last executing test programs: 11m26.38617009s ago: executing program 4 (id=6102): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]}) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) 11m26.245743331s ago: executing program 4 (id=6104): r0 = creat(&(0x7f0000000100)='./file0\x00', 0x24) mount$fuseblk(&(0x7f0000000080), &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x10, &(0x7f00000001c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) 11m25.956467965s ago: executing program 4 (id=6106): r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301) ioctl$USBDEVFS_CLAIMINTERFACE(r0, 0x8004550f, 0x0) 11m25.753715667s ago: executing program 4 (id=6110): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x2000004, &(0x7f0000000500)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 11m25.231641654s ago: executing program 4 (id=6116): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x88f}, [@call={0x85, 0x0, 0x0, 0x7d}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0xe, 0x0, &(0x7f0000000c00)="e3006b670002ec67838717bd86dd", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 11m23.806572341s ago: executing program 4 (id=6127): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001100)=@updpolicy={0xd0, 0x13, 0xcb23c9c9931e99e9, 0x1, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e22, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x8, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x1}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x1, 0x1}}, @mark={0xc, 0x15, {0x7fff, 0x4}}]}, 0xd0}}, 0x4000) 11m23.467752175s ago: executing program 32 (id=6127): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001100)=@updpolicy={0xd0, 0x13, 0xcb23c9c9931e99e9, 0x1, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e22, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x8, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x1}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x1, 0x1}}, @mark={0xc, 0x15, {0x7fff, 0x4}}]}, 0xd0}}, 0x4000) 3.928110483s ago: executing program 2 (id=15001): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x200840, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x5, 0x4445, &(0x7f000000cd00)="$eJzs3c9PXFsdAPDvveB7gO9V+t5bPBMTJ/ElGjUEulJpYktpKbRYU21j3EwHmLbowDQwGBdd4K6JKxMXjYtGE3esGhZu65/gxmVdN9GFGxOTRszMXOjcy4xMGwZs3+ez4DDnN3zvPZy7uJw007i/ulla3SxV1kv15bub50q/qNe21qqRDt5wROTHj+2THJ/XMIjr5BSvvc+9G5eu/Oj2uYg/r/z1xd7e3l40DUdXUx3f/+ufD5c7031poU2z3+69HZefRsQnh+bVNBQRP/lTRBIRF7O8mSwdjYgz0S67/fDXd0rHNJunz6vnyy8XH+1Of7aw82S398+eRPyu9uVv31v7+9eGpv/2zWMaHgAAAAAAAAAAAAAAAACAt9zczRu3fjg5Fc+SGN5JDr+vO5elvd6P3Ts2Xx38DwsAAAAAAAAAAAAAAAAAAAD/p169/19KPury/v9sll7o0X7v+4OfI4Mz/4Mbs5cnp7Lz35ND5d/Jsv5xcSjOdjn3vXj++8VC++7nvx8e503tz29/3PFI0pGO8vFI04mJiD9kB79/moyltfpm41t361vrK8c2jbdWPv7t0/tz0ckO9O83/jOF/gd//v/Hh66m5uc7x3eJvdPy8R/qWe+Pv0r6iv+lfLPHA5p2h48HP8Q7LB//4VbeaGeF99tJM/6/GT46/rOF/gd1/5+JiFLSnGsptwI09zDN/F77FfLy8f9CKy+3dGa/yF73/78L8b9c6P+01v/t4h8iusrH/71W3kiuRnsD0Ip/evT9f6XQ/2nEvzn/bX//+5KPf7bYD+eqtH6T/a7/c4X+u8S/9ybjNdxKs3meSXJXwE7Szu/1/+rIy8d/5FD5q+e/tK/939VC+5N6/tsft/n8N9HxHPKNpP38R3f5+I/2rNfv/T9faDfo9f9Ca//Hm8rHf6yVl987j7e+9hv/hUL/g4p/a1cysh//V+vJf95v5//e/q8v+fh/sZ2ZdtbYbn1t7f+So/f/1wr9n8b+rzn/7XSwo74r8vH/oGe9Zvz/ksV97H/c/9cL7QYf/4hJe/03lo//hz3rte7/kaPX/8VCu0HH/+uD7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLTCTpeORpBO5z2k6MRFxKfv8aYwlS5WV8lKtvvzzzYjZLL8UHyX3avWlSq28ul5fqZYrtVp9OeJyVv5JjCSbtXqjvFZ5cOWgr9HkfrWy0ViqVhoRMZflfyU+3O9rabWxVnkQEVcPyr6U1jce3K+sl1dWN743OTk5GfMHczibVH/ZqK432qO3SyMWDtqOJx2TaxVfO5jLB8nP6lsb65VaK/96R5tafblS62izmJX9Ns4mjY2t9eVKo1qu1e/tj3eaLmTp7PzNH9+8PnWo/E7STmdOdloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvKZn0999HBHD7U9pRJSS5jfv9aj/9Hn1fPnl4qPd6c8Wdp7svoiI5CTnCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLt2jRBAEYQCtbgUNPYbRMJOZjiiigSOCJ9BjeBg9ipfwDgYGpgbLwm4PLPMDy8Amy3tJQX9UV0MXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBs7p67l6e6iUhxvjqL+Hr7/tnNH0r9uJ7uP1kw83RBD4dx/9jd3NZN+fc0yq/K0W+bN+n/3/trTNTe52BPhvu0NZ4zNLdvc+/r515EylVEtCW/TDlX1X53AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8raPo2wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0yJHBw=") mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x118) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./bus\x00') 3.671247136s ago: executing program 1 (id=15005): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$getflags(r0, 0x401) 3.33318061s ago: executing program 1 (id=15008): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00222200000096231306e53f450c0000002a94018b870f2c8683040000000b09007a150b1fffffc5cc1dfd429e18c651f4e7ffbdc8e6ba25e9d1dac2860b03478fc7f398d89461eabf8342820b8dcd5020dd2d415a1d77c8c17e16283199e2652000f6e7d00e388908de7b10b927fa6ef92f46f6047dfee48d20d99e9fbeb8daa59b3a9d67303328941c0c6aa380b243238589ae8ba3639177438f1af768169ae6873ff0b6e822d075c7"], 0x0}, 0x0) 2.380510841s ago: executing program 2 (id=15015): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x2808082, &(0x7f0000000280)={[{@uid}, {@part={'part', 0x3d, 0x19}}, {@nls={'nls', 0x3d, 'macgaelic'}}, {@nodecompose}, {}, {@uid}, {@type={'type', 0x3d, "eea74fa7"}}]}, 0x1, 0x6e8, &(0x7f0000001f80)="$eJzs3U1sHGcZAOB31uu1N5XcbZq0BSHFakQEDSS2l5IgIREQQj5UKBKXXk3iNFbWbmRvkRMhsgUKRzihHHooQubQE+oBqYgDopyRkLii3CNxjziwaGZn1rtr79qb+CcJzyPNzjcz3887r2dmZ2cTbQD/txbfjslWJLF4/q3NdPnBVr3xYKu+WpQjYioiShHlziyStYjks4gr0Znic+nKvLtk2DhvPvz0w3P3P653lsr5lNUvjWq3rT1ihFY+xWxETOTzMZWH9Xdtl/7ujdV10o07TdjZInFw3No7tMZpvo/zFnja3YuYmNxlfS3iRERM5/cBkV8dSkcc3oEb6yoHAAAAT6eJvSq8+CgexWbMHE04AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HxIOr8ZmORTqSjPRlL8/n8lX5eqVI453tG+ssf2D24cUSAAAAAAAAAAcCg+yb+4P/MoHsVmzBTr20n2nf/r2cKp7PWFeC82YjnW40JsxlI0oxnrMR8xOdPTYWVzqdlcn9/Z8jeRtmy32/fylgsRUdvRcuEIdhoAAAAAAAAAnl8/jcWYOe4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgVxIx0Zll06miXItSOSKmI6KS1mtF/LkoP8v+ctwBAAAAwOGr5vOZ5L+dQjvJPvO/kn3un473Yi2asRLNaMRyXM+eBXQ+9Zf+0ao3HmzVV9NpZ8ff/vdYcWQ9RsREvD9k5Lmsxului8X4XvwgzsdsXI31WIkfxVI0Yzlmo5ruRCxFErVq5+lFrYhz93iv9C1dHYztzMDya1kk1bgRK1lsF+JaJTqPTbJ9SMd8rWe0P1YiBkZ8P81O8q3cPnN0vefv9ev8uUyu/eI++xiu/ARta9meT3YzMpfmPs/GS6NzP+ZxMjjSfJS6z6BObY+SLg6OVOT8h+Pk/EQ+T3P9i/6cH7QxH6UNZmIhSvnRF/FKf85vf/H+yf7GX/7nX6/eLK3dunlj4/wh7tKhmiwKg5mo92Ti1dFHX56JRpqJ1v4zMTm4YvoJ9uMAVfJsZJeifV4tv5uVluL1nkPw3bgey3Ep5mI+LsdcfCMWot53hJ3uy2u5vtqfk+xcK+28vlVHBH/2Sz2VfrlH5aOV5uWlnrz2Xulq2bZ8zZVfxVxPlk6OPvrGfhdIx/98Xk7H+Fn3Hedp0JeJ/NpcRPfy6Ez8tp2+bjTWbq3fXLo9pP/Bd6hz+Tw9bT/ovzb/7qD26fGkx8vJbsRZTqrF8ZJue7kbbX++Kvk3Lp12pR3bTne31WImVuL7Q8/USn4Pt7OnzrZXe7f9a/vKWcnvb4ptfXc58W40sruQAbNHk1UA9u3EGycq1YfVv1c/qv68erP61vR3pi5PfaESk38r/2niD6Xfl76ZvBEfxU9i5rgjBQAAAAAAAAAAAAAAAAAAAAAAAAAAAACA58HGnbu3lhqN5fVuIaYH1zxpoTJ0rNGFKO1ZZ+uF/XUYtYjRYyV5oXKw+/4sFqpxSD1/EhEj6lSeeIhk7GNs7EJ6IB9Ih8UPp2Vr2hNjNC8XrXavU46N6WF/wantsyBqt5Ya/2n31alGzykDPOcuNldvX9y4c/erK6tL7yy/s7y2cPnS5Uv1r89/7eKNlcbyXOf1uKMEDsPGnbsTxx0DAAAAAAAAAAAAMJ78X/83H/s/M5T3qFNZ39h95DNHvasAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAM2rx7ZhsRRLzcxfm0uUHW/VGOhXl7ZrliChFRPLjiOSziCvRmaLW010ybJw3H3764bn7H9e3+yoX9Uuj2u1PK59iNiIm8vnepnbpZmd/13r6az1WeEl3D9OEnS0SB8ftfwEAAP//p+75lw==") mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\x8f\x98\xb9\x89Q\xa4Pxy0\x01\x8cC\x1f|\xad\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f00000000c0)='./file1\x00', 0x0, 0x1a29143, 0x0) mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\x8f\x98\xb9\x89Q\xa4Pxy0\x01\x8cC\x1f|\xad\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f00000000c0)='./file1\x00', 0x0, 0x1a29143, 0x0) 2.258899803s ago: executing program 5 (id=15016): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)=0x4) ioctl$PPPIOCSNPMODE(r0, 0x4008744b, &(0x7f0000000000)={0x2b, 0x1}) 1.934720097s ago: executing program 2 (id=15018): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=@base={0xf, 0x4, 0x8, 0x1}, 0x50) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x11, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x1010, &(0x7f0000002500)=""/4112}, 