOSm3r2+gLeU1+3qj0ZcuvSdz1ZX78OtoKCgsFoo7oMKGIzXQl90T4CizBy8MNebBtXmM7ODagnI8/I9nUFAKffN7tRZMrx6bGBkg8YJ7bwjPf7o94/vmxtKU3Q/hzagKSDHo49FxLvy1v9Z+9jAju7zdnWeFrdExK0R8Y6IeOca2/7GpyLG4oVaf538w+Bcb/5vi4i0ur49It4dEbsj4j1rbPsXF1P+f72lv07+oRw+/3zRPQCK8vGniu4BUJSTxhhAaX33kaJ7ABTl6R8W3QOgKF99segeQLk9d09ETOQd/6u0j/f3jHSvC3hT91oAWyJia0Rs655DeHP3HMHtfccMr+XUJyPG4o4f99c5/geD0xv/17xi/F9ldfzfUETsWUMbz3xw9Ct59dO7U/6feKQ3/i9Nqf3eWEBgY738WMTtufnPVsf8ZpFyGvHe/7ONsS9cfjKv/sX7098d+bn8QzFa3454f+TnvyeVqsvzi9Wllebd7ft4z9YWDh2ZOjp5eOrIVLV9iZBq70IhOY7//ZX9efW/m0z5/+Yh+YdipPX/1qvkv3/7/31raOPY1798Mq9+9I8p/7ufffP8V/66KftMe753X4KHp5eXzx2I2JQdv7J+cg0dhRtcLyO9DKX879ubv/+/q/s7af1/LCI+nLYXIuI/EfHfiPhIRHw0Ij4WEfe+SZtfu2v2cl79H55M+X/8rPU/FCPlf+Ya6//0819raGP/vp98Ma/+Q3tS/sd/+6fjDw6nSf4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1t/SSvPsdL1eO7eBhaJfIwAAAAAAAJTF/wIAAP//d8Uzog==") open(&(0x7f0000000c40)='./file2\x00', 0x46342, 0x0) 320.344833ms ago: executing program 1 (id=6804): r0 = syz_open_dev$video4linux(&(0x7f0000000240), 0x145, 0x0) ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000040)={0x0, 0x0, {0x9, 0x0, 0x12c68bb8, 0xbe78}}) 218.976919ms ago: executing program 3 (id=6805): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000000000)=0x3, 0x4) 137.224993ms ago: executing program 0 (id=6806): sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect(0x0, 0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000143edd08b82225646cd3010203010902440001000000000904000000020a0000052406000105240000000d240f0105000000000000000006a41a000000102412"], 0x0) 136.684093ms ago: executing program 1 (id=6807): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000004c80)=@filter={'filter\x00', 0x42, 0x4, 0x260, 0xffffffff, 0x0, 0x0, 0x11a8, 0xffffffff, 0xffffffff, 0x1240, 0x1240, 0x1240, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'netpci0\x00', 'nr0\x00'}, 0x74000002, 0x70, 0x98, 0x1ba, {0x46010000, 0x2c000000000000}}, @REJECT={0x28}}, {{@ip={@private, @multicast2, 0x0, 0x0, 'netpci0\x00', 'team_slave_1\x00'}, 0x287, 0x70, 0x98}, @REJECT={0x28}}, {{@ip={@dev, @broadcast, 0x0, 0x0, 'veth1_to_team\x00', 'veth1_to_batadv\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c0) 71.015136ms ago: executing program 4 (id=6808): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b00)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x1, 0x0, 0x1, 0x5}}, @TCA_CT_ACTION={0x6, 0x3, 0x2}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x68000}, 0x4000) 1.183009ms ago: executing program 3 (id=6809): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x101, 0xfffffffffffffe00}, &(0x7f0000000180)=0x18) 0s ago: executing program 1 (id=6810): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000880)={0x0, @in6={{0x2, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x24}}, 0x1}}}, &(0x7f0000000300)=0x90) kernel console output (not intermixed with test programs): .108922][T15148] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 600.123964][T15148] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 600.138350][T15148] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) error while loading driver (-19) [ 600.175252][ T4782] usb 1-1: USB disconnect, device number 10 [ 600.206274][T16352] set_capacity_and_notify: 5 callbacks suppressed [ 600.206288][T16352] loop2: detected capacity change from 0 to 64 [ 600.242058][T16352] MINIX-fs: bad superblock or unable to read bitmaps [ 600.288639][T15956] usb 2-1: new high-speed USB device number 117 using dummy_hcd [ 600.310919][ T4228] usb 5-1: Using ep0 maxpacket: 8 [ 600.349547][ T4264] usb 4-1: USB disconnect, device number 12 [ 600.438478][ T4228] usb 5-1: New USB device found, idVendor=05c6, idProduct=9215, bcdDevice=29.ac [ 600.447678][ T4228] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 600.458675][ T4228] usb 5-1: config 0 descriptor?? [ 600.504128][ T4228] qmi_wwan: probe of 5-1:0.0 failed with error -22 [ 600.545163][T15956] usb 2-1: Using ep0 maxpacket: 16 [ 600.716277][T15956] usb 2-1: unable to get BOS descriptor or descriptor too short [ 600.737039][ T4228] usb 5-1: USB disconnect, device number 7 [ 600.801959][T15956] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 600.812148][T15956] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024 [ 600.845655][T15956] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 512, setting to 64 [ 600.867588][T15956] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 600.949906][T16360] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 601.047584][T15956] usb 2-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40 [ 601.056680][T15956] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 601.064792][T15956] usb 2-1: Product: syz [ 601.078950][T15956] usb 2-1: Manufacturer: syz [ 601.090240][T15956] usb 2-1: SerialNumber: syz [ 601.110236][T16356] loop0: detected capacity change from 0 to 40427 [ 601.135296][T16356] F2FS-fs (loop0): Corrupted extension count (64 + 1 > 64) [ 601.137956][T16346] raw-gadget.3 gadget: fail, usb_ep_enable returned -22 [ 601.142575][T16356] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 601.164165][T16356] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x6 [ 601.175832][ T4264] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 601.183679][T16356] F2FS-fs (loop0): invalid crc value [ 601.201403][T16356] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 601.262782][T16356] F2FS-fs (loop0): recover fsync data on readonly fs [ 601.282926][T16356] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 601.293967][T16356] F2FS-fs (loop0): Try to recover 1th superblock, ret: -30 [ 601.301814][T16356] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 601.506541][T16369] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 601.571670][T15956] usb 2-1: MIDIStreaming interface descriptor not found [ 601.621828][T15956] usb 2-1: USB disconnect, device number 117 [ 601.635667][ T4264] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 601.658587][ T4264] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 601.709028][ T4264] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 601.729710][ T4264] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 601.788354][T16375] loop3: detected capacity change from 0 to 512 [ 601.822383][T16375] EXT4-fs (loop3): bad geometry: first data block 4 is beyond end of filesystem (0) [ 601.862230][T16377] loop0: detected capacity change from 0 to 512 [ 601.885368][T16377] EXT4-fs (loop0): Ignoring removed nobh option [ 601.892685][T16377] EXT4-fs (loop0): Test dummy encryption mode enabled [ 601.907412][ T4264] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 601.920505][T16377] EXT4-fs error (device loop0): __ext4_iget:4912: inode #11: block 1: comm syz.0.5505: invalid block [ 601.931774][ T4264] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 601.939920][ T4264] usb 3-1: Product: syz [ 601.944349][ T4264] usb 3-1: Manufacturer: syz [ 601.960642][ T4262] udevd[4262]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 601.978908][T16377] EXT4-fs (loop0): Remounting filesystem read-only [ 601.985572][T16377] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.5505: couldn't read orphan inode 11 (err -117) [ 601.991951][ T4264] cdc_wdm 3-1:1.0: skipping garbage [ 602.005470][ T4264] cdc_wdm 3-1:1.0: skipping garbage [ 602.025608][ T4264] cdc_wdm: probe of 3-1:1.0 failed with error -22 [ 602.091081][T16377] EXT4-fs (loop0): Remounting filesystem read-only [ 602.101465][T16377] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,nobh,max_dir_size_kb=0x0000000000000004,bsddf,nodiscard,sysvgroups,prjquota,noauto_da_alloc,test_dummy_encryption,errors=remount-ro,. Quota mode: writeback. [ 602.227243][ T7919] usb 3-1: USB disconnect, device number 16 [ 602.360210][ T4264] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 602.790396][ T4264] usb 4-1: config 255 has too many interfaces: 226, using maximum allowed: 32 [ 602.821145][ T4264] usb 4-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 602.861589][ T4264] usb 4-1: config 255 has 1 interface, different from the descriptor's value: 226 [ 602.885969][ T4264] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 602.906545][ T4264] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 603.064565][T16421] loop4: detected capacity change from 0 to 2048 [ 603.146096][T16421] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 603.173646][T16391] loop1: detected capacity change from 0 to 40427 [ 603.211756][T16391] F2FS-fs (loop1): Corrupted extension count (64 + 1 > 64) [ 603.232906][ T4228] usb 4-1: USB disconnect, device number 13 [ 603.253712][T16391] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 603.287727][T16391] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x6 [ 603.322274][T16391] F2FS-fs (loop1): invalid crc value [ 603.383971][T16391] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 603.537673][T16430] loop0: detected capacity change from 0 to 1024 [ 603.548457][T16391] F2FS-fs (loop1): recover fsync data on readonly fs [ 603.570797][T16391] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 603.578073][T16391] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30 [ 603.598907][T16391] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 603.737042][ T4264] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 603.915144][T16423] loop2: detected capacity change from 0 to 40427 [ 603.976007][T16423] F2FS-fs (loop2): quotafile must be on filesystem root [ 604.073019][ T4264] usb 5-1: Using ep0 maxpacket: 32 [ 604.182440][T16446] loop1: detected capacity change from 0 to 8 [ 604.251303][T16446] SQUASHFS error: zlib decompression failed, data probably corrupt [ 604.270731][T16446] SQUASHFS error: Failed to read block 0x9b: -5 [ 604.287201][ T4264] usb 5-1: unable to get BOS descriptor or descriptor too short [ 604.296577][T16446] SQUASHFS error: Unable to read metadata cache entry [99] [ 604.344706][T16448] loop2: detected capacity change from 0 to 2048 [ 604.357157][T16446] SQUASHFS error: Unable to read inode 0x127 [ 604.392013][ T3561] loop2: p1 < > p4 [ 604.396815][ T3561] loop2: partition table partially beyond EOD, truncated [ 604.409942][ T3561] loop2: p4 start 3025664 is beyond EOD, truncated [ 604.422089][T16448] loop2: p1 < > p4 [ 604.432209][T16448] loop2: partition table partially beyond EOD, truncated [ 604.451381][T16448] loop2: p4 start 3025664 is beyond EOD, truncated [ 604.469065][ T7919] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 604.587314][ T4264] usb 5-1: New USB device found, idVendor=1235, idProduct=8004, bcdDevice= 0.40 [ 604.607481][ T4264] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 604.640628][ T4264] usb 5-1: Product: syz [ 604.653582][ T4264] usb 5-1: Manufacturer: syz [ 604.665866][ T4264] usb 5-1: SerialNumber: syz [ 604.721661][ T4377] udevd[4377]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 604.732297][T10670] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 604.754627][T16458] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop1 [ 604.791667][ T4377] udevd[4377]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 604.864217][T15954] usb 3-1: new low-speed USB device number 17 using dummy_hcd [ 604.896481][ T7919] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 605.014179][ T7919] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 605.024650][ T7919] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 605.032814][ T7919] usb 1-1: SerialNumber: syz [ 605.079337][ T7919] usb 1-1: bad CDC descriptors [ 605.099755][ T4264] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 605.120997][ T4264] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 605.157163][ T4264] usb 5-1: USB disconnect, device number 8 [ 605.217020][ T13] usb 2-1: new high-speed USB device number 118 using dummy_hcd [ 605.238892][T10670] usb 4-1: unable to get BOS descriptor or descriptor too short [ 605.270478][T15954] usb 3-1: config 15 has an invalid interface number: 154 but max is 0 [ 605.279136][T15954] usb 3-1: config 15 has no interface number 0 [ 605.285523][T15954] usb 3-1: config 15 interface 154 altsetting 7 endpoint 0x9 has invalid maxpacket 1024, setting to 8 [ 605.296793][T15954] usb 3-1: config 15 interface 154 altsetting 7 endpoint 0xB has invalid wMaxPacketSize 0 [ 605.306829][T15954] usb 3-1: config 15 interface 154 has no altsetting 0 [ 605.314593][T15142] usb 1-1: USB disconnect, device number 11 [ 605.324290][T10670] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 605.411420][ T4377] udevd[4377]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 605.484351][ T13] usb 2-1: Using ep0 maxpacket: 8 [ 605.533230][T10670] usb 4-1: New USB device found, idVendor=041e, idProduct=323b, bcdDevice= 0.40 [ 605.547435][T10670] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 605.557352][T10670] usb 4-1: Product: syz [ 605.568226][T10670] usb 4-1: Manufacturer: syz [ 605.575726][T10670] usb 4-1: SerialNumber: syz [ 605.580728][T15954] usb 3-1: string descriptor 0 read error: -22 [ 605.587038][T15954] usb 3-1: New USB device found, idVendor=0bc7, idProduct=0002, bcdDevice=9e.7c [ 605.618062][T15954] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 605.635320][ T13] usb 2-1: config 0 has an invalid interface number: 31 but max is 0 [ 605.649702][ T13] usb 2-1: config 0 has no interface number 0 [ 605.666184][T16454] raw-gadget.3 gadget: fail, usb_ep_enable returned -22 [ 605.697431][T15954] ati_remote_probe: Unexpected endpoint_in [ 605.847829][ T13] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 605.879076][ T13] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 605.927293][ T13] usb 2-1: Product: syz [ 605.939594][ T13] usb 2-1: Manufacturer: syz [ 605.948440][ T13] usb 2-1: SerialNumber: syz [ 605.958635][ T13] usb 2-1: config 0 descriptor?? [ 605.970258][T15954] usb 3-1: USB disconnect, device number 17 [ 606.011510][T10670] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 606.043770][T10670] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 606.104796][T10670] usb 4-1: USB disconnect, device number 14 [ 606.275356][ T13] usb 2-1: Found UVC 0.04 device syz (046d:08c3) [ 606.285711][ T13] usb 2-1: No streaming interface found for terminal 6. [ 606.315045][ T13] usb 2-1: USB disconnect, device number 118 [ 606.362423][ T4377] udevd[4377]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 606.409394][T16472] set_capacity_and_notify: 1 callbacks suppressed [ 606.409412][T16472] loop0: detected capacity change from 0 to 32768 [ 606.484499][T16472] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 606.510064][T16472] BTRFS info (device loop0): turning on async discard [ 606.563948][T16472] BTRFS info (device loop0): force clearing of disk cache [ 606.571161][T16472] BTRFS info (device loop0): turning on sync discard [ 606.622020][T16472] BTRFS info (device loop0): using free space tree [ 606.637399][T16472] BTRFS info (device loop0): has skinny extents [ 606.935668][T16472] BTRFS info (device loop0): enabling ssd optimizations [ 606.957958][ T3083] BTRFS warning (device loop0): checksum verify failed on 5255168 wanted 0xf5da176f found 0x139a6b72 level 1 [ 606.996301][T16472] BTRFS warning (device loop0): failed to read fs tree: -5 [ 607.138709][T16472] BTRFS error (device loop0): open_ctree failed: -5 [ 607.194625][T15954] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 607.307786][T16513] loop1: detected capacity change from 0 to 32768 [ 607.323916][T16513] jfs: Unrecognized mount option "fowner>00000000000000000000" or missing value [ 607.462007][T15954] usb 3-1: Using ep0 maxpacket: 8 [ 607.526043][ T7918] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 607.533811][T10670] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 607.594784][T15954] usb 3-1: config 0 has an invalid interface number: 176 but max is 2 [ 607.615896][T15954] usb 3-1: config 0 has no interface number 1 [ 607.625367][T15954] usb 3-1: too many endpoints for config 0 interface 0 altsetting 255: 255, using maximum allowed: 30 [ 607.671403][T15954] usb 3-1: config 0 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 607.704238][T15954] usb 