last executing test programs: 2m54.072984934s ago: executing program 2 (id=15344): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1800000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2m53.909576153s ago: executing program 2 (id=15348): r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='0.,:\x00', 0x0) 2m53.702440246s ago: executing program 2 (id=15352): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001900)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe0002476619f28d99cd0aa7b73340cc2160a1fe3c184b751c51160fbce841f8a97be6148ba532e6ea097a75dfebd31a08b32808b80200000000009dd27080e71113610e10d859e8327ef03fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563112f4b391aafe2348754000000000000007642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc5a788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f01001bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bc0004c3addb08141bdee5d27874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5be5f6eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b4150900000000000000f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ff010000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a30280bc586e79a5dd8076c248e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f5874c24411d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a013709003f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d54aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa0500e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d18716975c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5f7d895de17a10b0a0ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5175d879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f9836faa292c49c0ebf5005154c7b58a3a2a2e5a00d2f953a86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c56d0886eb59d509ee63ba54e4153c132d0366a9660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef310e10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c11465fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e15a00adb976064a93e8d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeadc5cf218a6eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041814f60fbbcafa487ee96b368e8769da90b44190e569fe8b1d155d0765baaca5c5548b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff300"/2742], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088a81bff88caffff4000638477fbac14142ce000000162079f4b4d2f87e56dca6aab085013f288a81a3986dd0b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) 2m53.495801648s ago: executing program 2 (id=15357): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000003c0)={[{@barrier}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xf}}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}, {@minixdf}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) 2m53.015662186s ago: executing program 2 (id=15362): timer_create(0x1, &(0x7f0000000000)={0x0, 0x21, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000180)=0x0) timer_settime(r0, 0x1, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000200)) 2m51.312461704s ago: executing program 2 (id=15385): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYBLOB="210000002000000028001280080001"], 0x48}}, 0x0) 2m50.739995007s ago: executing program 32 (id=15385): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYBLOB="210000002000000028001280080001"], 0x48}}, 0x0) 2m40.046077766s ago: executing program 1 (id=15482): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000500)={'\x00', 0xff00, 0x0, 0x79, 0x27, 0x6}) 2m39.822978159s ago: executing program 1 (id=15484): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1fe, 0x8, 0x1, 0x0, 0xfd}) 2m39.63019943s ago: executing program 1 (id=15486): madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) 2m38.802301678s ago: executing program 1 (id=15495): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8982, &(0x7f0000000340)={0x7, 'vlan0\x00', {0x2}}) 2m38.583989101s ago: executing program 1 (id=15497): syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x17c, &(0x7f0000000380)="$eJzskr9OAkEQxr+9O/5oFDWxooGC+KdQjkONnZbY29lI4ETiocKRKITijDEUFsbSJ+A1THwBLYwPQE1BrM2ZvZ3bLL6C+yvu2/l2ZnZ2c+d+208B+JkOajhEhIkMPhiDBSDHhDcxhD6TfpI+CcE75R2Rf0+a9Xv9JAC+nceKMC6qnud28gC+I09a/sGdgUnU6ms6qPHFKYAwDEPu1QGejgUlxwTQVnKyFrAaXSKUORYNsA6g2G1dF/1ef6vZqjbchnvpmOU9e8e2d53iWdNzbfFlyhF0FXDdBJBKQ8L3EwAeKJ7HLEwZjfbZHE5kbTJ+www9IExZayi1sTK8yrlSSsUx1sDHugmWFLcQdbEQXakCBpOCkqXMJ85KRxvbtSuvPgQDi8tGsGSP0hgJGThqUN4PsChaDallgbRCOiIdk+b+/DJWwL+PFG0EQBK31W63U+KPJFYsXjnSc5YD9cH4qS/G7OXeDGg0Go1Go9FoNBrNf+c3AAD//8PfdhM=") execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) 2m37.493409043s ago: executing program 1 (id=15509): r0 = socket(0x200000000000011, 0x2, 0x1) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, 0x0, 0x0) 2m21.13195495s ago: executing program 33 (id=15509): r0 = socket(0x200000000000011, 0x2, 0x1) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, 0x0, 0x0) 2m3.133256622s ago: executing program 0 (id=15907): r0 = creat(&(0x7f0000000280)='./bus\x00', 0x2) pwritev2(r0, &(0x7f00000005c0)=[{&(0x7f0000000080)="ec", 0x1}, {&(0x7f0000000380)="eaa039600a0d9fd087fefda37d82e5a384494ea5ed3d8f4c0d274257d42202f5bf294f4f5abef26f4872a41231fb735fdbaa0247580a92b2dcd41418b7f147d7cf538fb08c18114333c0de1dae94dac345cbfa0b975a5027163f492931007f906e1b1d8c74a77a40354a984e9edb9c7416a9afd1cbf12d59db5f1385a3b3dfeed03140f73894836eb68f2e5ad18d9651ac74aa2a5e369024bf99d5826a3ccd45c4495ba45ee9e03fc9da626577b8df9c5d20d8", 0xb3}, {&(0x7f0000000600)="1708f6744b717429411cbd8c88c7957cee21f365582263ca265627ba0a71cd1f33b62e70b0875680b701ffc45914173343d10699e2f5bd085535552876f4ed5dfe00a6c3268e0b0f1d9a4912d3c269f24bed1a77d28a0b3a10c1e455e461124cc5ddf56cfc8a5f67ac4874ca38f53774a8d5dd63b9d9a1dd208584fe2c930030578ee8926c704c714ffa0e25586de6ef71a672711511e73c46f19bd511d74213eb2ce37c2dae70af8a805c26320edffe", 0xb0}], 0x50a57923f0e8f719, 0xfffff, 0x0, 0x4) 2m2.938593993s ago: executing program 0 (id=15911): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000840)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e8, 0x1c0, 0x111, 0x4b4, 0x8, 0xd4feffff, 0x318, 0x20a, 0x278, 0x318, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x7a, 0x198, 0x1c0, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x448) 2m2.747103764s ago: executing program 0 (id=15915): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) write$binfmt_misc(r0, 0x0, 0xfffffecc) 2m2.483885379s ago: executing program 0 (id=15918): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20082, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000140)='\b', 0x1}], 0x1) 2m2.239346664s ago: executing program 0 (id=15921): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='setgroups\x00') close_range(r0, 0xffffffffffffffff, 0x0) 2m2.007401507s ago: executing program 0 (id=15924): r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='3', 0x1}], 0x1) 1m45.735951549s ago: executing program 34 (id=15924): r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='3', 0x1}], 0x1) 3.474550899s ago: executing program 4 (id=17482): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) getsockopt$inet_buf(r0, 0x118, 0x0, 0x0, &(0x7f00000003c0)=0x14) 3.311900369s ago: executing program 4 (id=17485): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000740)={0x32, @multicast1, 0x4e21, 0x0, 'ovf\x00', 0x0, 0xe00e, 0x79}, 0x2c) 3.12033995s ago: executing program 4 (id=17490): r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, 0x0) 2.983570257s ago: executing program 4 (id=17492): syz_usb_connect(0x2, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120110010928fc10ac059102254301020301090212000100004000090484000003e102"], 0x0) syz_open_dev$evdev(&(0x7f0000000600), 0x6828, 0x0) 1.301162044s ago: executing program 5 (id=17518): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000800)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r0, 0x1, 0x1b, &(0x7f0000000040), 0x4) 1.248624858s ago: executing program 3 (id=17519): r0 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}, 0x0, 0x1}}, 0x26) 1.173224292s ago: executing program 3 (id=17521): r0 = syz_open_procfs(0x0, &(0x7f0000000680)='fdinfo\x00') getdents(r0, 0xffffffffffffffff, 0x0) 1.122102865s ago: executing program 4 (id=17522): syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000080)='./file0\x00', 0x10042, &(0x7f0000000140)=ANY=[@ANYBLOB='discard=0x00000000000000f4,discard=0x000000000000aff9,errors=continue,errors=continue,iocharset=iso8859-15,integrity,uid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharset=iso8859-5,uid=', @ANYRESHEX=0xee01, @ANYBLOB='\x00\x00'], 0x25, 0x6276, &(0x7f00000089c0)="$eJzs3c1vHGcdB/Df7JtfQtOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyBSggTqAXXQ2M/jzE53vXYS76wzn4/kzPzmmfE+k++Od9cz4ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjhD358roiIK79KC05EfC76Eb2Ilapei4iVtRP1bV6I7eZ4PiKGSxHV9tv/PBvxekR8fDzi/oM769Xi8/vsx/f//I8//OTYj/7+p+GZ//7lVv+Naevdvv3b//z17qPvLwAAAHRRWZZlETGsPuafjIhB+mwPADz98ut/meTl6oWrNxesP2q1Wq0+gnVdOdndehERm/VtqvcMTscDwBGzGZ+03QVaJP9OG0TEsbY7ASy0ou0OcCjuP7izXqR8i/rrwdpOe74WZCz/zWL3/o5p01ma15jM6/m1Ff14bkp/VubUh0WS8+8187+y0z5K6x12/vMyLf/Rzq1PnZPz7zfzb3h68u9NzL+rcv6DA+Xflz8AAAAAACyw/Pv/Ey2f/116/F3Zl73O/67NqQ8AAAAAAAAA8KQddPy/QWP8v13G/wMAAICFVX1Wr/zu+MNl0/4WW7X8chHxTGN9oGPSzTKrbfcDAAAAAAAAAAAAALpksHMN7+UiYhgRz6yulmVZfdU164N63O2Puq7vP3RZ2z/kAQBgx8fHG/fyFxHLEXE5/a2/4erqalkur6yWq+XKUn4/O1paLldqn2vztFq2NNrHG+LBqKy+2XJtu7pZn5dntTe/X/VYo7K/j47NR4uBA0BE7Lwa3Z/2ivQ/r1dHU1k+Gy2/yeGI2OP454hy/LMfbT9PAQAAgMNXlmVZpD/nfTKd8++13SkAYC7y63/zvIBarVar1eqnr64rJ7tbLyJis75N9Z7BcPwAcMRsxidtd4EWyb/TBhHxQtudABZa0XYHOBT3H9xZL1K+Rf31II3vnq8FGct/s9jeLm8/aTpL8xqTeT2/tqIfz03pz/Nz6sMiyfn3mvlf2WkfpfUeP/9y7NeEbV1jNC3/aj9PtNCftuX8+838Gw77+J+XrehNzL+rcv6DA+Xflz8AAAAAACyw/Pv/Ewt1/nf0qLsz017nf9cmbnF4fQEAAAAAAACAJ+X+gzvr+b7XfP7/CxPWc//n0ynnX8i/k3L+vUb+X22s16/N33v7Yf7/fnBn/Y+3/vX5PN1v/kt5pkjPrCI9I4r0SMUgTR9n7z5ra9gfVY80LHr9Qbrmpxy+G9fiemzE2bF1e+n/42H7ubH2qqfD7fayv9N+fqx9sNuet78w1j5MVxeVK7n9dKzHz+N6vLPdXrUtzdj/5Rnt5Yz2nH/f8d9JOf9B7avKfzW1F41p5d5Hvc8c9/XppMd569oXf3P28Hdnpq3o7+5bXbV/L7XQn+3/k2Oj+OXNjRunb1+9devGuUiTsaXnI02esJz/MH3t/vx/eac9/9yvH6/3PhodOP9FsRWDqfm/XJuv9veVOfetDTn/UfrK+b+T2icf/0c5/+nH/6st9AcAAAAAAAAAAAAAAAD2Upbl9i2ib0XExXT/T1v3ZgIA85Vf/8skL59X3Z/z46nVh1YXxTwer1iY/W2h/rSc8+MPxhe0vf9q9ZOo68rJ3qwXEfG3+jbVe4ZfT/pmAMAi+zQi/tl2J2iN/Dss/72/anqq7c4Ac3Xzgw9/evX69Y0bN9vuCQAAAAAAAADwqPL4n2u18Z9PlWV5t7He2Pivb8fa447/mW+neTjA6JSBqvsH36e9bPVG/V5tuPEXY9r438Pdub3G/x7MeLzhjPbRjPalGe3LM9on3uhRk/N/sTbe+amIONkYfr0L4782x7zvgpz/S7Xnc5X/Vxrr1fMvf3+U8++N5X/m1vu/OHPzgw9fu/b+1fc23tv42YVz585euHjx0qVLZ969dn3j7M6/Lfb4cOX889jXrgPtlpx/zlz+3ZLz/1Kq5d8tOf8vp1r+3ZLzz+/35N8tOf/82Uf+3ZLzfyXV8u+WnP/XUi3/bsn5v5pq+XdLzv/rqZZ/t+T8X0u1/Lsl53861fLvlpz/mVTvM/+Vw+4X85Hzz2e4HP/dkvPPVzbIv1ty/udTLf9uyflfSLX8uyXn/3qq5d8tOf9vpFr+3ZLzv5hq+XdLzv+bqZZ/t+T8L6Va/t2S8/9WquXfLTn/b6da/t2S838j1fLvlpz/d1It/27J+X831fLvlpz/91It/27J+b+Zavl3y8O//2/GjBkzeabtn0wAAAAAAAAAAAAAQNM8Liduex8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/swMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7N1bjFx3fQfwM3vz2oHEQEid1MDGMSE4m+z6El9oXUy4NtxKIBR6wXa9a7PgG167BBrJpoESCaOiirbhoS0g1Oalwg880ApQHlArpErQPtAXRIXKQ4QCCkiVaAVsNef8//+dmZ3Lrj1ez5zz+UjxzztzZs6ZM2dm97vOdw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACN7nzt/CdrWZbV/8v/2Jxlz6v/fePU5vyyV93oLQQAAACu1S/zP5+7JV1waBU3aljmX1/67a8sLS0tZe8Z/cvxzy4tpSumsmx8Q5bl10VXfvDeWuMywePZZG2k4euRHqsf7XH9WI/rx3tcP9Hj+g09rp/scf2KHbDCxuL3Mfmdbc//urnYpdmt2Xh+3fY2t3q8tmFkJP4uJ1fLb7M0fjxbyE5m89ls0/LFsrV8+a/dWV/Xm7K4rpGGdW2tHyE/fexY3IZa2Mfbm9a1fJ/Rj1+TTf3sp48d+/vzz97ebvbcDU33V2znPdvq2/nxcEmxrbVsQ9oncTtHGrZza5vnZLRpO2v57ep/b93O51a5naPLm7muWp/zyWwk//t38v001vhrvbSftobLfn5XlmWXlje7dZkV68pGsk1Nl4wsPz+TxRFZv4/6ofTCbGxNx+mdqzhO63Nue/Nx2vqaiM//neF2Yx22ofFp+vHHJhqe918sXc1xGtUfdafXSusx2O/XyqAcg/G4+E7+oJ9oewxuD4//sbs7H4Ntj502x2B63A3H4LZex+DIxGi+zelJqOW3WT4GdzYtP5qvqZbPZ+7ufgzOnD91dmbxIx+9b+HU0RPzJ+ZP7965c3b33r379++fOb5wcn62+PMq9/bg25SNpNfAtrDv4mvgFS3LNh6qS1+YWPH+e7Wvw8kur8PNLcv2+3U41vrgauvzglx5TBevjXfVd/rk5ZGsw2ssf352XPvrMD3uhtfhWMPrsO33lDavw7FVvA7ry5zdsbqfWcYa/mu3DZ2/F1zbMbi54Rhs/Xmk9Rjs988jg3IMTobj4ns7On8v2Bq294nptf48MrriGEwPN7z31C9JP+9P7s9Hu+PyjvoVN01kFxbnz93/6NHz58/tzMJYFy9qOFZaj9dNDY8pW3G8jqz5eD208NIn7mhz+eawrybvq/8x2fG5qi+z5/7uz1X+3a39/my6dFcWRp+t9/5s9928vj8nsuxz3/zYw19/7HOv7bg/63nz4zPX/rN4yqUN77/jHd5/Y+7/VbG+dFePj46PFa/f0bR3xpvej5ufqrH8vauWr/u5mdW9H4+H/9b7/fjWLu/HW1qW7ff78Xjrg4vvx7Vev+24Nq3P52Q4Tk7Odn8/ri+zZddaj8mxru/Hd4VZC/v/lSEppFzUcOx0Om7TusbGxsPjGotraD5OdzctPx6yWX1dT+0KPxSmrVzdcXrPXcXyow23i9brOJ1qWbbfx2n63Ven47TW67dvV6f1+ZwMx8Wtu7sfp/Vlnt5z7e+dG+NfG947J3odg+OjE/VtHk8HYf5+ny1tjMfg/dmx7Ex2MpvLr53Ij6davq7pB1b3XjkR/lvv98otXY7Be1qW7fcxmL6PdTr2amMrH3wftD6fk+G4ePKB7sdgfZnX7evvz673hEvSMg0/u7b+fq3T77zuaNlN1+tYGQvb+c193X83W1/m5P615szu++necMlNbfZT6+u302tqLluf/bQlbOez+zvvp/r21Jf57IFVHk+Hsiy7+KEH89/3hn9fuXjhu19p+neXdv+mc/FDD/7k+cf/ZS3bD8Dw+1UxNhXf6xr+ZWo1//4PAAAADIWY+0fCTOR/AAAAKI2Y++P/FZ7I/wAAAFAaMfePhZmUIf//ae9Ftrzu2YVfXcxSM38piNen3fBQsVzsuM6Gr6eWltUvf/BL8//zzxdXt3kjWZb94qE/abv8lofidhWmwnZeeX3z5St85b5VrfvIIxfTehv7658P9x8fz2oPg3YV3Nksy752y6fz9Uy993I+n37oSD4fvvTE4/VlnjtQfB1v/8yLiuX/JpR/Dx0/2nT7Z8J++GGYs29uvz/i7b58+ZVb9717eX3xdrVtN+cP+8n3FfcbPyfnM48Xy8f93Gn7v/6pp75cX/7Rl7ff/osj7bf/qXC/Xwrzf19SLN/4HNS/jrf7RNj+uL54u/u/+I2223/lk8XyZ99QLHckzLj+e8LX29/w7ELj/nq0drTpcWVvLJaL65/97p/n18f7i/ffuv2Thy837Y/W4+Pp/yjuZ6Zl+Xh5XE/0Ty3rr99P4/EZ1//Unx1p2s+91n/l4WdeUr/f1vXf27Lc2Q/tyNe/fH/Nn9j0t5/4dNv1xe059I9nmx7PoXeE13FY/5PvC8djuP7/rhT31/rpCkfe0fz+E5f//OaLTY8netPPivVfefWJfG6Y3Ljppuc9/+ZLL6vvuyz7zobi/nqt/8TfnWna/i/cVuyPeH3s6Leuv5O4/nMfnj59ZvHCwlzaq4/dkn92zluK7Ynbe0t4b239+vCZ8++fPzc1OzWbZVPl/Qi9q/bFMH9SjEvdl15a8Q6645HwfN7x11/bdPe/fype/p/vKi6//Obi+9YrwnKfCZdvDs/f2ta/0pN33pa/vmtPhy1cWvl5wddi6/Yf7V/VguHxt/5cEI/3sy9+f74f6tfl3zfi6/oat//7c8X9fDXs16XwyczbblteX+Py8bMRLr+zeL1f8/4Lb3Pxef2H8Hy/9YfF/cftio/3++HnmG9saX6/i8fHVy+OtN5//ikel8L7SXapuD4uFff35edua7t58XNIsku351//Rbqf29f0MDtZ/MjizMmF0xcenTk/v3h+ZvEjHz186syF0+cP55/lefgDvW6//P60KX9/mpvfuyfL363OFOM6u9Hbf/aRY3P7Zu+emz9+9MLx84+cnT934tji4rH5ucW7jx4/Pv/hXrdfmDu4c9eB3ft2TZ9YmDu4/8CB3QemF06fqW9GsVE97J394PTpc4fzmywe3HNg5wMP7JmdPnVmbv7gvtnZ6Qu9bp9/b5qu3/qPp8/Nnzx6fuHU/PTiwkfnD+48sHfvrp6fBnjq7PHFqZlzF07PXFicPzdTPJap8/nF9e99vW5POS3+V/HzbKta8UF82dvv3Zs+n7XuSx/reFfFIi0fIPps+Cyab73g7P7VfB1z/3iYSRnyPwAAAJCLuX8izET+BwAAgNKIuX9DmIn8DwAAAKURc/9kmOl/CahI/i9d/3/LxVWtX/9f/79xf+n/V6z//85B6/8X7xf6//1xrf17/f9A/1//X/9f/1//nz4YtP5/zP0bs8y//wMAAEBJxdy/KcxE/gcAAIDSiLn/pjAT+R8AAABKI+b+54WZVCT/6//r/+v/6//r/7df/1X2/9u9HeT0/9eH/n93+v+dFJ8Irf+/OJNVq/9/qZ/bfwP6/xsbv9D/ZxANWv8/5v7nh5lUJP8DAABAFcTcf3OYifwPAAAApRFz/y1hJvI/AAAAlEbM/ZvDTCqS//X/r6n/nzpX163/P6n/r/+v/z9k/f+O9P/Xh/5/d/r/Pej/O///cPX/m+j/M4gGrf8fc/8Lwkwqkv8BAACgtMaX/xpz/wvDTOR/AAAAGDxjV3ezmPtfFGayIv9f5QoAAACAGy7m/luzliJ4Rf79X//f+f/1//X/9f/br3/1/f/RTP9/cOj/d6f/34P+v/5/dfv/k5n+P9fBoPX/89yfTWYvDjOpSP4HAACAKoi5/7YwE/kfAAAASiPm/l8LM5H/AQAAoDRi7t8SZlKR/K//X5r+/88bnzr9f/3/buvX/3f+/zLT/+9O/78H/X/9/+r2/53/n+ti0Pr/MfffHmZSkfwPAAAAVRBz/x1hJvI/AAAAlEbM/b8eZiL/AwAAQGnE3L81zKQi+V//f8D7/7E56vz/+v/6/wPZ/5/U/x84+v/d6f/3oP+v/6//r/9PXw1a/z/m/peEmVQk/wMAAEAVxNz/0jAT+R8AAABKI+b+l4WZyP8AAABQGjH3T4WZVCT/r6X/X7uk/9/JdT7//8Qqzv/fRP9f/7/b+vX/nf+/zPT/u9P/70H/X/9f/1//n74atP5/zP13hplUJP8DAABAFcTcvy3MRP4HAACA0oi5/64wE/kfAAAASiPm/u1hJhXJ/87/PxT9/0z/X/9f/1//X/9/dfT/u9P/70H/X/9f/1//n77qc/9/pPXCtfb/Y+5/eZhJRfI/AAAAVEHM/XeHmcj/AAAAUBox978izET+BwAAgNKIuf+eMJOK5H/9f/1//X/9f/3/9uvX/x9O+v/d6f/3oP+v/6//r/9PXw3a+f9j7n9lmElF8j8AAABUQcz9O8JM5H8AAAAojZj77w0zkf8BAACgNGLunw4zqUj+1//X/9f/1//X/2+/fv3/4aT/353+fw/6//r/+v/6//TVoPX/Y+6/L8ykIvkfAAAAqiDm/vvDTOR/AAAAKI2Y+2fCTOR/AAAAKI2Y+2fDTCqS//X/9f/1//X/19T/f9ny/er/F/T/B4v+f3f6/z3o/+v/3/D+/7j+P6UyaP3/mPt3hplUJP8DAABAFcTcvyvMRP4HAACA0oi5f3eYifwPAAAApRFz/54wk4rkf/1//X/9f/1/5/9vv379/+Gk/99d//v/8SHq/+v/6/87/7/+PysNWv8/5v4Hwkwqkv8BAACgCmLu3xtmIv8DAABAacTcvy/MRP4HAACA0oi5f3+YSUXyv/6//r/+v/6//n/79ev/Dyf9/+6c/78H/X/9/yHu/9ePLf1/Bs2g9f9j7j8QZlKR/A8AAABVEHP/q8JM5H8AAAAojZj7fyPMRP4HAACA0oi5/zfDTCqS//X/9f/1//X/4+WHWpYblP7/hP6//v8a6P93p//fg/6//v8Q9/+d/59BNGj9/5j7D4aZVCT/AwAAQBXE3P9bYSbyPwAAAJRGzP2vDjOR/wEAAKA0Yu4/FGZSkfyv/79O/f94of6//v8A9/+d/1//vwz0/7vT/+9B/1//X/9f/5++GrT+f8z9rwkzqUj+BwAAgCqIuf/BMBP5HwAAAEoj5v7XhpnI/wAAAFAaMfe/LsykIvlf/9/5/298/3+8adv1/5dvp/9f0P/X/18L/f/u9P970P/X/9f/1/+nrwat/x9z/+vDTCqS/wEAAKAKYu5/Q5iJ/A8AAAClEXP/G8NM5H8AAAAojZj73xRmUpH8r/+v/3/j+//O/6//X9D/1//vB/3/7oaz/1/fjfr/mf7/wG+//r/+PysNWv8/5v7fDjOpSP4HAACAKoi5/6EwE/kfAAAASiPm/jeHmcj/AAAAUBox978lzKQi+V//X/9f/1//X/+//fr1/4eT/n93Q9b//+XN4fKqnf9/d6b/P4zbv9b+/1jL19el//+DTv3/pQ2tt9f/53oYtP5/zP1vDTOpSP4HAACAKoi5/21hJvI/AAAAlEbM/W8PM5H/AQAAoDRi7v+dMJOK5H/9//p2LLeX9f/1//ML9P/1//X/h5b+f3dD1v8P5/+vXv/f+f+Hc/ud/1//n5UGrf8fc/87wkwqkv8BAACgCmLufzjMRP4HAACA0oi5/51hJvI/AAAAlEbM/e8KM6lI/tf/d/5//X/9f/3/9uvX/x9O/en/j+r/6//r/+v/D0b//7/1/xlug9b/j7n/kTCTiuR/AAAAqIKY+98dZiL/AwAAQGnE3P+7YSbyPwAAAJRGzP3vCTOpSP7X/x+W/v+U/v8a+/8T4TL9f/1//f9qcf7/7rZu/1HnZmUj/X/9f/3/wej/O/8/Q27Q+v8x9783zGT1+X9y1UsCAAAAN0TM/b8XZlKRf/8HAACAKoi5//fDTOR/AAAAKI2Y+/8gzKQi+V//f1j6/87/nzn/v/5/y+PR/9f/b2f9+v/xnWfo+v/O/9+N/r/+v/5/x/7/SI/b6//TzqD1/2Pu/8Mwk4rkfwAAAKiCmPvfF2Yi/wMAAMBQaPf/ZLeKuf9wmIn8DwAAAKURc/+RMJOK5H/9f/1//f8B7f//1bZ/+96333Zkp/6//r/+/5qs6/n/6y/+4Tv/v/5/N/r/+v/6/87/T18NWv8/5v6jYSbLwe8tTvAPAAAAwy3m/j8KM6nIv/8DAABAFcTcfyzMRP4HAACA0oi5fy7MpCL5X/9f/1//f0D7/0N8/v+4P4ap/z+9YYj6//FNV/+/rXXt/797uSeu/7/W/v9E20tb+/81/f8m+v9r3v5vZVmm/6//zw00aP3/mPvnw0wqkv8BAACgCkLuHzlezOUr5H8AAAAojZj7T4SZyP8AAABQGjH3vz/MpCL5X/9f/1//X//f+f/br39g+//O/9+V/n93g9P/b8/5//X/h3n79f/1/1lp0Pr/MfcvhJlUJP8DAABAFcTc/4EwE/kfAAAASiPm/g+Gmcj/AAAAUBox958MM6lI/tf/1//X/9f/1/9vv379/+Gk/9/d/7N3J02W1WUex2/SSVMVREf0rhe9oPf9Elg06+4X0As2vWgjDCMEFeeJclZUnOcBFQcccABFnHCewAnFWVSccBZxRo0yqvJ5nsrh5LmZVffmPff//3wWPlRCci+aAf7I+tbR/8+h/9f/6//1/yzU1Pr/3P0PjFs62f8AAADQg9z9l8Ut9j8AAAA0I3f/5XGL/Q8AAADNyN3/oLhlLff/xj2HrQT1//r/Zvv//9L/7/f6+n/9f8v0/+P0/3Po//X/+n/9Pws1tf4/d/+D45a13P8AAADAkNz9D4lb7H8AAABoRu7+K+IW+x8AAACakbv/oXFLJ/t/V/+/Meuz/8+MV//fUv/v+f/7vr7+X//fsqPt/6869Xc+/b/+X/8f9P/6f/0/u02t/8/d/7C4pZP9DwAAAD3I3f/wuMX+BwAAgGbk7n9E3GL/AwAAQDNy9z8ybulk/0/w+f+n/0fw/P+tH+v/9f/6f/2//v9wPP9/XE/9/xV3XHjZvTf9+82HeX39v/5f/6//Z7Gm1v/n7n9U3NLJ/gcAAIAe5O5/dNxi/wMAAEAzcvc/Jm6x/wEAAGANHR/8aO7+x8Ytnez/Cfb/W+9L/3+a/v8I+/9j+n/9v/6/Bfr/cT31/2fz+vp//f/p93/tTP+v/2dBptb/5+5/XNzSyf4HAACAHuTuf3zcYv8DAADAdA39ROwRufuvjFvsfwAAAGhG7v4TcUsn+1//v/z+/+/6//Xo/z3/X/+v/2+C/n+c/n8O/b/+3/P/9f8s1NT6/9z9T4hbOtn/AAAA0IPc/U+MW+x/AAAAaEbu/ifFLfY/AAAANCN3/5Pjlk72v/7f8//1//p//f/w6+v/15P+f5z+fw79/7n28+fr//X/+n+2O2T/f9/I37YX0v/n7n9K3NLJ/gcAAIAe5O5/atxi/wMAAEAzcvc/LW6x/wEAAKAZufufHrd0sv/1//p//b/+/6z7/71feqfp/4fp/4+G/n/cZPr/jc3BD+v/177/9/x//b/+nx2m9vz/3P3PiFs62f8AAADQg9z9V8UtI/v/0P8yHwAAAFip3P3PjFt8/x8AAADWXlZnufufFbd0sv/1//p//b/+3/P/h19/rP+/edv70/9Pi/5/3GT6/33o//X/6/z+9f/6f/aaWv+fu//ZcUsn+x8AAAB6kLv/6rjF/gcAAIBm5O5/Ttxi/wMAAEAzcvc/N27pZP8P9/9nfr/+/2D0/zvfv/5/+OtjUf1//hn1/6P9/yWe/98n/f84/f8c+n/9v/5/v/7/+LzP1/8zZGr9f+7+58Utnex/AAAA6EHu/ufHLfY/AAAANCN3/wviFvsfAAAAmpG7/4VxSyf73/P/9f/6//Xr/z3/f8sqn/8/O/L+f1P/f0D6/3H6/zn0//p//f/48/9HfhUA/T9Dptb/5+5/UdzSyf4HAACAHuTuf3HcYv8DAADAetj+cwd2/4TSkLv/JXGL/Q8AAADNyN3/0rilnf0/+qxO/b