0x94) 1.917637057s ago: executing program 0 (id=15019): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x28, r1, 0x1, 0x70bd2c, 0xffffffff, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @l2={'eth', 0x3a, 'hsr0\x00'}}]}]}, 0x28}}, 0x80) 1.852029178s ago: executing program 5 (id=15021): syz_mount_image$bfs(&(0x7f00000001c0), &(0x7f0000000400)='./file0\x00', 0x4, &(0x7f0000000600)=ANY=[], 0x8, 0xad, &(0x7f0000000040)="$eJzs0btpA0EUBdC7H/xJ7ALcg3tw6twVbOjQkY3BjlSGOlArKmE7ULCpkhHLrkChEAhJcA7MzA3mwYW33q5e8pSUv6SUUu6SPGbKX98/nx/v490kyTJt7jPZv9y4ej4P486fp7x5y+L/4E8//HZ9la4fyuyChQEAgJPVeZ1TdfxQm6Q5VyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA67ILAAD//1vZIlc=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x48) getdents(r0, 0xfffffffffffffffd, 0x58) 1.534729832s ago: executing program 2 (id=15022): r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10, 0x0}, 0x20008000) recvmsg$kcm(r0, &(0x7f0000001e00)={0x0, 0x0, 0x0}, 0x100) 1.475389402s ago: executing program 3 (id=15023): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), r0) sendmsg$NFC_CMD_ACTIVATE_TARGET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd7000ffdbdf251c000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x41}, 0x800) 1.372202154s ago: executing program 5 (id=15024): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000ac0)={0x40, r1, 0x1, 0x0, 0x1, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x6}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0xc082}, 0x24004080) 1.346472374s ago: executing program 0 (id=15025): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, r1, 0xb35, 0x70bd22, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0xa0) 1.151508657s ago: executing program 0 (id=15026): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x3) ioctl$TCFLSH(r0, 0x540b, 0x2) 1.129155107s ago: executing program 3 (id=15027): r0 = socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(r0, &(0x7f0000000100)={&(0x7f00000004c0)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2a}, @multicast1}}}], 0x20}, 0x4008804) sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, 0x0}, 0x0) 1.126617736s ago: executing program 5 (id=15028): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7) ioctl$TCGETS(r0, 0x8926, &(0x7f0000001580)) 1.015342028s ago: executing program 3 (id=15029): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@can_newroute={0x24, 0x18, 0x1, 0x0, 0x200, {0x1d, 0x1, 0x8}, [@CGW_DST_IF={0x8, 0xa, r1}, @CGW_SRC_IF={0x8}]}, 0x24}}, 0x0) 940.412329ms ago: executing program 1 (id=15030): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000fbdbdfd705000000140001"], 0x28}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140) 828.196171ms ago: executing program 0 (id=15031): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd27, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x5e}, {0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}, 0x0, 0x6e6bc0}}, 0xb8}}, 0x2c000010) sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x800, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x800, 0x1000, 0x0, 0xa, 0x80}, {}, {0x1, 0x6, 0x0, 0xfffffffffffffffe}, 0x0, 0x6e6bbc}}, 0xb8}, 0x1, 0x0, 0x0, 0x404c830}, 0x0) 776.392681ms ago: executing program 3 (id=15032): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) clock_adjtime(0xffffffd3, &(0x7f00000004c0)={0x767, 0x4, 0x26, 0x100000000000009, 0x8, 0x1, 0x8000000064a, 0x0, 0x9657, 0xcd15, 0xd2e, 0xd3b0, 0x0, 0xb, 0x5, 0xcc4, 0x2efa, 0x1, 0x2, 0x4, 0x1, 0x6, 0x11, 0xfffffffffffffffa, 0x1, 0x2000008000000}) 762.136731ms ago: executing program 5 (id=15033): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.parent_freezing\x00', 0x275a, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) sendfile(0xffffffffffffffff, r0, 0x0, 0xfffffffffffffffb) 637.130962ms ago: executing program 1 (id=15034): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$XFS_IOC_FSGROWFSRT(r0, 0x40105870, 0xffffffffffffffff) 581.024243ms ago: executing program 3 (id=15035): syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000140)={[{@test_dummy_encryption_v1}, {@acl}, {@oldalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}]}, 0x1, 0x5b9, &(0x7f0000000680)="$eJzs3W2IHHcdB/Df7N6mebiaNLZqa2xOQ20gdPdyuYREfGGJD7UmtaL4IhTCkdvuhezdnrkN9LaCLb4pCiL4RgShYl9YEQ3kTaXU9kWLbxSU+kClxoAKIhStFERQV2YfrmszaYr3MHjz+cDc/ec/c/v/7y3fndmd/8wEUFgT6Y8kYjwiLkXEzv7sf68w0f/VOXRxLp2S6HY//Zekt97soYtzw1WHf7cj/TEWsTUidh9PYl/l6naXljvnZprN+vnBfK09v1hbWu7cdXZ+plFv1BcOH50+NnVk+uj02j3XyZ9uv+WPd9x35Ynn//7Pb/76yPfT/o4Plo0+j7UyEROD/0klbhqpH0si7l3rxnJS7r/UccdIXTKWY4d4y7rd3d9LX7+3R8S+Xv53Rjn6L95LTz/wt53xy3vy7iOwfrpD2Ytf7QKbVqm3D5yUqhHRL5dK1Wp/H/7m2F5qtpbaBx5sXViY7e8r74pK6cGzzfrk4LPCrqgk6fzBXvn1+ak3zB+K6O0DP1be1puvnmk1Zzf6zQ7oGY+4fOlzZ7bseEP+/1Tu5x/YvNL8/+KFp55Ny6+V8+4NsJHS/H/3tflPhPxD4cg/FJf8Q3HJPxSX/ENxyT8Ul/xDcck/FJf8Q3HJPxTXMP/3nzwZ95882e0Mzn9faDXOnptbPDY1WZ2/cKZ6pnV+sdpotRq9M3bmr/+4zVZr8eBUXHio1q4vtWtLy53T860LC+3TvfP6T9czLgUA5ODUla333rT3uZeSiHjkA9t6U2rLYLmswubW7SaR9znIQD589Ificqk2KC6f8YHkOsu3XmtBc+37AmyMUt4dAHJz562O/0FR+f4fisv3/1Bc9vEB3/9D8fj+H4pr/Br3/7px5N5dkxHxtoj4Sblyw/BeX8D/r/GIy5e//dnayn24FRQUFFYKeb9DAevt9dDn3RMgL7OHLs4Np41q85nGRrUEZHnl7v4goDT3ncHUXzK2cmygsk7jhF5+LGIifvjbx/fPldMpBu9D69AUkOGRRyPiXVnb/6R3bGDXYL3d/dXi5oi4JSLeERHvXGXbX/9Umv8X6qN18g8b563m/9aIuD0ibouId0fEnoh4zyrb/vmlNP+/2jZaJ/9QDJ9/Pu8eAHn5+FN59wDIyyljDKCwvvNw3j0A8vL0D/LuAZCXr7yYdw+g2J67OyIms47/lXrH+4cqg+sC3jC4FsC2iNgeETsG5xDeODhHcOfIMcPrOf3JiIm4/UejdY7/wcYZjv/rXDX+r7Qy/q8cEXtX0cYzHxz/clb9zJ40/088PBz/l05p+8OxgMD6euXRiNsy85+sjPlNIs1pxHv/xzYmvnDlyaz6F+9LH7fyM/mHfHS/FfH+yM7/UFqqtecXa0vLnbt69/Fu1BcOH50+NnVk+uh0rXeJkNrwQiEZTvz11QNZ9S9Ppfn/xmH5h3yk2//t18j/6P7/+1bRxvGvfelUVv3479P873n2zfNf+vOW5DO9+eF9CR6aabfPH4zYkpy4un5qFR2FTW6YkWGG0vzv35f9+X/34G/S7f/xiPhwur8QEf+KiH9HxEci4qMR8bGIuOdN2vzqnY0rWfW/ezLN/+PnbP8hH2n+Z6+z/U9//2MVbRzY/+MvZtV/aG+a/+pv/nDigbF0kn8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAtbe03Dk302zWz69jIe/nCAAAAAAAAEXxnwAAAP//xOQ08g==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0x1, 0x8, 0x4, 0xffffffffffffffff, 0x10403, 0x2}) 554.176294ms ago: executing program 0 (id=15036): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0x16, 0x0) mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x84022, &(0x7f0000000000)=ANY=[@ANYBLOB="73697a653df3"]) 550.782074ms ago: executing program 5 (id=15037): syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x4000, &(0x7f0000000e40)=ANY=[@ANYBLOB='mode=00000000000000000000177,mode=00000000000000000000005,shortad,utf8,shortad,shortad,session=00000000000016777223,umask=00000000000000000000250,uid=ignore,shortad,dmode=00000000000000000170430,gid=ignore,adinicb,gid=forget,mode=00000000000000000002000,lastblock=00000000000000001024,shortad,euid>', @ANYBLOB=',fsmagic=0x0000000000000002,smackfsf^oor=smackfstrans-ute,fowner>', @ANYBLOB="d4199c3f003c5c8d6d222e24bfdda0389fe9ebc4333e5d9521a6cc631f653d174fb504401934b83a72449268d54cd62dbbb66d7ba1b35073e60bf699ea6cb1b5923e3a3d5e51423a7c1a13920aea8e6d3c7d53f4aa34acbe0b78df03569d0b620d54f96b33fd4895161524abc937b9d619a3add1c3b57ad5124502de88fe8f0e436f04aded9c4f7b60876d2ac9caa8502b7faa4fe85e7819540dabf8e44ccdd382e5292164879e30f5b039e5f2314adff12c154c627fabadc824eb6d2fc48d1bc75a9dd2589e2c3324cd33f0a8508f6d4a899b6e8b45fec164", @ANYRES64=0x0, @ANYBLOB="2c736d61636b6673747261736d7574653d001c0b235ffdce27803854a81c498e5bc58fdfc2e25738bee597df2c00"/55], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00') read$FUSE(r0, &(0x7f0000002b40)={0x2020}, 0x2020) 479.688664ms ago: executing program 2 (id=15038): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@bridge_dellink={0x20, 0x13, 0x5, 0x2000, 0x25dfdbfd, {0x7, 0x0, 0x0, r1, 0x5000, 0x1952}}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x0) 275.833067ms ago: executing program 1 (id=15039): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000ac0)={0x40, r1, 0x1, 0x0, 0x1, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x6}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0xc082}, 0x24004080) 220.526158ms ago: executing program 2 (id=15040): syz_mount_image$hfs(&(0x7f0000000300), &(0x7f0000000000)='.