3-1: config 0 interface 0 has no altsetting 0 [ 607.720746][T15954] usb 3-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac [ 607.737338][T15954] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 607.760518][T15954] usb 3-1: config 0 descriptor?? [ 608.007391][T10670] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 608.018224][T10670] usb 5-1: New USB device found, idVendor=03da, idProduct=2820, bcdDevice=52.3c [ 608.027491][T10670] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 608.038589][T10670] usb 5-1: config 0 descriptor?? [ 608.043860][ T4228] usb 2-1: new high-speed USB device number 119 using dummy_hcd [ 608.060692][T15954] usb 3-1: Could not set interface, error -71 [ 608.069598][T15954] qmi_wwan: probe of 3-1:0.0 failed with error -22 [ 608.077323][T15956] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 608.089816][T15954] usb 3-1: USB disconnect, device number 18 [ 608.096305][T10670] usb 5-1: bad CDC descriptors [ 608.221115][ T7918] usb 4-1: New USB device found, idVendor=0a92, idProduct=1020, bcdDevice= 0.40 [ 608.230537][ T7918] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 608.238650][ T7918] usb 4-1: Product: syz [ 608.243069][ T7918] usb 4-1: Manufacturer: syz [ 608.247707][ T7918] usb 4-1: SerialNumber: syz [ 608.318539][T10670] usb 5-1: USB disconnect, device number 9 [ 608.466905][T15956] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 608.477580][ T4228] usb 2-1: unable to get BOS descriptor or descriptor too short [ 608.485691][T15956] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 608.494844][T15956] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 608.563407][ T4228] usb 2-1: config 6 has too many interfaces: 255, using maximum allowed: 32 [ 608.572344][ T4228] usb 2-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config [ 608.586979][ T4228] usb 2-1: config 6 has 1 interface, different from the descriptor's value: 255 [ 608.669964][T15956] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 608.679080][T15956] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 608.694089][T15956] usb 1-1: Product: syz [ 608.698674][T15956] usb 1-1: Manufacturer: syz [ 608.704553][T15956] usb 1-1: SerialNumber: syz [ 608.713130][ T7918] usb 4-1: MIDIStreaming interface descriptor not found [ 608.764105][ T7918] usb 4-1: USB disconnect, device number 15 [ 608.778385][T15956] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found [ 608.787675][ T4228] usb 2-1: New USB device found, idVendor=0bda, idProduct=0140, bcdDevice=da.29 [ 608.807704][T15956] cdc_ncm 1-1:1.0: bind() failure [ 608.823558][ T4228] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 608.837603][T16527] loop2: detected capacity change from 0 to 1764 [ 608.873078][ T4228] usb 2-1: Product: syz [ 608.877331][ T4228] usb 2-1: Manufacturer: syz [ 608.881962][ T4228] usb 2-1: SerialNumber: syz [ 608.995376][T10670] usb 1-1: USB disconnect, device number 12 [ 609.081832][ T5770] udevd[5770]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 609.137920][T16531] loop2: detected capacity change from 0 to 4096 [ 609.204582][T16531] __ntfs_error: 11 callbacks suppressed [ 609.204602][T16531] ntfs: (device loop2): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 609.204599][T15954] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 609.236811][ T4228] rtsx_usb: probe of 2-1:6.0 failed with error -22 [ 609.247138][T16531] ntfs: (device loop2): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover. [ 609.300623][T16531] ntfs: (device loop2): ntfs_fill_super(): Not an NTFS volume. [ 609.309595][ T4228] usb 2-1: USB disconnect, device number 119 [ 609.424204][T16541] loop3: detected capacity change from 0 to 512 [ 609.493093][T15954] usb 5-1: Using ep0 maxpacket: 8 [ 609.524076][T16541] EXT4-fs (loop3): Invalid log block size: 9 [ 609.621635][T15954] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 130, changing to 7 [ 609.642300][T15954] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 255, changing to 7 [ 609.867536][T15954] usb 5-1: New USB device found, idVendor=0763, idProduct=2003, bcdDevice= 0.40 [ 609.876702][T15954] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 609.900671][T15954] usb 5-1: Product: syz [ 609.905003][T15954] usb 5-1: Manufacturer: syz [ 609.909688][T15954] usb 5-1: SerialNumber: syz [ 609.963724][ T7918] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 609.985221][T10670] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 610.102476][ T4228] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 610.262931][T10670] usb 4-1: Using ep0 maxpacket: 32 [ 610.316377][ T7911] usb 2-1: new high-speed USB device number 120 using dummy_hcd [ 610.327131][T15954] usb 5-1: 1:1: invalid format type 0x1002 is detected, processed as PCM [ 610.335683][T15954] usb 5-1: 1:1 : invalid UAC_FORMAT_TYPE desc [ 610.359076][ T4228] usb 3-1: Using ep0 maxpacket: 16 [ 610.380618][T15954] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 610.410628][T15954] usb 5-1: USB disconnect, device number 10 [ 610.423442][ T7918] usb 1-1: config 160 has an invalid interface number: 200 but max is 0 [ 610.432037][T10670] usb 4-1: config 164 has an invalid interface number: 195 but max is 0 [ 610.440855][ T7918] usb 1-1: config 160 has no interface number 0 [ 610.453578][T10670] usb 4-1: config 164 has no interface number 0 [ 610.462141][ T7918] usb 1-1: config 160 interface 200 altsetting 30 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 610.476011][T10670] usb 4-1: config 164 interface 195 has no altsetting 0 [ 610.485429][ T7918] usb 1-1: config 160 interface 200 has no altsetting 0 [ 610.530399][ T4228] usb 3-1: unable to get BOS descriptor or descriptor too short [ 610.615822][ T4228] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 142, changing to 7 [ 610.690783][ T7918] usb 1-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b [ 610.700331][T10670] usb 4-1: New USB device found, idVendor=2304, idProduct=021a, bcdDevice=c7.8c [ 610.709583][ T7918] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.716914][ T4377] udevd[4377]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 610.721600][T10670] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.741699][ T7918] usb 1-1: Product: syz [ 610.753403][T10670] usb 4-1: Product: syz [ 610.758034][ T7918] usb 1-1: Manufacturer: syz [ 610.762683][ T7918] usb 1-1: SerialNumber: syz [ 610.773256][ T7911] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 610.783086][T10670] usb 4-1: Manufacturer: syz [ 610.795646][ T7911] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 41, changing to 7 [ 610.801524][ T4228] usb 3-1: New USB device found, idVendor=2a39, idProduct=3fb0, bcdDevice= 0.40 [ 610.806828][T10670] usb 4-1: SerialNumber: syz [ 610.828256][ T7911] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 42087, setting to 1024 [ 610.840608][ T4228] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.861090][ T4228] usb 3-1: Product: syz [ 610.865407][ T4228] usb 3-1: Manufacturer: syz [ 610.881324][ T4228] usb 3-1: SerialNumber: syz [ 611.036843][T16583] Option ' ' to dns_resolver key: bad/missing value [ 611.047073][ T7911] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 611.056692][ T7911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 611.065127][ T7911] usb 2-1: Product: syz [ 611.069328][ T7911] usb 2-1: Manufacturer: syz [ 611.076057][ T7911] usb 2-1: SerialNumber: syz [ 611.087590][ T7911] usb 2-1: config 0 descriptor?? [ 611.203084][T10670] usb 4-1: USB disconnect, device number 16 [ 611.246606][ T4228] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 611.267780][ T4228] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 611.331447][ T7911] usb 2-1: 0:0 : invalid sync pipe. bmAttributes 61, bLength 9, bSynchAddress 0a [ 611.383472][ T4228] usb 3-1: USB disconnect, device number 19 [ 611.416393][ T7911] usb 2-1: USB disconnect, device number 120 [ 611.492578][ T7918] usb 1-1: MIDIStreaming interface descriptor not found [ 611.546753][ T7918] usb 1-1: USB disconnect, device number 13 [ 611.666770][T16591] loop4: detected capacity change from 0 to 32768 [ 611.699985][T16591] lmLogInit: exit(-22) [ 611.704296][T16591] lmLogOpen: exit(-22) [ 611.709986][T16591] jfs_mount_rw failed, return code = -22 [ 611.784181][ T4377] udevd[4377]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 612.160443][T16612] loop2: detected capacity change from 0 to 256 [ 612.219318][ T7918] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 612.372376][T16618] loop4: detected capacity change from 0 to 4096 [ 612.392761][T16617] loop1: detected capacity change from 0 to 8192 [ 612.409266][T16618] ntfs: (device loop4): ntfs_read_locked_inode(): Found unknown compression method or corrupt file. [ 612.424668][T16618] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 612.442456][T16618] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 612.462618][T16617] loop1: p1 < > p3 < p5 > p4 [ 612.473264][T16617] loop1: partition table partially beyond EOD, truncated [ 612.510716][T16617] loop1: p1 start 4294967040 is beyond EOD, truncated [ 612.518589][ T7918] usb 1-1: Using ep0 maxpacket: 32 [ 612.525626][T16618] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing. [ 612.558109][T16618] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 612.571998][ T21] usb 4-1: new full-speed USB device number 17 using dummy_hcd [ 612.604210][T16618] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 612.654108][T16618] ntfs: (device loop4): load_system_files(): Failed to load $Bitmap. [ 612.721291][T16622] loop2: detected capacity change from 0 to 8192 [ 612.721744][ T7918] usb 1-1: unable to get BOS descriptor or descriptor too short [ 612.767804][T16622] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 612.777576][T16622] REISERFS (device loop2): using ordered data mode [ 612.784791][T16622] reiserfs: using flush barriers [ 612.795177][T16622] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 612.814239][T16622] REISERFS (device loop2): checking transaction log (loop2) [ 612.844162][ T7918] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 196, changing to 7 [ 612.927193][T16622] REISERFS (device loop2): Using tea hash to sort names [ 612.934755][T16622] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 612.955916][ T4375] udevd[4375]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 612.969908][ T4262] udevd[4262]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory [ 612.989032][ T21] usb 4-1: config index 0 descriptor too short (expected 539, got 27) [ 613.004100][ T21] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10 [ 613.024538][ T4308] udevd[4308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 613.067119][ T21] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 613.181836][ T7918] usb 1-1: string descriptor 0 read error: -22 [ 613.188213][ T7918] usb 1-1: New USB device found, idVendor=0dba, idProduct=1000, bcdDevice= 0.40 [ 613.240635][ T7918] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 613.277915][ T21] usb 4-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 613.316068][ T21] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 613.330697][ T7918] usb 1-1: unit 6 not found! [ 613.335429][ T21] usb 4-1: Product: syz [ 613.335453][ T21] usb 4-1: Manufacturer: syz [ 613.358203][ T21] usb 4-1: SerialNumber: syz [ 613.390897][ T21] usb 4-1: config 0 descriptor?? [ 613.451236][ T21] hub 4-1:0.0: bad descriptor, ignoring hub [ 613.466958][ T21] hub: probe of 4-1:0.0 failed with error -5 [ 613.510765][ T21] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input35 [ 613.550388][ T21] usbtouchscreen 4-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -90 [ 613.567275][ T7918] snd-usb-audio: probe of 1-1:1.0 failed with error -22 [ 613.588946][ T21] usbtouchscreen: probe of 4-1:0.0 failed with error -90 [ 613.597912][ T7918] usb 1-1: unit 6 not found! [ 613.620594][ T7918] snd-usb-audio: probe of 1-1:1.1 failed with error -22 [ 613.660728][ T7918] usb 1-1: unit 6 not found! [ 613.674915][ T21] usb 4-1: USB disconnect, device number 17 [ 613.761930][ T7918] snd-usb-audio: probe of 1-1:1.2 failed with error -22 [ 613.802912][ T7918] usb 1-1: USB disconnect, device number 14 [ 613.804381][ T5957] udevd[5957]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:160.200/sound/card5/controlC5/../uevent} for writing: No such file or directory [ 613.836071][T16626] loop1: detected capacity change from 0 to 32768 [ 613.895202][T16643] loop2: detected capacity change from 0 to 4096 [ 613.973660][T16643] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 613.982726][T16637] loop4: detected capacity change from 0 to 32768 [ 614.001007][T16626] (syz.1.5624,16626,0):ocfs2_init_local_system_inodes:493 ERROR: status=-22, sysfile=9, slot=0 [ 614.018819][T16643] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 614.028140][T16626] (syz.1.5624,16626,1):ocfs2_init_local_system_inodes:502 ERROR: status = -22 [ 614.037254][T16626] (syz.1.5624,16626,1):ocfs2_mount_volume:1818 ERROR: status = -22 [ 614.062582][T16643] ntfs3: loop2: Failed to load $UpCase. [ 614.075186][T16637] jfs_mount: dbMount failed w/rc = -22 [ 614.097627][T16626] (syz.1.5624,16626,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 614.111206][T16637] Mount JFS Failure: -22 [ 614.127453][T16637] jfs_mount failed w/return code = -22 [ 614.215894][ T4295] udevd[4295]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 614.467901][T16654] loop3: detected capacity change from 0 to 512 [ 614.533029][T16656] loop1: detected capacity change from 0 to 128 [ 614.549839][T16654] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 614.603256][ T7918] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 614.655665][T16656] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 614.709937][T16654] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 614.742759][T16654] __quota_error: 1 callbacks suppressed [ 614.742783][T16654] Quota error (device loop3): write_blk: dquota write failed [ 614.849298][T16654] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 614.859245][T16654] EXT4-fs error (device loop3): ext4_acquire_dquot:6234: comm syz.3.5637: Failed to acquire dquot type 0 [ 614.877301][T16669] loop2: detected capacity change from 0 to 22 [ 614.957912][T16654] EXT4-fs (loop3): 1 truncate cleaned up [ 614.963645][T16654] EXT4-fs (loop3): mounted filesystem without journal. Opts: lazytime,noblock_validity,inode_readahead_blks=0x0000000000001000,barrier=0x0000000000000000,journal_dev=0x0000000000000005,dioread_lock,data_err=ignore,noinit_itable,resgid=0x000000000000ee002,errors=continue. Quota mode: writeback. [ 615.043087][T16656] hpfs: hpfs_map_sector(): read error [ 615.095356][ T7918] usb 1-1: config 4 has an invalid interface number: 121 but max is 0 [ 615.135808][ T7918] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 615.183770][ T7918] usb 1-1: config 4 has no interface number 0 [ 615.215418][ T7918] usb 1-1: config 4 interface 121 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 615.276760][ T7918] usb 1-1: config 4 interface 121 has no altsetting 0 [ 615.512788][ T7918] usb 1-1: New USB device found, idVendor=6b86, idProduct=c611, bcdDevice=25.ca [ 615.530502][ T7918] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 615.541534][ T7918] usb 1-1: Product: syz [ 615.546735][ T7918] usb 1-1: Manufacturer: syz [ 615.567585][ T7918] usb 1-1: SerialNumber: syz [ 615.719429][T16688] ntfs: (device loop3): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 615.742955][T16688] ntfs: (device loop3): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover. [ 615.803121][T16688] ntfs: (device loop3): ntfs_fill_super(): Not an NTFS volume. [ 615.923011][ T7918] usb 1-1: USB disconnect, device number 15 [ 616.050808][T16698] tmpfs: Bad value for 'mpol' [ 616.273876][T16673] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(262146) root(3) [ 616.313941][T16673] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 616.344038][T16673] F2FS-fs (loop4): Invalid gid value -1 [ 616.471061][T16704] ntfs3: loop2: Failed