/+X/+v/9f/D7/+tPp/z/8/KP3/OP3/HPr/ZfTzm431/9fs9/lT6P+vXHb/P0L/z5Ad/f8tZz6+qv4/d//L4pZ29j8AAAB0L3f/y+MW+x8AAACakbv/FXGL/Q8AAADNyN3/yrilk/2/9P5/5Fcf0P/r//X/+n/9v/5/0fT/4/T/c+j/Pf/f8//1/yzUjv5/m1X1/7n7XxW3dLL/AQAAoAe5+18dt9j/AAAA0Izc/dfELfY/AAAANCN3/2vilk72v+f/6//1//p//f/w6+v/19M59ffn6f+L/l//r//X/+v/WYCp9f+5+18bt3Sy/wEAAKAHuftfF7fY/wAAANCM3P3Xxi32PwAAADQjd//r45ZO9r/+f7n9f35c/6//n+n/9f/6/yPR7fP/N4b+SbTXPv3/bfc/8T87P6L/1//r//X/+n8O6F9Hft8k+v+TZ/7fZe7+N8Qtnex/AAAA6EHu/jfGLfY/AAAANCN3/5viFvsfAAAAmpG7/7q45ZD7f6x5GHbPRYf+lCXQ/3v+v/5f/6//H359/f966rb/PyDP/59D/6//1//r/1moSfT/236cu//NcYvv/wMAAEAzcve/JW6x/wEAAKAZufvfGrfY/wAAANCM3P1vi1s62f/6f/2//l//r/8ffn39/3rS/4/T/8+xTv3/defQ/28Of3jV/fy5WvX71//r/9lrav1/7v7r45ZO9j8AAAD0IHf/2+MW+x8AAACakbv/HXGL/Q8AAADNyN3/zrilk/2v/9f/6//1//r/4dfX/68n/f84/f9sNrth5A0M9f8nL5hm/+/5/5N7//p//T97Ta3/z93/rrilk/0PAAAAPcjdf0PcYv8DAABAM3L33xi32P8AAADQjNz9745bOtn/+n/9v/5f/7+A/n9HX6v/H6b/Pxr6/3H6/znW6fn/+v/JvX/9v/6fvabW/+fuf0/c0sn+BwAAgB7k7r8pbqn9f94K3hUAAACwSLn73xu3+P4/AAAANCN3/81xSyf7X/+v/9f/6/89/3/49fX/62l5/f9M/6//1//Pof/X/+v/2W1q/X/u/vfFLZ3sfwAAAOhB7v73xy32PwAAADQjd/8H4hb7HwAAAJqRu/+DcUsn+1//r//X/+v/9f/Dr6//X0+e/z9O/z+H/l//r//X/7NQw/3/lSvr/3P3fyhu6WT/AwAAQA9y998St9j/AAAA0Izc/R+OW+x/AAAAaEbu/o/ELZ3sf/2//n9n/z+b6f/1//r/LUfQ/x+b6f8XTv8/Tv8/h/6/zf7/vFlD/f/xfT9f/88UTe35/7n7Pxq3dLL/AQAAoAe5+z8Wt9j/AAAA0Izc/R+PW+x/AAAAaEbu/k/ELZ3sf/2//t/z//X/+v/h1/f8//Wk/x+n/59D/99m/+/5//p/VmZq/X/u/k/GLZ3sfwAAAOhB7v5PxS32PwAAADQjd/+n4xb7HwAAAJqRu/8zcUsn+1//r//X/+v/9f/Dr6//X0/6/3H6/zn0//p//b/+n4WaWv+fu/+zcUsn+x8AAAB6kLv/1rjF/gcAAIBm5O6/LW6x/wEAAKAZufs/F7d0sv/1//p//f969v/H9P/6f/3/oKn0/xdf/N+3b3v9Cw76+vp//b/+f33fv/5f/89eU+v/c/d/Pm7pZP8DAABAD3L3fyFusf8BAACgGbn7vxi32P8AAADQjNz9X4pbOtn/e/v/82dbheqWof4/GjX9/zb6/53vX/8//PXh+f/6f/3/8k2l//f8/7N7//p//f86v/9D9f//sffz9f+0aGr9f+7+2+OWTvY/AAAA9CB3/5fjFvsfAAAAmpG7/ytxi/0PAAAAzcjdf0fc0sn+9/x//b/+X/+v/x9+ff3/etL/j9P/z6H/1/97/v/l//9P+n8WZ2r9f+7+r8Ytnex/AAAA6EHu/q/FLfY/AAAANCN3/9fjFvsfAAAAmpG7/xtxSyf7X/+v/9f/L6H/3xz++tD/6//1/8un/x+n/y+7/9K29NP/Hxv64Kr7+XO16vffTP/v+f8s0NT6/9z934xbOtn/AAAA0IPc/d+KW+x/AAAAaEbu/m/HLfY/AAAANCN3/3filk72v/6/8f7/1A+67///z/P/d72+/l//3zL9f/4TfZj+f46J9/93/3P8huf/T/L96//1/+w1tf4/d/+dcUsn+x8AAAB6kLv/u3GL/Q8AAADNyN3/vbjF/gcAAIBm5O7/ftzSyf7X/zfe/+96/v/GrMf+fwXP/9/n60P/r//X/y+f/n+c/n+Oiff/C3z+/6BV9/Pr/v71//p/9ppa/5+7/66NzS73PwAAAKyr//3PB9x50D/2rtP/eWz2g7jlktnJA34bGwAAAJi4U7t/Y3M2++HpH/n+PwAAALQod/+P4pZO9r/+v6/+v8/n/y+x/z/1wvp//b/+f1L0/+P0/3Po//X/+n/9Pws1tf4/d/+P45Ztw2/z0H+VAAAAwJTk7v9J3NLJ9/8BAACgB7n7745b9ux/vxwgAAAArKvc/T+NWzr5/r/+f+L9/2xJ/X/8cfr/LZ7/r/8fen39/3rS/487x/7/5Ib+X/8/Qv+v/9f/s9vU+v/c/T+LWzrZ/wAAANCoHf9GIXf/z+MW+x8AAACakbv/F3GL/Q8AAADNyN3/y7ilk/2v/z/y/j9T9SU+//94/Zbn/3fe/199bPD19f/6/5bp/8d5/v8c+v9W+v8L9P/6f6Zhav1/7v5fxS2d7H8AAADoQe7+X8ct9j8AAAA0I3f/b+IW+x8AAACakbv/nlPnX/rb/yvp/+NP0mn/f7jn/59V/3+A5//r//vo//d5/Xb6/3+78MStl97vxuv1/5xxlP1/fi3o//X/+v8tE+r/Pf9f/89ELL7/39zxwcP2/6d3/+zY7LdxSyf7HwAAAHqQu//euMX+BwAAgGbk7v9d3GL/AwAAQDNy9/8+bulk/3v+v/5/Kv1//ne9gv7/xFn3/8dns9lK+v9sinvv/z3/X/+/l+f/j9P/z6H/1//r//X/LNTi+/+dHzxs/5+7/w9xSyf7HwAAAHqQu/+PcUvu/41D/6t7AAAAYGJy9/8pbvH9fwAAAGhG7v4/xy2d7H/9v/5/Kv1/8vz/M5/X1vP/L604tc/+/6L6Lf3/cun/x+n/51iP/v+4/n+a71//r/9nr6n1/7n7/xK3dLL/AQAAoAe5+++LW+x/AAAAaEbu/r/GLfY/AAAANCN3/9/ilk72v/6/1f4/i3j9v/5/Kv2/5/97/v/R0P+P0//PsR79v+f/T/T96//1/+w1tf4/d/8/AgAA//9YE3N5") chown(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) 1.112488056s ago: executing program 5 (id=17523): r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440)={'syz', 0x3}, &(0x7f0000000340), 0xf2, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={r0, r0, r0}, &(0x7f0000000080)=""/44, 0x2c, &(0x7f0000000000)={&(0x7f0000000280)={'wp384\x00'}}) 1.007150782s ago: executing program 3 (id=17524): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000440)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast1={0xff, 0x5}, 0x0, 0x4, 0x0, 0x600, 0xfc8, 0x20c200a2}) 896.133578ms ago: executing program 3 (id=17526): r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000000c0), 0x800) read$qrtrtun(r0, 0x0, 0x0) 807.376673ms ago: executing program 5 (id=17527): r0 = syz_open_dev$cec(&(0x7f0000000580), 0x0, 0x100) ioctl$CEC_RECEIVE(r0, 0xc0386106, &(0x7f00000005c0)={0xfffffffffffffffe, 0x3, 0x3, 0x6, 0x5, 0x2, "c7d350f0c80cc9963122b95de19e6783", 0x2, 0xf, 0x18, 0x80, 0x8, 0x3, 0x9}) 770.293055ms ago: executing program 6 (id=17528): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x18, 0x1, 0x9, 0x801, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFCTH_TUPLE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000041}, 0x4008840) 688.27959ms ago: executing program 3 (id=17529): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x5423, 0x0) 563.392398ms ago: executing program 6 (id=17530): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000007c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000380)="361d362ff382c53fcbd314acbb49", 0x0, 0xe5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 505.465071ms ago: executing program 3 (id=17531): syz_usb_connect(0x2, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120110010928fc10ac059102254301020301090212000100004000090484000003e102"], 0x0) syz_open_dev$evdev(&(0x7f0000000600), 0x6828, 0x0) 504.680391ms ago: executing program 5 (id=17539): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) msgctl$IPC_RMID(0x0, 0x300) 426.156246ms ago: executing program 6 (id=17532): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@getlink={0x28, 0x12, 0x1, 0x70bd25, 0x0, {0x7}, [@IFLA_TARGET_NETNSID={0x8, 0x35, 0x10000003}]}, 0x28}}, 0x0) 346.44366ms ago: executing program 5 (id=17533): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000b00)="d8000000100081044e81f782db44b904021d080307000000e8fea4a1190015000600142603600e120800110000810401040016000a00104005000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040ead95667e006dcdf63951f225ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93f99601bdc28672787cb3", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) 299.530213ms ago: executing program 6 (id=17534): r0 = syz_open_dev$video(&(0x7f0000000000), 0x8000, 0x0) ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000040)={0x2, @raw_data="e0dedf80a73f33e753dc5db16acd2fa0bdba8cc86c59f74e813b9ace83b8dadfa2f1fdcd3bcc0a1e58a78e8f8d97b5de16c01fd37f1d680dfccea1092e6c70fa43ed53e66726f0f5b29049241262dffd377642d1c7710356670a74687bdc38d15a58fe11a7f464381a8b65b451e9088dc49070bae5538d2e3cf5055dfbae9eddb93380e625bdf5ab31a2715ad66c44220d59891803fdbdf23eedd3d690b68d577d396446a6421ec8d89313ffa97de93eb9a706c63acea509b05710b63afc863ea36017ac4b9c3509"}) 163.479571ms ago: executing program 6 (id=17535): r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xf0) sendto(r0, 0x0, 0x0, 0x240000c0, 0x0, 0x0) 97.895044ms ago: executing program 4 (id=17536): r0 = syz_open_procfs(0x0, &(0x7f0000000280)='timers\x00') pread64(r0, &(0x7f0000000040)=""/28, 0x1c, 0x40) 47.491897ms ago: executing program 5 (id=17537): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x58, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {0xa}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0xa9}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x50}]}]}, 0x58}}, 0x2) 0s ago: executing program 6 (id=17538): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)) kernel console output (not intermixed with test programs): xt4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1924.218458][T10594] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.15928: corrupted xattr block 33: invalid ea_ino [ 1924.296913][T10594] fscrypt (loop5, inode 15): Error -117 getting encryption context [ 1924.433032][ T9999] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1924.497048][ T9497] r8152-cfgselector 4-1: Unknown version 0x0000 [ 1924.505169][ T9497] r8152-cfgselector 4-1: USB disconnect, device number 84 [ 1924.633540][T10604] binder: 10603:10604 ioctl c00c6211 ffffffffffffffff returned -14 [ 1924.651535][T10606] trusted_key: encrypted_key: master key parameter is missing [ 1924.996313][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 1924.996330][ T28] audit: type=1400 audit(2000000197.531:317): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=10611 comm="syz.4.15937" [ 1925.409021][T10619] loop4: detected capacity change from 0 to 4096 [ 1925.517727][T10619] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1925.619414][T10619] ntfs3: loop4: ino=9, ntfs_sync_fs failed, -22. [ 1925.732580][ T9157] ntfs3: loop4: ino=9, ntfs_sync_fs failed, -22. [ 1926.095351][T10622] loop5: detected capacity change from 0 to 32768 [ 1926.138389][T10622] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1926.186006][ T9497] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 1926.261344][T10642] netlink: 'syz.3.15947': attribute type 2 has an invalid length. [ 1926.301562][T10622] XFS (loop5): Ending clean mount [ 1926.328518][T10622] XFS (loop5): Quotacheck needed: Please wait. [ 1926.424284][ T9497] usb 5-1: Using ep0 maxpacket: 8 [ 1926.435729][ T9497] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1926.452134][ T9497] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 1926.465210][ T9497] usb 5-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 1926.481004][T10622] XFS (loop5): Quotacheck: Done. [ 1926.485974][ T9497] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1926.486002][ T9497] usb 5-1: Product: syz [ 1926.486019][ T9497] usb 5-1: Manufacturer: syz [ 1926.486035][ T9497] usb 5-1: SerialNumber: syz [ 1926.581860][ T9497] usb 5-1: config 0 descriptor?? [ 1926.792302][ T9999] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1926.862127][T10648] loop3: detected capacity change from 0 to 8 [ 1926.923619][T10648] SQUASHFS error: Unable to read directory block [26067d:ffff] [ 1927.073114][ T8] usb 5-1: USB disconnect, device number 4 [ 1927.558384][T10658] loop3: detected capacity change from 0 to 8 [ 1927.576676][T10658] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1927.598659][T10658] cramfs: Error -3 while decompressing! [ 1927.604332][T10658] cramfs: ffffffff973f8368(26)->ffff88800ff2c000(4096) [ 1927.611999][T10658] cramfs: Error -3 while decompressing! [ 1927.616966][T11548] udevd[11548]: incorrect cramfs checksum on /dev/loop3 [ 1927.625214][T10658] cramfs: ffffffff973f8382(26)->ffff88800ff3e000(4096) [ 1927.632712][T10658] cramfs: Error -3 while decompressing! [ 1927.657879][T10658] cramfs: ffffffff973f839c(16)->ffff88800ff3b000(4096) [ 1927.687140][T10658] cramfs: Error -3 while decompressing! [ 1927.693724][T11548] udevd[11548]: incorrect cramfs checksum on /dev/loop3 [ 1927.719552][T10658] cramfs: ffffffff973f8368(26)->ffff88800ff2c000(4096) [ 1928.657218][ T9497] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 1928.738760][T10695] vim2m vim2m.0: Fourcc format (0x47425247) invalid. [ 1928.866270][ T9497] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1928.881605][ T9497] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1928.893189][ T9497] usb 5-1: config 0 descriptor?? [ 1929.110489][T10707] loop5: detected capacity change from 0 to 1024 [ 1929.146964][ T9497] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00 [ 1929.159842][ T9497] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 1929.171553][T10707] hfsplus: bad catalog entry type [ 1929.244812][ T1082] hfsplus: b-tree write err: -5, ino 4 [ 1929.307919][T10709] netlink: 4 bytes leftover after parsing attributes in process `syz.5.15980'. [ 1929.370640][ T9497] [drm:udl_init] *ERROR* Selecting channel failed [ 1929.422133][ T9497] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2 [ 1929.433388][ T9497] [drm] Initialized udl on minor 2 [ 1929.449461][ T9497] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1929.469438][ T9497] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 1929.492104][T27432] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1929.505561][ T9497] usb 5-1: USB disconnect, device number 5 [ 1929.511875][T27432] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 1929.746850][T10715] netlink: 12 bytes leftover after parsing attributes in process `syz.5.15983'. [ 1929.998423][T10724] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 1930.446091][T27432] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 1930.476838][T10725] loop5: detected capacity change from 0 to 32768 [ 1930.551469][T10725] ERROR: (device loop5): dbAllocNext: Corrupt dmap page [ 1930.551469][T10725] [ 1930.656006][T27432] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 1930.668036][T27432] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1930.678826][T27432] usb 5-1: config 220 has no interface number 2 [ 1930.685620][T27432] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1930.699946][T27432] usb 5-1: config 220 interface 0 has no altsetting 0 [ 1930.706920][T27432] usb 5-1: config 220 interface 76 has no altsetting 0 [ 1930.714044][T27432] usb 5-1: config 220 interface 1 has no altsetting 0 [ 1930.723933][T27432] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1930.737626][T27432] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1930.745667][T27432] usb 5-1: Product: syz [ 1930.758526][T27432] usb 5-1: Manufacturer: syz [ 1930.764721][T27432] usb 5-1: SerialNumber: syz [ 1931.042219][T27432] usb 5-1: selecting invalid altsetting 0 [ 1931.070520][T27432] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 1931.084570][T27432] usb 5-1: No valid video chain found. [ 1931.111558][T27432] usb 5-1: selecting invalid altsetting 0 [ 1931.123119][T27432] usbtest: probe of 5-1:220.1 failed with error -22 [ 1931.156287][T27432] usb 5-1: USB disconnect, device number 6 [ 1931.680317][ T28] audit: type=1326 audit(2000000203.686:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.5.16010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1931.743221][ T28] audit: type=1326 audit(2000000203.686:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.5.16010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1931.828010][ T28] audit: type=1326 audit(2000000203.686:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.5.16010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1931.897802][ T28] audit: type=1326 audit(2000000203.686:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.5.16010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1931.933832][T10777] netlink: 68 bytes leftover after parsing attributes in process `syz.3.16014'. [ 1931.944093][ T28] audit: type=1326 audit(2000000203.686:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.5.16010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1932.074845][T10782] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16015'. [ 1932.273259][T10789] loop3: detected capacity change from 0 to 512 [ 1932.310556][T10791] netlink: 292 bytes leftover after parsing attributes in process `syz.5.16021'. [ 1932.344566][T10789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1932.396357][T27432] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 1932.444820][T10789] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 1932.510924][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1932.653229][T27432] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 1932.664259][T27432] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 31, changing to 7 [ 1932.678961][T27432] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1932.696333][T27432] usb 5-1: language id specifier not provided by device, defaulting to English [ 1932.740361][T27432] usb 5-1: New USB device found, idVendor=2013, idProduct=0251, bcdDevice=e8.6e [ 1932.765099][T27432] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1932.777752][T27432] usb 5-1: Manufacturer: ‰ [ 1932.782494][T27432] usb 5-1: SerialNumber: syz [ 1932.797863][T27432] usb 5-1: config 0 descriptor?? [ 1932.819681][T27432] em28xx 5-1:0.0: New device ‰ @ 480 Mbps (2013:0251, interface 0, class 0) [ 1932.827821][T10804] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16026'. [ 1932.828708][T27432] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 1933.122539][T27432] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 1933.133834][T27432] em28xx 5-1:0.0: Config register raw data: 0xfffffffb [ 1933.154971][T27432] em28xx 5-1:0.0: AC97 chip type couldn't be determined [ 1933.162749][T27432] em28xx 5-1:0.0: No AC97 audio processor [ 1933.206440][T27432] usb 5-1: USB disconnect, device number 7 [ 1933.216218][T27432] em28xx 5-1:0.0: Disconnecting em28xx [ 1933.239820][T27432] em28xx 5-1:0.0: Freeing device [ 1933.474635][T10822] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16035'. [ 1933.487945][T10822] netlink: 19 bytes leftover after parsing attributes in process `syz.5.16035'. [ 1933.777338][T10833] loop3: detected capacity change from 0 to 512 [ 1933.860815][T10833] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1933.903064][T10833] ext4 filesystem being mounted at /4005/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1933.950083][T10833] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 1933.977473][T10833] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 1934.005845][T10833] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.16040: Failed to acquire dquot type 0 [ 1934.137288][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1934.404788][T10857] netlink: 'syz.3.16050': attribute type 21 has an invalid length. [ 1934.674485][T10865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16054'. [ 1934.688643][T10865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16054'. [ 1935.940246][T10897] loop3: detected capacity change from 0 to 32768 [ 1936.001046][T10897] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1936.028865][T10914] loop4: detected capacity change from 0 to 256 [ 1936.036055][T10897] (syz.3.16069,10897,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=0, inode=0, rec_len=49, name_len=1 [ 1936.069444][T10897] (syz.3.16069,10897,1):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 1936.079085][T10897] (syz.3.16069,10897,1):ocfs2_symlink:1867 ERROR: status = -2 [ 1936.089907][T10897] (syz.3.16069,10897,1):ocfs2_symlink:2068 ERROR: status = -2 [ 1936.214353][ T5774] ocfs2: Unmounting device (7,3) on (node local) [ 1936.271888][T10914] FAT-fs (loop4): Directory bread(block 64) failed [ 1936.286731][T10914] FAT-fs (loop4): Directory bread(block 65) failed [ 1936.293414][T10914] FAT-fs (loop4): Directory bread(block 66) failed [ 1936.323999][T10914] FAT-fs (loop4): Directory bread(block 67) failed [ 1936.335766][ T28] audit: type=1326 audit(2000000207.985:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.3.16080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1959bf79 code=0x7ffc0000 [ 1936.347733][T10914] FAT-fs (loop4): Directory bread(block 68) failed [ 1936.381166][T10919] loop5: detected capacity change from 0 to 4096 [ 1936.399073][ T28] audit: type=1326 audit(2000000207.985:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.3.16080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1959bf79 