\x02\x00', 0x804810, &(0x7f0000000680)=ANY=[], 0x3, 0x2ef, &(0x7f0000000880)="$eJzs3b1PFE8cx/HP7N3B8YPwWx4MiaVKQmUUG2ODMfwZakTuTAgXTAATsZFYGmPofOgs7KyNjaU90dpoZWUP3ZqZ3T32wj7ccXAL+n4ld1luZ2a/s7u3+51LlhGAf9atxR/vr/2yLyNVVJF0Q/Ik1aWqpHOaqT9a21zZbDUbeQ1VXA37MgprmkNllteaaVVtPVcj4tu/qhpLfoaTEQRB8PNbJb/M/wMLByVx3/4UnjTsLgeR+gBjOknbZQdQMrOvfT3WeNlxAADKZe//tTDxt3nAWJS/e540G932XX5wdu7/+Vnr/uACOZUS9383ygqMPb5ul5mD8Z4bwtn1XjxKzGkxc82QwkSyI8E0RaNKF4s38mCl1by8/LDV8PRMC5FEsWn33lAySVVBtBdygk1R3PcsrsdezfZhPiP+qaNs8VXvobTtBWbX3DW+3qrRzv+qgdsj7kj5Lm6/XSGM/0p2i6P2zRhXKqOXE24j56Mt6NOHLnpZTx+RtOOciE/dp+GHfhznzlBOrUl1/qwQ9u5qdu9cranUWvNp5RN7cjpZK7pyRmdz9vZ69nwnGWkh89LYgr/1UYuJ/N+ze3vWFYh3e06QxpWMzozc/lRdSb+LwLyMTfEr0NHUcte+0H1d1/jG1pPVpVarud7twufvPRQ+roU378KFSj/txD0/tKqqfiMMhsOmT2on9B9hNwvxCTPAgxsfk4GfUSUvqO92KhrWanzNPLbAosOxvbrUCpfSE6WRfq5LOEUSl8eZ22UHgzLYa4gJx38ukw+zuptunf36+y5PryktTw+KGnctvr6zGw4fEmODg2R10r3/19MIbjR7BJfoQ+6Y6+KcdClni186m/WjOP8SZlFfdY/f/wEAAAAAAAAAAAAAAAAAAM6awgcD9oL1ja3o8ZYjPhlSchcBAAAAAAAAAAAAAAAAAAAAADjzsub/rcZzZBbM/xs/GZAx/+9cx3/1Lp7/d8E2lDH/b/4ktQB69icAAP//PDxxKA==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='devices.list\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b) 171.052048ms ago: executing program 0 (id=15041): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0xa, [@struct={0x8, 0x1, 0x0, 0xf, 0x0, 0x10005, [{0x2, 0x5, 0xa}]}]}, {0x0, [0x30, 0x0, 0x0, 0xcf, 0x0, 0x0, 0x0, 0x2e]}}, &(0x7f00000001c0)=""/257, 0x3a, 0x101, 0x6}, 0x28) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x4d}, 0x28) 143.083529ms ago: executing program 3 (id=15042): r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x1}) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000000c0)={0x3, 0x10980901, 0x1}) 0s ago: executing program 1 (id=15043): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x34, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_RX={0x8}, @ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x34}}, 0x0) kernel console output (not intermixed with test programs): [ 1110.299784][ T6244] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1111.046426][ T6331] netlink: 'syz.5.13584': attribute type 6 has an invalid length. [ 1111.528192][ T6352] netlink: 48 bytes leftover after parsing attributes in process `syz.1.13591'. [ 1111.627944][ T6360] loop0: detected capacity change from 0 to 8 [ 1111.686729][ T6360] SQUASHFS error: Failed to read block 0x6fc: -5 [ 1111.705636][ T6360] SQUASHFS error: Unable to read metadata cache entry [6fa] [ 1112.028757][ T6322] loop3: detected capacity change from 0 to 32768 [ 1112.120972][ T6386] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1112.178708][ T6322] XFS (loop3): Mounting V5 Filesystem [ 1112.342283][ T6322] XFS (loop3): changing quota state required on read-only device. [ 1112.361792][ T6322] XFS (loop3): write access unavailable, cannot proceed. [ 1112.386234][ T6322] XFS (loop3): please mount without quota. [ 1112.409803][ T6404] loop0: detected capacity change from 0 to 256 [ 1112.491329][ T6411] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13605'. [ 1112.764281][ T6421] loop1: detected capacity change from 0 to 256 [ 1112.970253][ T6421] syz.1.13608: attempt to access beyond end of device [ 1112.970253][ T6421] loop1: rw=0, sector=272, nr_sectors = 4 limit=256 [ 1113.048162][ T6421] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 198) [ 1113.113674][ T6421] FAT-fs (loop1): Filesystem has been set read-only [ 1113.131467][ T6421] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 198) [ 1113.674450][ T6466] loop5: detected capacity change from 0 to 256 [ 1113.802294][ T6473] loop1: detected capacity change from 0 to 128 [ 1113.838969][ T6467] loop2: detected capacity change from 0 to 4096 [ 1113.872668][ T6467] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 1114.132824][ T6467] ntfs3: loop2: failed to convert "c46c" to euc-jp [ 1114.747511][ T6501] loop1: detected capacity change from 0 to 4096 [ 1114.749187][ T26] audit: type=1326 audit(1114.702:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6516 comm="syz.0.13635" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dbd9cdd9 code=0x7ffc0000 [ 1114.919606][ T26] audit: type=1326 audit(1114.742:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6516 comm="syz.0.13635" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dbd9cdd9 code=0x7ffc0000 [ 1114.943946][ C1] vkms_vblank_simulate: vblank timer overrun [ 1115.096218][ T26] audit: type=1326 audit(1114.742:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6516 comm="syz.0.13635" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dbd9cdd9 code=0x7ffc0000 [ 1115.102272][ T6532] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (6) [ 1115.155453][ T6534] netlink: 'syz.5.13640': attribute type 3 has an invalid length. [ 1115.197137][ T6534] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.13640'. [ 1115.227561][ T26] audit: type=1326 audit(1114.742:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6516 comm="syz.0.13635" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dbd9cdd9 code=0x7ffc0000 [ 1115.383891][ T26] audit: type=1326 audit(1114.742:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6516 comm="syz.0.13635" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f95dbd9cdd9 code=0x7ffc0000 [ 1115.409071][ C1] vkms_vblank_simulate: vblank timer overrun [ 1115.526355][ T26] audit: type=1326 audit(1114.752:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6516 comm="syz.0.13635" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dbd9cdd9 code=0x7ffc0000 [ 1115.676655][ T26] audit: type=1326 audit(1114.752:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6516 comm="syz.0.13635" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dbd9cdd9 code=0x7ffc0000 [ 1115.832186][ T26] audit: type=1326 audit(1114.752:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6516 comm="syz.0.13635" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f95dbd9cdd9 code=0x7ffc0000 [ 1115.973322][ T26] audit: type=1326 audit(1114.752:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6516 comm="syz.0.13635" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f95dbd9cdd9 code=0x7ffc0000 [ 1116.009809][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.017209][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.237548][T30374] usb 3-1: new full-speed USB device number 45 using dummy_hcd [ 1116.330132][ T6595] loop1: detected capacity change from 0 to 256 [ 1116.391187][ T6595] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 1116.472673][T30374] usb 3-1: not running at top speed; connect to a high speed hub [ 1116.498533][T30374] usb 3-1: config 95 has an invalid interface number: 1 but max is 0 [ 1116.530906][ T6592] loop5: detected capacity change from 0 to 4096 [ 1116.550393][T30374] usb 3-1: config 95 has no interface number 0 [ 1116.575508][T30374] usb 3-1: config 95 interface 1 has no altsetting 0 [ 1116.606184][T30374] usb 3-1: New USB device found, idVendor=0763, idProduct=2031, bcdDevice=ad.3f [ 1116.677535][T30374] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1116.707655][T30374] usb 3-1: Product: syz [ 1116.730040][T30374] usb 3-1: Manufacturer: syz [ 1116.754809][T30374] usb 3-1: SerialNumber: syz [ 1116.813720][ T6592] ntfs3: loop5: ntfs_set_state r=3 failed, -22. [ 1117.058521][T14617] ntfs3: loop5: ntfs3_write_inode r=3 failed, -22. [ 1117.074443][T17992] ntfs3: loop5: ntfs_set_state r=3 failed, -22. [ 1117.081822][T17992] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1117.113706][T17992] ntfs3: loop5: ntfs_set_state r=3 failed, -22. [ 1117.135763][T30374] usb 3-1: USB disconnect, device number 45 [ 1117.147252][T14617] ntfs3: loop5: ntfs3_write_inode r=3 failed, -22. [ 1117.180917][T17992] ntfs3: loop5: ntfs_evict_inode r=3 failed, -22. [ 1117.195603][ T6629] loop3: detected capacity change from 0 to 1024 [ 1117.250104][ T6629] EXT4-fs: Ignoring removed orlov option [ 1117.256492][ T6629] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1117.340576][ T6629] /dev/loop3: Can't open blockdev [ 1117.539080][ T4371] udevd[4371]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:95.