to load $MFT. [ 616.923429][T10670] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 617.038882][T16708] BTRFS: device fsid 17bca515-437c-4bbd-9eb0-5eb74df1971f devid 1 transid 8 /dev/loop1 scanned by syz.1.5662 (16708) [ 617.081733][T16708] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 617.090618][ T7918] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 617.099632][T16708] BTRFS info (device loop1): using free space tree [ 617.108366][T16708] BTRFS info (device loop1): has skinny extents [ 617.136951][T16708] BTRFS info (device loop1): enabling ssd optimizations [ 617.239711][T16706] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 617.239711][T16706] [ 617.308383][T16706] xtLookup: xtSearch returned -5 [ 617.330358][T16706] read_mapping_page failed! [ 617.335005][T16706] jfs_mount: diMount(ipaimap2) failed, rc = -5 [ 617.351847][ T4377] BTRFS: device fsid 17bca515-437c-4bbd-9eb0-5eb74df1971f devid 1 transid 9 /dev/loop1 scanned by udevd (4377) [ 617.381291][ T7918] usb 3-1: Using ep0 maxpacket: 32 [ 617.386924][T10670] usb 5-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 617.399313][T10670] usb 5-1: config 2 interface 0 altsetting 178 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 617.413672][T10670] usb 5-1: config 2 interface 0 has no altsetting 0 [ 617.416457][T16706] Mount JFS Failure: -5 [ 617.436944][T16706] jfs_mount failed w/return code = -5 [ 617.518254][T10670] usb 5-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47 [ 617.527481][T10670] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 617.554391][T10670] usb 5-1: SerialNumber: syz [ 617.588606][ T7918] usb 3-1: unable to get BOS descriptor or descriptor too short [ 617.672118][ T7918] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 1544, setting to 1024 [ 617.795149][T16717] set_capacity_and_notify: 6 callbacks suppressed [ 617.795168][T16717] loop0: detected capacity change from 0 to 40427 [ 617.825763][T16717] F2FS-fs (loop0): Fix alignment : done, start(4096) end(16896) block(12288) [ 617.886869][T16717] F2FS-fs (loop0): Fix alignment : done, start(4096) end(16896) block(12288) [ 617.913345][ T7918] usb 3-1: New USB device found, idVendor=0644, idProduct=800e, bcdDevice= 0.40 [ 617.926629][ T7918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 617.949968][ T7916] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 617.959484][T10670] ims_pcu 5-1:2.0: Union descriptor too short (2 vs 5) [ 617.976892][T16717] F2FS-fs (loop0): invalid crc value [ 617.982755][T10670] ims_pcu: probe of 5-1:2.0 failed with error -22 [ 617.989317][ T7918] usb 3-1: Product: syz [ 618.009640][T10670] usb 5-1: USB disconnect, device number 11 [ 618.016478][ T7918] usb 3-1: Manufacturer: syz [ 618.021151][ T7918] usb 3-1: SerialNumber: syz [ 618.026429][T16717] F2FS-fs (loop0): invalid crc value [ 618.032028][T16717] F2FS-fs (loop0): Failed to get valid F2FS checkpoint [ 618.260415][ T7916] usb 4-1: Using ep0 maxpacket: 32 [ 618.399595][ T7916] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 1056, setting to 1024 [ 618.416671][ T7916] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 252, changing to 7 [ 618.447778][ T7918] usb 3-1: 1:1 : no UAC_FORMAT_TYPE desc [ 618.454194][T16760] loop0: detected capacity change from 0 to 128 [ 618.476288][ T7918] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 618.489814][T16762] loop4: detected capacity change from 0 to 128 [ 618.541476][ T7918] usb 3-1: USB disconnect, device number 20 [ 618.626278][T16764] loop0: detected capacity change from 0 to 128 [ 618.638330][ T6826] usb 2-1: new high-speed USB device number 121 using dummy_hcd [ 618.655982][ T7916] usb 4-1: New USB device found, idVendor=fc08, idProduct=0101, bcdDevice= 0.40 [ 618.670991][ T7916] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 618.685219][ T7916] usb 4-1: Product: syz [ 618.695699][ T7916] usb 4-1: Manufacturer: syz [ 618.700459][ T7916] usb 4-1: SerialNumber: syz [ 618.811835][ T5955] udevd[5955]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 618.912196][ T6826] usb 2-1: Using ep0 maxpacket: 32 [ 619.000798][T16770] loop2: detected capacity change from 0 to 128 [ 619.162197][ T7916] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 619.211793][ T7916] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 619.231945][T16773] loop2: detected capacity change from 0 to 724 [ 619.256119][T16766] loop4: detected capacity change from 0 to 32768 [ 619.275982][ T6826] usb 2-1: New USB device found, idVendor=15ca, idProduct=0101, bcdDevice= 0.40 [ 619.302518][ T7916] usb 4-1: unit 130 not found! [ 619.317634][ T6826] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 619.342189][ T7916] usb 4-1: USB disconnect, device number 18 [ 619.348289][T16766] BTRFS: device fsid 28302361-d975-4c41-bd4c-c547b14b74a1 devid 1 transid 8 /dev/loop4 scanned by syz.4.5680 (16766) [ 619.374912][ T6826] usb 2-1: Product: syz [ 619.379156][ T6826] usb 2-1: Manufacturer: syz [ 619.409314][ T6826] usb 2-1: SerialNumber: syz [ 619.466703][T16766] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 619.496613][T16766] BTRFS info (device loop4): using free space tree [ 619.521242][T16766] BTRFS info (device loop4): has skinny extents [ 619.612916][T16768] loop0: detected capacity change from 0 to 40427 [ 619.650974][ T4377] udevd[4377]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 619.664190][T16768] F2FS-fs (loop0): Wrong SIT boundary, start(1536) end(2560) blocks(0) [ 619.722540][T16768] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 619.768121][T16768] F2FS-fs (loop0): invalid crc value [ 619.790017][T16768] F2FS-fs (loop0): Found nat_bits in checkpoint [ 619.842479][T16766] BTRFS info (device loop4): enabling ssd optimizations [ 619.893001][T16768] F2FS-fs (loop0): Start checkpoint disabled! [ 619.913189][T16768] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 619.918578][ T6826] usb 2-1: MIDIStreaming interface descriptor not found [ 619.932343][T16768] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 620.000776][ T6826] usb 2-1: USB disconnect, device number 121 [ 620.024263][T10670] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 620.349850][ T5957] udevd[5957]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 620.366422][T10670] usb 4-1: Using ep0 maxpacket: 16 [ 620.390290][T16801] loop1: detected capacity change from 0 to 128 [ 620.468481][T16775] loop2: detected capacity change from 0 to 40427 [ 620.586228][T16775] F2FS-fs (loop2): Fix alignment : done, start(4096) end(16896) block(12288) [ 620.601761][T10670] usb 4-1: unable to get BOS descriptor or descriptor too short [ 620.628415][T16775] F2FS-fs (loop2): Fix alignment : done, start(4096) end(16896) block(12288) [ 620.651711][T16775] F2FS-fs (loop2): invalid crc value [ 620.676855][T16775] F2FS-fs (loop2): invalid crc value [ 620.682302][T16775] F2FS-fs (loop2): Failed to get valid F2FS checkpoint [ 620.714247][T10670] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 620.758976][T10670] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 621.008119][T10670] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 621.050132][T10670] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 621.058832][T10670] usb 4-1: Product: syz [ 621.071957][T10670] usb 4-1: Manufacturer: syz [ 621.087528][T10670] usb 4-1: SerialNumber: syz [ 621.436596][T16803] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.5687 (16803) [ 621.486902][T16803] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 621.508066][T16803] BTRFS info (device loop0): using free space tree [ 621.542822][T16809] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.5691 (16809) [ 621.556313][T10670] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 621.571019][T16803] BTRFS info (device loop0): has skinny extents [ 621.578381][T10670] usb 4-1: 2:1 : invalid UAC_AS_GENERAL desc [ 621.591531][T16809] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 621.609021][T16809] BTRFS info (device loop2): using free space tree [ 621.615778][T16809] BTRFS info (device loop2): has skinny extents [ 621.663043][T10670] usb 4-1: USB disconnect, device number 19 [ 621.830054][T16807] BTRFS: device fsid 59b5568a-a427-4554-b73a-27dcd238cc5a devid 1 transid 8 /dev/loop1 scanned by syz.1.5690 (16807) [ 621.900851][T16807] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 621.907209][T16813] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop4 scanned by syz.4.5692 (16813) [ 621.924477][T16807] BTRFS info (device loop1): using free space tree [ 621.957630][T16809] BTRFS info (device loop2): enabling ssd optimizations [ 621.961746][T16807] BTRFS info (device loop1): has skinny extents [ 621.974236][T16803] BTRFS info (device loop0): enabling ssd optimizations [ 622.237142][T16813] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 622.254378][T16813] BTRFS info (device loop4): using free space tree [ 622.277899][T16813] BTRFS info (device loop4): has skinny extents [ 622.366383][T16865] erofs: (device loop3): mounted with root inode @ nid 36. [ 622.931777][T16813] BTRFS info (device loop4): enabling ssd optimizations [ 622.971542][T16807] BTRFS info (device loop1): enabling ssd optimizations [ 623.087457][T16904] affs: No valid root block on device loop2 [ 623.513592][T16910] set_capacity_and_notify: 6 callbacks suppressed [ 623.513612][T16910] loop0: detected capacity change from 0 to 16 [ 623.631017][T16910] erofs: (device loop0): mounted with root inode @ nid 36. [ 623.993590][T16906] loop3: detected capacity change from 0 to 32768 [ 624.017316][ T4308] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 9 /dev/loop4 scanned by udevd (4308) [ 624.083578][T16906] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop3 scanned by syz.3.5697 (16906) [ 624.150869][T16906] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 624.171601][T16912] loop0: detected capacity change from 0 to 2048 [ 624.203777][T16906] BTRFS info (device loop3): using free space tree [ 624.234959][T16906] BTRFS info (device loop3): has skinny extents [ 624.313376][T16912] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 624.365338][T16906] BTRFS info (device loop3): enabling ssd optimizations [ 624.490372][T16908] loop2: detected capacity change from 0 to 40427 [ 624.568257][ T4225] usb 5-1: new full-speed USB device number 12 using dummy_hcd [ 624.638595][T16908] F2FS-fs (loop2): Fix alignment : done, start(4096) end(16896) block(12288) [ 624.688134][T16908] F2FS-fs (loop2): invalid crc value [ 624.724236][T16908] F2FS-fs (loop2): invalid crc value [ 624.735705][T16908] F2FS-fs (loop2): Failed to get valid F2FS checkpoint [ 624.980168][T16945] loop2: detected capacity change from 0 to 1024 [ 625.054467][T16945] EXT4-fs (loop2): Unsupported blocksize for fs-verity [ 625.108915][ T4225] usb 5-1: unable to get BOS descriptor or descriptor too short [ 625.178158][ T4225] usb 5-1: not running at top speed; connect to a high speed hub [ 625.218468][T16920] loop1: detected capacity change from 0 to 32768 [ 625.277301][ T4225] usb 5-1: config 17 has an invalid interface number: 8 but max is 1 [ 625.288528][T16920] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.5700 (16920) [ 625.316566][ T4225] usb 5-1: config 17 has 1 interface, different from the descriptor's value: 2 [ 625.346776][ T4225] usb 5-1: config 17 has no interface number 0 [ 625.380804][ T4225] usb 5-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0 [ 625.431047][ T4225] usb 5-1: config 17 interface 8 has no altsetting 0 [ 625.454993][ T5955] udevd[5955]: incorrect btrfs checksum on /dev/loop1 [ 625.464161][T16920] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 625.473197][ T3162] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 625.493068][T16920] BTRFS error (device loop1): superblock checksum mismatch [ 625.525068][T16954] loop2: detected capacity change from 0 to 1024 [ 625.541499][T16920] BTRFS error (device loop1): open_ctree failed: -22 [ 625.564333][T16954] EXT4-fs (loop2): Unsupported blocksize for fs-verity [ 625.616601][ T4225] usb 5-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff [ 625.626438][ T4225] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 625.658852][ T4225] usb 5-1: Product: syz [ 625.665757][ T4225] usb 5-1: Manufacturer: syz [ 625.694051][ T4225] usb 5-1: SerialNumber: syz [ 625.868060][T16956] loop2: detected capacity change from 0 to 4096 [ 625.899393][T16952] loop3: detected capacity change from 0 to 32768 [ 625.906370][ T3162] usb 1-1: config 0 has an invalid interface number: 50 but max is 0 [ 625.914949][ T3162] usb 1-1: config 0 has no interface number 0 [ 625.921711][ T3162] usb 1-1: config 0 interface 50 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 625.938315][T16956] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 625.951521][T16952] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 scanned by syz.3.5704 (16952) [ 626.009706][T16952] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 626.041731][T16952] BTRFS info (device loop3): using free space tree [ 626.049590][T16952] BTRFS info (device loop3): has skinny extents [ 626.089010][ T4225] usb 5-1: selecting invalid altsetting 0 [ 626.130022][ T3162] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 626.142066][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 626.148861][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.156968][ T4225] usb 5-1: USB disconnect, device number 12 [ 626.222510][ T3162] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 626.236103][ T3162] usb 1-1: Product: syz [ 626.241636][ T3162] usb 1-1: Manufacturer: syz [ 626.268212][ T3162] usb 1-1: SerialNumber: syz [ 626.279029][T16952] BTRFS info (device loop3): enabling ssd optimizations [ 626.290705][ T3162] usb 1-1: config 0 descriptor?? [ 626.341385][ T3162] yurex 1-1:0.50: Could not find endpoints [ 626.420667][ T5955] udevd[5955]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 626.537317][ T4308] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 9 /dev/loop3 scanned by udevd (4308) [ 626.564931][T16981] loop2: detected capacity change from 0 to 2048 [ 626.816498][T16981] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 626.892228][T16981] ext4 filesystem being mounted at /1150/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 627.114451][ T4496] usb 1-1: USB disconnect, device number 16 [ 627.226594][T16962] BTRFS: device fsid d4515e72-4b5f-44ec-805d-b3edf811e7f1 devid 1 transid 8 /dev/loop1 scanned by syz.1.5708 (16962) [ 627.307967][T16988] affs: No valid root block on device loop3 [ 627.345036][T16962] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 627.375484][T16962] BTRFS info (device loop1): using free space tree [ 627.390846][T16962] BTRFS info (device loop1): has skinny extents [ 627.437994][T16984] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 8 /dev/loop4 scanned by syz.4.5711 (16984) [ 627.480444][T16992] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 627.491463][T16990] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 627.579025][T16962] BTRFS info (device loop1): enabling ssd optimizations [ 627.690868][T16984] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 627.700176][T16984] BTRFS info (device loop4): using free space tree [ 627.797980][T16984] BTRFS info (device loop4): has skinny extents [ 627.904576][T17016] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 628.170705][ T4377] BTRFS: device fsid d4515e72-4b5f-44ec-805d-b3edf811e7f1 devid 1 transid 9 /dev/loop1 scanned by udevd (4377) [ 628.404796][T16984] BTRFS info (device loop4): enabling ssd optimizations [ 628.509774][T17029] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.5716 (17029) [ 628.884653][T17018] BTRFS: device fsid cd9941ec-5f77-48ee-8e7d-6f6f8a5e5a08 devid 1 transid 8 /dev/loop0 scanned by syz.0.5715 (17018) [ 628.928140][T17029] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 628.956687][T17018] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 628.979061][T17018] BTRFS info (device loop0): using free space tree [ 628.992049][T17029] BTRFS info (device loop2): using free space