code=0x7ffc0000 [ 1936.407108][T10914] FAT-fs (loop4): Directory bread(block 69) failed [ 1936.436553][T10919] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512). [ 1936.480808][ T28] audit: type=1326 audit(2000000208.022:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.3.16080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7fbf1959bf79 code=0x7ffc0000 [ 1936.486379][T10914] FAT-fs (loop4): Directory bread(block 70) failed [ 1936.530546][T10914] FAT-fs (loop4): Directory bread(block 71) failed [ 1936.541529][T10914] FAT-fs (loop4): Directory bread(block 72) failed [ 1936.548976][T10914] FAT-fs (loop4): Directory bread(block 73) failed [ 1937.349087][ T9496] usb 4-1: new high-speed USB device number 85 using dummy_hcd [ 1937.357171][T10947] loop5: detected capacity change from 0 to 1024 [ 1937.409376][T10947] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1937.447258][T10947] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1937.565431][ T9496] usb 4-1: Using ep0 maxpacket: 8 [ 1937.572585][ T9496] usb 4-1: config 0 has an invalid interface number: 52 but max is 0 [ 1937.580976][ T9496] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1937.591278][ T9496] usb 4-1: config 0 has no interface number 0 [ 1937.597429][ T9496] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 1937.609086][ T9496] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1937.622174][ T9496] usb 4-1: config 0 interface 52 has no altsetting 0 [ 1937.633159][ T9496] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 1937.642370][ T9496] usb 4-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 1937.650477][ T9496] usb 4-1: Manufacturer: syz [ 1937.676301][ T9496] usb 4-1: config 0 descriptor?? [ 1937.688813][ T9496] hub 4-1:0.52: bad descriptor, ignoring hub [ 1937.694910][ T9496] hub: probe of 4-1:0.52 failed with error -5 [ 1937.700211][T10943] loop4: detected capacity change from 0 to 32768 [ 1937.793144][T27432] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 1937.914708][T10954] __nla_validate_parse: 1 callbacks suppressed [ 1937.914726][T10954] netlink: 260 bytes leftover after parsing attributes in process `syz.4.16095'. [ 1937.947630][ T9496] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input116 [ 1938.011873][T27432] usb 6-1: Using ep0 maxpacket: 8 [ 1938.033789][T27432] usb 6-1: config 4 has an invalid interface number: 244 but max is 0 [ 1938.057570][T27432] usb 6-1: config 4 has no interface number 0 [ 1938.063791][T27432] usb 6-1: config 4 interface 244 altsetting 1 endpoint 0x1 has an invalid bInterval 41, changing to 7 [ 1938.108984][T27432] usb 6-1: config 4 interface 244 altsetting 1 endpoint 0x2 has invalid maxpacket 65267, setting to 1024 [ 1938.127382][T10956] netlink: 12 bytes leftover after parsing attributes in process `syz.4.16096'. [ 1938.151803][T27432] usb 6-1: config 4 interface 244 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 1024 [ 1938.177255][T27432] usb 6-1: config 4 interface 244 has no altsetting 0 [ 1938.201599][T27432] usb 6-1: New USB device found, idVendor=05ac, idProduct=fa33, bcdDevice=cb.aa [ 1938.222043][T27432] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1938.237608][T27432] usb 6-1: Product: syz [ 1938.241830][T27432] usb 6-1: Manufacturer: syz [ 1938.253591][T27432] usb 6-1: SerialNumber: syz [ 1938.281457][T10947] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 1938.327779][T10958] netlink: 20 bytes leftover after parsing attributes in process `syz.4.16097'. [ 1938.389580][ T9496] usb 4-1: USB disconnect, device number 85 [ 1938.545576][T27432] ipheth 6-1:4.244: Unable to find endpoints [ 1938.568938][T27432] usb 6-1: USB disconnect, device number 2 [ 1938.732939][T10970] netlink: 'syz.4.16103': attribute type 1 has an invalid length. [ 1938.803255][T10972] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 1938.897148][T10974] loop4: detected capacity change from 0 to 16 [ 1938.919615][T10974] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 1938.926257][T10976] loop3: detected capacity change from 0 to 256 [ 1938.946853][T10974] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 1938.995511][T10976] FAT-fs (loop3): Directory bread(block 64) failed [ 1939.018410][T10976] FAT-fs (loop3): Directory bread(block 65) failed [ 1939.029298][T10976] FAT-fs (loop3): Directory bread(block 66) failed [ 1939.035904][T10976] FAT-fs (loop3): Directory bread(block 67) failed [ 1939.062111][T10976] FAT-fs (loop3): Directory bread(block 68) failed [ 1939.068687][T10976] FAT-fs (loop3): Directory bread(block 69) failed [ 1939.094250][T10976] FAT-fs (loop3): Directory bread(block 70) failed [ 1939.100826][T10976] FAT-fs (loop3): Directory bread(block 71) failed [ 1939.108555][T10976] FAT-fs (loop3): Directory bread(block 72) failed [ 1939.116093][T10976] FAT-fs (loop3): Directory bread(block 73) failed [ 1939.197228][ T9999] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1939.239693][T10974] erofs: DAX unsupported by block device. Turning off DAX. [ 1939.250950][T10974] erofs: (device loop4): mounted with root inode @ nid 36. [ 1939.332234][ T5770] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -4045 in[4096, 0] out[9000] [ 1939.400465][T10974] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -4045 in[4096, 0] out[8192] [ 1939.473989][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 1939.474006][ T28] audit: type=1800 audit(2000000210.883:327): pid=10974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.16105" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 1939.939043][ T8] usb 4-1: new high-speed USB device number 86 using dummy_hcd [ 1940.155691][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 1940.188211][ T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 1940.210678][ T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1940.220386][ T8] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1940.268864][ T8] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 1940.285809][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1940.293862][ T8] usb 4-1: Product: syz [ 1940.318503][ T8] usb 4-1: Manufacturer: syz [ 1940.323247][ T8] usb 4-1: SerialNumber: syz [ 1940.346054][ T8] usb 4-1: config 0 descriptor?? [ 1940.376173][ T8] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found [ 1940.444339][ T9160] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1940.458615][ T9160] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1940.467895][ T9160] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1940.478757][ T9160] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1940.486566][ T9160] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1940.500745][ T9160] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1940.544806][T11008] IPv6: NLM_F_CREATE should be specified when creating new route [ 1940.557283][ T5770] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1940.582943][ T5770] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1940.598823][ T5770] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1940.607624][ T5770] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1940.620751][ T5770] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1940.631340][ T5770] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1940.642151][ T8] snd_usb_toneport 4-1:0.0: cannot get proper max packet size [ 1940.711134][ T8] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected [ 1940.769347][ T8] snd_usb_toneport: probe of 4-1:0.0 failed with error -22 [ 1940.783566][T11002] lo speed is unknown, defaulting to 1000 [ 1940.913178][ T8] usb 4-1: USB disconnect, device number 86 [ 1941.262574][T11002] xfrm0 speed is unknown, defaulting to 1000 [ 1941.388826][T11031] netlink: 12 bytes leftover after parsing attributes in process `syz.4.16139'. [ 1941.624513][T11043] loop4: detected capacity change from 0 to 128 [ 1941.639496][T11002] chnl_net:caif_netlink_parms(): no params data found [ 1941.651512][T11043] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1941.697574][T11043] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1941.866083][T11048] netlink: 132 bytes leftover after parsing attributes in process `syz.5.16138'. [ 1941.875551][T11046] loop3: detected capacity change from 0 to 4096 [ 1941.946878][T11002] bridge0: port 1(bridge_slave_0) entered blocking state [ 1941.954141][T11002] bridge0: port 1(bridge_slave_0) entered disabled state [ 1941.961536][T11002] bridge_slave_0: entered allmulticast mode [ 1941.968808][T11002] bridge_slave_0: entered promiscuous mode [ 1941.980128][T11002] bridge0: port 2(bridge_slave_1) entered blocking state [ 1941.987487][T11002] bridge0: port 2(bridge_slave_1) entered disabled state [ 1941.994781][T11002] bridge_slave_1: entered allmulticast mode [ 1942.015491][T11002] bridge_slave_1: entered promiscuous mode [ 1942.106340][T11002] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1942.162653][T11002] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1942.178694][T11054] netlink: 144 bytes leftover after parsing attributes in process `syz.5.16141'. [ 1942.314673][T11054] team0: Port device team_slave_0 removed [ 1942.324332][T11054] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 1942.437796][T11002] team0: Port device team_slave_0 added [ 1942.476575][T11002] team0: Port device team_slave_1 added [ 1942.575528][T11060] loop5: detected capacity change from 0 to 512 [ 1942.602424][T11002] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1942.624779][T11002] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1942.656133][T11060] EXT4-fs error (device loop5): ext4_iget_extra_inode:4732: inode #15: comm syz.5.16144: corrupted in-inode xattr: invalid ea_ino [ 1942.667388][T11066] netlink: 240 bytes leftover after parsing attributes in process `syz.3.16146'. [ 1942.690961][T11060] EXT4-fs error (device loop5): ext4_orphan_get:1403: comm syz.5.16144: couldn't read orphan inode 15 (err -117) [ 1942.703388][T11002] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1942.716239][T11060] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1942.730500][T11002] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1942.737609][T11002] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1942.772875][T11002] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1942.886918][ T9160] Bluetooth: hci5: command tx timeout [ 1942.900111][ T9999] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1942.970518][T11002] hsr_slave_0: entered promiscuous mode [ 1943.023834][T11002] hsr_slave_1: entered promiscuous mode [ 1943.030920][T11002] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1943.047242][T11002] Cannot create hsr debugfs directory [ 1943.053248][T11072] netlink: 800 bytes leftover after parsing attributes in process `syz.3.16150'. [ 1943.069159][T11072] netlink: 1301 bytes leftover after parsing attributes in process `syz.3.16150'. [ 1943.297904][ T28] audit: type=1326 audit(2000000214.407:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11080 comm="syz.3.16154" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbf1959bf79 code=0x0 [ 1943.708632][T11094] loop5: detected capacity change from 0 to 2048 [ 1943.742434][T11094] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1943.804115][T11002] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1943.854179][T11002] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1943.891911][T11002] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1943.961711][T11002] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1944.268396][T11002] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1944.341787][T11002] 8021q: adding VLAN 0 to HW filter on device team0 [ 1944.414501][T27975] bridge0: port 1(bridge_slave_0) entered blocking state [ 1944.421743][T27975] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1944.481997][T27975] bridge0: port 2(bridge_slave_1) entered blocking state [ 1944.489267][T27975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1945.028346][T11138] loop5: detected capacity change from 0 to 4096 [ 1945.070497][T11138] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 1945.123681][T11146] ieee802154 phy1 wpan1: encryption failed: -90 [ 1945.143448][ T9160] Bluetooth: hci5: command tx timeout [ 1945.269983][T11002] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1945.315461][T11138] ntfs3: loop5: failed to convert "c46c" to cp862 [ 1945.410323][T11155] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 1945.677681][T11159] loop3: detected capacity change from 0 to 2048 [ 1945.710964][T11159] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1946.023346][T11173] netlink: 'syz.3.16189': attribute type 1 has an invalid length. [ 1946.099436][T11002] veth0_vlan: entered promiscuous mode [ 1946.151383][T11002] veth1_vlan: entered promiscuous mode [ 1946.213664][T11002] veth0_macvtap: entered promiscuous mode [ 1946.256285][T11002] veth1_macvtap: entered promiscuous mode [ 1946.314367][T11002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1946.333682][T11002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1946.357829][T11002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1946.376699][T11002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1946.400150][T11002] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1946.422498][T11002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1946.452393][T11002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1946.462258][T11002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1946.513317][T11002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1946.536273][T11002] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1946.566994][T11002] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1946.582553][T11002] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1946.591332][T11002] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1946.617370][T11002] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1946.810674][ T3544] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1946.818633][ T3544] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1946.937246][T11184] loop3: detected capacity change from 0 to 32768 [ 1946.947047][ T3544] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1946.960674][T11184] (syz.3.16196,11184,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1946.981695][ T3544] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1947.005943][T11184] (syz.3.16196,11184,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1947.066186][T11184] JBD2: Ignoring recovery information on journal [ 1947.195852][T11184] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1947.333698][T11186] loop5: detected capacity change from 0 to 32768 [ 1947.395992][ T9160] Bluetooth: hci5: command tx timeout [ 1947.403414][T11186] (syz.5.16197,11186,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1947.445709][T11186] (syz.5.16197,11186,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1947.490845][T11186] debugfs: Directory '9357E9D751824C228242B9B0D0FB6750' with parent 'ocfs2' already present! [ 1947.546622][T11186] JBD2: Ignoring recovery information on journal [ 1947.616999][T11186] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1947.671561][ T5774] ocfs2: Unmounting device (7,3) on (node local) [ 1947.774846][T27432] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 1947.955697][ T9999] ocfs2: Unmounting device (7,5) on (node local) [ 1947.993494][T27432] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1948.017483][T27432] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 2047, setting to 1024 [ 1948.075802][T27432] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 1948.122284][T27432] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1948.131623][T27432] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1948.159175][T27432] usb 5-1: SerialNumber: syz [ 1948.179123][T11196] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1948.386569][T11212] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16207'. [ 1948.414103][T11212] netlink: 20 bytes leftover after parsing attributes in process `syz.3.16207'. [ 1948.445332][T11196] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1948.547721][T11216] loop6: detected capacity change from 0 to 64 [ 1948.640339][T11219] loop3: detected capacity change from 0 to 1024 [ 1948.722349][T27432] cdc_ether: probe of 5-1:1.0 failed with error -71 [ 1948.746111][T27432] usb 5-1: USB disconnect, device number 8 [ 1949.539878][T11248] kernel read not supported for file /  (pid: 11248 comm: syz.4.16224) [ 1949.549592][ T28] audit: type=1800 audit(2000000220.183:329): pid=11248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.16224" name=200120 dev="mqueue" ino=114868 res=0 errno=0 [ 1949.660646][ T9160] Bluetooth: hci5: command tx timeout [ 1950.284060][T11244] loop6: detected capacity change from 0 to 32768 [ 1950.356747][T11244] jfs_lookup: iget failed on inum 4 [ 1950.831931][T11284] netlink: 'syz.3.16242': attribute type 10 has an invalid length. [ 1950.971813][T11288] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1951.787084][T11291] loop6: detected capacity change from 0 to 32768 [ 1951.860714][T11291] [ 1951.860714][T11291] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1951.860714][T11291] [ 1951.939784][T11295] loop5: detected capacity change from 0 to 40427 [ 1951.987553][T11295] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1952.006276][T11291] [ 1952.006276][T11291] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1952.006276][T11291] [ 1952.017717][T11295] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1952.040986][T11291] [ 1952.040986][T11291] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1952.040986][T11291] [ 1952.065498][T11295] F2FS-fs (loop5): invalid crc value [ 1952.084874][T11291] [ 1952.084874][T11291] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1952.084874][T11291] [ 1952.111329][T11295] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1952.131689][ T113] [ 1952.131689][ T113] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1952.131689][ T113] [ 1952.136882][T11312] ipvlan0: entered promiscuous mode [ 1952.239910][T11002] [ 1952.239910][T11002] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1952.239910][T11002] [ 1952.250422][T11002] [ 1952.250422][T11002] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1952.250422][T11002] [ 1952.284106][T11295] F2FS-fs (loop5): Try to recover 1th superblock, ret: -30 [ 1952.313589][T11295] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1952.468505][T11305] loop4: detected capacity change from 0 to 32768 [ 1952.547030][T11305] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1952.648273][T11305] XFS (loop4): Ending clean mount [ 1952.932798][ T9157] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1953.554994][T11348] loop3: detected capacity change from 0 to 1024 [ 1953.596822][T11348] EXT4-fs: Ignoring removed oldalloc option [ 1953.602809][T11348] EXT4-fs: Ignoring removed bh option [ 1953.685699][T11348] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1953.761330][ T28] audit: type=1326 audit(2000000224.068:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11357 comm="syz.5.