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1117.553480][ T6657] netlink: 32 bytes leftover after parsing attributes in process `syz.3.13671'. [ 1117.664715][ T6657] netlink: 9 bytes leftover after parsing attributes in process `syz.3.13671'. [ 1117.700028][ T6657] netlink: 9 bytes leftover after parsing attributes in process `syz.3.13671'. [ 1117.754089][ T6657] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 1117.982568][ T6674] sctp: [Deprecated]: syz.2.13677 (pid 6674) Use of int in max_burst socket option. [ 1117.982568][ T6674] Use struct sctp_assoc_value instead [ 1118.644350][ T6651] loop5: detected capacity change from 0 to 40427 [ 1118.716995][ T6651] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1118.725260][ T6651] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1118.769500][ T6651] F2FS-fs (loop5): invalid crc value [ 1118.827213][ T6651] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 9809626597) [ 1118.936866][ T6723] usb usb9: usbfs: process 6723 (syz.0.13692) did not claim interface 1 before use [ 1119.079776][ T6651] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1119.107980][ T6651] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1119.220691][ T6651] fscrypt (loop5, inode 3): Error -61 getting encryption context [ 1119.374228][ T6743] comedi comedi4: bad chanlist[0]=0x00006c7f chan=27775 range length=2 [ 1119.394650][ T6745] loop0: detected capacity change from 0 to 512 [ 1119.463644][ T6745] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 1119.480478][ T6745] EXT4-fs (loop0): orphan cleanup on readonly fs [ 1119.517317][ T6745] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated! [ 1119.547921][ T6745] EXT4-fs error (device loop0): ext4_acquire_dquot:6841: comm syz.0.13698: Failed to acquire dquot type 1 [ 1119.569579][ T6745] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.13698: bg 0: block 40: padding at end of block bitmap is not set [ 1119.586544][ T6745] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6180: Corrupt filesystem [ 1119.606291][ T6745] EXT4-fs (loop0): 1 truncate cleaned up [ 1119.627853][ T6745] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1119.700551][ T6745] EXT4-fs error (device loop0): ext4_get_link:104: inode #16: comm syz.0.13698: bad symlink. [ 1119.878663][ T4278] EXT4-fs (loop0): unmounting filesystem. [ 1120.250288][ T6780] loop3: detected capacity change from 0 to 2048 [ 1120.634111][ T6805] loop3: detected capacity change from 0 to 512 [ 1120.643409][ T4371] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1120.704677][ T4371] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1120.748564][ T4371] Buffer I/O error on dev loop3, logical block 0, async page read [ 1120.834046][ T6813] loop1: detected capacity change from 0 to 1764 [ 1120.866346][ T6813] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1121.114793][ T6831] loop5: detected capacity change from 0 to 512 [ 1122.387202][ T6833] loop3: detected capacity change from 0 to 32768 [ 1122.653217][ T6906] loop2: detected capacity change from 0 to 512 [ 1122.695912][ T6912] ipt_rpfilter: unknown options [ 1122.720962][ T6906] EXT4-fs: Ignoring removed oldalloc option [ 1122.769022][ T6906] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1122.817800][ T6906] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 1122.837138][ T6906] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0002] [ 1122.895006][ T6906] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1122.930712][ T6917] loop1: detected capacity change from 0 to 1024 [ 1122.957768][ T6906] __quota_error: 1 callbacks suppressed [ 1122.957788][ T6906] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 1122.961964][ T6921] loop0: detected capacity change from 0 to 2048 [ 1122.963726][ T6906] EXT4-fs warning (device loop2): ext4_enable_quotas:7093: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1123.000424][ T6921] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1123.011820][ T6917] EXT4-fs: Ignoring removed bh option [ 1123.021291][ T6925] loop5: detected capacity change from 0 to 64 [ 1123.075781][ T6929] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1123.117250][ T6917] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1123.161416][ T6935] netlink: 'syz.3.13752': attribute type 10 has an invalid length. [ 1123.217864][ T6917] EXT4-fs warning (device loop1): ext4_empty_dir:3147: inode #11: comm syz.1.13749: directory missing '.' [ 1123.227529][ T6906] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 1123.295721][ T6906] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.13745: bg 0: block 40: padding at end of block bitmap is not set [ 1123.397532][ T6906] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6180: Corrupt filesystem [ 1123.454531][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1123.461577][ T6906] EXT4-fs (loop2): 1 truncate cleaned up [ 1123.476019][ T6906] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1123.494432][ T6942] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13753'. [ 1123.608917][ T6906] EXT4-fs error (device loop2): ext4_encrypted_get_link:46: inode #16: comm syz.2.13745: bad symlink. [ 1123.804322][ T4277] EXT4-fs (loop2): unmounting filesystem. [ 1123.828561][ T6959] loop5: detected capacity change from 0 to 64 [ 1124.160352][ T6970] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 1124.449048][ T6987] EXT4-fs: inline encryption not supported [ 1124.455754][ T6987] /dev/loop3: Can't open blockdev [ 1124.471209][ T6993] netlink: 'syz.0.13766': attribute type 49 has an invalid length. [ 1125.088815][ T7028] libceph: resolve '96' (ret=-3): failed [ 1125.253877][ T7037] Quota error (device loop2): do_check_range: Getting block 64 out of range 1-5 [ 1125.277211][ T7037] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 1125.327334][ T7037] EXT4-fs error (device loop2): ext4_acquire_dquot:6841: comm syz.2.13780: Failed to acquire dquot type 0 [ 1125.408521][ T7037] EXT4-fs error (device loop2): mb_free_blocks:1839: group 0, inode 13: block 160:freeing already freed block (bit 10); block bitmap corrupt. [ 1125.480024][ T7037] EXT4-fs (loop2): 1 truncate cleaned up [ 1125.507387][ T7037] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1125.559281][ T7037] Quota error (device loop2): do_check_range: Getting block 64 out of range 0-5 [ 1125.699274][ T4277] EXT4-fs (loop2): unmounting filesystem. [ 1125.825774][ T7059] set_capacity_and_notify: 3 callbacks suppressed [ 1125.825795][ T7059] loop0: detected capacity change from 0 to 4096 [ 1125.966783][ T7059] ntfs: (device loop0): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 1126.039587][ T7059] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 1126.083447][ T7059] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 1126.163540][ T7059] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1126.204471][ T7090] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 1126.297885][ T7059] ntfs: volume version 3.1. [ 1126.390541][ T7059] ntfs: (device loop0): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 1126.427579][ T7059] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 1127.178686][ T7133] device  entered promiscuous mode [ 1127.571556][ T7148] loop5: detected capacity change from 0 to 4096 [ 1127.602408][ T7148] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 1127.747256][ T7637] usb 1-1: new full-speed USB device number 53 using dummy_hcd [ 1127.939353][ T7637] usb 1-1: config 8 has an invalid interface number: 80 but max