tree [ 629.058949][T17018] BTRFS info (device loop0): has skinny extents [ 629.074230][T17029] BTRFS info (device loop2): has skinny extents [ 629.127952][ T4262] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 9 /dev/loop4 scanned by udevd (4262) [ 629.581409][T17018] BTRFS info (device loop0): enabling ssd optimizations [ 629.623584][T17029] BTRFS info (device loop2): enabling ssd optimizations [ 630.069034][T17044] set_capacity_and_notify: 8 callbacks suppressed [ 630.069054][T17044] loop1: detected capacity change from 0 to 32768 [ 630.109942][T17047] loop3: detected capacity change from 0 to 32768 [ 630.151977][T17047] BTRFS: device fsid 5ac8a51e-da3a-4998-8e66-e1df06b87bc8 devid 1 transid 8 /dev/loop3 scanned by syz.3.5718 (17047) [ 630.340909][T17044] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop1 scanned by syz.1.5717 (17044) [ 630.359917][T17047] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 630.405417][T17047] BTRFS info (device loop3): using free space tree [ 630.445078][T17047] BTRFS info (device loop3): has skinny extents [ 630.468359][T17044] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 630.545809][T17044] BTRFS info (device loop1): using free space tree [ 630.583505][T17044] BTRFS info (device loop1): has skinny extents [ 630.827497][T17080] loop4: detected capacity change from 0 to 32768 [ 630.938186][T17080] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 630.996774][T17080] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 631.009025][T17044] BTRFS info (device loop1): enabling ssd optimizations [ 631.016442][T17047] BTRFS info (device loop3): enabling ssd optimizations [ 631.106957][T17080] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 631.165917][ T7] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 631.172761][ T7] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 631.451953][ T7] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 261ms [ 631.498541][ T7] gfs2: fsid=syz:syz.0: jid=0: Done [ 631.503911][T17080] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 631.550155][ T5955] BTRFS: device fsid 5ac8a51e-da3a-4998-8e66-e1df06b87bc8 devid 1 transid 9 /dev/loop3 scanned by udevd (5955) [ 632.878278][T17143] loop4: detected capacity change from 0 to 64 [ 633.136765][T17145] loop4: detected capacity change from 0 to 64 [ 633.409504][T17147] loop4: detected capacity change from 0 to 1024 [ 633.498602][T17139] loop3: detected capacity change from 0 to 32768 [ 633.614027][T17139] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 633.622061][T17139] dlm: no local IP address has been set [ 633.663684][T17139] dlm: cannot start dlm midcomms -107 [ 633.675711][T17141] loop1: detected capacity change from 0 to 32768 [ 633.705199][T17139] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 633.713647][T17149] loop4: detected capacity change from 0 to 2048 [ 633.783027][T17141] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 633.804801][T17149] EXT4-fs (loop4): Unsupported blocksize for fs-verity [ 633.818684][T17141] dlm: no local IP address has been set [ 633.853719][T17141] dlm: cannot start dlm midcomms -107 [ 633.859193][T17141] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 633.948447][T17151] loop3: detected capacity change from 0 to 1024 [ 634.933467][T17153] BTRFS: device fsid afd29e67-b8c6-49b0-b0d7-0efab618e2f3 devid 1 transid 8 /dev/loop4 scanned by syz.4.5730 (17153) [ 635.028258][T17153] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 635.080395][T17153] BTRFS info (device loop4): using free space tree [ 635.116105][T17153] BTRFS info (device loop4): has skinny extents [ 635.138285][T17167] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 635.286343][T17177] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 635.356838][T17155] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 635.381825][T17155] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 635.480668][T17155] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 635.567642][T17153] BTRFS info (device loop4): enabling ssd optimizations [ 635.607988][T17137] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 635.626232][T17137] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 635.713876][T17190] set_capacity_and_notify: 7 callbacks suppressed [ 635.713895][T17190] loop3: detected capacity change from 0 to 2364 [ 635.937571][T17159] loop0: detected capacity change from 0 to 32768 [ 635.963787][T17137] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 315ms [ 635.987839][T17159] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 636.005174][T17137] gfs2: fsid=syz:syz.0: jid=0: Done [ 636.025040][T17159] CPU: 0 PID: 17159 Comm: syz.0.5733 Not tainted syzkaller #0 [ 636.030495][T17155] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 636.032586][T17159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 636.032615][T17159] Call Trace: [ 636.032623][T17159] [ 636.032635][T17159] dump_stack_lvl+0x188/0x250 [ 636.061684][T17159] ? show_regs_print_info+0x20/0x20 [ 636.066945][T17159] ? load_image+0x400/0x400 [ 636.071527][T17159] sysfs_create_dir_ns+0x26a/0x290 [ 636.076703][T17159] ? sysfs_warn_dup+0xa0/0xa0 [ 636.081433][T17159] ? do_raw_spin_unlock+0x11d/0x230 [ 636.086698][T17159] kobject_add_internal+0x6e0/0xd90 [ 636.091956][T17159] kobject_init_and_add+0x128/0x190 [ 636.097353][T17159] ? lockdep_softirqs_off+0x430/0x430 [ 636.102819][T17159] ? kobject_add+0x230/0x230 [ 636.107595][T17159] ? __init_swait_queue_head+0xa5/0x150 [ 636.113240][T17159] gfs2_sys_fs_add+0x24f/0x4b0 [ 636.118370][T17159] ? gfs2_recover_set+0x240/0x240 [ 636.123542][T17159] ? snprintf+0xe5/0x140 [ 636.127899][T17159] ? __free_pages+0x95/0x1a0 [ 636.132550][T17159] ? vscnprintf+0x80/0x80 [ 636.136939][T17159] gfs2_fill_super+0x120f/0x1f00 [ 636.141944][T17159] ? gfs2_reconfigure+0xd30/0xd30 [ 636.147049][T17159] ? sb_set_blocksize+0xa5/0xe0 [ 636.151956][T17159] get_tree_bdev+0x3f1/0x610 [ 636.156603][T17159] ? gfs2_reconfigure+0xd30/0xd30 [ 636.161687][T17159] gfs2_get_tree+0x4d/0x1e0 [ 636.166263][T17159] vfs_get_tree+0x88/0x270 [ 636.170748][T17159] do_new_mount+0x24a/0xa40 [ 636.175316][T17159] __se_sys_mount+0x2e3/0x3d0 [ 636.180061][T17159] ? __x64_sys_mount+0xc0/0xc0 [ 636.185036][T17159] ? lockdep_hardirqs_on+0x94/0x140 [ 636.190309][T17159] ? __x64_sys_mount+0x1c/0xc0 [ 636.195146][T17159] do_syscall_64+0x4c/0xa0 [ 636.199623][T17159] ? clear_bhb_loop+0x30/0x80 [ 636.204363][T17159] ? clear_bhb_loop+0x30/0x80 [ 636.209587][T17159] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 636.215573][T17159] RIP: 0033:0x7f0e65df4a0a [ 636.220165][T17159] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 636.239825][T17159] RSP: 002b:00007f0e6404ce58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 636.248544][T17159] RAX: ffffffffffffffda RBX: 00007f0e6404cee0 RCX: 00007f0e65df4a0a [ 636.256575][T17159] RDX: 0000200000021140 RSI: 0000200000021180 RDI: 00007f0e6404cea0 [ 636.264602][T17159] RBP: 0000200000021140 R08: 00007f0e6404cee0 R09: 0000000000000000 [ 636.272627][T17159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000021180 [ 636.280654][T17159] R13: 00007f0e6404cea0 R14: 000000000002113b R15: 00002000000211c0 [ 636.288836][T17159] [ 636.322539][T17194] loop3: detected capacity change from 0 to 64 [ 636.333528][T17159] kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 636.346912][T17159] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 636.585272][T17197] loop0: detected capacity change from 0 to 256 [ 636.880809][T17165] loop2: detected capacity change from 0 to 32768 [ 636.990127][T17165] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 637.018920][T17165] CPU: 0 PID: 17165 Comm: syz.2.5736 Not tainted syzkaller #0 [ 637.026647][T17165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 637.036833][T17165] Call Trace: [ 637.040153][T17165] [ 637.043124][T17165] dump_stack_lvl+0x188/0x250 [ 637.047851][T17165] ? show_regs_print_info+0x20/0x20 [ 637.053110][T17165] ? load_image+0x400/0x400 [ 637.057684][T17165] sysfs_create_dir_ns+0x26a/0x290 [ 637.062855][T17165] ? sysfs_warn_dup+0xa0/0xa0 [ 637.067590][T17165] ? do_raw_spin_unlock+0x11d/0x230 [ 637.072848][T17165] kobject_add_internal+0x6e0/0xd90 [ 637.078116][T17165] kobject_init_and_add+0x128/0x190 [ 637.083378][T17165] ? lockdep_softirqs_off+0x430/0x430 [ 637.088820][T17165] ? kobject_add+0x230/0x230 [ 637.093488][T17165] ? __init_swait_queue_head+0xa5/0x150 [ 637.099106][T17165] gfs2_sys_fs_add+0x24f/0x4b0 [ 637.103925][T17165] ? gfs2_recover_set+0x240/0x240 [ 637.109009][T17165] ? snprintf+0xe5/0x140 [ 637.113303][T17165] ? __free_pages+0x95/0x1a0 [ 637.117948][T17165] ? vscnprintf+0x80/0x80 [ 637.122348][T17165] gfs2_fill_super+0x120f/0x1f00 [ 637.127575][T17165] ? gfs2_reconfigure+0xd30/0xd30 [ 637.132671][T17165] ? sb_set_blocksize+0xa5/0xe0 [ 637.137574][T17165] get_tree_bdev+0x3f1/0x610 [ 637.142221][T17165] ? gfs2_reconfigure+0xd30/0xd30 [ 637.147300][T17165] gfs2_get_tree+0x4d/0x1e0 [ 637.151861][T17165] vfs_get_tree+0x88/0x270 [ 637.153645][T17202] loop0: detected capacity change from 0 to 64 [ 637.156332][T17165] do_new_mount+0x24a/0xa40 [ 637.156369][T17165] __se_sys_mount+0x2e3/0x3d0 [ 637.171778][T17165] ? __x64_sys_mount+0xc0/0xc0 [ 637.176620][T17165] ? lockdep_hardirqs_on+0x94/0x140 [ 637.181878][T17165] ? __x64_sys_mount+0x1c/0xc0 [ 637.186712][T17165] do_syscall_64+0x4c/0xa0 [ 637.191186][T17165] ? clear_bhb_loop+0x30/0x80 [ 637.195917][T17165] ? clear_bhb_loop+0x30/0x80 [ 637.200656][T17165] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 637.206604][T17165] RIP: 0033:0x7f5f28cdea0a [ 637.211064][T17165] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 637.230713][T17165] RSP: 002b:00007f5f26f36e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 637.239173][T17165] RAX: ffffffffffffffda RBX: 00007f5f26f36ee0 RCX: 00007f5f28cdea0a [ 637.247182][T17165] RDX: 0000200000013400 RSI: 0000200000013440 RDI: 00007f5f26f36ea0 [ 637.255195][T17165] RBP: 0000200000013400 R08: 00007f5f26f36ee0 R09: 0000000000000000 [ 637.263205][T17165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000013440 [ 637.271220][T17165] R13: 00007f5f26f36ea0 R14: 00000000000133e6 R15: 0000200000013480 [ 637.279247][T17165] [ 637.302691][T17165] kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 637.318364][T17203] loop3: detected capacity change from 0 to 64 [ 637.358681][T17165] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 637.486782][T17205] loop0: detected capacity change from 0 to 128 [ 637.997731][T17199] loop4: detected capacity change from 0 to 32768 [ 638.020444][T17211] loop2: detected capacity change from 0 to 128 [ 638.056903][T17199] BTRFS: device fsid ed4422de-dbc1-4dc1-8d60-3583f36c24cc devid 1 transid 8 /dev/loop4 scanned by syz.4.5740 (17199) [ 638.179437][T17199] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 638.188221][T17199] BTRFS info (device loop4): using free space tree [ 638.264653][T17199] BTRFS info (device loop4): has skinny extents [ 638.449544][T17207] BTRFS: device fsid e5ec6bdf-b4e4-4163-9622-8db3a33753bd devid 1 transid 8 /dev/loop3 scanned by syz.3.5746 (17207) [ 638.573141][T17207] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 638.669089][T17207] BTRFS info (device loop3): using free space tree [ 638.731464][T17207] BTRFS info (device loop3): has skinny extents [ 638.743627][T17199] BTRFS info (device loop4): enabling ssd optimizations [ 639.097310][T17207] BTRFS info (device loop3): enabling ssd optimizations [ 639.265328][ T4308] BTRFS: device fsid ed4422de-dbc1-4dc1-8d60-3583f36c24cc devid 1 transid 9 /dev/loop4 scanned by udevd (4308) [ 639.312429][T17229] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 639.342140][T17229] dlm: no local IP address has been set [ 639.374474][T17229] dlm: cannot start dlm midcomms -107 [ 639.394655][T17229] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 639.765781][T17263] hpfs: Bad magic ... probably not HPFS [ 641.151000][T17283] set_capacity_and_notify: 12 callbacks suppressed [ 641.151020][T17283] loop1: detected capacity change from 0 to 128 [ 641.178973][T17281] loop0: detected capacity change from 0 to 2048 [ 641.384895][T17265] loop4: detected capacity change from 0 to 32768 [ 641.513171][T17288] loop0: detected capacity change from 0 to 2048 [ 641.531639][T17265] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 641.559896][T17285] loop3: detected capacity change from 0 to 4096 [ 641.566514][T17265] dlm: no local IP address has been set [ 641.595602][T17285] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 641.611439][T17265] dlm: cannot start dlm midcomms -107 [ 641.616915][T17265] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 641.709242][T17290] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 642.233361][T17292] loop0: detected capacity change from 0 to 8192 [ 642.246868][T17296] loop3: detected capacity change from 0 to 8192 [ 642.297702][T17298] loop2: detected capacity change from 0 to 4096 [ 642.477420][T17299] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 642.538850][T17289] loop1: detected capacity change from 0 to 32768 [ 643.140489][T17294] loop4: detected capacity change from 0 to 32768 [ 643.587912][T17311] ntfs: (device loop4): parse_ntfs_boot_sector(): Sector size (256) is smaller than the device block size (512). This is not supported. Sorry. [ 643.635412][T17311] ntfs: (device loop4): ntfs_fill_super(): Unsupported NTFS filesystem. [ 643.791525][T17303] BTRFS: device fsid a830dcec-d20e-42dc-8160-bf13f3286f97 devid 1 transid 8 /dev/loop0 scanned by syz.0.5772 (17303) [ 643.962966][T17303] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 644.026482][T17303] BTRFS info (device loop0): using free space tree [ 644.059710][T17303] BTRFS info (device loop0): has skinny extents [ 644.444642][T17303] BTRFS info (device loop0): enabling ssd optimizations [ 644.530979][T17333] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 645.813209][T17341] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 645.852435][T17339] ntfs: volume version 3.1. [ 646.315876][T17346] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 646.512336][T17345] set_capacity_and_notify: 8 callbacks suppressed [ 646.512355][T17345] loop2: detected capacity change from 0 to 4096 [ 646.718507][T17345] ntfs: volume version 3.1. [ 647.324704][T17335] loop1: detected capacity change from 0 to 65536 [ 647.592625][T17352] loop3: detected capacity change from 0 to 32768 [ 647.642105][T17355] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 647.664063][T17352] (syz.3.5787,17352,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 647.706620][T17352] (syz.3.5787,17352,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 647.759212][T17354] loop2: detected capacity change from 0 to 32768 [ 647.830411][T17354] (syz.2.5788,17354,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 647.890829][T17354] (syz.2.5788,17354,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 648.861701][T17359] loop3: detected capacity change from 0 to 32768 [ 648.963542][T17359] (syz.3.5790,17359,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 648.995137][T17359] (syz.3.5790,17359,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 649.878720][T17363] loop3: detected capacity change from 0 to 32768 [ 649.968662][T17363] (syz.3.5792,17363,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 649.986595][T17363] (syz.3.5792,17363,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 650.528198][T17369] loop4: detected capacity change from 0 to 4096 [ 650.630347][T17370] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 651.835443][T17374] loop1: detected capacity change from 0 to 4096 [ 651.949568][T17374] ntfs: volume version 3.1. [ 653.760879][T17376] loop2: detected capacity change from 0 to 65536 [ 653.813045][T17376] (syz.2.5798,17376,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 653.845528][T17376] (syz.2.5798,17376,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 654.255777][T17382] loop0: detected capacity change from 0 to 128 [ 654.322286][T17382] qnx4: no qnx4 