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1953.853737][T11348] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1953.882992][ T28] audit: type=1326 audit(2000000224.068:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11357 comm="syz.5.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1954.006883][ T28] audit: type=1326 audit(2000000224.096:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11357 comm="syz.5.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1954.029386][ C1] vkms_vblank_simulate: vblank timer overrun [ 1954.112149][ T28] audit: type=1326 audit(2000000224.096:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11357 comm="syz.5.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1954.140584][T11373] overlay: Unknown parameter '\' [ 1954.187725][ T28] audit: type=1326 audit(2000000224.096:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11357 comm="syz.5.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1954.210270][ C1] vkms_vblank_simulate: vblank timer overrun [ 1954.226358][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1954.411798][T11381] __vm_enough_memory: pid: 11381, comm: syz.6.16284, not enough memory for the allocation [ 1954.690084][T11393] netlink: 14 bytes leftover after parsing attributes in process `syz.3.16289'. [ 1954.702283][T11389] (null): rxe_set_mtu: Set mtu to 4096 [ 1954.708099][T11389] rdma_rxe: rxe_newlink: failed to add lo [ 1954.725848][T11393] hsr_slave_0: left promiscuous mode [ 1954.736904][T11393] hsr_slave_1: left promiscuous mode [ 1955.385723][T11417] loop3: detected capacity change from 0 to 128 [ 1955.429005][T11417] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 1955.743575][T11432] loop4: detected capacity change from 0 to 256 [ 1955.757801][T11430] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16307'. [ 1955.774033][T11432] exfat: Deprecated parameter 'utf8' [ 1955.789426][T11432] exfat: Deprecated parameter 'namecase' [ 1955.805788][T11434] C: renamed from team_slave_0 (while UP) [ 1955.836702][T11434] netlink: 'syz.6.16308': attribute type 1 has an invalid length. [ 1955.870573][T11432] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x8fca712e, utbl_chksum : 0xe619d30d) [ 1955.888222][T11434] netlink: 152 bytes leftover after parsing attributes in process `syz.6.16308'. [ 1955.931824][T11434] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 1956.668523][T11466] loop3: detected capacity change from 0 to 256 [ 1956.720216][T11466] exfat: Deprecated parameter 'utf8' [ 1956.801933][T11466] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x0b7b651d, utbl_chksum : 0xe619d30d) [ 1957.004922][T11476] netlink: 56 bytes leftover after parsing attributes in process `syz.4.16330'. [ 1957.081513][T11480] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16332'. [ 1957.157510][T11482] netlink: 40 bytes leftover after parsing attributes in process `syz.4.16334'. [ 1957.379868][T11489] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16336'. [ 1957.590874][T11498] netlink: 12 bytes leftover after parsing attributes in process `syz.5.16341'. [ 1957.650313][T11498] vlan0: entered promiscuous mode [ 1957.832579][T11508] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16346'. [ 1957.881005][T11508] ip6tnl1: entered allmulticast mode [ 1957.903747][T11507] loop3: detected capacity change from 0 to 1764 [ 1957.933735][T11512] loop5: detected capacity change from 0 to 512 [ 1957.970698][T11512] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1957.984982][T11512] ext4 filesystem being mounted at /183/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1958.082740][ T9999] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1958.512137][T11532] netlink: 666 bytes leftover after parsing attributes in process `syz.3.16357'. [ 1959.096802][T11557] loop3: detected capacity change from 0 to 4096 [ 1959.178727][T11563] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1959.209121][ T9496] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 1959.225346][T11564] tipc: Trying to set illegal importance in message [ 1959.250020][T11557] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 1959.280843][T11557] Remounting filesystem read-only [ 1959.397101][T11568] loop5: detected capacity change from 0 to 512 [ 1959.414095][T11568] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1959.433945][ T9496] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1959.462374][ T9496] usb 7-1: config 129 has an invalid interface number: 135 but max is 0 [ 1959.484095][T11568] EXT4-fs (loop5): 1 truncate cleaned up [ 1959.502005][T11568] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1959.504139][ T9496] usb 7-1: config 129 has an invalid interface number: 5 but max is 0 [ 1959.570676][T11568] EXT4-fs error (device loop5): ext4_add_entry:2486: inode #2: comm syz.5.16374: Directory hole found for htree leaf block 0 [ 1959.607874][T11568] EXT4-fs (loop5): Remounting filesystem read-only [ 1959.609307][ T9496] usb 7-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 1959.656079][ T9496] usb 7-1: config 129 has no interface number 0 [ 1959.681763][ T9999] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1959.690113][ T9496] usb 7-1: config 129 has no interface number 1 [ 1959.707422][ T9496] usb 7-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 1959.755501][ T9496] usb 7-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 1959.804713][ T9496] usb 7-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 1959.856675][ T9496] usb 7-1: config 129 interface 135 has no altsetting 0 [ 1959.885714][ T9496] usb 7-1: config 129 interface 5 has no altsetting 0 [ 1959.917919][ T9496] usb 7-1: string descriptor 0 read error: -22 [ 1959.925011][ T9496] usb 7-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 1959.940985][ T9496] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1959.990615][ T9496] usb 7-1: Quirk or no altest; falling back to MIDI 1.0 [ 1960.008702][ T9496] usb 7-1: MIDIStreaming interface descriptor not found [ 1960.031151][T11580] loop5: detected capacity change from 0 to 128 [ 1960.084024][T11580] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 1960.129431][T11580] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1960.234625][ T8] usb 7-1: USB disconnect, device number 2 [ 1960.591842][T11597] loop3: detected capacity change from 0 to 512 [ 1960.613874][T11597] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1960.635337][T11597] EXT4-fs (loop3): 1 truncate cleaned up [ 1960.643984][T11597] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1960.672524][T11597] EXT4-fs error (device loop3): ext4_add_entry:2486: inode #2: comm syz.3.16385: Directory hole found for htree leaf block 0 [ 1960.700459][T11597] EXT4-fs (loop3): Remounting filesystem read-only [ 1960.734857][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1960.808578][ T27] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 1960.828212][T11602] __nla_validate_parse: 3 callbacks suppressed [ 1960.828228][T11602] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16388'. [ 1961.018753][ T27] usb 6-1: Using ep0 maxpacket: 16 [ 1961.037069][ T27] usb 6-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 1961.061682][ T27] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1961.095270][ T27] usb 6-1: Product: syz [ 1961.099485][ T27] usb 6-1: Manufacturer: syz [ 1961.124938][ T27] usb 6-1: SerialNumber: syz [ 1961.140056][ T27] usb 6-1: config 0 descriptor?? [ 1961.318497][ T28] audit: type=1326 audit(2000000231.034:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11619 comm="syz.6.16397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 1961.376273][ T28] audit: type=1326 audit(2000000231.034:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11619 comm="syz.6.16397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 1961.428517][ T27] speedtch 6-1:0.0: speedtch_bind: wrong device class 68 [ 1961.458543][ T27] speedtch 6-1:0.0: usbatm_usb_probe: bind failed: -19! [ 1961.476663][ T28] audit: type=1326 audit(2000000231.053:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11619 comm="syz.6.16397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 1961.509997][T11624] syz.4.16398: attempt to access beyond end of device [ 1961.509997][T11624] loop9: rw=0, sector=0, nr_sectors = 1 limit=0 [ 1961.542145][T11624] FAT-fs (loop9): unable to read boot sector [ 1961.553415][ T28] audit: type=1326 audit(2000000231.062:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11619 comm="syz.6.16397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 1961.669822][ T27] usb 6-1: USB disconnect, device number 3 [ 1961.940065][ T28] audit: type=1326 audit(2000000231.597:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.16405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06e659bf79 code=0x7ffc0000 [ 1961.973632][ T28] audit: type=1326 audit(2000000231.597:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.16405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06e659bf79 code=0x7ffc0000 [ 1961.996634][ T28] audit: type=1326 audit(2000000231.606:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.16405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f06e659bf79 code=0x7ffc0000 [ 1962.057600][ T28] audit: type=1326 audit(2000000231.606:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11635 comm="syz.4.16405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06e659bf79 code=0x7ffc0000 [ 1962.230060][ T28] audit: type=1800 audit(2000000231.883:343): pid=11640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.3.16407" name="/newroot/4102/file0" dev="tmpfs" ino=21276 res=0 errno=0 [ 1962.559716][T11657] loop4: detected capacity change from 0 to 8 [ 1962.566837][T11657] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 1962.630513][T11662] loop3: detected capacity change from 0 to 8 [ 1962.638296][T11657] cramfs: Error -5 while decompressing! [ 1962.654260][T11657] cramfs: ffffffff973f4382(26)->ffff888058d57000(4096) [ 1962.663027][T11657] cramfs: Error -3 while decompressing! [ 1962.670481][T11657] cramfs: ffffffff973f439c(16)->ffff88807a5a4000(4096) [ 1962.687464][T11657] cramfs: Error -5 while decompressing! [ 1962.704080][T11662] SQUASHFS error: Failed to read block 0x6fc: -5 [ 1962.714581][T11657] cramfs: ffffffff973f4382(26)->ffff888058d57000(4096) [ 1962.747103][T11548] udevd[11548]: incorrect cramfs checksum on /dev/loop4 [ 1962.765891][ T28] audit: type=1800 audit(2000000232.372:344): pid=11657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.16414" name="file2" dev="loop4" ino=348 res=0 errno=0 [ 1962.770136][T11662] SQUASHFS error: Unable to read metadata cache entry [6fa] [ 1962.852383][T11548] udevd[11548]: incorrect cramfs checksum on /dev/loop4 [ 1963.323011][T11683] loop6: detected capacity change from 0 to 512 [ 1963.439404][T11683] EXT4-fs (loop6): orphan cleanup on readonly fs [ 1963.491002][T11683] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -13 [ 1963.499890][T11683] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1963.601908][T11683] EXT4-fs error (device loop6): ext4_clear_blocks:883: inode #13: comm syz.6.16425: attempt to clear invalid blocks 2 len 1 [ 1963.624067][T11683] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.16425: invalid indirect mapped block 1819239214 (level 0) [ 1963.710948][T11683] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.16425: invalid indirect mapped block 1819239214 (level 1) [ 1963.768138][T11683] EXT4-fs (loop6): 1 truncate cleaned up [ 1963.791131][T11683] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1963.935813][T11683] EXT4-fs error (device loop6): __ext4_remount:6752: comm syz.6.16425: Abort forced by user [ 1963.959340][T11683] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000. [ 1964.095798][T11002] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1964.893440][T11705] loop3: detected capacity change from 0 to 32768 [ 1964.959049][T11705] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1965.032053][T11705] XFS (loop3): Ending clean mount [ 1965.049126][T11705] XFS (loop3): Quotacheck needed: Please wait. [ 1965.241825][T11705] XFS (loop3): Quotacheck: Done. [ 1965.401719][ T5774] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1965.436808][T11759] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1965.839041][T11777] netlink: 'syz.6.16466': attribute type 1 has an invalid length. [ 1965.847242][T11777] netlink: 232 bytes leftover after parsing attributes in process `syz.6.16466'. [ 1965.962290][T11781] netlink: 32 bytes leftover after parsing attributes in process `syz.6.16468'. [ 1965.971515][T11781] netlink: 32 bytes leftover after parsing attributes in process `syz.6.16468'. [ 1966.162840][T11788] Cannot find del_set index 2 as target [ 1966.171070][T11789] No source specified [ 1966.406737][T11797] loop6: detected capacity change from 0 to 256 [ 1966.932782][T11815] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16484'. [ 1967.028940][T11817] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 1967.219710][T11823] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 1967.818392][T11847] netlink: 20 bytes leftover after parsing attributes in process `syz.6.16500'. [ 1967.940211][T11851] 9pnet_fd: Insufficient options for proto=fd [ 1968.866886][T11866] loop6: detected capacity change from 0 to 32768 [ 1968.875008][T11866] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 scanned by syz.6.16509 (11866) [ 1968.905321][T11866] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1968.951309][T11866] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm [ 1968.981995][T11866] BTRFS info (device loop6): force zlib compression, level 3 [ 1969.019805][T11866] BTRFS info (device loop6): force clearing of disk cache [ 1969.027007][T11866] BTRFS info (device loop6): setting nodatasum [ 1969.070906][T11866] BTRFS info (device loop6): allowing degraded mounts [ 1969.077745][T11866] BTRFS info (device loop6): enabling disk space caching [ 1969.126382][T11866] BTRFS info (device loop6): disk space caching is enabled [ 1969.322413][T11866] BTRFS info (device loop6): auto enabling async discard [ 1969.363418][T11866] BTRFS info (device loop6): rebuilding free space tree [ 1969.445680][T11866] BTRFS info (device loop6): disabling free space tree [ 1969.470458][T11866] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1969.525772][T11866] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1969.728030][T11002] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1969.755476][T11926] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16528'. [ 1970.667099][T11953] netlink: 'syz.3.16542': attribute type 2 has an invalid length. [ 1970.815809][ T9496] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 1970.927416][T11961] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16546'. [ 1971.026205][ T9496] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 1971.046712][ T9496] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1971.050838][T11940] loop6: detected capacity change from 0 to 32768 [ 1971.081868][ T9496] usb 6-1: Product: syz [ 1971.086232][T11940] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop6 scanned by syz.6.16536 (11940) [ 1971.092805][ T9496] usb 6-1: Manufacturer: syz [ 1971.106720][T11965] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16548'. [ 1971.122154][T11940] BTRFS info (device loop6): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 1971.130424][ T9496] usb 6-1: SerialNumber: syz [ 1971.140935][T11940] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm [ 1971.149612][T11940] BTRFS info (device loop6): turning on flush-on-commit [ 1971.158728][ T9496] usb 6-1: config 0 descriptor?? [ 1971.185886][T11940] BTRFS info (device loop6): turning off barriers [ 1971.192381][T11940] BTRFS info (device loop6): turning on sync discard [ 1971.260074][T11940] BTRFS info (device loop6): using free space tree [ 1971.261115][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1971.291320][T11967] program syz.3.16549 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1971.306196][T14505] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 1971.405286][ T9496] hso 6-1:0.0: Failed to find BULK IN ep [ 1971.436652][ T9496] usb-storage 6-1:0.0: USB Mass Storage device detected [ 1971.528111][T14505] usb 5-1: Using ep0 maxpacket: 16 [ 1971.606555][T14505] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 1971.621244][T14505] usb 5-1: config 0 has no interface number 0 [ 1971.627409][T14505] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 208, changing to 11 [ 1971.664584][T14505] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 25296, setting to 1024 [ 1971.664918][T11002] BTRFS info (device loop6): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 1971.681054][T14505] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1971.700964][T14505] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1971.726691][ T9497] usb 6-1: USB disconnect, device number 4 [ 1971.771320][T14505] usb 5-1: Product: syz [ 1971.783922][T14505] usb 5-1: SerialNumber: syz [ 1971.835437][T14505] usb 5-1: config 0 descriptor?? [ 1971.864594][T14505] cm109 5-1:0.8: invalid payload size 1024, expected 4 [ 1971.886878][T14505] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input117 [ 1971.947559][T11548] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop6 scanned by udevd (11548) [ 1972.418218][ C0] cm109 5-1:0.8: cm109_urb_irq_callback: urb status -71 [ 1972.418485][ T9497] usb 5-1: USB disconnect, device number 9 [ 1972.425219][ C0] cm109 5-1:0.8: cm109_urb_irq_callback: usb_submit_urb (urb_ctl) failed -19 [ 1972.484350][ T9497] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1972.544926][T12003] netlink: 'syz.6.16558': attribute type 10 has an invalid length. [ 1972.578771][T12003] netlink: 40 bytes leftover after parsing attributes in process `syz.6.16558'. [ 1972.616214][T12003] netlink: 'syz.6.16558': attribute type 10 has an invalid length. [ 1972.624271][T12003] netlink: 40 bytes leftover after parsing attributes in process `syz.6.16558'. [ 1972.899303][T12014] netlink: 'syz.3.16562': attribute type 10 has an invalid length. [ 1972.941274][T12014] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.16562'. [ 1973.292551][T12021] loop4: detected capacity change from 0 to 4096 [ 1973.314361][T12021] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 1973.380379][T12021] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1973.502591][T12021] ntfs3: loop4: failed to convert "c46c" to macinuit [ 1973.572832][T12036] netlink: 'syz.6.16574': attribute type 1 has an invalid length. [ 1973.590200][T12036] netlink: 'syz.6.16574': attribute