is 0 [ 1127.964665][ T7637] usb 1-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 1127.979290][ T7178] loop3: detected capacity change from 0 to 8 [ 1127.986794][ T7178] /dev/loop3: Can't open blockdev [ 1127.991726][ T7637] usb 1-1: config 8 has no interface number 0 [ 1128.024947][ T7637] usb 1-1: config 8 interface 80 altsetting 0 has an invalid endpoint with address 0xE7, skipping [ 1128.065689][ T7637] usb 1-1: config 8 interface 80 altsetting 0 has an invalid endpoint with address 0x80, skipping [ 1128.096257][ T7637] usb 1-1: config 8 interface 80 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 1128.148051][ T7637] usb 1-1: config 8 interface 80 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 14 [ 1128.197043][ T7637] usb 1-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=c1.6f [ 1128.231127][ T7637] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1128.259814][ T5798] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1128.283260][ T7637] usb 1-1: NFC: intf ffff88805466d000 id ffffffff8d406400 [ 1129.352708][ T7637] usb 1-1: USB disconnect, device number 53 [ 1129.450628][ T7263] xt_TCPMSS: Only works on TCP SYN packets [ 1129.840286][ T7283] loop1: detected capacity change from 0 to 512 [ 1129.928464][ T7283] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1129.978490][ T7283] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 1130.004012][ T7283] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8800c01d, mo2=0102] [ 1130.061930][ T7284] loop3: detected capacity change from 0 to 4096 [ 1130.082379][ T7283] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80) [ 1130.094883][ T7293] netlink: 'syz.0.13856': attribute type 1 has an invalid length. [ 1130.094908][ T7293] netlink: 220 bytes leftover after parsing attributes in process `syz.0.13856'. [ 1130.094925][ T7293] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13856'. [ 1130.194122][ T5798] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1130.267323][ T7300] netlink: 184 bytes leftover after parsing attributes in process `syz.5.13857'. [ 1130.306473][ T7283] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features [ 1130.355232][ T7283] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1130.480083][ T7283] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.13852: dx entry: limit 65535 != root limit 120 [ 1130.594322][ T7283] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.13852: Corrupt directory, running e2fsck is recommended [ 1130.670970][ T7316] (unnamed net_device) (uninitialized): option ad_select: invalid value (253) [ 1130.748241][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1131.062604][ T7340] netlink: 80 bytes leftover after parsing attributes in process `syz.2.13868'. [ 1131.140415][ T7328] loop3: detected capacity change from 0 to 4096 [ 1131.167366][ T7328] /dev/loop3: Can't open blockdev [ 1132.045682][ T7385] netlink: 'syz.1.13884': attribute type 7 has an invalid length. [ 1132.245398][ T7393] netlink: 8 bytes leftover after parsing attributes in process `syz.5.13886'. [ 1132.821070][ T7421] loop0: detected capacity change from 0 to 128 [ 1132.897559][ T7421] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 1132.985382][ T7427] overlayfs: missing 'lowerdir' [ 1133.005011][ T7421] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1133.284294][ T7438] loop1: detected capacity change from 0 to 256 [ 1133.338909][ T7431] loop2: detected capacity change from 0 to 8192 [ 1133.372402][ T7438] FAT-fs (loop1): Directory bread(block 1285) failed [ 1133.408461][ T7438] FAT-fs (loop1): Directory bread(block 1286) failed [ 1133.415930][ T7438] FAT-fs (loop1): Directory bread(block 1287) failed [ 1133.417326][ T7431] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1133.453686][ T7438] FAT-fs (loop1): Directory bread(block 1288) failed [ 1133.506143][ T7438] FAT-fs (loop1): Directory bread(block 1285) failed [ 1133.576483][ T7438] FAT-fs (loop1): Directory bread(block 1286) failed [ 1133.597169][ T5952] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 1133.609838][ T7438] FAT-fs (loop1): Directory bread(block 1287) failed [ 1133.631071][ T7431] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 1133.652879][ T7438] FAT-fs (loop1): Directory bread(block 1288) failed [ 1133.672996][ T7431] FAT-fs (loop2): Filesystem has been set read-only [ 1133.680482][ T7460] loop0: detected capacity change from 0 to 512 [ 1133.698847][ T7438] FAT-fs (loop1): FAT read failed (blocknr 1281) [ 1133.734998][ T7460] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 1133.806723][ T7460] EXT4-fs (loop0): failed to initialize system zone (-117) [ 1133.817814][ T7460] EXT4-fs (loop0): mount failed [ 1133.817865][ T5952] usb 4-1: Using ep0 maxpacket: 32 [ 1133.863480][ T5952] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 1133.904101][ T5952] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1133.925418][ T5952] usb 4-1: config 0 has no interface number 0 [ 1133.932056][ T5952] usb 4-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1133.949663][ T5952] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 1133.959611][ T5952] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1133.960017][ T4277] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 1133.971934][ T5952] usb 4-1: Product: syz [ 1133.982503][ T5952] usb 4-1: Manufacturer: syz [ 1134.017078][ T5952] usb 4-1: SerialNumber: syz [ 1134.040650][ T5952] usb 4-1: config 0 descriptor?? [ 1134.079133][ T5952] radio-si470x 4-1:0.35: could not find interrupt in endpoint [ 1134.140486][ T5952] radio-si470x: probe of 4-1:0.35 failed with error -5 [ 1134.263370][ T5952] radio-raremono 4-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 1134.475406][ T5952] radio-raremono 4-1:0.35: raremono_cmd_main failed (-71) [ 1134.536857][ T5952] radio-raremono 4-1:0.35: V4L2 device registered as radio48 [ 1134.582666][ T5952] usb 4-1: USB disconnect, device number 45 [ 1134.610715][ T5952] radio-raremono 4-1:0.35: Thanko's Raremono disconnected [ 1134.623354][ T7508] loop5: detected capacity change from 0 to 512 [ 1134.641324][ T7509] netlink: 132 bytes leftover after parsing attributes in process `syz.1.13917'. [ 1134.755193][ T7508] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1134.943407][ T7508] EXT4-fs warning (device loop5): ext4_empty_dir:3156: inode #12: comm syz.5.13916: directory missing '..' [ 1135.071846][ T7534] loop1: detected capacity change from 0 to 256 [ 1135.109009][ T7534] exfat: Deprecated parameter 'utf8' [ 1135.114782][ T7534] exfat: Deprecated parameter 'utf8' [ 1135.167344][ T7534] exfat: Deprecated parameter 'utf8' [ 1135.199507][T17992] EXT4-fs (loop5): unmounting filesystem. [ 1135.256568][ T7534] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 1135.337086][ T7637] usb 1-1: new high-speed USB device number 54 using dummy_hcd [ 1135.527167][ T7637] usb 1-1: Using ep0 maxpacket: 32 [ 1135.568983][ T7637] usb 1-1: string descriptor 0 read error: -22 [ 1135.598074][ T7637] usb 1-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40 [ 1135.630052][ T7637] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1135.704575][ T7637] usb 1-1: MIDIStreaming interface descriptor not found [ 1136.030974][ T7637] usb 1-1: USB disconnect, device number 54 [ 1136.184148][ T7609] ip6t_REJECT: ECHOREPLY is not supported [ 1136.420233][ T7618] loop3: detected capacity change from 0 to 64 [ 1136.691042][ T7630] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 1136.719805][ T7633] device veth1_macvtap left promiscuous mode [ 1136.831251][ C0] vkms_vblank_simulate: vblank timer overrun [ 1137.293476][ T7668] loop0: detected capacity change from 0 to 512 [ 1137.303345][ T7670] loop1: detected capacity change from 0 to 64 [ 1137.382230][ T7668] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1137.429219][ T7677] netlink: 28 bytes leftover after parsing attributes in process `syz.3.13954'. [ 