filesystem (no root dir). [ 654.653119][T17384] loop0: detected capacity change from 0 to 4096 [ 654.723244][T17384] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 654.831956][T17380] loop2: detected capacity change from 0 to 32768 [ 654.924108][T17380] (syz.2.5800,17380,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 654.954850][T17380] (syz.2.5800,17380,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 657.679001][T17386] loop3: detected capacity change from 0 to 131072 [ 658.148418][T17386] NILFS (loop3): error -4 creating segctord thread [ 658.253087][T17390] loop2: detected capacity change from 0 to 131072 [ 658.651474][T17399] loop2: detected capacity change from 0 to 8192 [ 658.750026][T17399] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 658.789019][T17399] REISERFS (device loop2): using ordered data mode [ 658.804248][T17399] reiserfs: using flush barriers [ 658.846929][T17399] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 658.932762][T17399] REISERFS (device loop2): checking transaction log (loop2) [ 659.111393][T17402] loop4: detected capacity change from 0 to 4096 [ 659.243874][T17399] REISERFS (device loop2): Using r5 hash to sort names [ 659.251118][T17399] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 659.298002][T17402] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 659.818173][T17404] loop4: detected capacity change from 0 to 4096 [ 660.079532][T17406] loop0: detected capacity change from 0 to 8192 [ 660.093831][T17408] loop2: detected capacity change from 0 to 4096 [ 660.130556][T17404] ntfs: volume version 3.1. [ 660.198403][T17406] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 660.278007][T17408] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 660.316999][T17406] REISERFS (device loop0): using ordered data mode [ 660.319823][T17411] loop1: detected capacity change from 0 to 8 [ 660.355251][T17406] reiserfs: using flush barriers [ 660.385349][T17406] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 660.456766][T17406] REISERFS (device loop0): checking transaction log (loop0) [ 660.595360][T17415] loop4: detected capacity change from 0 to 1 [ 660.655461][T17415] attempt to access beyond end of device [ 660.655461][T17415] loop4: rw=2048, want=8, limit=1 [ 660.717884][T17415] SQUASHFS error: Failed to read block 0x0: -5 [ 660.724329][T17415] unable to read squashfs_super_block [ 660.962961][T17406] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[1 2 0(1) DIR], item_len 35, item_location 4029, free_space(entry_count) 2 [ 660.981445][T17421] loop4: detected capacity change from 0 to 256 [ 661.038706][T17421] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 661.060611][T17406] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 661.098705][T17421] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 661.119834][T17406] REISERFS (device loop0): Remounting filesystem read-only [ 661.134974][T17421] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 661.141717][T17406] REISERFS error (device loop0): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 661.171023][T17421] UDF-fs: Scanning with blocksize 512 failed [ 661.195898][T17406] REISERFS warning (device loop0): reiserfs_fill_super: corrupt root inode, run fsck [ 661.208182][T17421] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 661.243796][T17421] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 661.550722][T17425] loop4: detected capacity change from 0 to 256 [ 661.619505][T17425] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 661.673621][T17425] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 661.699255][T17425] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 661.722979][T17425] UDF-fs: Scanning with blocksize 512 failed [ 661.762231][T17425] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 661.849867][T17425] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 662.050260][T17429] loop4: detected capacity change from 0 to 512 [ 662.121722][T17429] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 662.175549][T17429] UDF-fs: Scanning with blocksize 512 failed [ 662.190538][T17429] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 662.228713][T17429] UDF-fs: Scanning with blocksize 1024 failed [ 662.246531][T17429] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 662.262747][T17429] UDF-fs: Scanning with blocksize 2048 failed [ 662.284654][T17429] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 662.319202][T17429] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 662.488451][T17431] loop3: detected capacity change from 0 to 128 [ 662.592345][T17431] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 662.644307][T17431] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 663.958183][T17419] loop2: detected capacity change from 0 to 131072 [ 665.707727][T17441] loop0: detected capacity change from 0 to 512 [ 665.762862][T17441] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 665.799376][T17441] UDF-fs: Scanning with blocksize 512 failed [ 665.831233][T17441] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 665.863010][T17441] UDF-fs: Scanning with blocksize 1024 failed [ 665.885115][T17441] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 665.922212][T17441] UDF-fs: Scanning with blocksize 2048 failed [ 665.940148][T17441] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 665.978699][T17441] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 666.347821][T17443] loop0: detected capacity change from 0 to 8192 [ 666.389180][T17443] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 666.424375][T17443] UDF-fs: Scanning with blocksize 512 failed [ 666.446539][T17443] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 666.475310][T17443] UDF-fs: Scanning with blocksize 1024 failed [ 666.514191][T17443] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 666.521645][T17443] UDF-fs: Scanning with blocksize 2048 failed [ 666.635952][T17443] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 666.664803][T17445] loop4: detected capacity change from 0 to 128 [ 666.723220][T17445] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 666.761813][T17445] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 666.977733][T17449] loop4: detected capacity change from 0 to 512 [ 667.068162][T17449] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 667.098013][T17449] UDF-fs: Scanning with blocksize 512 failed [ 667.121242][T17449] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 667.154493][T17449] UDF-fs: Scanning with blocksize 1024 failed [ 667.174171][T17451] loop3: detected capacity change from 0 to 256 [ 667.183407][T17449] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 667.207471][T17449] UDF-fs: Scanning with blocksize 2048 failed [ 667.254257][T17451] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 667.264341][T17449] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 667.299008][T17451] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 667.333018][T17451] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 667.334661][T17449] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 667.361892][T17451] UDF-fs: Scanning with blocksize 512 failed [ 667.393327][T17451] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 667.461347][T17451] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 667.748934][T17455] loop3: detected capacity change from 0 to 128 [ 668.058356][T17459] loop2: detected capacity change from 0 to 512 [ 668.078460][T17453] loop4: detected capacity change from 0 to 16384 [ 668.124626][T17459] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 668.148937][T17453] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 668.162396][T17453] UDF-fs: Scanning with blocksize 512 failed [ 668.164582][T17459] UDF-fs: Scanning with blocksize 512 failed [ 668.200284][T17459] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 668.215148][T17453] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 668.222616][T17453] UDF-fs: Scanning with blocksize 1024 failed [ 668.230682][T17459] UDF-fs: Scanning with blocksize 1024 failed [ 668.257685][T17453] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 668.265329][T17459] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 668.281423][T17453] UDF-fs: Scanning with blocksize 2048 failed [ 668.299416][T17459] UDF-fs: Scanning with blocksize 2048 failed [ 668.307242][T17457] loop3: detected capacity change from 0 to 8192 [ 668.323202][T17453] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 668.343564][T17459] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 668.402950][T17459] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 668.420707][T17457] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 668.464084][T17457] REISERFS (device loop3): using ordered data mode [ 668.521366][T17457] reiserfs: using flush barriers [ 668.540254][T17462] loop1: detected capacity change from 0 to 256 [ 668.561670][T17457] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 668.585682][T17457] REISERFS (device loop3): checking transaction log (loop3) [ 668.609691][T17447] (syz.0.5832,17447,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 668.672731][T17447] (syz.0.5832,17447,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 668.968844][T17457] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[1 2 0(1) DIR], item_len 35, item_location 4029, free_space(entry_count) 2 [ 669.002294][T17468] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 669.016243][T17468] UDF-fs: Scanning with blocksize 512 failed [ 669.038988][T17468] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 669.046464][T17468] UDF-fs: Scanning with blocksize 1024 failed [ 669.087861][T17457] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 669.103126][T17468] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 669.110598][T17468] UDF-fs: Scanning with blocksize 2048 failed [ 669.190730][T17457] REISERFS (device loop3): Remounting filesystem read-only [ 669.205803][T17468] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 669.227374][T17457] REISERFS error (device loop3): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 669.247913][T17457] REISERFS warning (device loop3): reiserfs_fill_super: corrupt root inode, run fsck [ 669.261632][T17468] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 669.816754][ T4492] usb 2-1: new high-speed USB device number 122 using dummy_hcd [ 670.205192][ T4492] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0xCE, skipping [ 670.391445][T17476] XFS (loop4): Mounting V5 Filesystem [ 670.404907][ T4492] usb 2-1: New USB device found, idVendor=2a39, idProduct=3fd4, bcdDevice= 0.40 [ 670.425735][ T4492] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 670.435206][ T4492] usb 2-1: Product: syz [ 670.446419][ T4492] usb 2-1: Manufacturer: syz [ 670.451317][ T4492] usb 2-1: SerialNumber: syz [ 670.558943][T17480] XFS (loop0): Mounting V5 Filesystem [ 670.591346][T17476] XFS (loop4): Ending clean mount [ 670.692539][ T4188] XFS (loop4): Unmounting Filesystem [ 670.734476][T17480] XFS (loop0): Ending clean mount [ 670.831788][ T4190] XFS (loop0): Unmounting Filesystem [ 670.886126][ T4492] usb 2-1: MIDIStreaming interface descriptor not found [ 670.955119][ T4492] usb 2-1: USB disconnect, device number 122 [ 671.151487][T17484] XFS (loop3): Mounting V5 Filesystem [ 671.386467][T17484] XFS (loop3): Ending clean mount [ 671.499508][ T4192] XFS (loop3): Unmounting Filesystem [ 672.419051][T17515] set_capacity_and_notify: 9 callbacks suppressed [ 672.419069][T17515] loop4: detected capacity change from 0 to 32768 [ 672.614003][T17515] XFS (loop4): Mounting V5 Filesystem [ 672.731274][T17515] XFS (loop4): Ending clean mount [ 672.869239][T17514] loop0: detected capacity change from 0 to 65536 [ 672.876094][ T4188] XFS (loop4): Unmounting Filesystem [ 673.011280][T17514] XFS (loop0): Deprecated V4 format (crc=0) not supported by kernel. [ 673.132481][T17511] loop1: detected capacity change from 0 to 65536 [ 673.353916][T17511] XFS (loop1): Mounting V5 Filesystem [ 673.521878][T17541] loop0: detected capacity change from 0 to 2048 [ 673.554869][T17511] XFS (loop1): Ending clean mount [ 673.678479][ T4184] XFS (loop1): Unmounting Filesystem [ 673.722534][T17541] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 676.145128][T17550] loop1: detected capacity change from 0 to 65536 [ 676.294812][T17550] XFS (loop1): Deprecated V4 format (crc=0) not supported by kernel. [ 676.495449][T17552] loop3: detected capacity change from 0 to 32768 [ 676.576020][T17552] loop3: p9 p11 p16 [ 677.028409][ T4308] udevd[4308]: inotify_add_watch(7, /dev/loop3p16, 10) failed: No such file or directory [ 677.031550][ T5955] udevd[5955]: inotify_add_watch(7, /dev/loop3p11, 10) failed: No such file or directory [ 677.052458][ T4377] udevd[4377]: inotify_add_watch(7, /dev/loop3p9, 10) failed: No such file or directory [ 677.674714][T17559] loop3: detected capacity change from 0 to 32768 [ 677.682997][T17565] loop4: detected capacity change from 0 to 2048 [ 677.866098][T17559] XFS (loop3): Mounting V5 Filesystem [ 678.009398][T17577] loop0: detected capacity change from 0 to 512 [ 678.030398][T17559] XFS (loop3): Ending clean mount [ 678.212780][ T4192] XFS (loop3): Unmounting Filesystem [ 678.436504][T17563] loop2: detected capacity change from 0 to 32768 [ 678.552719][T17563] XFS (loop2): Mounting V5 Filesystem [ 678.749111][T17563] XFS (loop2): Ending clean mount [ 678.817018][ T4195] XFS (loop2): Unmounting Filesystem [ 679.064252][T17561] loop1: detected capacity change from 0 to 65536 [ 679.289835][T15148] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 679.310042][T17561] XFS (loop1): Deprecated V4 format (crc=0) not supported by kernel. [ 679.600121][T17596] netlink: 'syz.2.5870': attribute type 1 has an invalid length. [ 679.612081][T15148] usb 4-1: Using ep0 maxpacket: 8 [ 679.782128][T15148] usb 4-1: config 0 has an invalid interface number: 143 but max is 0 [ 679.790380][T15148] usb 4-1: config 0 has no interface number 0 [ 679.818717][T15148] usb 4-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b [ 679.851140][T15148] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 679.879825][T15148] usb 4-1: config 0 descriptor?? [ 680.113168][T15148] viperboard 4-1:0.143: version 0.00 found at bus 004 address 020 [ 680.177326][T15148] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100 [ 680.207993][T15148] viperboard-i2c: probe of viperboard-i2c.2.auto failed with error -5 [ 680.250230][T15148] usb 4-1: USB disconnect, device number 20 [ 680.307644][T17602] IPv6: sit1: Disabled Multicast RS [ 680.568866][T17575] loop4: detected capacity change from 0 to 131072 [ 680.644692][T17575] XFS (loop4): Mounting V5 Filesystem [ 680.837343][T17618] loop3: detected capacity change from 0 to 512 [ 680.868798][T17575] XFS (loop4): Ending clean mount [ 681.043477][ T4188] XFS (loop4): Unmounting Filesystem [ 681.176193][ T150] nbd_handle_cmd: 2 callbacks suppressed [ 681.176219][ T150] block nbd3: Attempted send on invalid socket [ 681.188909][ T150] print_req_error: 2 callbacks suppressed [ 681.188924][ T150] blk_update_request: I/O error, dev nbd3, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 681.207619][T17624] VFS: unable to read V7 FS superblock on device nbd3. [ 681.225046][T17624] VFS: could not find a valid V7 on nbd3. [ 681.543259][T17600] loop2: detected capacity change from 0 to 65536 [ 681.755043][T17600] XFS (loop2): Mounting V5 Filesystem [ 681.967991][T17600] XFS (loop2): Ending clean mount [ 682.116307][ T4195] XFS (loop2): Unmounting Filesystem [ 682.222001][T17628] loop1: detected capacity change from 0 to 32768 [ 682.387897][T17628] XFS (loop1): Mounting V5 Filesystem [ 682.519929][T17628] XFS (loop1): Ending clean mount [ 682.680711][ T4184] XFS (loop1): Unmounting Filesystem [ 682.818437][T17669] netlink: 'syz.3.5896': attribute type 11 has an invalid length. [ 682.870806][T17669] netlink: 140 bytes leftover after parsing attributes in process `syz.3.5896'. [ 683.139134][T17675] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 