type 3 has an invalid length. [ 1973.611763][T12036] netlink: 224 bytes leftover after parsing attributes in process `syz.6.16574'. [ 1973.645129][T12036] NCSI netlink: No device for ifindex 0 [ 1974.273430][T14505] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 1974.434123][T12058] loop3: detected capacity change from 0 to 4096 [ 1974.465771][T12047] loop6: detected capacity change from 0 to 32768 [ 1974.482734][T12058] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 1974.491741][T14505] usb 5-1: Using ep0 maxpacket: 16 [ 1974.497341][T14505] usb 5-1: config 0 has an invalid interface number: 105 but max is 0 [ 1974.498000][T12047] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 scanned by syz.6.16578 (12047) [ 1974.514438][T14505] usb 5-1: config 0 descriptor has 1 excess byte, ignoring [ 1974.548136][T14505] usb 5-1: config 0 has no interface number 0 [ 1974.582820][T14505] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 1974.601239][T14505] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1974.619074][T12058] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1974.627369][T14505] usb 5-1: Product: syz [ 1974.634592][T12047] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1974.644820][T14505] usb 5-1: Manufacturer: syz [ 1974.644840][T14505] usb 5-1: SerialNumber: syz [ 1974.664205][T14505] usb 5-1: config 0 descriptor?? [ 1974.677625][T12047] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm [ 1974.698688][T14505] usb 5-1: Found UVC 0.00 device syz (046d:08f3) [ 1974.701666][T12047] BTRFS info (device loop6): enabling auto defrag [ 1974.733813][T14505] usb 5-1: No valid video chain found. [ 1974.739555][T12058] ntfs3: loop3: failed to convert "c46c" to macinuit [ 1974.751085][T12047] BTRFS info (device loop6): use no compression [ 1974.785003][T12047] BTRFS info (device loop6): force clearing of disk cache [ 1974.837545][T12047] BTRFS info (device loop6): max_inline at 4096 [ 1974.843879][T12047] BTRFS info (device loop6): disabling free space tree [ 1974.921955][ T28] audit: type=1326 audit(2000000243.592:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.5.16588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1974.958643][T14505] usb 5-1: USB disconnect, device number 10 [ 1975.045049][ T28] audit: type=1326 audit(2000000243.592:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.5.16588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1975.092556][T12047] BTRFS info (device loop6): enabling ssd optimizations [ 1975.114500][T12047] BTRFS info (device loop6): auto enabling async discard [ 1975.149146][T12047] BTRFS info (device loop6): rebuilding free space tree [ 1975.187577][ T28] audit: type=1326 audit(2000000243.638:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.5.16588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1975.248955][T12047] BTRFS info (device loop6): disabling free space tree [ 1975.276527][ T28] audit: type=1326 audit(2000000243.638:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.5.16588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1975.284044][T12047] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1975.300352][ T28] audit: type=1326 audit(2000000243.638:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12069 comm="syz.5.16588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56b9d9bf79 code=0x7ffc0000 [ 1975.396001][T12047] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1975.593532][T11002] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1975.941609][T12090] loop3: detected capacity change from 0 to 32768 [ 1976.377610][T12092] loop5: detected capacity change from 0 to 32768 [ 1976.540202][T12092] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1976.740016][T12092] XFS (loop5): Ending clean mount [ 1976.827580][T12126] netlink: 72 bytes leftover after parsing attributes in process `syz.6.16605'. [ 1976.867617][T12126] netlink: 172 bytes leftover after parsing attributes in process `syz.6.16605'. [ 1976.965499][ T9999] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1977.097176][T12133] : renamed from team_slave_1 (while UP) [ 1977.555809][T12147] netlink: 'syz.3.16617': attribute type 21 has an invalid length. [ 1977.982928][T12164] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16624'. [ 1978.180651][T12174] loop5: detected capacity change from 0 to 2048 [ 1978.250701][T12174] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1978.881884][T12198] loop6: detected capacity change from 0 to 65 [ 1978.911778][T12198] BFS-fs: bfs_fill_super(): loop6 is unclean, continuing [ 1978.918876][T12198] BFS-fs: bfs_fill_super(): NOTE: filesystem loop6 was created with 512 inodes, the real maximum is 511, mounting anyway [ 1979.314499][T12212] loop3: detected capacity change from 0 to 4096 [ 1979.397264][T12212] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1979.448593][T12212] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 1979.645507][T12219] bridge1: entered promiscuous mode [ 1980.105082][T12233] netlink: 'syz.3.16658': attribute type 1 has an invalid length. [ 1980.119635][T12235] lo speed is unknown, defaulting to 1000 [ 1980.132435][T12235] lo speed is unknown, defaulting to 1000 [ 1980.143858][T12235] lo speed is unknown, defaulting to 1000 [ 1980.158734][T12213] loop5: detected capacity change from 0 to 32768 [ 1980.176686][T12235] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 1980.207258][T12213] JBD2: Ignoring recovery information on journal [ 1980.253355][T12235] lo speed is unknown, defaulting to 1000 [ 1980.262712][T12235] lo speed is unknown, defaulting to 1000 [ 1980.271583][T12235] lo speed is unknown, defaulting to 1000 [ 1980.282834][T12235] lo speed is unknown, defaulting to 1000 [ 1980.357034][T12235] lo speed is unknown, defaulting to 1000 [ 1980.365994][T12238] netlink: 'syz.6.16661': attribute type 32 has an invalid length. [ 1980.376553][T12213] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1980.389160][T12238] netlink: 16 bytes leftover after parsing attributes in process `syz.6.16661'. [ 1980.427210][T12238] (unnamed net_device) (uninitialized): option coupled_control: mode dependency failed, not supported in mode balance-rr(0) [ 1980.479017][T12235] lo speed is unknown, defaulting to 1000 [ 1980.734395][ T9999] ocfs2: Unmounting device (7,5) on (node local) [ 1981.032128][T12258] netlink: 256 bytes leftover after parsing attributes in process `syz.5.16665'. [ 1981.147677][T12261] delete_channel: no stack [ 1981.220779][ T8] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 1981.241881][T14505] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 1981.399346][T12272] ip6erspan0: entered promiscuous mode [ 1981.429247][ T8] usb 7-1: config 1 has an invalid interface number: 213 but max is 0 [ 1981.438378][ T8] usb 7-1: config 1 has no interface number 0 [ 1981.445759][ T8] usb 7-1: config 1 interface 213 has no altsetting 0 [ 1981.452951][T14505] usb 5-1: Using ep0 maxpacket: 16 [ 1981.471896][ T8] usb 7-1: New USB device found, idVendor=0499, idProduct=5002, bcdDevice=2a.7a [ 1981.481276][T14505] usb 5-1: config 254 has an invalid interface number: 235 but max is 0 [ 1981.489663][T14505] usb 5-1: config 254 has no interface number 0 [ 1981.501732][ T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1981.509827][ T8] usb 7-1: Product: syz [ 1981.523416][ T8] usb 7-1: Manufacturer: 濦턁닫鼮㴩횠茶瞤歜ง๡䳲敯𿌼 [ 1981.532120][T14505] usb 5-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32 [ 1981.542509][ T8] usb 7-1: SerialNumber: syz [ 1981.547177][T21180] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 1981.555724][T14505] usb 5-1: config 254 interface 235 has no altsetting 0 [ 1981.573262][T14505] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1 [ 1981.588392][T14505] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=5 [ 1981.596468][T14505] usb 5-1: Product: syz [ 1981.607740][T14505] usb 5-1: Manufacturer: syz [ 1981.612465][T14505] usb 5-1: SerialNumber: syz [ 1981.632740][T12255] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 1981.772663][T21180] usb 6-1: Using ep0 maxpacket: 8 [ 1981.784878][T21180] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 1981.794266][T21180] usb 6-1: config 179 has no interface number 0 [ 1981.805308][T21180] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1981.833189][ T8] usb 7-1: Quirk or no altest; falling back to MIDI 1.0 [ 1981.840331][T21180] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1981.840366][T21180] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 1981.892125][T21180] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 1981.911477][T14505] usbtest 5-1:254.235: couldn't get endpoints, -71 [ 1981.913579][T21180] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1981.948810][T21180] usb 6-1: config 179 interface 65 has no altsetting 0 [ 1981.952641][T14505] usbtest: probe of 5-1:254.235 failed with error -71 [ 1981.963671][T21180] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1981.975159][ T8] snd-usb-audio: probe of 7-1:1.213 failed with error -2 [ 1981.987289][T14505] usb 5-1: USB disconnect, device number 11 [ 1981.989566][T21180] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1982.002671][ T8] usb 7-1: USB disconnect, device number 3 [ 1982.039796][T11548] udevd[11548]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.213/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1982.086167][T21180] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input118 [ 1982.203776][ T5123] input input118: unable to receive magic message: -110 [ 1982.223166][ T5123] input input118: unable to receive magic message: -32 [ 1982.241307][ T5123] input input118: unable to receive magic message: -32 [ 1982.264024][ T5123] input input118: unable to receive magic message: -32 [ 1982.284261][ T5123] input input118: unable to receive magic message: -32 [ 1982.312219][ T5123] input input118: unable to receive magic message: -32 [ 1982.338354][T12276] loop3: detected capacity change from 0 to 32768 [ 1982.354747][T12276] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.16678 (12276) [ 1982.381552][T12276] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1982.392023][T12276] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 1982.401652][T12276] BTRFS info (device loop3): force zlib compression, level 3 [ 1982.409139][T12276] BTRFS info (device loop3): force clearing of disk cache [ 1982.416529][T12276] BTRFS info (device loop3): setting nodatasum [ 1982.425338][T12276] BTRFS info (device loop3): allowing degraded mounts [ 1982.432296][T12276] BTRFS info (device loop3): enabling disk space caching [ 1982.440514][T12276] BTRFS info (device loop3): disk space caching is enabled [ 1982.501473][T12276] BTRFS info (device loop3): auto enabling async discard [ 1982.514298][T12276] BTRFS info (device loop3): rebuilding free space tree [ 1982.528866][T14505] usb 6-1: USB disconnect, device number 5 [ 1982.529082][ C1] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1982.562501][T14505] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1982.629324][T12276] BTRFS info (device loop3): disabling free space tree [ 1982.636410][T12276] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1982.652867][T12276] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1982.844264][ T5774] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1982.905751][T12298] veth0_macvtap: left promiscuous mode [ 1982.945054][T12298] macvtap0: refused to change device tx_queue_len [ 1983.094857][T21180] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 1983.145883][T12300] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 1983.305059][T21180] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1983.315317][T21180] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1983.327303][T21180] usb 5-1: Product: syz [ 1983.331522][T21180] usb 5-1: Manufacturer: syz [ 1983.347661][T21180] usb 5-1: SerialNumber: syz [ 1983.371176][T21180] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1983.444364][T27432] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1983.551120][T12308] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3) [ 1983.557704][T12308] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1983.586641][T12308] vhci_hcd vhci_hcd.0: Device attached [ 1983.649657][T12313] vhci_hcd vhci_hcd.0: pdev(6) rhport(1) sockfd(5) [ 1983.656252][T12313] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1983.740817][T12313] vhci_hcd vhci_hcd.0: Device attached [ 1983.758302][T12314] vhci_hcd: connection closed [ 1983.758548][T12309] vhci_hcd: connection closed [ 1983.764565][ T1082] vhci_hcd: stop threads [ 1983.774239][ C1] usb 5-1: ath: unknown panic pattern! [ 1983.781642][ T1082] vhci_hcd: release socket [ 1983.796851][ T1082] vhci_hcd: disconnect device [ 1983.801107][T14505] vhci_hcd: vhci_device speed not set [ 1983.803810][ T1082] vhci_hcd: stop threads [ 1983.815472][ T1082] vhci_hcd: release socket [ 1983.820070][ T1082] vhci_hcd: disconnect device [ 1983.907816][T14505] usb 45-1: new full-speed USB device number 2 using vhci_hcd [ 1983.926737][T14505] usb 45-1: enqueue for inactive port 0 [ 1983.992415][ T8] usb 5-1: USB disconnect, device number 12 [ 1984.026993][T14505] vhci_hcd: vhci_device speed not set [ 1984.126394][T12325] loop5: detected capacity change from 0 to 1024 [ 1984.185620][T12325] hfsplus: can't free extent [ 1984.280534][T12319] loop3: detected capacity change from 0 to 32768 [ 1984.306676][T12319] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9 [ 1984.350563][T12327] tmpfs: Unknown parameter 'func' [ 1984.563102][ T5877] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9 [ 1984.605429][T27432] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 1984.633905][T27432] ath9k_htc: Failed to initialize the device [ 1984.640667][ T8] usb 5-1: ath9k_htc: USB layer deinitialized [ 1985.132478][ T8] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 1985.175766][T29143] usb 4-1: new low-speed USB device number 87 using dummy_hcd [ 1985.274868][T12359] loop6: detected capacity change from 0 to 256 [ 1985.282122][T12359] exfat: Deprecated parameter 'namecase' [ 1985.296632][T12359] exfat: Deprecated parameter 'namecase' [ 1985.335536][T12359] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1985.373829][ T8] usb 5-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1 [ 1985.385392][T29143] usb 4-1: config index 0 descriptor too short (expected 1307, got 27) [ 1985.394070][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1985.420283][T29143] usb 4-1: config 0 has an invalid interface number: 0 but max is -1 [ 1985.433876][ T8] usb 5-1: Product: syz [ 1985.439194][ T8] usb 5-1: Manufacturer: syz [ 1985.443854][ T8] usb 5-1: SerialNumber: syz [ 1985.449151][T29143] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 1985.474386][T29143] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 1985.486495][ T8] usb 5-1: config 0 descriptor?? [ 1985.506694][T29143] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 1985.529797][T29143] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1985.567093][T29143] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 1985.613716][T29143] usb 4-1: string descriptor 0 read error: -22 [ 1985.631559][T29143] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 1985.640692][T29143] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1985.676990][T29143] usb 4-1: config 0 descriptor?? [ 1985.684562][T29143] hub 4-1:0.0: bad descriptor, ignoring hub [ 1985.717658][T29143] hub: probe of 4-1:0.0 failed with error -5 [ 1985.731135][T12365] loop6: detected capacity change from 0 to 16 [ 1985.751581][T12365] erofs: (device loop6): mounted with root inode @ nid 36. [ 1985.761639][ T8] int51x1: probe of 5-1:0.0 failed with error -22 [ 1985.772719][T29143] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input119 [ 1985.810640][T12365] syz.6.16711: attempt to access beyond end of device [ 1985.810640][T12365] loop6: rw=524288, sector=1342177272, nr_sectors = 32 limit=16 [ 1985.811183][T12365] syz.6.16711: attempt to access beyond end of device [ 1985.811183][T12365] loop6: rw=0, sector=1342177272, nr_sectors = 32 limit=16 [ 1985.811381][ T28] audit: type=1800 audit(2000000253.641:350): pid=12365 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.16711" name="file1" dev="loop6" ino=86 res=0 errno=0 [ 1986.023446][T27432] usb 4-1: USB disconnect, device number 87 [ 1986.052535][T29143] usb 5-1: USB disconnect, device number 13 [ 1986.121379][T12371] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1986.405266][T12382] loop6: detected capacity change from 0 to 1024 [ 1987.050636][T27432] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 1987.116628][T12404] netlink: 180 bytes leftover after parsing attributes in process `syz.3.16730'. [ 1987.278557][T27432] usb 5-1: Using ep0 maxpacket: 16 [ 1987.305828][T27432] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1987.325070][T27432] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1987.348860][T27432] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1987.369361][T27432] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1987.384951][T27432] usb 5-1: Product: syz [ 1987.392862][T27432] usb 5-1: Manufacturer: syz [ 1987.402056][T27432] usb 5-1: SerialNumber: syz [ 1987.458666][T12410] netlink: 129384 bytes leftover after parsing attributes in process `syz.6.16733'. [ 1987.680962][T27432] usb 5-1: cannot find UAC_HEADER [ 1987.726961][T27432] snd-usb-audio: probe of 5-1:1.0 failed with error -22 [ 1987.747375][T27432] usb 5-1: USB disconnect, device number 14 [ 1987.812183][T11548] udevd[11548]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1987.938991][T12422] netlink: 'syz.5.16739': attribute type 1 has an invalid length. [ 1987.962123][T12422] netlink: 224 bytes leftover after parsing attributes in process `syz.5.16739'. [ 1988.483277][T12436] netlink: 'syz.3.16746': attribute type 2 has an invalid length. [ 1988.511801][T12436] netlink: 224 bytes leftover after parsing attributes in process `syz.3.16746'. [ 1988.926075][T12450] Cannot find add_set index 3 as target [ 1989.247635][T12458] netlink: 'syz.3.16757': attribute type 1 has an invalid length. [ 1989.292741][T12458] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16757'. [ 1989.478991][T12442] loop4: detected capacity change from 0 to 32768 [ 1989.519343][T12442] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1989.632250][T12442] XFS (loop4): Ending clean mount [ 1989.663631][T12442] XFS (loop4): Quotacheck needed: Please wait. [ 1989.789239][T12442] XFS (loop4): Quotacheck: Done. [ 1990.116694][ T9157] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1990.389136][T12501] bridge0: port 1(netdevsim2) entered blocking state [ 1990.399700][T12501] bridge0: port 1(netdevsim2) entered disabled state [ 1990.461473][T12501] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 1990.483375][T12501] netdevsim netdevsim3 