1137.635734][ T7682] loop5: detected capacity change from 0 to 764 [ 1137.680139][ T7682] rock: directory entry would overflow storage [ 1137.716533][ T7682] rock: sig=0x4654, size=5, remaining=4 [ 1138.782430][ T7783] nft_compat: unsupported protocol 1 [ 1139.439569][ T7822] loop3: detected capacity change from 0 to 164 [ 1139.504161][ T7822] rock: directory entry would overflow storage [ 1139.504173][ T7822] rock: sig=0x4543, size=28, remaining=18 [ 1139.704656][ T7832] loop0: detected capacity change from 0 to 256 [ 1139.705594][ T7832] exfat: Deprecated parameter 'utf8' [ 1139.705634][ T7832] exfat: Deprecated parameter 'utf8' [ 1139.705668][ T7832] exfat: Deprecated parameter 'utf8' [ 1139.763473][ T7832] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 1139.870768][ T7839] netlink: 'syz.3.13990': attribute type 1 has an invalid length. [ 1139.870797][ T7839] netlink: 908 bytes leftover after parsing attributes in process `syz.3.13990'. [ 1139.870817][ T7839] nbd: must specify at least one socket [ 1140.136478][ T3932] device veth1_macvtap entered promiscuous mode [ 1140.142406][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1140.977047][ T8491] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 1141.169351][ T8491] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1141.210045][ T8491] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1141.254344][ T8491] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice=fd.00 [ 1141.314106][ T8491] usb 6-1: New USB device strings: Mfr=255, Product=255, SerialNumber=2 [ 1141.344967][ T8491] usb 6-1: Product: syz [ 1141.375653][ T8491] usb 6-1: Manufacturer: syz [ 1141.395966][ T8491] usb 6-1: SerialNumber: syz [ 1141.447316][ T7929] vivid-003: disconnect [ 1141.477896][ T7925] vivid-003: reconnect [ 1141.645784][ T7939] tipc: Trying to set illegal importance in message [ 1141.649488][ T8491] usb 6-1: 0:2 : does not exist [ 1141.697205][ T8491] usb 6-1: unit 5 not found! [ 1141.768435][ T8491] usb 6-1: USB disconnect, device number 26 [ 1142.058991][ T4371] udevd[4371]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1142.467315][T29481] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 1142.642569][ T8007] loop0: detected capacity change from 0 to 256 [ 1142.699102][T29481] usb 4-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 1142.728890][T29481] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1142.797245][T29481] usb 4-1: config 0 descriptor?? [ 1142.819621][T29481] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 1143.074292][ T8026] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1143.226056][T29481] gspca_sunplus: reg_w_riv err -71 [ 1143.246588][T29481] sunplus: probe of 4-1:0.0 failed with error -71 [ 1143.259444][T29481] usb 4-1: USB disconnect, device number 46 [ 1143.952291][ T8072] loop5: detected capacity change from 0 to 64 [ 1144.319823][ T8092] x_tables: ip_tables: RATEEST.0 target: invalid size 32 (kernel) != (user) 0 [ 1144.392638][ T8099] netlink: 84 bytes leftover after parsing attributes in process `syz.3.14053'. [ 1144.420177][ T8099] netlink: 84 bytes leftover after parsing attributes in process `syz.3.14053'. [ 1144.499549][ T8105] loop0: detected capacity change from 0 to 64 [ 1144.657020][T29481] usb 6-1: new full-speed USB device number 27 using dummy_hcd [ 1144.678797][ T4278] hfs: node 4:3 still has 1 user(s)! [ 1144.816558][ T8128] loop0: detected capacity change from 0 to 8 [ 1144.843389][ T8130] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14060'. [ 1144.859392][T29481] usb 6-1: config 0 has an invalid interface number: 41 but max is 0 [ 1144.877080][T29481] usb 6-1: config 0 has no interface number 0 [ 1144.884688][ T8128] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 1144.887401][ T8130] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14060'. [ 1144.900120][ T4371] udevd[4371]: incorrect cramfs checksum on /dev/loop0 [ 1144.901887][T29481] usb 6-1: config 0 interface 41 has no altsetting 0 [ 1144.917274][ T8491] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 1144.937882][T29481] usb 6-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 1144.940366][ T8128] cramfs: Error -3 while decompressing! [ 1144.960749][ T8128] cramfs: ffffffff96d91248(26)->ffff88805132d000(4096) [ 1144.968958][ T8128] cramfs: Error 2 while decompressing! [ 1144.976206][ T8128] cramfs: ffffffff96d91262(26)->ffff88804eb3d000(4096) [ 1144.978623][T29481] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1144.985915][ T8128] cramfs: Error -3 while decompressing! [ 1145.009400][ T8128] cramfs: ffffffff96d9127c(16)->ffff8880716be000(4096) [ 1145.017047][T29481] usb 6-1: Product: syz [ 1145.022683][T29481] usb 6-1: Manufacturer: syz [ 1145.025948][ T8128] cramfs: Error -3 while decompressing! [ 1145.052762][ T8128] cramfs: ffffffff96d91248(26)->ffff88805132d000(4096) [ 1145.057012][T29481] usb 6-1: SerialNumber: syz [ 1145.089000][T29481] usb 6-1: config 0 descriptor?? [ 1145.117130][ T8491] usb 4-1: Using ep0 maxpacket: 8 [ 1145.124897][ T8491] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 1145.130550][ T8139] loop2: detected capacity change from 0 to 64 [ 1145.161532][ T8491] usb 4-1: config 179 has no interface number 0 [ 1145.200734][ T8491] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1145.254468][ T8491] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1145.300200][ T8491] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1145.304140][T29481] CoreChips: probe of 6-1:0.41 failed with error -71 [ 1145.321173][ T8491] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1145.350312][ T8491] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1145.362907][T29481] usb 6-1: USB disconnect, device number 27 [ 1145.374518][ T8491] usb 4-1: config 179 interface 65 has no altsetting 0 [ 1145.385596][ T8491] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1145.427589][ T8491] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1145.534072][ T8491] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input49 [ 1145.628232][ T8169] blktrace: Concurrent blktraces are not allowed on loop7 [ 1145.698637][T29481] usb 4-1: USB disconnect, device number 47 [ 1145.698651][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1145.789977][T29481] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 1145.909458][ T8183] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14068'. [ 1146.395835][ T8212] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14076'. [ 1146.890631][ T8273] loop3: detected capacity change from 0 to 1024 [ 1147.372199][ T8293] netlink: 220 bytes leftover after parsing attributes in process `syz.0.14091'. [ 1147.672190][ T8307] loop0: detected capacity change from 0 to 256 [ 1147.781110][ T8307] FAT-fs (loop0): Directory bread(block 64) failed [ 1147.814148][ T8307] FAT-fs (loop0): Directory bread(block 65) failed [ 1147.832857][ T8307] FAT-fs (loop0): Directory bread(block 66) failed [ 1147.864763][ T8307] FAT-fs (loop0): Directory bread(block 67) failed [ 1147.893120][ T8307] FAT-fs (loop0): Directory bread(block 68) failed [ 1147.952584][ T8307] FAT-fs (loop0): Directory bread(block 69) failed [ 1147.967194][ T8307] FAT-fs (loop0): Directory bread(block 70) failed [ 1147.974278][ T8307] FAT-fs (loop0): Directory bread(block 71) failed [ 1148.019067][ T8307] FAT-fs (loop0): Directory bread(block 72) failed [ 1148.048198][ T8307] FAT-fs (loop0): Directory bread(block 73) failed [ 1148.155482][ T8307] syz.0.14096: attempt to access beyond end of device [ 1148.155482][ T8307] loop0: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 1148.208549][ T8307] syz.0.14096: attempt to access beyond end of device [ 1148.208549][ T8307] loop0: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 1148.293191][ T26] kauditd_printk_skb: 5 callbacks suppressed [ 1148.293208][ T26] audit: type=1800 audit(1148.242:807): pid=8307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.14096" name="file0" dev="loop0" ino=1048743 