683.448621][T17687] netlink: 'syz.2.5904': attribute type 11 has an invalid length. [ 683.815153][T17708] device syz_tun entered promiscuous mode [ 683.929271][T17708] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 683.959108][T17715] netlink: 100 bytes leftover after parsing attributes in process `syz.2.5916'. [ 683.982221][T17710] xt_CT: No such helper "netbios-ns" [ 684.262682][T17648] loop4: detected capacity change from 0 to 65536 [ 684.401437][T17745] loop2: detected capacity change from 0 to 256 [ 684.431551][T17648] XFS (loop4): Deprecated V4 format (crc=0) not supported by kernel. [ 684.623814][T17745] FAT-fs (loop2): Directory bread(block 64) failed [ 684.654426][T17745] FAT-fs (loop2): Directory bread(block 65) failed [ 684.689938][T17745] FAT-fs (loop2): Directory bread(block 66) failed [ 684.696551][T17745] FAT-fs (loop2): Directory bread(block 67) failed [ 684.774949][T17745] FAT-fs (loop2): Directory bread(block 68) failed [ 684.781573][T17745] FAT-fs (loop2): Directory bread(block 69) failed [ 684.829420][T17756] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5934'. [ 684.860429][T17745] FAT-fs (loop2): Directory bread(block 70) failed [ 684.871452][T17745] FAT-fs (loop2): Directory bread(block 71) failed [ 684.889207][T17745] FAT-fs (loop2): Directory bread(block 72) failed [ 684.897248][T17756] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5934'. [ 684.935460][T17745] FAT-fs (loop2): Directory bread(block 73) failed [ 685.018301][T17760] netlink: 'syz.0.5936': attribute type 5 has an invalid length. [ 685.921040][T17735] loop3: detected capacity change from 0 to 65536 [ 686.064638][T17810] overlayfs: './file0' not a directory [ 686.080462][T17735] XFS (loop3): Mounting V5 Filesystem [ 686.204515][T17735] XFS (loop3): Ending clean mount [ 686.286774][ T4192] XFS (loop3): Unmounting Filesystem [ 686.332807][T17821] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 686.391617][T17821] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 686.434832][T17825] netlink: 'syz.2.5965': attribute type 3 has an invalid length. [ 686.719034][T17841] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 686.755064][T17843] loop2: detected capacity change from 0 to 64 [ 686.881541][T17843] Trying to free block not in datazone [ 686.946256][T17847] IPv6: sit1: Disabled Multicast RS [ 687.083259][T17854] netlink: 'syz.2.5979': attribute type 21 has an invalid length. [ 687.128905][T17854] IPv6: NLM_F_CREATE should be specified when creating new route [ 687.484734][T17870] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 687.793058][T17892] loop2: detected capacity change from 0 to 1024 [ 687.858585][T17892] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 687.955105][T17892] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 687.987982][T17901] loop0: detected capacity change from 0 to 2048 [ 688.018739][T17892] System zones: 0-1, 3-36 [ 688.030120][T17892] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,delalloc,auto_da_alloc=0x0000000000000006,grpid,dioread_nolock,bsddf,debug,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 688.110487][T17901] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 688.160152][T17911] loop1: detected capacity change from 0 to 256 [ 688.197167][T17911] exfat: Deprecated parameter 'namecase' [ 688.202893][T17911] exfat: Deprecated parameter 'namecase' [ 688.281904][T17911] exfat: Deprecated parameter 'utf8' [ 688.364196][T17911] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 688.410369][T15148] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 688.633749][T17928] loop0: detected capacity change from 0 to 1024 [ 688.709713][T15148] usb 3-1: Using ep0 maxpacket: 32 [ 688.859425][T15148] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 688.891190][T15148] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 688.900150][T15148] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 688.927930][T17941] IPv6: sit1: Disabled Multicast RS [ 689.148248][T15148] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 689.157406][T15148] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 689.207931][T15148] usb 3-1: Product: syz [ 689.218606][T15148] usb 3-1: Manufacturer: syz [ 689.226853][T15148] usb 3-1: SerialNumber: syz [ 689.298655][T15148] cdc_ncm 3-1:1.0: skipping garbage [ 689.303932][T15148] cdc_ncm 3-1:1.0: skipping garbage [ 689.330857][T15148] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found [ 689.365488][T17962] loop0: detected capacity change from 0 to 1024 [ 689.372725][T15148] cdc_ncm 3-1:1.0: bind() failure [ 689.411739][T17962] hfsplus: invalid file type 0177777 for inode 2 [ 689.431089][T17962] hfsplus: failed to load root directory [ 689.520472][ T13] usb 3-1: USB disconnect, device number 21 [ 689.551792][T17968] device syz_tun entered promiscuous mode [ 689.591721][T17968] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 689.628765][T17971] IPv6: sit1: Disabled Multicast RS [ 689.789530][T15148] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 690.050288][T17989] netlink: 'syz.4.6041': attribute type 4 has an invalid length. [ 690.083184][T17989] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.6041'. [ 690.115295][T15148] usb 1-1: Using ep0 maxpacket: 16 [ 690.171478][T17993] 8021q: adding VLAN 0 to HW filter on device bond1 [ 690.271422][T15148] usb 1-1: config 0 has an invalid descriptor of length 141, skipping remainder of the config [ 690.289450][T15148] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 33216, setting to 1024 [ 690.305647][T15148] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 690.319076][T15148] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 690.465984][T15148] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 690.484414][T15148] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 690.505678][T15148] usb 1-1: Manufacturer: syz [ 690.513382][T15148] usb 1-1: config 0 descriptor?? [ 690.548805][T17962] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 690.771287][T18026] netlink: 36 bytes leftover after parsing attributes in process `syz.4.6061'. [ 690.788668][T15143] usb 1-1: USB disconnect, device number 17 [ 690.801517][T18026] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6061'. [ 690.916088][T18032] loop1: detected capacity change from 0 to 8 [ 691.025396][T18032] SQUASHFS error: Unable to read directory block [1d0:0] [ 691.110563][T18040] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 691.463694][T18062] loop0: detected capacity change from 0 to 256 [ 691.681195][T18064] loop2: detected capacity change from 0 to 4096 [ 691.762207][T18064] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 691.833318][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.839708][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.867871][T18081] device vlan0 entered promiscuous mode [ 691.927823][T18064] ntfs3: loop2: failed to convert "c46c" to cp869 [ 691.958825][T18086] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 692.376742][T18105] loop3: detected capacity change from 0 to 64 [ 692.508203][T18105] Trying to free block not in datazone [ 692.510872][T18107] loop1: detected capacity change from 0 to 2048 [ 692.572885][T18110] loop2: detected capacity change from 0 to 2048 [ 692.679993][T18110] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 692.752082][T18107] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 692.768493][T18107] ext4 filesystem being mounted at /1185/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 692.790689][T18124] netlink: 'syz.4.6106': attribute type 12 has an invalid length. [ 693.575182][T18171] loop1: detected capacity change from 0 to 1024 [ 693.621473][T18177] loop4: detected capacity change from 0 to 256 [ 693.638853][T18171] EXT4-fs (loop1): Ignoring removed orlov option [ 693.657064][T18179] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6135'. [ 693.690014][T18179] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 693.718501][T18177] exfat: Deprecated parameter 'namecase' [ 693.731558][T18171] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,bsddf,quota,noauto_da_alloc,debug_want_extra_isize=0x0000000000000080,nodelalloc,noauto_da_alloc,stripe=0x0000000000000005,orlov,bsdgroups,,errors=continue. Quota mode: writeback. [ 693.764991][T18177] exfat: Deprecated parameter 'namecase' [ 693.776739][T18177] exfat: Deprecated parameter 'utf8' [ 693.851735][T18177] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 693.953007][T18187] device netdevsim0 entered promiscuous mode [ 694.442852][T18215] netlink: 'syz.2.6151': attribute type 13 has an invalid length. [ 694.519004][T18213] 8021q: adding VLAN 0 to HW filter on device bond1 [ 694.643199][T18220] device ip6gre1 entered promiscuous mode [ 694.652072][T18225] loop1: detected capacity change from 0 to 8 [ 694.691743][T18226] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6156'. [ 694.789521][T18225] SQUASHFS error: lzo decompression failed, data probably corrupt [ 694.803517][T18225] SQUASHFS error: Failed to read block 0x1dd: -5 [ 694.824528][T18225] SQUASHFS error: Unable to read metadata cache entry [1db] [ 694.855885][T18225] SQUASHFS error: Unable to read inode 0xa7 [ 694.946527][T18238] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 694.988553][ T7913] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 695.139686][T18243] ipt_CLUSTERIP: unknown mode 3918972798 [ 695.290494][T18258] openvswitch: netlink: Actions may not be safe on all matching packets [ 695.306610][ T7913] usb 1-1: Using ep0 maxpacket: 16 [ 695.467024][ T7913] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 695.475446][ T7913] usb 1-1: config 0 has an invalid descriptor of length 149, skipping remainder of the config [ 695.518978][ T7913] usb 1-1: config 0 has no interface number 0 [ 695.544614][T18272] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 695.710331][T18282] device vlan0 entered promiscuous mode [ 695.755690][ T7913] usb 1-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.17 [ 695.775490][ T7913] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 695.830231][ T7913] usb 1-1: Product: syz [ 695.841911][ T7913] usb 1-1: Manufacturer: syz [ 695.873044][ T7913] usb 1-1: SerialNumber: syz [ 695.901819][ T7913] usb 1-1: config 0 descriptor?? [ 696.081489][T18300] netlink: 'syz.1.6191': attribute type 3 has an invalid length. [ 696.129680][T18300] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6191'. [ 696.204019][T15148] usb 1-1: USB disconnect, device number 18 [ 696.228685][T18307] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6195'. [ 696.278981][T18310] loop1: detected capacity change from 0 to 64 [ 696.327498][T18313] ieee802154 phy0 wpan0: encryption failed: -90 [ 696.351552][T18310] Trying to free block not in datazone [ 696.650834][T18328] loop2: detected capacity change from 0 to 64 [ 696.682797][T18330] loop1: detected capacity change from 0 to 1024 [ 696.859335][ T26] audit: type=1800 audit(2000001072.236:27): pid=18328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6204" name="file1" dev="loop2" ino=5 res=0 errno=0 [ 696.891879][ T3083] hfsplus: b-tree write err: -5, ino 25 [ 696.897698][ T3083] hfsplus: b-tree write err: -5, ino 4 [ 696.931923][ T3083] hfsplus: b-tree write err: -5, ino 2 [ 697.078572][T18344] ip6t_srh: unknown srh invflags 4000 [ 697.145706][T15148] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 697.185414][T18350] overlayfs: workdir and upperdir must be separate subtrees [ 697.675877][T18382] loop0: detected capacity change from 0 to 256 [ 697.686801][T15148] usb 5-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98 [ 697.701830][T15148] usb 5-1: New USB device strings: Mfr=14, Product=0, SerialNumber=0 [ 697.731734][T15148] usb 5-1: Manufacturer: syz [ 697.766909][T15148] usb 5-1: config 0 descriptor?? [ 697.796724][T18382] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012c80, chksum : 0x8ff561f5, utbl_chksum : 0xe619d30d) [ 697.831963][T15148] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 697.860269][T15148] usb 5-1: Detected FT-X [ 697.934587][T18390] loop3: detected capacity change from 0 to 512 [ 698.016363][T18390] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 698.043036][T18333] loop4: detected capacity change from 0 to 256 [ 698.137225][T18390] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 698.229511][T18333] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 698.267458][T18390] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.6234: bg 0: block 248: padding at end of block bitmap is not set [ 698.368871][T18390] Quota error (device loop3): write_blk: dquota write failed [ 698.395118][T18390] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 698.434512][T15148] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 698.455508][T18390] EXT4-fs error (device loop3): ext4_acquire_dquot:6234: comm syz.3.6234: Failed to acquire dquot type 1 [ 698.471196][T15148] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 698.494952][T18390] EXT4-fs (loop3): 1 truncate cleaned up [ 698.503880][T15148] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71 [ 698.504341][T18390] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,,errors=continue. Quota mode: writeback. [ 698.535808][T15148] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 698.600358][T15148] usb 5-1: USB disconnect, device number 13 [ 698.639128][T15148] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 698.659940][T15148] ftdi_sio 5-1:0.0: device disconnected [ 698.690478][T18390] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 698.750204][T18390] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 698.793014][T18390] EXT4-fs error (device loop3): ext4_acquire_dquot:6234: comm syz.3.6234: Failed to acquire dquot type 1 [ 698.879809][T18432] loop0: detected capacity change from 0 to 4096 [ 698.943191][T11090] Quota error (device loop3): remove_tree: Getting block too big (0 >= 6) [ 698.969311][T18432] ntfs: (device loop0): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 698.980455][T11090] EXT4-fs error (device loop3): ext4_release_dquot:6270: comm kworker/u4:8: Failed to release dquot type 1 [ 699.027882][T18441] bridge0: port 1(bridge_slave_0) entered disabled state [ 699.085512][T18432] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 699.098993][T18441] bridge0: port 1(bridge_slave_0) entered blocking state [ 699.106315][T18441] bridge0: port 1(bridge_slave_0) entered forwarding state [ 699.142670][T18432] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 699.168039][T18444] device netdevsim0 entered promiscuous mode [ 699.220042][T18432] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 699.397194][T18432] ntfs: volume version 3.1. [ 699.495561][T18459] loop3: detected capacity change from 0 to 256 [ 699.692426][T18470] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6271'. [ 699.886804][T18479] loop3: detected capacity change from 0 to 512 [ 699.985408][T18479] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 700.000365][T18479] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 700.075564][T18479] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 700.125148][T18479] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 700.176882][T18479] System zones: 0-2, 18-18, 34-35 [ 700.183894][T18479] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 700.365609][T18504] netlink: 'syz.2.6283': attribute type 30 has an invalid length. [ 700.498904][T18512] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.6287'. [ 700.545715][T18512] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 700.751386][T18514] loop0: detected capacity change from 0 to 4096 [ 700.798025][T18514] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 700.902991][T18514] ntfs3: loop0: failed to convert "c46c" to iso8859-6 [ 700.948259][T18514] ntfs3: loop0: failed to convert "0030" to iso8859-6 [ 700.963229][T18514] ntfs3: loop0: failed to convert "0031" to iso8859-6 [ 700.984588][T18514] ntfs3: loop0: failed to convert "0032" to iso8859-6 [ 701.093051][T18543] device netdevsim0 entered promiscuous