netdevsim2: entered promiscuous mode [ 1990.722364][T12506] netlink: 20 bytes leftover after parsing attributes in process `syz.6.16777'. [ 1991.483312][T12534] netlink: 12 bytes leftover after parsing attributes in process `syz.6.16791'. [ 1991.697453][T12538] netlink: 48 bytes leftover after parsing attributes in process `syz.6.16793'. [ 1991.832667][T12542] trusted_key: encrypted_key: keylen parameter is missing [ 1992.003167][T12529] loop5: detected capacity change from 0 to 32768 [ 1992.067831][T12530] loop3: detected capacity change from 0 to 32768 [ 1992.082907][T12529] [ 1992.082907][T12529] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1992.082907][T12529] [ 1992.330399][T27981] [ 1992.330399][T27981] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1992.330399][T27981] [ 1992.372397][T27981] [ 1992.372397][T27981] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1992.372397][T27981] [ 1992.397648][ T112] [ 1992.397648][ T112] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1992.397648][ T112] [ 1992.444892][ T9999] [ 1992.444892][ T9999] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1992.444892][ T9999] [ 1992.498635][ T9999] [ 1992.498635][ T9999] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1992.498635][ T9999] [ 1992.982482][T12569] ip6erspan0: entered allmulticast mode [ 1993.008357][ T28] audit: type=1326 audit(2000000260.275:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12573 comm="syz.3.16810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1959bf79 code=0x7ffc0000 [ 1993.084447][ T28] audit: type=1326 audit(2000000260.275:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12573 comm="syz.3.16810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1959bf79 code=0x7ffc0000 [ 1993.166004][ T28] audit: type=1326 audit(2000000260.302:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12573 comm="syz.3.16810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7fbf1959bf79 code=0x7ffc0000 [ 1993.284704][ T28] audit: type=1326 audit(2000000260.302:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12573 comm="syz.3.16810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1959bf79 code=0x7ffc0000 [ 1993.369321][ T28] audit: type=1326 audit(2000000260.302:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12573 comm="syz.3.16810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1959bf79 code=0x7ffc0000 [ 1993.507317][T12587] netlink: 5 bytes leftover after parsing attributes in process `syz.5.16816'. [ 1993.561815][T12587] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1993.900143][T12605] netlink: 'syz.6.16825': attribute type 21 has an invalid length. [ 1993.908718][T12604] QAT: failed to copy from user cfg_data. [ 1993.922145][T12605] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16825'. [ 1994.117193][T12609] bridge0: port 3(netdevsim2) entered blocking state [ 1994.124038][T12609] bridge0: port 3(netdevsim2) entered disabled state [ 1994.149605][T12609] netdevsim netdevsim6 netdevsim2: entered allmulticast mode [ 1994.158434][T12609] netdevsim netdevsim6 netdevsim2: entered promiscuous mode [ 1994.171887][T12609] bridge0: port 3(netdevsim2) entered blocking state [ 1994.178717][T12609] bridge0: port 3(netdevsim2) entered forwarding state [ 1994.376818][T12617] netlink: 'syz.4.16831': attribute type 1 has an invalid length. [ 1994.385203][T12617] netlink: 224 bytes leftover after parsing attributes in process `syz.4.16831'. [ 1994.704637][T12629] netlink: 'syz.6.16837': attribute type 4 has an invalid length. [ 1994.788438][T12628] xt_CT: No such helper "pptp" [ 1994.809635][T12600] loop3: detected capacity change from 0 to 40427 [ 1994.850361][T12600] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 1994.857663][T12600] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1994.897135][T12600] F2FS-fs (loop3): invalid crc value [ 1994.943940][T12600] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1995.087687][T12600] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1995.113915][T12600] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1995.285452][T12641] loop6: detected capacity change from 0 to 4096 [ 1995.316364][ T28] audit: type=1800 audit(2000000262.406:356): pid=12600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.16823" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 1995.330839][T12641] ntfs3: loop6: Different NTFS sector size (2048) and media sector size (512). [ 1995.430662][T12641] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 1995.441940][ T5774] syz-executor: attempt to access beyond end of device [ 1995.441940][ T5774] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1995.487224][ T5774] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1995.692311][T12632] loop4: detected capacity change from 0 to 32768 [ 1995.786226][T12632] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1996.072813][T12632] XFS (loop4): Ending clean mount [ 1996.179925][T12639] loop5: detected capacity change from 0 to 32768 [ 1996.247749][T12639] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1996.249129][ T9157] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1996.434864][T12643] loop6: detected capacity change from 0 to 32768 [ 1996.493182][T12639] XFS (loop5): Ending clean mount [ 1996.527197][T12643] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 scanned by syz.6.16843 (12643) [ 1996.580090][T12639] XFS (loop5): Quotacheck needed: Please wait. [ 1996.600788][T12643] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1996.682240][T12639] XFS (loop5): Quotacheck: Done. [ 1996.686800][T12643] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm [ 1996.731542][T12643] BTRFS info (device loop6): force zlib compression, level 3 [ 1996.745013][T12643] BTRFS info (device loop6): force clearing of disk cache [ 1996.761316][T12643] BTRFS info (device loop6): setting nodatasum [ 1996.767539][T12643] BTRFS info (device loop6): use zlib compression, level 3 [ 1996.830839][ T9999] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1996.840435][T12643] BTRFS info (device loop6): allowing degraded mounts [ 1996.847280][T12643] BTRFS info (device loop6): enabling disk space caching [ 1996.925074][T12643] BTRFS info (device loop6): disk space caching is enabled [ 1997.094825][T12679] netlink: 'syz.3.16848': attribute type 4 has an invalid length. [ 1997.240731][T12643] BTRFS info (device loop6): enabling ssd optimizations [ 1997.247744][T12643] BTRFS info (device loop6): auto enabling async discard [ 1997.255821][T12687] loop4: detected capacity change from 0 to 128 [ 1997.327987][T12687] FAT-fs (loop4): Directory bread(block 162) failed [ 1997.334670][T12687] FAT-fs (loop4): Directory bread(block 163) failed [ 1997.369530][T12643] BTRFS info (device loop6): rebuilding free space tree [ 1997.411050][T12687] FAT-fs (loop4): Directory bread(block 164) failed [ 1997.451541][T12687] FAT-fs (loop4): Directory bread(block 165) failed [ 1997.468333][T12643] BTRFS info (device loop6): disabling free space tree [ 1997.475291][T12643] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1997.496956][T12693] loop3: detected capacity change from 0 to 1024 [ 1997.501171][T12687] FAT-fs (loop4): Directory bread(block 166) failed [ 1997.520381][T12643] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1997.542137][T12687] FAT-fs (loop4): Directory bread(block 167) failed [ 1997.556446][T12687] FAT-fs (loop4): Directory bread(block 168) failed [ 1997.575148][T12687] FAT-fs (loop4): Directory bread(block 169) failed [ 1997.654983][T12687] FAT-fs (loop4): Directory bread(block 162) failed [ 1997.699546][T12687] FAT-fs (loop4): Directory bread(block 163) failed [ 1997.742267][T12687] syz.4.16850: attempt to access beyond end of device [ 1997.742267][T12687] loop4: rw=3, sector=226, nr_sectors = 6 limit=128 [ 1997.804238][T11002] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1997.835458][T12687] syz.4.16850: attempt to access beyond end of device [ 1997.835458][T12687] loop4: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 1998.513337][T12712] loop4: detected capacity change from 0 to 4096 [ 1998.544928][T12712] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 1999.081767][T12729] loop4: detected capacity change from 0 to 4096 [ 1999.140491][T12729] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1999.211239][T12740] xt_bpf: check failed: parse error [ 1999.436559][ T9157] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1999.777778][T12758] netlink: 'syz.4.16882': attribute type 1 has an invalid length. [ 1999.829298][T12758] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16882'. [ 2000.206290][T12773] netlink: 'syz.4.16888': attribute type 10 has an invalid length. [ 2000.693663][T12795] loop5: detected capacity change from 0 to 1024 [ 2000.778550][T12792] loop6: detected capacity change from 0 to 4096 [ 2000.823170][T12795] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2000.835384][T12792] ntfs3: loop6: Different NTFS sector size (4096) and media sector size (512). [ 2000.971425][T12792] ntfs3: loop6: failed to convert "c46c" to cp866 [ 2000.985433][ T9999] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2001.150652][ T8] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 2001.363884][ T8] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 2001.383141][T12819] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2001.385954][ T8] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 2001.450919][ T8] usb 5-1: config 220 has no interface number 2 [ 2001.465224][ T8] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 2001.493583][ T8] usb 5-1: config 220 interface 0 has no altsetting 0 [ 2001.504868][ T8] usb 5-1: config 220 interface 76 has no altsetting 0 [ 2001.513050][ T8] usb 5-1: config 220 interface 1 has no altsetting 0 [ 2001.523229][ T8] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 2001.538686][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2001.553342][ T8] usb 5-1: Product: syz [ 2001.566598][ T8] usb 5-1: Manufacturer: syz [ 2001.578545][ T8] usb 5-1: SerialNumber: syz [ 2001.701788][T12829] loop6: detected capacity change from 0 to 128 [ 2001.782176][T12829] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 2001.803869][T12829] hpfs: filesystem error: improperly stopped [ 2001.844146][T12829] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 2001.845450][ T8] usb 5-1: selecting invalid altsetting 0 [ 2001.857776][T12829] hpfs: You really don't want any checks? You are crazy... [ 2001.858483][T12829] hpfs: hpfs_map_sector(): read error [ 2001.871284][T12829] hpfs: code page support is disabled [ 2001.878430][T12829] hpfs: hpfs_map_4sectors(): unaligned read [ 2001.884590][T12829] hpfs: hpfs_map_4sectors(): unaligned read [ 2001.890993][T12829] hpfs: filesystem error: unable to find root dir [ 2001.899121][ T8] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 2001.905517][ T8] usb 5-1: No valid video chain found. [ 2001.964815][ T8] usb 5-1: selecting invalid altsetting 0 [ 2001.970680][ T8] usbtest: probe of 5-1:220.1 failed with error -22 [ 2002.001853][ T8] usb 5-1: USB disconnect, device number 15 [ 2002.502990][T12849] loop6: detected capacity change from 0 to 1024 [ 2002.559552][T12849] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 2002.655001][T12849] hfsplus: filesystem is marked journaled, leaving read-only. [ 2002.989018][T12838] loop5: detected capacity change from 0 to 40427 [ 2003.019486][T12838] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 2003.044991][T12838] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 2003.076956][T12838] F2FS-fs (loop5): invalid crc value [ 2003.115782][T12838] F2FS-fs (loop5): Found nat_bits in checkpoint [ 2003.142007][T12847] loop3: detected capacity change from 0 to 32768 [ 2003.231936][T12847] (syz.3.16919,12847,0):ocfs2_find_slot:468 ERROR: no free slots available! [ 2003.251711][T12847] (syz.3.16919,12847,0):ocfs2_mount_volume:1807 ERROR: status = -22 [ 2003.284625][T12838] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 2003.293720][T12847] (syz.3.16919,12847,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 2003.308720][T12838] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 2003.375042][T12847] NILFS (loop3): couldn't find nilfs on the device [ 2003.472599][T12865] loop6: detected capacity change from 0 to 64 [ 2003.846312][T12851] loop4: detected capacity change from 0 to 32768 [ 2004.345498][T12883] IPv6: NLM_F_CREATE should be specified when creating new route [ 2004.409171][T12882] loop6: detected capacity change from 0 to 1764 [ 2004.483893][T12882] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 2004.705972][T12893] loop6: detected capacity change from 0 to 256 [ 2004.757135][T12893] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 2004.808157][T12899] overlayfs: unescaped trailing colons in lowerdir mount option. [ 2005.028833][T12905] loop3: detected capacity change from 0 to 128 [ 2005.046817][T12905] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 2005.060225][T12905] hpfs: filesystem error: improperly stopped [ 2005.074306][T12905] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 2005.119699][T12905] hpfs: You really don't want any checks? You are crazy... [ 2005.160590][T12905] hpfs: hpfs_map_sector(): read error [ 2005.166032][T12905] hpfs: code page support is disabled [ 2005.189156][T12905] hpfs: hpfs_map_4sectors(): unaligned read [ 2005.204029][T12905] hpfs: hpfs_map_4sectors(): unaligned read [ 2005.209963][T12905] hpfs: filesystem error: unable to find root dir [ 2005.597017][T12919] loop3: detected capacity change from 0 to 4096 [ 2005.621925][T12919] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 2005.646106][T12924] loop6: detected capacity change from 0 to 1024 [ 2005.741768][T12919] ntfs3: loop3: ino=0, attr_set_size [ 2006.266123][T12944] netlink: 'syz.3.16965': attribute type 2 has an invalid length. [ 2006.277373][T27432] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 2006.539548][T27432] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 2006.554640][T27432] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2006.598629][T27432] usb 6-1: config 0 descriptor?? [ 2006.618381][T27432] cp210x 6-1:0.0: cp210x converter detected [ 2006.803724][T12963] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16975'. [ 2006.828926][T12963] netlink: 8 bytes leftover after parsing attributes in process `syz.6.16975'. [ 2006.861474][T27432] usb 6-1: cp210x converter now attached to ttyUSB0 [ 2006.940756][T12965] bond3: entered allmulticast mode [ 2007.115185][T27432] usb 6-1: USB disconnect, device number 6 [ 2007.159941][T27432] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 2007.188573][T27432] cp210x 6-1:0.0: device disconnected [ 2007.369863][T12984] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.16985'. [ 2007.553814][T12991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16989'. [ 2007.606065][T12988] loop6: detected capacity change from 0 to 4096 [ 2007.644538][T12988] ntfs3: loop6: Different NTFS sector size (4096) and media sector size (512). [ 2008.207967][T13013] netlink: 28 bytes leftover after parsing attributes in process `syz.5.16999'. [ 2008.250926][T13013] netlink: 28 bytes leftover after parsing attributes in process `syz.5.16999'. [ 2008.288382][T13013] netlink: 'syz.5.16999': attribute type 6 has an invalid length. [ 2008.497918][T13023] netlink: 176 bytes leftover after parsing attributes in process `syz.5.17004'. [ 2008.700815][T13030] loop6: detected capacity change from 0 to 4096 [ 2008.727784][T13030] ntfs3: loop6: Different NTFS sector size (4096) and media sector size (512). [ 2008.836082][T13030] ntfs3: loop6: Failed to initialize $Extend/$Reparse. [ 2009.259719][T13052] netlink: 'syz.6.17018': attribute type 1 has an invalid length. [ 2009.270449][T13052] netlink: 224 bytes leftover after parsing attributes in process `syz.6.17018'. [ 2009.322333][T13054] netlink: 52 bytes leftover after parsing attributes in process `syz.4.17019'. [ 2009.734129][T13070] netlink: 40 bytes leftover after parsing attributes in process `syz.3.17028'. [ 2009.810953][T13075] loop5: detected capacity change from 0 to 256 [ 2010.509447][T13098] loop6: detected capacity change from 0 to 4096 [ 2010.922669][T13110] openvswitch: netlink: Actions may not be safe on all matching packets [ 2010.976970][ T28] audit: type=1326 audit(2000000276.856:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13113 comm="syz.6.17048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2011.048305][ T28] audit: type=1326 audit(2000000276.856:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13113 comm="syz.6.17048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2011.085140][T13092] loop4: detected capacity change from 0 to 32768 [ 2011.088990][ T28] audit: type=1326 audit(2000000276.856:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13113 comm="syz.6.17048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2011.152672][ T28] audit: type=1326 audit(2000000276.856:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13113 comm="syz.6.17048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2011.208043][ T28] audit: type=1326 audit(2000000276.856:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13113 comm="syz.6.17048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2011.213079][T13092] JBD2: Ignoring recovery information on journal [ 2011.283093][ T28] audit: type=1326 audit(2000000276.911:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13113 comm="syz.6.17048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2011.361505][ T28] audit: type=1326 audit(2000000276.920:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13113 comm="syz.6.17048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff33d35c84e code=0x7ffc0000 [ 2011.392260][ T28] audit: type=1326 audit(2000000276.920:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13113 comm="syz.6.17048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff33d35c84e code=0x7ffc0000 [ 2011.434522][T13092] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 2011.474887][ T28] audit: type=1326 audit(2000000276.920:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13113 comm="syz.6.17048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff33d35c84e code=0x7ffc0000 [ 2011.530368][ T28] audit: type=1326 audit(2000000276.929:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13113 comm="syz.6.17048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff33d35c84e code=0x7ffc0000 [ 2011.730555][T13123] loop3: detected capacity change from 0 to 64 [ 2011.825420][ T9157] ocfs2: Unmounting device (7,4) on (node local) [ 2012.336642][T13138] netdevsim netdevsim5: Direct firmware load for / [ 2012.336642][T13138] failed with error -2 [ 2012.373873][T13138] netdevsim netdevsim5: Falling back to sysfs fallback for: / [ 2012.373873][T13138] [ 2012.586193][T13148] loop4: detected