res=0 errno=0 [ 1148.728786][ T8358] netlink: 4 bytes leftover after parsing attributes in process `syz.5.14111'. [ 1149.068095][ T8377] netlink: 193 bytes leftover after parsing attributes in process `syz.5.14116'. [ 1149.113136][ T8383] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14119'. [ 1149.527222][ T8488] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 1149.546695][ T8408] netlink: 'syz.0.14125': attribute type 1 has an invalid length. [ 1149.574443][ T8408] netlink: 224 bytes leftover after parsing attributes in process `syz.0.14125'. [ 1149.747267][ T8488] usb 3-1: Using ep0 maxpacket: 16 [ 1149.768465][ T8488] usb 3-1: config 0 has no interfaces? [ 1149.808176][ T8488] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1149.838552][ T8488] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1149.852758][ T8424] loop0: detected capacity change from 0 to 256 [ 1149.871689][ T8488] usb 3-1: Product: syz [ 1149.876466][ T8488] usb 3-1: Manufacturer: syz [ 1149.911724][ T8488] usb 3-1: SerialNumber: syz [ 1149.931664][ T8424] FAT-fs (loop0): Directory bread(block 64) failed [ 1149.941599][ T8488] r8152-cfgselector 3-1: config 0 descriptor?? [ 1149.960070][ T8424] FAT-fs (loop0): Directory bread(block 65) failed [ 1149.987440][ T8424] FAT-fs (loop0): Directory bread(block 66) failed [ 1150.008817][ T8433] IPv6: ADDRCONF(NETDEV_CHANGE): netdevsim0: link becomes ready [ 1150.020412][ T8424] FAT-fs (loop0): Directory bread(block 67) failed [ 1150.036814][ T8424] FAT-fs (loop0): Directory bread(block 68) failed [ 1150.055571][ T8433] IPv6: ADDRCONF(NETDEV_CHANGE): netdevsim0: link becomes ready [ 1150.064902][ T8424] FAT-fs (loop0): Directory bread(block 69) failed [ 1150.082333][ T8424] FAT-fs (loop0): Directory bread(block 70) failed [ 1150.098499][ T8433] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1150.126071][ T8424] FAT-fs (loop0): Directory bread(block 71) failed [ 1150.134135][ T8424] FAT-fs (loop0): Directory bread(block 72) failed [ 1150.157201][ T8424] FAT-fs (loop0): Directory bread(block 73) failed [ 1150.184889][ T8488] usbip-host 3-1: 3-1 is not in match_busid table... skip! [ 1150.410828][ T8488] usb 3-1: USB disconnect, device number 46 [ 1150.718925][ T8466] netlink: 'syz.1.14140': attribute type 3 has an invalid length. [ 1150.734014][ T8466] netlink: 'syz.1.14140': attribute type 3 has an invalid length. [ 1150.744242][ T8466] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14140'. [ 1151.549442][ T8496] xt_CT: No such helper "netbios-ns" [ 1152.537323][ T8569] autofs4:pid:8569:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.2), cmd(0xc0189374) [ 1152.644679][ T8569] autofs4:pid:8569:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189374) [ 1153.477725][ T8625] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1153.507115][ T8625] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1153.512280][ T8632] tmpfs: Bad value for 'mpol' [ 1153.527358][ T8625] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1153.563342][ T8625] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1153.609716][ T8625] device geneve3 entered promiscuous mode [ 1153.659372][T30374] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 1153.678583][ T8625] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1153.709489][ T8625] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1153.726012][ T8625] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1153.756353][ T8625] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1153.890164][T30374] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1153.917866][T30374] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1153.931030][T30374] usb 2-1: Product: syz [ 1153.937932][T30374] usb 2-1: Manufacturer: syz [ 1153.946479][T30374] usb 2-1: SerialNumber: syz [ 1153.970058][T30374] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1154.044803][T30374] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1154.257511][ C1] usb 2-1: ath9k_htc: invalid pkt_len (ffef) [ 1154.460126][ T8488] usb 2-1: USB disconnect, device number 50 [ 1155.177141][T30374] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 1155.184501][T30374] ath9k_htc: Failed to initialize the device [ 1155.208737][ T8488] usb 2-1: ath9k_htc: USB layer deinitialized [ 1155.296759][ T8720] libceph: resolve '0' (ret=-3): failed [ 1155.886682][ T8682] loop5: detected capacity change from 0 to 32768 [ 1156.131792][ T8682] XFS (loop5): Mounting V5 Filesystem [ 1156.309811][ T8682] XFS (loop5): Ending clean mount [ 1156.345175][ T8682] XFS (loop5): Quotacheck needed: Please wait. [ 1156.532884][ T8682] XFS (loop5): Quotacheck: Done. [ 1156.818511][T17992] XFS (loop5): Unmounting Filesystem [ 1156.923075][ T8788] loop0: detected capacity change from 0 to 4096 [ 1156.965155][ T8788] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 1157.041446][ T8788] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 1157.061109][ T8716] loop1: detected capacity change from 0 to 40427 [ 1157.152727][ T8716] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1157.156319][ T8788] ntfs: (device loop0): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 1157.197151][ T8716] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1157.218624][ T8788] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1157.277612][ T8716] F2FS-fs (loop1): invalid crc_offset: 33558524 [ 1157.325254][ T8788] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1157.384265][ T8788] ntfs: volume version 3.1. [ 1157.407089][ T8716] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1157.417561][ T8788] ntfs: (device loop0): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 1157.492548][ T8788] ntfs: (device loop0): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 1157.511125][ T8816] netlink: 164 bytes leftover after parsing attributes in process `syz.2.14237'. [ 1157.558138][ T8788] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 1157.597343][ T8788] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 1157.616710][ T8716] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1157.637028][ T8716] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1157.692493][ T8788] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 1158.289703][ T8838] loop3: detected capacity change from 0 to 128 [ 1159.055234][ T8870] loop2: detected capacity change from 0 to 4096 [ 1159.162160][ T8870] ntfs3: loop2: Failed to load $Extend. [ 1159.278266][ T8870] ntfs3: loop2: ino=5, "/" directory corrupted [ 1159.667146][ T8907] netlink: 'syz.5.14259': attribute type 25 has an invalid length. [ 1159.676057][ T8907] netlink: 40 bytes leftover after parsing attributes in process `syz.5.14259'. [ 1159.698930][ T8895] loop0: detected capacity change from 0 to 4096 [ 1159.802651][ T8914] netlink: 'syz.2.14262': attribute type 3 has an invalid length. [ 1159.851488][ T8914] netlink: 'syz.2.14262': attribute type 3 has an invalid length. [ 1160.732748][ T4382] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1160.739622][ T8953] loop1: detected capacity change from 0 to 4096 [ 1160.749356][ T4382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1160.766109][T14617] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1160.785145][ T8961] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1160.809093][ T8953] ntfs: volume version 3.1. [ 1160.837278][ T8960] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1161.364167][ T8935] loop3: detected capacity change from 0 to 32768 [ 1161.393770][ T8935] /dev/loop3: Can't open blockdev [ 1161.592128][ T8957] loop5: detected capacity change from 0 to 32768 [ 1161.691839][ T8957] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1161.847215][T17992] ocfs2: Unmounting device (7,5) on (node local) [ 1162.129627][ T9009] loop0: detected capacity change from 0 to 64 [ 1162.228974][ T9009] syz.0.14289: attempt to access beyond