mode [ 701.309760][T18557] netlink: 48 bytes leftover after parsing attributes in process `syz.3.6308'. [ 701.537669][T18567] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 701.567195][T18567] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 701.628848][T18567] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 701.650968][T18567] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 701.659788][T18567] System zones: 0-2, 18-18, 34-35 [ 701.666091][T18567] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 701.828589][T15942] usb 2-1: new full-speed USB device number 123 using dummy_hcd [ 702.224608][T15942] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 702.248940][T15942] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 702.292472][T15942] usb 2-1: config 220 has no interface number 2 [ 702.326442][T15942] usb 2-1: config 220 interface 1 altsetting 5 endpoint 0x5 has invalid maxpacket 64947, setting to 64 [ 702.378654][T15942] usb 2-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 702.426826][T15942] usb 2-1: config 220 interface 0 has no altsetting 0 [ 702.447192][T15942] usb 2-1: config 220 interface 76 has no altsetting 0 [ 702.487077][T15942] usb 2-1: config 220 interface 1 has no altsetting 0 [ 702.577217][T18619] set_capacity_and_notify: 3 callbacks suppressed [ 702.577312][T18619] loop2: detected capacity change from 0 to 512 [ 702.614787][T18622] delete_channel: no stack [ 702.659263][T18625] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 702.668882][T18625] overlayfs: bad mount option "redirect_dir=nofollow\" [ 702.674635][T15942] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 702.692814][T18619] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 702.726944][T15942] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 702.730250][T18619] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 702.761590][T15942] usb 2-1: Product: syz [ 702.765893][T15942] usb 2-1: Manufacturer: syz [ 702.790111][T15942] usb 2-1: SerialNumber: syz [ 702.848008][T18619] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 702.886369][T18619] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 702.926857][T18636] loop4: detected capacity change from 0 to 1024 [ 702.935534][T18619] System zones: 0-2, 18-18, 34-35 [ 702.952224][T18619] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 703.164816][T11090] hfsplus: b-tree write err: -5, ino 25 [ 703.183481][T11090] hfsplus: b-tree write err: -5, ino 4 [ 703.197777][T15942] usb 2-1: selecting invalid altsetting 0 [ 703.204179][T15942] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 703.213380][T11090] hfsplus: b-tree write err: -5, ino 2 [ 703.227943][T15942] usb 2-1: No valid video chain found. [ 703.302477][T15942] usb 2-1: selecting invalid altsetting 0 [ 703.321690][T15942] usbtest: probe of 2-1:220.1 failed with error -22 [ 703.360297][T18655] netlink: 'syz.3.6356': attribute type 1 has an invalid length. [ 703.377839][T15942] usb 2-1: USB disconnect, device number 123 [ 703.814865][T18681] netlink: 'syz.4.6367': attribute type 1 has an invalid length. [ 703.833927][T18680] loop3: detected capacity change from 0 to 1764 [ 703.877509][T18681] netlink: 'syz.4.6367': attribute type 2 has an invalid length. [ 703.946689][T18680] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 703.950632][T18681] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6367'. [ 704.253132][T18703] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6387'. [ 704.281477][T18703] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6387'. [ 704.599543][T18724] loop2: detected capacity change from 0 to 256 [ 704.960160][T18747] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 705.261984][T18769] ceph: No source [ 705.437406][T18781] device bridge3 entered promiscuous mode [ 705.598156][T18795] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 705.717709][T18804] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6430'. [ 705.916441][T18818] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6437'. [ 705.933837][T18816] loop2: detected capacity change from 0 to 1024 [ 706.004574][T18816] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 706.334617][T18849] netlink: 'syz.3.6452': attribute type 10 has an invalid length. [ 706.378762][T18849] bridge0: port 2(bridge_slave_1) entered disabled state [ 706.386150][T18849] bridge0: port 1(bridge_slave_0) entered disabled state [ 706.508783][T18857] loop2: detected capacity change from 0 to 2048 [ 706.519625][T18849] bridge0: port 2(bridge_slave_1) entered blocking state [ 706.527211][T18849] bridge0: port 2(bridge_slave_1) entered forwarding state [ 706.538237][T18849] bridge0: port 1(bridge_slave_0) entered blocking state [ 706.545438][T18849] bridge0: port 1(bridge_slave_0) entered forwarding state [ 706.604997][T18849] team0: Port device bridge0 added [ 706.630209][T15148] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 706.655901][T18849] syz.3.6452 (18849) used greatest stack depth: 20144 bytes left [ 706.707212][T18857] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 706.801818][T18857] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 706.917957][T15148] usb 1-1: Using ep0 maxpacket: 16 [ 707.016068][T18874] xt_cluster: you have exceeded the maximum number of cluster nodes (127 > 32) [ 707.046576][T15148] usb 1-1: config 1 has an invalid interface number: 152 but max is 0 [ 707.079438][T15148] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 707.145654][T15148] usb 1-1: config 1 has no interface number 0 [ 707.159959][T15148] usb 1-1: config 1 interface 152 altsetting 239 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 707.182378][T15148] usb 1-1: config 1 interface 152 altsetting 239 endpoint 0xF has invalid wMaxPacketSize 0 [ 707.235041][T15148] usb 1-1: config 1 interface 152 has no altsetting 0 [ 707.474256][T15148] usb 1-1: New USB device found, idVendor=03f0, idProduct=2101, bcdDevice=7e.a8 [ 707.474292][T15148] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 707.474316][T15148] usb 1-1: Product: syz [ 707.474333][T15148] usb 1-1: Manufacturer: syz [ 707.474351][T15148] usb 1-1: SerialNumber: syz [ 707.828328][T15148] safe_serial 1-1:1.152: safe_serial converter detected [ 707.841828][T15148] safe_serial: probe of 1-1:1.152 failed with error -22 [ 707.909296][T15148] usb 1-1: USB disconnect, device number 19 [ 708.104459][T18912] loop1: detected capacity change from 0 to 24 [ 708.115568][ T7913] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 708.132646][T18914] ip6t_REJECT: ECHOREPLY is not supported [ 708.180350][T18912] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 708.238684][T18912] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 708.590531][ T7913] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 708.624809][ T7913] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 708.626416][T18905] loop2: detected capacity change from 0 to 32768 [ 708.652841][ T7913] usb 5-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 708.678516][ T7913] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 708.705147][ T7913] usb 5-1: config 0 descriptor?? [ 708.814399][T18905] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 708.814399][T18905] [ 708.873511][T18905] ERROR: (device loop2): remounting filesystem as read-only [ 708.969506][T18946] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6495'. [ 709.238110][ T7913] Bluetooth: Can't get state to change to load configuration err [ 709.245922][ T7913] Bluetooth: Loading sysconfig file failed [ 709.281047][ T7913] ath3k: probe of 5-1:0.0 failed with error -16 [ 709.314592][ T7913] usb 5-1: USB disconnect, device number 14 [ 709.353351][T18963] loop0: detected capacity change from 0 to 512 [ 709.416448][T18967] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6505'. [ 709.437092][T18957] loop3: detected capacity change from 0 to 4096 [ 709.442695][T18963] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 709.554284][T18963] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.6503: casefold flag without casefold feature [ 709.635121][T18972] netlink: 'syz.1.6506': attribute type 1 has an invalid length. [ 709.643247][T18963] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.6503: couldn't read orphan inode 15 (err -117) [ 709.663724][T18957] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 709.681789][T18972] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6506'. [ 709.789414][T18963] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 709.829592][T18976] loop2: detected capacity change from 0 to 256 [ 709.852888][T18963] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #2: block 4: comm syz.0.6503: lblock 0 mapped to illegal pblock 4 (length 1) [ 709.980952][T18976] FAT-fs (loop2): Directory bread(block 64) failed [ 710.010442][T18976] FAT-fs (loop2): Directory bread(block 65) failed [ 710.023161][ T4192] ntfs3: loop3: ntfs_sync_fs r=9 failed, -22. [ 710.043502][T18976] FAT-fs (loop2): Directory bread(block 66) failed [ 710.050134][T18976] FAT-fs (loop2): Directory bread(block 67) failed [ 710.093794][ T4192] ntfs3: loop3: ntfs_evict_inode r=9 failed, -22. [ 710.095250][T18976] FAT-fs (loop2): Directory bread(block 68) failed [ 710.145805][T18976] FAT-fs (loop2): Directory bread(block 69) failed [ 710.163382][T18976] FAT-fs (loop2): Directory bread(block 70) failed [ 710.203446][T18976] FAT-fs (loop2): Directory bread(block 71) failed [ 710.231908][T18976] FAT-fs (loop2): Directory bread(block 72) failed [ 710.285935][T18976] FAT-fs (loop2): Directory bread(block 73) failed [ 711.013162][T15148] usb 2-1: new high-speed USB device number 124 using dummy_hcd [ 711.221383][T19037] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6549'. [ 711.331698][T19042] loop4: detected capacity change from 0 to 1024 [ 711.345736][T15148] usb 2-1: Using ep0 maxpacket: 32 [ 711.355043][T19045] autofs4:pid:19045:autofs_fill_super: called with bogus options [ 711.483676][T15148] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 711.526683][T15148] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 711.607208][ T158] hfsplus: b-tree write err: -5, ino 25 [ 711.637860][ T158] hfsplus: b-tree write err: -5, ino 4 [ 711.643530][ T158] hfsplus: b-tree write err: -5, ino 2 [ 711.683560][ T158] hfsplus: b-tree write err: -5, ino 26 [ 711.729501][T15148] usb 2-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05 [ 711.762448][T15148] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 711.780671][T15148] usb 2-1: Product: syz [ 711.804092][T15148] usb 2-1: Manufacturer: syz [ 711.830579][T15148] usb 2-1: SerialNumber: syz [ 711.856862][T15148] usb 2-1: config 0 descriptor?? [ 711.859705][T19062] loop0: detected capacity change from 0 to 164 [ 712.037488][T19062] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 712.171953][T19039] loop3: detected capacity change from 0 to 32768 [ 712.209912][ T4491] usb 2-1: USB disconnect, device number 124 [ 712.239975][T19039] ERROR: (device loop3): dbAlloc: the hint is outside the map [ 712.239975][T19039] [ 712.322817][T19039] ERROR: (device loop3): remounting filesystem as read-only [ 713.142037][T19114] netlink: 72 bytes leftover after parsing attributes in process `syz.0.6577'. [ 713.597599][T19138] loop4: detected capacity change from 0 to 16 [ 713.621055][T19142] loop1: detected capacity change from 0 to 256 [ 713.708347][T19138] erofs: (device loop4): mounted with root inode @ nid 36. [ 713.721301][T19147] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6593'. [ 713.771496][T19147] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6593'. [ 713.825102][T19147] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6593'. [ 714.171371][T19174] tipc: Can't bind to reserved service type 0 [ 714.501023][T19200] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6620'. [ 714.620433][T19207] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 714.766020][ T7913] usb 4-1: new full-speed USB device number 21 using dummy_hcd [ 714.823484][T19215] smb3: Bad value for 'uid' [ 715.042800][T19224] loop2: detected capacity change from 0 to 2048 [ 715.062346][T19226] No such timeout policy "syz0" [ 715.182939][ T7913] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 715.202358][ T7913] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 715.233027][T19224] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 715.287202][T19237] ipt_CLUSTERIP: bad local_nodes[1] 0 [ 715.302438][T19224] fscrypt (loop2, inode 12): Error -61 getting encryption context [ 715.310470][ T7913] usb 4-1: config 220 has no interface number 2 [ 715.336305][ T7913] usb 4-1: config 220 interface 1 altsetting 5 endpoint 0x5 has invalid maxpacket 64947, setting to 64 [ 715.412567][ T7913] usb 4-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 715.479273][ T7913] usb 4-1: config 220 interface 0 has no altsetting 0 [ 715.512863][ T7913] usb 4-1: config 220 interface 76 has no altsetting 0 [ 715.540786][ T7913] usb 4-1: config 220 interface 1 has no altsetting 0 [ 715.712241][T19258] ieee802154 phy0 wpan0: encryption failed: -22 [ 715.784973][ T7913] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 715.824265][ T7913] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 715.832324][ T7913] usb 4-1: Product: syz [ 715.893963][ T7913] usb 4-1: Manufacturer: syz [ 715.898662][ T7913] usb 4-1: SerialNumber: syz [ 715.926248][T19266] loop4: detected capacity change from 0 to 256 [ 715.996948][T19270] kernel read not supported for file / 7ç!Qfsl{Tr)rO2:"T+͟v|ղDvc֠6xc: (pid: 19270 comm: syz.2.6654) [ 716.012764][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 716.012779][ T26] audit: type=1800 audit(2000001090.146:28): pid=19270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6654" name=20019C1437B3CFFCC3A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=74930 res=0 errno=0 [ 716.049695][ C0] vkms_vblank_simulate: vblank timer overrun [ 716.095845][T19266] FAT-fs (loop4): Directory bread(block 64) failed [ 716.134592][T19266] FAT-fs (loop4): Directory bread(block 65) failed [ 716.143200][T19266] FAT-fs (loop4): Directory bread(block 66) failed [ 716.186424][T19266] FAT-fs (loop4): Directory bread(block 67) failed [ 716.233273][T19243] loop0: detected capacity change from 0 to 32768 [ 716.240491][T19266] FAT-fs (loop4): Directory bread(block 68) failed [ 716.249789][T19275] loop2: detected capacity change from 0 to 1024 [ 716.262308][T19266] FAT-fs (loop4): Directory bread(block 69) failed [ 716.290906][T19266] FAT-fs (loop4): Directory bread(block 70) failed [ 716.298239][T19266] FAT-fs (loop4): Directory bread(block 71) failed [ 716.304988][T19266] FAT-fs (loop4): Directory bread(block 72) failed [ 716.317196][T19266] FAT-fs (loop4): Directory bread(block 73) failed [ 716.350963][T19275] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 716.359301][ T7913] usb 4-1: selecting invalid altsetting 0 [ 716.366666][ T7913] usb 4-1: Found UVC 7.01 device syz (8086:0b07) [ 716.386364][ T7913] usb 4-1: No valid video chain found. [ 716.433030][T19275] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #3: block 2: comm syz.2.6655: lblock 2 mapped to illegal pblock 2 (length 1) [ 716.480515][ T7913] usb 4-1: selecting invalid altsetting 0 [ 716.486318][ T7913] usbtest: probe of 4-1:220.1 failed with error -22 [ 716.506236][ T7913] usb 4-1: USB disconnect, device number 21 [ 716.612572][T19275] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 716.655862][T19275] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #3: block 48: comm syz.2.6655: lblock 0 mapped to illegal pblock 48 (length 1) [ 716.687346][T19275] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 716.699327][T19275] EXT4-fs error (device loop2): ext4_acquire_dquot:6234: comm syz.2.6655: Failed to acquire dquot type 0 [ 716.718936][T19275] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5854: Corrupt filesystem [ 716.729519][T19275] EXT4-fs error (device loop2): ext4_evict_inode:282: inode #11: comm syz.2.6655: mark_inode_dirty error [ 716.781683][T19275] EXT4-fs warning (device