capacity change from 0 to 2048 [ 2012.634437][T13150] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 2012.674804][T13152] ksmbd: Unknown IPC event: 10, ignore. [ 2012.719005][T13148] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12 [ 2012.774626][T13148] Remounting filesystem read-only [ 2013.063078][T13159] batadv1: entered allmulticast mode [ 2013.069790][T13159] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 2013.342131][T13153] loop6: detected capacity change from 0 to 32768 [ 2013.427342][T13153] find_entry called with index >= next_index [ 2013.462339][T13153] find_entry called with index >= next_index [ 2013.468692][T13153] find_entry called with index >= next_index [ 2013.728567][T13178] loop5: detected capacity change from 0 to 47 [ 2013.886304][T27432] usb 4-1: new high-speed USB device number 88 using dummy_hcd [ 2014.101696][T27432] usb 4-1: Using ep0 maxpacket: 32 [ 2014.110274][T27432] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2014.146925][T27432] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 2014.177756][T27432] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2014.208292][T27432] usb 4-1: Product: syz [ 2014.215179][T27432] usb 4-1: Manufacturer: syz [ 2014.225345][T27432] usb 4-1: SerialNumber: syz [ 2014.246555][T27432] usb 4-1: config 0 descriptor?? [ 2014.272224][T27432] quatech2 4-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected [ 2014.369485][T13192] loop4: detected capacity change from 0 to 1024 [ 2014.507357][T13192] hfsplus: catalog name length corrupted [ 2014.513840][T27432] usb 4-1: qt2_setup_urbs - submit read urb failed -8 [ 2014.520980][T27432] quatech2: probe of 4-1:0.0 failed with error -8 [ 2014.757417][T21180] usb 4-1: USB disconnect, device number 88 [ 2014.941247][T13213] netlink: 4 bytes leftover after parsing attributes in process `syz.4.17092'. [ 2015.032754][T13216] loop6: detected capacity change from 0 to 64 [ 2015.174250][T13219] netlink: 132 bytes leftover after parsing attributes in process `syz.4.17096'. [ 2015.564834][T21180] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 2015.772660][T21180] usb 5-1: config index 0 descriptor too short (expected 39, got 27) [ 2015.780944][T21180] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 2015.803674][T21180] usb 5-1: config 0 interface 0 has no altsetting 0 [ 2015.812800][T21180] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 2015.822520][T21180] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 2015.833461][T21180] usb 5-1: Product: syz [ 2015.842127][T21180] usb 5-1: Manufacturer: syz [ 2015.857333][T21180] usb 5-1: SerialNumber: syz [ 2015.864488][T21180] usb 5-1: config 0 descriptor?? [ 2015.902724][T21180] hub 5-1:0.0: bad descriptor, ignoring hub [ 2015.908792][T21180] hub: probe of 5-1:0.0 failed with error -5 [ 2015.940225][T21180] usb 5-1: selecting invalid altsetting 0 [ 2016.309424][T13253] loop5: detected capacity change from 0 to 64 [ 2016.383846][T13253] syz.5.17113: attempt to access beyond end of device [ 2016.383846][T13253] loop5: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 2016.422364][T13253] Buffer I/O error on dev loop5, logical block 134217734, async page read [ 2016.475735][T27432] usb 5-1: USB disconnect, device number 16 [ 2016.559102][T13259] netlink: 'syz.6.17116': attribute type 1 has an invalid length. [ 2016.628642][T21180] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 2016.862620][T21180] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 2016.882487][T21180] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2016.899311][T21180] usb 4-1: Product: syz [ 2016.903671][T21180] usb 4-1: Manufacturer: syz [ 2016.909569][T21180] usb 4-1: SerialNumber: syz [ 2016.927031][T21180] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 2016.963873][T27432] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 2017.454054][T21180] usb 4-1: USB disconnect, device number 89 [ 2017.836325][T13291] loop5: detected capacity change from 0 to 2048 [ 2017.842840][T13277] loop4: detected capacity change from 0 to 32768 [ 2017.859752][T13277] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.17125 (13277) [ 2017.879930][T13291] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 2017.943604][T13277] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 2017.976322][T13277] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 2018.007737][T13277] BTRFS info (device loop4): force zlib compression, level 3 [ 2018.020460][T13277] BTRFS info (device loop4): force clearing of disk cache [ 2018.046724][T13277] BTRFS info (device loop4): setting nodatasum [ 2018.052967][T13277] BTRFS info (device loop4): use zlib compression, level 3 [ 2018.077407][T13277] BTRFS info (device loop4): allowing degraded mounts [ 2018.101906][T13277] BTRFS info (device loop4): enabling disk space caching [ 2018.122269][T13277] BTRFS info (device loop4): disk space caching is enabled [ 2018.187797][T27432] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 2018.194919][T27432] ath9k_htc: Failed to initialize the device [ 2018.227983][T21180] usb 4-1: ath9k_htc: USB layer deinitialized [ 2018.339445][T13277] BTRFS info (device loop4): enabling ssd optimizations [ 2018.346492][T13277] BTRFS info (device loop4): auto enabling async discard [ 2018.384037][T13277] BTRFS info (device loop4): rebuilding free space tree [ 2018.416756][T13277] BTRFS info (device loop4): disabling free space tree [ 2018.458030][T13277] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 2018.478968][T13277] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 2018.814459][ T9157] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 2018.880097][T13325] loop3: detected capacity change from 0 to 1024 [ 2019.131759][ T3514] hfsplus: b-tree write err: -5, ino 4 [ 2019.269330][T13335] openvswitch: netlink: Actions may not be safe on all matching packets [ 2019.507020][T13343] loop3: detected capacity change from 0 to 64 [ 2019.711208][T13347] netlink: 52 bytes leftover after parsing attributes in process `syz.4.17151'. [ 2020.534538][T13377] loop4: detected capacity change from 0 to 256 [ 2020.640783][T13377] FAT-fs (loop4): Directory bread(block 64) failed [ 2020.680193][T13377] FAT-fs (loop4): Directory bread(block 65) failed [ 2020.686904][T13377] FAT-fs (loop4): Directory bread(block 66) failed [ 2020.734354][T13377] FAT-fs (loop4): Directory bread(block 67) failed [ 2020.741049][T13377] FAT-fs (loop4): Directory bread(block 68) failed [ 2020.786009][T13377] FAT-fs (loop4): Directory bread(block 69) failed [ 2020.805443][T13377] FAT-fs (loop4): Directory bread(block 70) failed [ 2020.821285][T13377] FAT-fs (loop4): Directory bread(block 71) failed [ 2020.838540][T13377] FAT-fs (loop4): Directory bread(block 72) failed [ 2020.853795][T13377] FAT-fs (loop4): Directory bread(block 73) failed [ 2021.308943][T13404] netlink: 8 bytes leftover after parsing attributes in process `syz.4.17177'. [ 2021.536531][T13412] i2c i2c-0: Invalid block write size 252 [ 2022.124746][T13434] loop6: detected capacity change from 0 to 4096 [ 2022.156020][T13434] ntfs3: loop6: Different NTFS sector size (4096) and media sector size (512). [ 2022.233417][T13440] TCP: TCP_TX_DELAY enabled [ 2022.278626][T13442] netdevsim netdevsim4: Direct firmware load for / [ 2022.278626][T13442] failed with error -2 [ 2022.293330][T13442] netdevsim netdevsim4: Falling back to sysfs fallback for: / [ 2022.293330][T13442] [ 2022.310887][T13434] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 2022.652482][T13422] loop5: detected capacity change from 0 to 32768 [ 2023.017252][T13458] netlink: 'syz.3.17205': attribute type 11 has an invalid length. [ 2023.038091][T27432] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 2023.229355][T13465] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 2023.266000][T27432] usb 7-1: config 0 has an invalid interface number: 40 but max is 0 [ 2023.281998][T27432] usb 7-1: config 0 has no interface number 0 [ 2023.290851][T27432] usb 7-1: New USB device found, idVendor=0403, idProduct=a951, bcdDevice=c0.f8 [ 2023.301962][T13465] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2023.326938][T13465] syz0: rxe_set_mtu: Set mtu to 1024 [ 2023.333387][T27432] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2023.345726][T13465] infiniband syz0: set active [ 2023.354363][T27432] usb 7-1: config 0 descriptor?? [ 2023.366427][T13465] lo: entered promiscuous mode [ 2023.371642][T13465] lo: entered allmulticast mode [ 2023.379992][T13465] bond0: (slave lo): Enslaving as an active interface with an up link [ 2023.389413][T27432] hub 7-1:0.40: bad descriptor, ignoring hub [ 2023.395965][T27432] hub: probe of 7-1:0.40 failed with error -5 [ 2023.402815][ T9497] lo speed is unknown, defaulting to 1000 [ 2023.428994][ T9497] lo speed is unknown, defaulting to 1000 [ 2023.449790][T27432] ftdi_sio 7-1:0.40: FTDI USB Serial Device converter detected [ 2023.481713][T27432] ftdi_sio ttyUSB0: unknown device type: 0xc0f8 [ 2023.726307][T14505] usb 7-1: USB disconnect, device number 4 [ 2023.733396][T14505] ftdi_sio 7-1:0.40: device disconnected [ 2023.829327][T13479] loop5: detected capacity change from 0 to 1024 [ 2024.005762][T27981] hfsplus: b-tree write err: -5, ino 4 [ 2024.178376][T13473] loop3: detected capacity change from 0 to 32768 [ 2024.215129][T13473] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.17213 (13473) [ 2024.286317][T13473] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 2024.332519][T13473] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 2024.340628][T13493] netlink: 56 bytes leftover after parsing attributes in process `syz.6.17222'. [ 2024.341865][T13473] BTRFS info (device loop3): force zlib compression, level 3 [ 2024.420325][T13473] BTRFS info (device loop3): force clearing of disk cache [ 2024.427993][T13473] BTRFS info (device loop3): setting nodatasum [ 2024.451666][T13473] BTRFS info (device loop3): use zlib compression, level 3 [ 2024.476231][T13473] BTRFS info (device loop3): allowing degraded mounts [ 2024.483710][T13473] BTRFS info (device loop3): enabling disk space caching [ 2024.527542][T13473] BTRFS info (device loop3): disk space caching is enabled [ 2024.600100][T13495] loop5: detected capacity change from 0 to 4096 [ 2024.640162][T13495] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 2024.712252][T13473] BTRFS info (device loop3): enabling ssd optimizations [ 2024.760331][T13519] netlink: 'syz.4.17227': attribute type 5 has an invalid length. [ 2024.763482][T13473] BTRFS info (device loop3): auto enabling async discard [ 2024.811440][T13495] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 2024.823724][T13519] ip6erspan0: entered allmulticast mode [ 2024.829681][T13495] ntfs3: loop5: Failed to load $Extend (-22). [ 2024.839585][T13495] ntfs3: loop5: Failed to initialize $Extend. [ 2024.863975][T13473] BTRFS info (device loop3): rebuilding free space tree [ 2024.934219][T13473] BTRFS info (device loop3): disabling free space tree [ 2024.960955][T13473] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 2024.971696][T13473] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 2025.235605][ T5774] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 2025.389579][T13530] netlink: 176 bytes leftover after parsing attributes in process `syz.4.17232'. [ 2025.806691][T14505] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 2026.001857][T14505] usb 7-1: Using ep0 maxpacket: 16 [ 2026.027101][T14505] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 7.00 [ 2026.069954][T14505] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2026.098029][T14505] usb 7-1: Product: syz [ 2026.117347][T14505] usb 7-1: Manufacturer: syz [ 2026.150094][T14505] usb 7-1: SerialNumber: syz [ 2026.194092][T14505] usb 7-1: config 0 descriptor?? [ 2026.225570][T14505] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected [ 2026.247080][T14505] usb 7-1: Detected FT2232H [ 2026.302474][T13558] loop5: detected capacity change from 0 to 1024 [ 2026.448142][T14505] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 2026.475489][T14505] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 2026.491034][T14505] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 2026.532253][T14505] usb 7-1: USB disconnect, device number 5 [ 2026.540578][ T3514] hfsplus: b-tree write err: -5, ino 4 [ 2026.581408][T14505] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 2026.607016][T14505] ftdi_sio 7-1:0.0: device disconnected [ 2026.908660][T13575] xt_l2tp: invalid flags combination: 0 [ 2027.655404][T13596] loop6: detected capacity change from 0 to 256 [ 2027.699008][T13596] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 2027.805509][T13578] loop5: detected capacity change from 0 to 32768 [ 2028.225210][T13578] ERROR: (device loop5): dbAllocAG: unable to allocate blocks [ 2028.225210][T13578] [ 2028.313816][T13613] loop6: detected capacity change from 0 to 1024 [ 2028.355011][T13613] EXT4-fs: Ignoring removed nomblk_io_submit option [ 2028.448293][T13613] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 2028.552124][T13613] VFS: Lookup of 'file0' in ext4 loop6 would have caused loop [ 2028.680886][T11002] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2028.880120][T13628] netlink: 8 bytes leftover after parsing attributes in process `syz.6.17279'. [ 2029.577413][T13652] netlink: 128 bytes leftover after parsing attributes in process `syz.4.17291'. [ 2029.606579][T13652] netlink: 20 bytes leftover after parsing attributes in process `syz.4.17291'. [ 2029.628228][ T28] kauditd_printk_skb: 132 callbacks suppressed [ 2029.628243][ T28] audit: type=1326 audit(2000000294.073:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13655 comm="syz.6.17292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2029.697255][ T28] audit: type=1326 audit(2000000294.101:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13655 comm="syz.6.17292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2029.797092][ T28] audit: type=1326 audit(2000000294.101:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13655 comm="syz.6.17292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2029.885935][ T28] audit: type=1326 audit(2000000294.101:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13655 comm="syz.6.17292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2029.975232][ T28] audit: type=1326 audit(2000000294.101:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13655 comm="syz.6.17292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33d39bf79 code=0x7ffc0000 [ 2030.474927][T13682] loop4: detected capacity change from 0 to 1764 [ 2030.546030][T13682] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 2030.759896][T13690] loop6: detected capacity change from 0 to 64 [ 2030.881989][T13690] Trying to free block not in datazone [ 2031.032979][T13699] loop3: detected capacity change from 0 to 2048 [ 2031.090972][T13699] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 2031.782234][T13724] netlink: 36 bytes leftover after parsing attributes in process `syz.3.17325'. [ 2031.820760][T13728] netlink: 72 bytes leftover after parsing attributes in process `syz.5.17324'. [ 2031.862088][T13728] netlink: 12 bytes leftover after parsing attributes in process `syz.5.17324'. [ 2031.909795][T13728] netlink: 8 bytes leftover after parsing attributes in process `syz.5.17324'. [ 2031.973790][T13732] netlink: 'syz.3.17329': attribute type 1 has an invalid length. [ 2032.155420][T13736] netlink: 4 bytes leftover after parsing attributes in process `syz.4.17331'. [ 2032.196732][T13736] netlink: 60 bytes leftover after parsing attributes in process `syz.4.17331'. [ 2032.228164][T13738] loop3: detected capacity change from 0 to 1024 [ 2032.237264][T13736] netlink: 60 bytes leftover after parsing attributes in process `syz.4.17331'. [ 2032.287694][T13738] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2032.509197][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2033.302933][T13781] IPv6: Can't replace route, no match found [ 2034.154326][T13810] loop3: detected capacity change from 0 to 64 [ 2034.208060][T13810] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 2034.231929][T13810] hfs: filesystem is marked locked, mounting read-only. [ 2034.450330][T13799] loop6: detected capacity change from 0 to 32768 [ 2034.531217][T13799] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 2034.654670][T13832] loop4: detected capacity change from 0 to 512 [ 2034.708710][T13799] XFS (loop6): Ending clean mount [ 2034.728310][T13799] XFS (loop6): Quotacheck needed: Please wait. [ 2034.811332][T13832] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c02c, mo2=0002] [ 2034.843841][T13832] System zones: 1-12 [ 2034.873087][T13832] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.17371: error while reading EA inode 32 err=-116 [ 2034.887586][T13799] XFS (loop6): Quotacheck: Done. [ 2034.937429][T13832] EXT4-fs (loop4): Remounting filesystem read-only [ 2034.971701][T13832] EXT4-fs warning (device loop4): ext4_evict_inode:255: couldn't mark inode dirty (err -5) [ 2034.986538][T13832] EXT4-fs (loop4): 1 orphan inode deleted [ 2034.993470][T13832] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2035.088043][T11002] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 2035.112552][ T9157] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2035.464573][T13820] loop3: detected capacity change from 0 to 40427 [ 2035.506485][T13820] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 2035.514294][T13820] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 2035.528928][T13820] F2FS-fs (loop3): invalid crc value [ 2035.566925][T13820] F2FS-fs (loop3): Found nat_bits in checkpoint [ 2035.684753][T13820] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 2035.712164][T13820] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 2035.820750][T14505] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 2036.040762][T14505] usb 6-1: config 0 has an invalid interface number: 132 but max is 0 [ 2036.059148][T14505] usb 6-1: config 0 has no interface number 0 [ 2036.088391][T14505] usb 6-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 2036.102388][T14505] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2036.110518][T14505] usb 6-1: Product: syz [ 2036.132338][T14505] usb 6-1: Manufacturer: syz [ 2036.141155][T14505] usb 6-1: SerialNumber: syz [ 2036.164476][T14505] usb 6-1: config 0 descriptor?? [ 2036.171990][T14505] hub 6-1:0.132: bad descriptor, ignoring hub [ 2036.185170][T14505] hub: probe of 6-1:0.132 failed with error -5 [ 2036.205726][T14505] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.132/input/input121 [ 2036.611972][T27432] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 2036.735354][T13880] __nla_validate_parse: 2 callbacks suppressed [ 2036.735372][T13880] netlink: 24 bytes leftover after parsing attributes in process `syz.4.17392'. [ 2036.761796][T13880] gre0: entered