loop2): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 716.850991][T19275] EXT4-fs (loop2): 1 orphan inode deleted [ 716.856795][T19275] EXT4-fs (loop2): mounted filesystem without journal. Opts: nomblk_io_submit,noblock_validity,delalloc,max_batch_time=0x00000000000008c9,nodiscard,stripe=0x0000000000000004,noauto_da_alloc,,errors=continue. Quota mode: none. [ 716.878966][ C0] vkms_vblank_simulate: vblank timer overrun [ 716.879417][T11090] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:8: lblock 1 mapped to illegal pblock 1 (length 1) [ 716.974512][T11090] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 717.004916][T11090] EXT4-fs error (device loop2): ext4_release_dquot:6270: comm kworker/u4:8: Failed to release dquot type 0 [ 717.061510][T19298] loop1: detected capacity change from 0 to 8 [ 717.096750][T11090] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:8: lblock 1 mapped to illegal pblock 1 (length 1) [ 717.157319][T11090] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 717.177458][T11090] EXT4-fs error (device loop2): ext4_release_dquot:6270: comm kworker/u4:8: Failed to release dquot type 0 [ 717.219728][T19298] SQUASHFS error: Unable to read directory block [26067d:ffff] [ 717.233270][ T4195] EXT4-fs error (device loop2): __ext4_get_inode_loc:4327: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 717.268751][T19307] loop3: detected capacity change from 0 to 64 [ 717.292109][ T4195] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5854: Corrupt filesystem [ 717.388165][ T4195] EXT4-fs error (device loop2): ext4_quota_off:6540: inode #3: comm syz-executor: mark_inode_dirty error [ 717.715199][T19329] netlink: 'syz.3.6675': attribute type 10 has an invalid length. [ 717.765110][T19329] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6675'. [ 717.835164][T19329] device ipvlan1 entered promiscuous mode [ 717.886118][T19333] loop2: detected capacity change from 0 to 2048 [ 717.901329][T19329] bridge0: port 3(ipvlan1) entered blocking state [ 717.973395][T19333] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 717.974943][T19329] bridge0: port 3(ipvlan1) entered disabled state [ 718.162331][T19329] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 719.067675][T19403] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6710'. [ 719.077615][T19398] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6709'. [ 719.372979][T19420] bad cache= option: nonw [ 719.372979][T19420] [ 719.416425][T19419] loop0: detected capacity change from 0 to 2048 [ 719.425673][T19420] CIFS: VFS: bad cache= option: nonw [ 719.493122][T19419] NILFS (loop0): invalid segment: Inconsistency found [ 719.510938][T19419] NILFS (loop0): trying rollback from an earlier position [ 719.621015][T19419] NILFS (loop0): norecovery option specified, skipping roll-forward recovery [ 719.669673][T19436] loop3: detected capacity change from 0 to 64 [ 719.994552][T19458] netlink: 'syz.0.6738': attribute type 21 has an invalid length. [ 720.057996][T19458] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6738'. [ 720.736907][T19510] UBIFS error (pid: 19510): cannot open "(null)", error -22 [ 720.742127][T19511] openvswitch: netlink: Actions may not be safe on all matching packets [ 721.058808][T19532] cgroup: Unknown subsys name 'noxattr' [ 721.159279][T19540] loop2: detected capacity change from 0 to 164 [ 721.284159][T19540] ISOFS: unable to read i-node block [ 721.294426][T19540] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 721.372088][T19540] ISOFS: unable to read i-node block [ 721.472546][T19556] netlink: 'syz.1.6785': attribute type 10 has an invalid length. [ 721.512754][T19556] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6785'. [ 721.545820][T19556] device ipvlan1 entered promiscuous mode [ 721.577853][ T26] audit: type=1400 audit(2000001095.346:29): apparmor="DENIED" operation="change_profile" info="label not found" error=-22 profile="unconfined" name="&" pid=19557 comm="syz.3.6788" [ 721.573345][T19556] bridge0: port 3(ipvlan1) entered blocking state [ 721.640925][T19556] bridge0: port 3(ipvlan1) entered disabled state [ 721.663613][T19556] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 721.893157][T19568] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.6792'. [ 722.318017][T19546] loop4: detected capacity change from 0 to 32768 [ 722.429154][T19546] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 722.551892][T19546] (syz.4.6781,19546,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=8 [ 722.569244][T19546] (syz.4.6781,19546,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 722.578476][T19546] (syz.4.6781,19546,0):ocfs2_mknod:298 ERROR: status = -2 [ 722.595886][T19592] loop2: detected capacity change from 0 to 512 [ 722.635069][T19546] (syz.4.6781,19546,0):ocfs2_mknod:502 ERROR: status = -2 [ 722.668308][T19546] (syz.4.6781,19546,0):ocfs2_create:676 ERROR: status = -2 [ 722.779410][T19592] EXT4-fs (loop2): mounted filesystem without journal. Opts: nojournal_checksum,,errors=continue. Quota mode: writeback. [ 722.800002][ T4188] ocfs2: Unmounting device (7,4) on (node local) [ 722.898606][ T26] audit: type=1800 audit(2000001096.581:30): pid=19592 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6803" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 722.921749][T19592] [ 722.924147][T19592] ====================================================== [ 722.931197][T19592] WARNING: possible circular locking dependency detected [ 722.938436][T19592] syzkaller #0 Not tainted [ 722.942883][T19592] ------------------------------------------------------ [ 722.949933][T19592] syz.2.6803/19592 is trying to acquire lock: [ 722.956072][T19592] ffff888071070b28 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x5a/0x410 [ 722.965043][T19592] [ 722.965043][T19592] but task is already holding lock: [ 722.972525][T19592] ffff888071332060 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0x97f/0x10f0 [ 722.981984][T19592] [ 722.981984][T19592] which lock already depends on the new lock. [ 722.981984][T19592] [ 722.992462][T19592] [ 722.992462][T19592] the existing dependency chain (in reverse order) is: [ 723.001513][T19592] [ 723.001513][T19592] -> #2 (&ei->i_data_sem/2){++++}-{3:3}: [ 723.009387][T19592] down_write+0x38/0x60 [ 723.014116][T19592] ext4_map_blocks+0x8bf/0x1b30 [ 723.019537][T19592] ext4_getblk+0x176/0x670 [ 723.020187][ T4491] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 723.024517][T19592] ext4_bread+0x26/0x180 [ 723.024540][T19592] ext4_quota_write+0x236/0x580 [ 723.042297][T19592] remove_free_dqentry+0x318/0xd70 [ 723.047977][T19592] do_insert_tree+0xe94/0x1970 [ 723.053317][T19592] do_insert_tree+0x5b1/0x1970 [ 723.058646][T19592] do_insert_tree+0x5b1/0x1970 [ 723.063975][T19592] do_insert_tree+0x5b1/0x1970 [ 723.069321][T19592] qtree_write_dquot+0x361/0x4b0 [ 723.074833][T19592] v2_write_dquot+0x108/0x190 [ 723.080083][T19592] dquot_acquire+0x2d5/0x520 [ 723.085243][T19592] ext4_acquire_dquot+0x2d9/0x4a0 [ 723.090835][T19592] dqget+0x778/0xeb0 [ 723.095297][T19592] __dquot_initialize+0x3c3/0xcd0 [ 723.100882][T19592] ext4_process_orphan+0x54/0x300 [ 723.106475][T19592] ext4_orphan_cleanup+0xad2/0x1320 [ 723.112254][T19592] ext4_fill_super+0x8e25/0x95a0 [ 723.117762][T19592] mount_bdev+0x287/0x3c0 [ 723.122652][T19592] legacy_get_tree+0xe6/0x180 [ 723.127895][T19592] vfs_get_tree+0x88/0x270 [ 723.132879][T19592] do_new_mount+0x24a/0xa40 [ 723.137939][T19592] __se_sys_mount+0x2e3/0x3d0 [ 723.143178][T19592] do_syscall_64+0x4c/0xa0 [ 723.148160][T19592] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 723.154621][T19592] [ 723.154621][T19592] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}: [ 723.162903][T19592] down_read+0x44/0x2e0 [ 723.167643][T19592] v2_read_dquot+0x4a/0x110 [ 723.172758][T19592] dquot_acquire+0x152/0x520 [ 723.177920][T19592] ext4_acquire_dquot+0x2d9/0x4a0 [ 723.183512][T19592] dqget+0x778/0xeb0 [ 723.187976][T19592] __dquot_initialize+0x3c3/0xcd0 [ 723.193566][T19592] ext4_process_orphan+0x54/0x300 [ 723.199153][T19592] ext4_orphan_cleanup+0xad2/0x1320 [ 723.205021][T19592] ext4_fill_super+0x8e25/0x95a0 [ 723.210529][T19592] mount_bdev+0x287/0x3c0 [ 723.215436][T19592] legacy_get_tree+0xe6/0x180 [ 723.220709][T19592] vfs_get_tree+0x88/0x270 [ 723.225776][T19592] do_new_mount+0x24a/0xa40 [ 723.230877][T19592] __se_sys_mount+0x2e3/0x3d0 [ 723.236124][T19592] do_syscall_64+0x4c/0xa0 [ 723.241103][T19592] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 723.247527][T19592] [ 723.247527][T19592] -> #0 (&dquot->dq_lock){+.+.}-{3:3}: [ 723.255187][T19592] __lock_acquire+0x2c42/0x7d10 [ 723.260597][T19592] lock_acquire+0x19e/0x400 [ 723.265648][T19592] __mutex_lock_common+0x1e3/0x2400 [ 723.271428][T19592] mutex_lock_nested+0x17/0x20 [ 723.276758][T19592] dquot_commit+0x5a/0x410 [ 723.281743][T19592] ext4_write_dquot+0x1f0/0x360 [ 723.287133][T19592] mark_all_dquot_dirty+0xf9/0x400 [ 723.289915][ T4491] usb 1-1: Using ep0 maxpacket: 8 [ 723.292821][T19592] __dquot_free_space+0x7ca/0xb90 [ 723.303514][T19592] ext4_free_blocks+0x1b2b/0x24d0 [ 723.309113][T19592] ext4_clear_blocks+0x37f/0x3f0 [ 723.314604][T19592] ext4_ind_truncate+0x43b/0xbe0 [ 723.320109][T19592] ext4_truncate+0x9d8/0x10f0 [ 723.325340][T19592] ext4_setattr+0xffe/0x19e0 [ 723.330463][T19592] notify_change+0xbcd/0xee0 [ 723.335610][T19592] do_truncate+0x1ac/0x240 [ 723.340562][T19592] path_openat+0x2922/0x2fa0 [ 723.345714][T19592] do_filp_open+0x1e2/0x410 [ 723.350887][T19592] do_sys_openat2+0x150/0x4b0 [ 723.356116][T19592] __x64_sys_open+0x11b/0x140 [ 723.361325][T19592] do_syscall_64+0x4c/0xa0 [ 723.366303][T19592] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 723.372753][T19592] [ 723.372753][T19592] other info that might help us debug this: [ 723.372753][T19592] [ 723.382999][T19592] Chain exists of: [ 723.382999][T19592] &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2 [ 723.382999][T19592] [ 723.396658][T19592] Possible unsafe locking scenario: [ 723.396658][T19592] [ 723.404116][T19592] CPU0 CPU1 [ 723.409491][T19592] ---- ---- [ 723.414878][T19592] lock(&ei->i_data_sem/2); [ 723.419503][T19592] lock(&s->s_dquot.dqio_sem); [ 723.426790][ T4491] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 723.426877][T19592] lock(&ei->i_data_sem/2); [ 723.444117][T19592] lock(&dquot->dq_lock); [ 723.448661][T19592] [ 723.448661][T19592] *** DEADLOCK *** [ 723.448661][T19592] [ 723.457026][T19592] 5 locks held by syz.2.6803/19592: [ 723.462271][T19592] #0: ffff888075e1e460 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 723.471474][T19592] #1: ffff8880713321d8 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: do_truncate+0x198/0x240 [ 723.481806][T19592] #2: ffff888071332378 (mapping.invalidate_lock){++++}-{3:3}, at: ext4_setattr+0xdb6/0x19e0 [ 723.492083][T19592] #3: ffff888071332060 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0x97f/0x10f0 [ 723.501859][T19592] #4: ffffffff8c441538 (dquot_srcu){....}-{0:0}, at: rcu_lock_acquire+0x5/0x30 [ 723.510957][T19592] [ 723.510957][T19592] stack backtrace: [ 723.516849][T19592] CPU: 0 PID: 19592 Comm: syz.2.6803 Not tainted syzkaller #0 [ 723.524314][T19592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 723.534497][T19592] Call Trace: [ 723.537793][T19592] [ 723.540750][T19592] dump_stack_lvl+0x188/0x250 [ 723.545442][T19592] ? load_image+0x400/0x400 [ 723.549980][T19592] ? show_regs_print_info+0x20/0x20 [ 723.555222][T19592] ? print_circular_bug+0x12b/0x1a0 [ 723.560430][T19592] check_noncircular+0x296/0x330 [ 723.565385][T19592] ? add_chain_block+0x940/0x940 [ 723.570523][T19592] ? lockdep_lock+0xf1/0x1f0 [ 723.575145][T19592] ? deref_stack_reg+0xd0/0x120 [ 723.580013][T19592] ? mark_lock+0x94/0x320 [ 723.584345][T19592] __lock_acquire+0x2c42/0x7d10 [ 723.589226][T19592] ? stack_trace_save+0xa6/0xf0 [ 723.594218][T19592] ? verify_lock_unused+0x140/0x140 [ 723.599453][T19592] ? check_noncircular+0x189/0x330 [ 723.605008][T19592] ? add_chain_block+0x940/0x940 [ 723.608777][ T4491] usb 1-1: New USB device found, idVendor=22b8, idProduct=6425, bcdDevice=d3.6c [ 723.609959][T19592] ? lockdep_unlock+0x143/0x2e0 [ 723.623870][T19592] lock_acquire+0x19e/0x400 [ 723.625879][ T4491] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 723.628422][T19592] ? dquot_commit+0x5a/0x410 [ 723.641126][T19592] ? __might_sleep+0xf0/0xf0 [ 723.645763][T19592] ? read_lock_is_recursive+0x10/0x10 [ 723.648701][ T4491] usb 1-1: Product: syz [ 723.651176][T19592] ? mark_lock+0x94/0x320 [ 723.651200][T19592] ? dquot_commit+0x5a/0x410 [ 723.651222][T19592] __mutex_lock_common+0x1e3/0x2400 [ 723.651247][T19592] ? dquot_commit+0x5a/0x410 [ 723.651276][T19592] ? __might_sleep+0xf0/0xf0 [ 723.657401][ T4491] usb 1-1: Manufacturer: syz [ 723.659795][T19592] ? mutex_lock_io_nested+0x60/0x60 [ 723.671227][ T4491] usb 1-1: SerialNumber: syz [ 723.674214][T19592] ? crypto_shash_update+0x216/0x300 [ 723.674254][T19592] mutex_lock_nested+0x17/0x20 [ 723.674278][T19592] dquot_commit+0x5a/0x410 [ 723.674300][T19592] ? __ext4_journal_start_sb+0x1bd/0x360 [ 723.713362][T19592] ext4_write_dquot+0x1f0/0x360 [ 723.718243][T19592] mark_all_dquot_dirty+0xf9/0x400 [ 723.723374][T19592] __dquot_free_space+0x7ca/0xb90 [ 723.728448][T19592] ext4_free_blocks+0x1b2b/0x24d0 [ 723.733526][T19592] ? ext4_mb_discard_preallocations_should_retry+0x690/0x690 [ 723.738075][ T4491] usb 1-1: config 0 descriptor?? [ 723.740945][T19592] ? __ext4_journal_ensure_credits+0x2c/0x450 [ 723.752019][T19592] ? ext4_ind_truncate_ensure_credits+0x29a/0x750 [ 723.758485][T19592] ext4_clear_blocks+0x37f/0x3f0 [ 723.763463][T19592] ext4_ind_truncate+0x43b/0xbe0 [ 723.768439][T19592] ? ext4_ind_trans_blocks+0x70/0x70 [ 723.773770][T19592] ? mb_test_and_clear_bits+0x240/0x240 [ 723.779362][T19592] ? __ext4_journal_start_sb+0x1bd/0x360 [ 723.785035][T19592] ext4_truncate+0x9d8/0x10f0 [ 723.789733][T19592] ? __ext4_mark_inode_dirty+0x700/0x700 [ 723.792569][ T4491] cdc_ether 1-1:0.0: skipping garbage [ 723.795403][T19592] ext4_setattr+0xffe/0x19e0 [ 723.805408][T19592] ? ext4_write_inode+0x5f0/0x5f0 [ 723.808512][ T4491] usb 1-1: bad CDC descriptors [ 723.810497][T19592] notify_change+0xbcd/0xee0 [ 723.810531][T19592] do_truncate+0x1ac/0x240 [ 723.810554][T19592] ? rcu_lock_release+0x20/0x20 [ 723.810579][T19592] ? ima_bprm_check+0x200/0x200 [ 723.810603][T19592] ? bpf_lsm_path_truncate+0x5/0x10 [ 723.810626][T19592] path_openat+0x2922/0x2fa0 [ 723.810664][T19592] ? do_filp_open+0x410/0x410 [ 723.810694][T19592] do_filp_open+0x1e2/0x410 [ 723.810719][T19592] ? vfs_tmpfile+0x300/0x300 [ 723.810750][T19592] ? _raw_spin_unlock+0x24/0x40 [ 723.810770][T19592] ? alloc_fd+0x598/0x630 [ 723.810793][T19592] do_sys_openat2+0x150/0x4b0 [ 723.810816][T19592] ? do_sys_open+0xe0/0xe0 [ 723.810834][T19592] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 723.810862][T19592] ? lock_chain_count+0x20/0x20 [ 723.810885][T19592] ? vtime_user_exit+0x2c8/0x3e0 [ 723.831897][ T4491] usb 1-1: unsupported MDLM descriptors [ 723.834445][T19592] __x64_sys_open+0x11b/0x140 [ 723.834474][T19592] do_syscall_64+0x4c/0xa0 [ 723.834497][T19592] ? clear_bhb_loop+0x30/0x80 [ 723.841994][ T4491] cdc_acm 1-1:0.0: skipping garbage [ 723.844314][T19592] ? clear_bhb_loop+0x30/0x80 [ 723.844343][T19592] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 723.844367][T19592] RIP: 0033:0x7f5f28cdd799 [ 723.844387][T19592] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 723.844406][T19592] RSP: 002b:00007f5f26f37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 723.844429][T19592] RAX: ffffffffffffffda RBX: 00007f5f28f56fa0 RCX: 00007f5f28cdd799 [ 723.844446][T19592] RDX: 0000000000000000 RSI: 0000000000046342 RDI: 0000200000000c40 [ 723.844460][T19592] RBP: 00007f5f28d73c99 R08: 0000000000000000 R09: 0000000000000000 [ 723.844475][T19592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 723.844488][T19592] R13: 00007f5f28f57038 R14: 00007f5f28f56fa0 R15: 00007ffe9300bde8 [ 723.844511][T19592] [ 724.003841][ C0] vkms_vblank_simulate: vblank timer overrun [ 724.055427][T15942] usb 1-1: USB disconnect, device number 20