allmulticast mode [ 2036.793540][T13882] AppArmor: change_hat: Invalid input '0' [ 2036.828872][T14505] usb 6-1: USB disconnect, device number 7 [ 2036.833927][T27432] usb 4-1: Using ep0 maxpacket: 32 [ 2036.903098][T27432] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 2036.919048][T27432] usb 4-1: config 0 has no interface number 0 [ 2036.925632][T27432] usb 4-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 2036.949173][T27432] usb 4-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 2036.973475][T27432] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 2036.982780][T27432] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2036.990821][T27432] usb 4-1: Product: syz [ 2037.012612][T27432] usb 4-1: Manufacturer: syz [ 2037.017273][T27432] usb 4-1: SerialNumber: syz [ 2037.024612][T27432] usb 4-1: config 0 descriptor?? [ 2037.043079][T13885] loop6: detected capacity change from 0 to 4096 [ 2037.118483][T13885] ntfs: (device loop6): parse_options(): NLS character set cp8 Oone_multiplier=0x0000000000000001gid=0 not found. Using previous one cp862. [ 2037.176721][T13885] ntfs: (device loop6): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 2037.191226][T13885] ntfs: (device loop6): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 2037.215727][T13885] ntfs: (device loop6): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 2037.228886][T13885] ntfs: (device loop6): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 2037.250066][T13885] ntfs: (device loop6): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 2037.301123][T13885] ntfs: volume version 3.1. [ 2037.331677][T13885] ntfs: (device loop6): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 2037.344741][T13885] ntfs: (device loop6): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 2037.391952][T13885] ntfs: (device loop6): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 2037.410046][T13885] ntfs: (device loop6): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 2037.512228][T27432] radio-si470x 4-1:0.35: si470x_get_report: usb_control_msg returned -71 [ 2037.528971][T27432] radio-si470x: probe of 4-1:0.35 failed with error -5 [ 2037.599439][T27432] radio-raremono 4-1:0.35: this is not Thanko's Raremono. [ 2037.646682][T27432] usb 4-1: USB disconnect, device number 90 [ 2037.830964][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 2038.231696][T13918] netlink: 8 bytes leftover after parsing attributes in process `syz.5.17409'. [ 2038.289930][T13922] CIFS mount error: No usable UNC path provided in device string! [ 2038.289930][T13922] [ 2038.313317][T13922] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 2038.728345][T13944] loop4: detected capacity change from 0 to 512 [ 2038.767161][T13944] EXT4-fs (loop4): Test dummy encryption mode enabled [ 2038.778164][T13946] loop3: detected capacity change from 0 to 256 [ 2038.801708][T13944] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 2038.872898][T13946] FAT-fs (loop3): Directory bread(block 64) failed [ 2038.891774][T13946] FAT-fs (loop3): Directory bread(block 65) failed [ 2038.900280][T13944] EXT4-fs error (device loop4): ext4_orphan_get:1424: comm syz.4.17421: bad orphan inode 131083 [ 2038.935635][T13946] FAT-fs (loop3): Directory bread(block 66) failed [ 2038.942286][T13946] FAT-fs (loop3): Directory bread(block 67) failed [ 2038.948929][T13946] FAT-fs (loop3): Directory bread(block 68) failed [ 2038.956606][T13946] FAT-fs (loop3): Directory bread(block 69) failed [ 2038.963267][T13946] FAT-fs (loop3): Directory bread(block 70) failed [ 2038.970020][T13946] FAT-fs (loop3): Directory bread(block 71) failed [ 2038.976018][T13944] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 2038.976988][T13946] FAT-fs (loop3): Directory bread(block 72) failed [ 2038.995258][T13946] FAT-fs (loop3): Directory bread(block 73) failed [ 2039.171578][T13954] netlink: 'syz.6.17426': attribute type 2 has an invalid length. [ 2039.206953][T13954] netlink: 723 bytes leftover after parsing attributes in process `syz.6.17426'. [ 2039.210352][ T9157] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 2039.488193][T13964] netlink: 4 bytes leftover after parsing attributes in process `syz.6.17430'. [ 2039.550305][T13968] netlink: 'syz.4.17431': attribute type 21 has an invalid length. [ 2039.558406][T13968] netlink: 132 bytes leftover after parsing attributes in process `syz.4.17431'. [ 2039.587719][T13968] netlink: 'syz.4.17431': attribute type 1 has an invalid length. [ 2039.890364][ T8] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 2040.110180][ T8] usb 4-1: too many configurations: 37, using maximum allowed: 8 [ 2040.139059][T13993] overlayfs: missing 'lowerdir' [ 2040.216946][ T8] usb 4-1: string descriptor 0 read error: -71 [ 2040.242431][ T8] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 2040.275107][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2040.318846][ T8] usb 4-1: can't set config #1, error -71 [ 2040.341844][ T8] usb 4-1: USB disconnect, device number 91 [ 2040.592497][T14011] loop5: detected capacity change from 0 to 16 [ 2040.610092][T14011] erofs: (device loop5): mounted with root inode @ nid 36. [ 2040.935100][T14022] netlink: 'syz.4.17459': attribute type 21 has an invalid length. [ 2041.016637][T14027] loop6: detected capacity change from 0 to 164 [ 2041.064269][T14027] Symlink component flag not implemented [ 2041.070510][T14027] Symlink component flag not implemented (7) [ 2041.358367][T14039] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 2042.091278][T14070] netlink: 1964 bytes leftover after parsing attributes in process `syz.3.17483'. [ 2042.218822][T14077] IPVS: set_ctl: invalid protocol: 50 224.0.0.1:20001 [ 2042.514045][T14092] netlink: 'syz.6.17493': attribute type 2 has an invalid length. [ 2042.523186][T14092] netlink: 8 bytes leftover after parsing attributes in process `syz.6.17493'. [ 2042.586929][T14094] netlink: 'syz.6.17494': attribute type 21 has an invalid length. [ 2042.595977][T14094] netlink: 'syz.6.17494': attribute type 1 has an invalid length. [ 2042.603841][T14094] netlink: 132 bytes leftover after parsing attributes in process `syz.6.17494'. [ 2042.616898][T27432] usb 4-1: new high-speed USB device number 92 using dummy_hcd [ 2042.757080][T14505] usb 5-1: new full-speed USB device number 17 using dummy_hcd [ 2042.844707][T27432] usb 4-1: Using ep0 maxpacket: 8 [ 2042.857842][T27432] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 2042.875856][T27432] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2042.883938][T27432] usb 4-1: Product: syz [ 2042.888330][T27432] usb 4-1: Manufacturer: syz [ 2042.892952][T27432] usb 4-1: SerialNumber: syz [ 2042.899935][T27432] usb 4-1: config 0 descriptor?? [ 2042.915505][T27432] gspca_main: se401-2.14.0 probing 047d:5003 [ 2042.969251][T14505] usb 5-1: config 0 has an invalid interface number: 132 but max is 0 [ 2042.995080][T14505] usb 5-1: config 0 has no interface number 0 [ 2043.004061][T14505] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 2043.014071][T14505] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2043.022476][T14505] usb 5-1: Product: syz [ 2043.027344][T14505] usb 5-1: Manufacturer: syz [ 2043.032944][T14505] usb 5-1: SerialNumber: syz [ 2043.040707][T14505] usb 5-1: config 0 descriptor?? [ 2043.051646][T14505] hub 5-1:0.132: bad descriptor, ignoring hub [ 2043.070977][T14505] hub: probe of 5-1:0.132 failed with error -5 [ 2043.080373][T14505] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.132/input/input122 [ 2043.380476][T27432] gspca_se401: write req failed req 0x57 val 0x00 error -71 [ 2043.407327][T27432] se401: probe of 4-1:0.0 failed with error -71 [ 2043.459698][T27432] usb 4-1: USB disconnect, device number 92 [ 2043.711000][ T27] usb 5-1: USB disconnect, device number 17 [ 2044.368282][T14150] netlink: 'syz.6.17520': attribute type 21 has an invalid length. [ 2044.390277][T14150] netlink: 164 bytes leftover after parsing attributes in process `syz.6.17520'. [ 2045.193039][T14178] netlink: 'syz.5.17533': attribute type 17 has an invalid length. [ 2045.205963][T14154] loop4: detected capacity change from 0 to 32768 [ 2045.265653][T14178] netlink: 'syz.5.17533': attribute type 16 has an invalid length. [ 2045.295707][T14178] netlink: 152 bytes leftover after parsing attributes in process `syz.5.17533'. [ 2045.304003][T27432] usb 4-1: new full-speed USB device number 93 using dummy_hcd [ 2045.325446][ T1082] read_mapping_page failed! [ 2045.345514][ T1082] ERROR: (device loop4): txCommit: [ 2045.345514][ T1082] [ 2045.371833][ T1082] jfs_write_inode: jfs_commit_inode failed! [ 2045.455364][ T29] INFO: task syz-executor:5766 blocked for more than 143 seconds. [ 2045.473167][ T29] Not tainted syzkaller #0 [ 2045.486473][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2045.522099][T27432] usb 4-1: config 0 has an invalid interface number: 132 but max is 0 [ 2045.530841][T27432] usb 4-1: config 0 has no interface number 0 [ 2045.539975][ T29] task:syz-executor state:D stack:21704 pid:5766 ppid:1 flags:0x00004004 [ 2045.551031][T27432] usb 4-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 2045.571398][ T29] Call Trace: [ 2045.576192][T27432] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2045.585314][ T29] [ 2045.588304][ T29] __schedule+0x1553/0x45a0 [ 2045.592890][ T29] ? asan.module_dtor+0x20/0x20 [ 2045.619839][T27432] usb 4-1: Product: syz [ 2045.624647][ T29] ? mark_lock+0x94/0x320 [ 2045.635637][T27432] usb 4-1: Manufacturer: syz [ 2045.639619][ T29] ? lock_chain_count+0x20/0x20 [ 2045.649674][T27432] usb 4-1: SerialNumber: syz [ 2045.657504][ T29] ? _raw_spin_lock_irq+0xbb/0xf0 [ 2045.668896][T27432] usb 4-1: config 0 descriptor?? [ 2045.672042][ T29] ? _raw_spin_lock_irqsave+0x100/0x100 [ 2045.692098][T27432] hub 4-1:0.132: bad descriptor, ignoring hub [ 2045.693735][ T29] schedule+0xbd/0x170 [ 2045.708028][T27432] hub: probe of 4-1:0.132 failed with error -5 [ 2045.714343][ T29] io_schedule+0x80/0xd0 [ 2045.728340][T27432] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.132/input/input123 [ 2045.736025][ T29] folio_wait_bit_common+0x714/0xfa0 [ 2045.743247][ T29] ? folio_wait_bit+0x30/0x30 [ 2045.751751][ T29] ? filemap_get_entry+0x379/0x3f0 [ 2045.762884][ T29] ? _compound_head+0x120/0x120 [ 2045.773250][ T29] ? find_lock_entries+0xc3e/0xfe0 [ 2045.787296][ T29] __filemap_get_folio+0xbc/0xbb0 [ 2045.802625][ T29] truncate_inode_pages_range+0x46b/0xfb0 [ 2045.830453][ T29] ? mapping_evict_folio+0x510/0x510 [ 2045.845516][ T29] ? _raw_spin_lock_irq+0xbb/0xf0 [ 2045.850601][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 2045.877892][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 2045.883237][ T29] evict+0x4dd/0x8d0 [ 2045.887199][ T29] ? proc_nr_inodes+0x230/0x230 [ 2045.899571][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 2045.904845][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 2045.922279][ T29] evict_inodes+0x606/0x6a0 [ 2045.926849][ T29] ? clear_inode+0x150/0x150 [ 2045.931499][ T29] generic_shutdown_super+0x97/0x2b0 [ 2045.951552][ T29] kill_block_super+0x44/0x90 [ 2045.963258][ T29] deactivate_locked_super+0x97/0x100 [ 2045.975430][ T29] cleanup_mnt+0x43b/0x4d0 [ 2045.979903][ T29] task_work_run+0x1d4/0x260 [ 2045.992856][ T29] ? task_work_cancel+0x220/0x220 [ 2045.998047][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 2046.003560][ T29] exit_to_user_mode_loop+0xe6/0x110 [ 2046.009110][ T29] exit_to_user_mode_prepare+0xee/0x180 [ 2046.014713][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 2046.020333][ T29] do_syscall_64+0x61/0xa0 [ 2046.024795][ T29] ? clear_bhb_loop+0x40/0x90 [ 2046.029546][ T29] ? clear_bhb_loop+0x40/0x90 [ 2046.034704][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 2046.040703][ T29] RIP: 0033:0x7f49c0d9d1d7 [ 2046.045152][ T29] RSP: 002b:00007ffdaab353e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 2046.053755][ T29] RAX: 0000000000000000 RBX: 00007f49c0e31c3b RCX: 00007f49c0d9d1d7 [ 2046.061783][ T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdaab354a0 [ 2046.069990][ T29] RBP: 00007ffdaab354a0 R08: 00007ffdaab364a0 R09: 00000000ffffffff [ 2046.085487][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdaab36530 [ 2046.093547][ T29] R13: 00007f49c0e31c3b R14: 00000000001b1b2b R15: 00007ffdaab36570 [ 2046.101735][ T29] [ 2046.104929][ T29] [ 2046.104929][ T29] Showing all locks held in the system: [ 2046.127110][ T29] 3 locks held by kworker/1:1/27: [ 2046.143932][ T29] #0: ffff8881400f3138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 2046.156313][ T29] #1: ffffc90000a2fd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 2046.168350][ T29] #2: ffff888024fcd190 (&dev->mutex){....}-{3:3}, at: hub_event+0x180/0x49f0 [ 2046.177623][ T29] 1 lock held by khungtaskd/29: [ 2046.182698][ T29] #0: ffffffff8d131fe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 2046.194648][ T29] 3 locks held by acpid/5123: [ 2046.199439][ T29] #0: ffff888026667158 (&mousedev->mutex#2){+.+.}-{3:3}, at: mousedev_open_device+0x27/0x150 [ 2046.210025][ T29] #1: ffff88807d4752c0 (&dev->mutex#2){+.+.}-{3:3}, at: input_open_device+0x52/0x2e0 [ 2046.220216][ T29] #2: ffff888143f80508 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_port_resume+0x26b/0x1c40 [ 2046.230815][ T29] 1 lock held by klogd/5127: [ 2046.235541][ T29] #0: ffff8880b8f3c018 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 2046.245629][ T29] 2 locks held by getty/5523: [ 2046.253348][ T29] #0: ffff8880311ba0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 2046.263526][ T29] #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390 [ 2046.273967][ T29] 1 lock held by syz-executor/5766: [ 2046.279352][ T29] #0: ffff8880242780e0 (&type->s_umount_key#53){++++}-{3:3}, at: deactivate_super+0xa4/0xe0 [ 2046.291229][ T29] 3 locks held by syz.0.15924/10585: [ 2046.296601][ T29] #0: ffff88802e415748 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2a3/0x330 [ 2046.306305][ T29] #1: ffff88807b142418 (sb_writers#3){.+.+}-{0:0}, at: do_writev+0x261/0x480 [ 2046.317901][ T29] #2: ffff8880242780e0 (&type->s_umount_key#53){++++}-{3:3}, at: super_lock+0x17f/0x3a0 [ 2046.331406][ T29] 2 locks held by syz.3.17531/14171: [ 2046.336939][ T29] #0: ffff88807b08b110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_open+0x2d6/0x5b0 [ 2046.346583][ T29] #1: ffff88807d4752c0 (&dev->mutex#2){+.+.}-{3:3}, at: input_open_device+0x52/0x2e0 [ 2046.356439][ T29] [ 2046.358922][ T29] ============================================= [ 2046.358922][ T29] [ 2046.367515][ T29] NMI backtrace for cpu 0 [ 2046.371860][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 2046.379066][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 2046.389145][ T29] Call Trace: [ 2046.392457][ T29] [ 2046.395397][ T29] dump_stack_lvl+0x18c/0x250 [ 2046.400105][ T29] ? preempt_count_add+0x91/0x1a0 [ 2046.405160][ T29] ? show_regs_print_info+0x20/0x20 [ 2046.410375][ T29] ? load_image+0x400/0x400 [ 2046.414913][ T29] nmi_cpu_backtrace+0x3a6/0x3e0 [ 2046.419874][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 2046.426061][ T29] ? _printk+0xde/0x130 [ 2046.430237][ T29] ? load_image+0x400/0x400 [ 2046.434752][ T29] ? load_image+0x400/0x400 [ 2046.439268][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 2046.445358][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 2046.451358][ T29] watchdog+0xf3d/0xf80 [ 2046.455537][ T29] ? watchdog+0x1e1/0xf80 [ 2046.459893][ T29] kthread+0x2fa/0x390 [ 2046.463972][ T29] ? hungtask_pm_notify+0x90/0x90 [ 2046.469012][ T29] ? kthread_blkcg+0xd0/0xd0 [ 2046.473609][ T29] ret_from_fork+0x48/0x80 [ 2046.478045][ T29] ? kthread_blkcg+0xd0/0xd0 [ 2046.482661][ T29] ret_from_fork_asm+0x11/0x20 [ 2046.487452][ T29] [ 2046.490937][ T29] Sending NMI from CPU 0 to CPUs 1: [ 2046.496488][ C1] NMI backtrace for cpu 1 [ 2046.496499][ C1] CPU: 1 PID: 27983 Comm: kworker/u4:13 Not tainted syzkaller #0 [ 2046.496514][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 2046.496525][ C1] Workqueue: bat_events batadv_nc_worker [ 2046.496554][ C1] RIP: 0010:do_raw_spin_lock+0xc/0x2c0 [ 2046.496578][ C1] Code: 07 80 c1 03 38 c1 7c 95 48 89 df e8 ae c9 75 00 eb 8b 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 55 48 89 e5 41 57 41 56 <41> 55 41 54 53 48 83 e4 e0 48 81 ec 80 00 00 00 48 89 fb 65 48 8b [ 2046.496592][ C1] RSP: 0018:ffffc9000fd07aa8 EFLAGS: 00000292 [ 2046.496605][ C1] RAX: f97d22dccf261b00 RBX: ffffffff8a4c39d0 RCX: f97d22dccf261b00 [ 2046.496618][ C1] RDX: 0000000000000000 RSI: ffffffff8acada80 RDI: ffff888079888d40 [ 2046.496630][ C1] RBP: ffffc9000fd07ab8 R08: dffffc0000000000 R09: 1ffffffff2237ebb [ 2046.496642][ C1] R10: dffffc0000000000 R11: fffffbfff2237ebc R12: ffff888021a6d1a8 [ 2046.496654][ C1] R13: dffffc0000000000 R14: ffff8880533f7040 R15: ffff8880533f7050 [ 2046.496666][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 2046.496679][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2046.496690][ C1] CR2: 0000001b2d716ff8 CR3: 000000005bd3a000 CR4: 00000000003506e0 [ 2046.496705][ C1] Call Trace: [ 2046.496711][ C1] [ 2046.496718][ C1] batadv_nc_purge_paths+0xe7/0x3a0 [ 2046.496750][ C1] batadv_nc_worker+0x369/0x610 [ 2046.496776][ C1] ? process_scheduled_works+0x96f/0x15d0 [ 2046.496798][ C1] process_scheduled_works+0xa5d/0x15d0 [ 2046.496833][ C1] ? assign_work+0x430/0x430 [ 2046.496855][ C1] ? assign_work+0x3d0/0x430 [ 2046.496878][ C1] worker_thread+0xa55/0xfc0 [ 2046.496911][ C1] kthread+0x2fa/0x390 [ 2046.496926][ C1] ? pr_cont_work+0x560/0x560 [ 2046.496945][ C1] ? kthread_blkcg+0xd0/0xd0 [ 2046.496961][ C1] ret_from_fork+0x48/0x80 [ 2046.496980][ C1] ? kthread_blkcg+0xd0/0xd0 [ 2046.496996][ C1] ret_from_fork_asm+0x11/0x20 [ 2046.497025][ C1] [ 2046.528410][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 2046.528447][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 2046.528513][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 2046.528540][ T29] Call Trace: [ 2046.528559][ T29] [ 2046.528587][ T29] dump_stack_lvl+0x18c/0x250 [ 2046.735077][ T29] ? show_regs_print_info+0x20/0x20 [ 2046.740300][ T29] ? load_image+0x400/0x400 [ 2046.744836][ T29] panic+0x2dc/0x730 [ 2046.748749][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 2046.754396][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 2046.758919][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 2046.764484][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 2046.770658][ T29] watchdog+0xf7c/0xf80 [ 2046.774828][ T29] ? watchdog+0x1e1/0xf80 [ 2046.779249][ T29] kthread+0x2fa/0x390 [ 2046.783368][ T29] ? hungtask_pm_notify+0x90/0x90 [ 2046.788429][ T29] ? kthread_blkcg+0xd0/0xd0 [ 2046.793040][ T29] ret_from_fork+0x48/0x80 [ 2046.797493][ T29] ? kthread_blkcg+0xd0/0xd0 [ 2046.802101][ T29] ret_from_fork_asm+0x11/0x20 [ 2046.806924][ T29] [ 2046.810525][ T29] Kernel Offset: disabled [ 2046.814855][ T29] Rebooting in 86400 seconds..