end of device [ 1162.228974][ T9009] loop0: rw=0, sector=2590, nr_sectors = 2 limit=64 [ 1162.319241][ T9009] Buffer I/O error on dev loop0, logical block 1295, async page read [ 1162.376652][ T9019] loop3: detected capacity change from 0 to 256 [ 1162.397655][ T9009] syz.0.14289: attempt to access beyond end of device [ 1162.397655][ T9009] loop0: rw=0, sector=2590, nr_sectors = 2 limit=64 [ 1162.403612][ T9021] loop5: detected capacity change from 0 to 512 [ 1162.447264][ T9009] Buffer I/O error on dev loop0, logical block 1295, async page read [ 1162.507953][ T26] kauditd_printk_skb: 22 callbacks suppressed [ 1162.508012][ T26] audit: type=1800 audit(1162.462:808): pid=9009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.14289" name="file2" dev="loop0" ino=6 res=0 errno=0 [ 1162.571153][ T9021] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1162.643678][ T9021] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 1162.727436][ T9021] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 1162.777486][ T9021] EXT4-fs error (device loop5): ext4_acquire_dquot:6841: comm syz.5.14293: Failed to acquire dquot type 0 [ 1162.937222][T17992] EXT4-fs (loop5): unmounting filesystem. [ 1162.999459][ T9052] loop2: detected capacity change from 0 to 4096 [ 1163.067216][ T5952] usb 4-1: new full-speed USB device number 48 using dummy_hcd [ 1163.270533][ T5952] usb 4-1: config index 0 descriptor too short (expected 35577, got 27) [ 1163.289547][ T5952] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1163.322669][ T5952] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1163.381870][ T5952] usb 4-1: config 1 has no interface number 0 [ 1163.405378][ T5952] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1163.446309][ T5952] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1163.497178][ T5952] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1163.555618][ T5952] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1163.593904][ T5952] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found [ 1163.764314][ T9090] netlink: 152 bytes leftover after parsing attributes in process `syz.5.14311'. [ 1163.799688][ T5952] snd_usb_pod 4-1:1.1: endpoint not available, using fallback values [ 1163.819891][ T5952] snd_usb_pod 4-1:1.1: invalid control EP [ 1163.849809][ T5952] snd_usb_pod 4-1:1.1: cannot start listening: -22 [ 1163.870235][ T5952] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected [ 1163.899335][ T5952] snd_usb_pod: probe of 4-1:1.1 failed with error -22 [ 1164.043997][ T5952] usb 4-1: USB disconnect, device number 48 [ 1164.895128][ T9152] netlink: 40 bytes leftover after parsing attributes in process `syz.3.14327'. [ 1164.969522][ T9149] loop2: detected capacity change from 0 to 4096 [ 1164.984711][ T9152] netlink: 56 bytes leftover after parsing attributes in process `syz.3.14327'. [ 1165.022247][ T9149] ntfs: volume version 3.1. [ 1165.058708][ T9149] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 1165.127287][ T9149] ntfs: (device loop2): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 1165.157236][ T9149] ntfs: (device loop2): load_system_files(): Failed to determine if Windows is hibernated. Mounting read-only. Run chkdsk. [ 1165.197764][T30374] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 1165.223517][ T9149] ntfs: (device loop2): ntfs_read_locked_attr_inode(): Failed with error code -2 while reading attribute inode (mft_no 0x1a, type 0x80, name_len 4). Marking corrupt inode and base inode 0x1a as bad. Run chkdsk. [ 1165.323946][ T9149] ntfs: (device loop2): load_and_init_usnjrnl(): Failed to load $UsnJrnl/$DATA/$Max attribute. [ 1165.362346][ T9149] ntfs: (device loop2): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 1165.407240][T30374] usb 6-1: Using ep0 maxpacket: 16 [ 1165.415208][T30374] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1165.450469][ T9149] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Found already allocated name in phase 2. Please run chkdsk and if that doesn't find any errors please report you saw this message to linux-ntfs-dev@lists.sourceforge.net. [ 1165.478937][T30374] usb 6-1: New USB device found, idVendor=fc08, idProduct=0101, bcdDevice= 0.40 [ 1165.520139][T30374] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1165.560882][T30374] usb 6-1: Product: syz [ 1165.565587][T30374] usb 6-1: Manufacturer: syz [ 1165.602029][T30374] usb 6-1: SerialNumber: syz [ 1165.864849][T30374] usb 6-1: MIDIStreaming interface descriptor not found [ 1166.010242][T30374] usb 6-1: USB disconnect, device number 28 [ 1166.165756][ T9228] loop3: detected capacity change from 0 to 1024 [ 1166.345058][ T4610] udevd[4610]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1167.134547][T29481] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 1167.187267][T30374] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 1167.328495][T29481] usb 4-1: Using ep0 maxpacket: 8 [ 1167.346465][T29481] usb 4-1: config 0 has an invalid interface number: 31 but max is 0 [ 1167.375206][T29481] usb 4-1: config 0 has no interface number 0 [ 1167.399195][T30374] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1167.418036][T29481] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 1167.428444][T30374] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1167.439077][T29481] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1167.447864][T30374] usb 6-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 1167.458428][T29481] usb 4-1: Product: syz [ 1167.462708][T29481] usb 4-1: Manufacturer: syz [ 1167.467927][T30374] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1167.476733][T29481] usb 4-1: SerialNumber: syz [ 1167.484565][T29481] usb 4-1: config 0 descriptor?? [ 1167.491135][T30374] usb 6-1: config 0 descriptor?? [ 1167.715622][T29481] usb 4-1: Found UVC 0.04 device syz (046d:08c3) [ 1167.725756][T29481] usb 4-1: No valid video chain found. [ 1167.749570][T29481] usb 4-1: USB disconnect, device number 49 [ 1167.909591][T30374] hkems 0003:2006:0118.0002: item fetching failed at offset 5/7 [ 1167.928384][T30374] hkems 0003:2006:0118.0002: parse failed [ 1167.934855][T30374] hkems: probe of 0003:2006:0118.0002 failed with error -22 [ 1168.048454][ T9313] loop1: detected capacity change from 0 to 8 [ 1168.121531][T29481] usb 6-1: USB disconnect, device number 29 [ 1168.209138][ T9313] SQUASHFS error: Unable to read directory block [247:71] [ 1168.827209][ T8491] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 1169.017208][ T8491] usb 2-1: Using ep0 maxpacket: 8 [ 1169.030077][ T8491] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1169.103135][ T8491] usb 2-1: config 8 interface 0 altsetting 7 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1169.145421][ T8491] usb 2-1: config 8 interface 0 altsetting 7 bulk endpoint 0x83 has invalid maxpacket 0 [ 1169.179120][ T8491] usb 2-1: config 8 interface 0 has no altsetting 0 [ 1169.193179][ T8491] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5 [ 1169.235503][ T8491] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1169.255507][ T8491] usb 2-1: Product: syz [ 1169.276239][ T8491] usb 2-1: Manufacturer: syz [ 1169.285510][ T8491] usb 2-1: SerialNumber: syz [ 1169.380642][ T9394] netlink: 'syz.2.14380': attribute type 2 has an invalid length. [ 1169.452546][ T9394] netlink: 'syz.2.14380': attribute type 2 has an invalid length. [ 1169.561277][ T8491] usb 2-1: selecting invalid altsetting 0 [ 1169.644812][ T8491] snd-usb-audio: probe of 2-1:8.0 failed with error -12 [ 1169.708133][ T8491] usb 2-1: USB disconnect, device number 51 [ 1169.742390][ T4610] udevd[4610]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:8.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1169.862975][ T9437] loop3: detected capacity change from 0 to 256 [ 1170.384363][ T9462] loop3: detected capacity change from 0 to 64 [ 1170.887683][ T8491] usb 2-1: new full-speed USB device number 52 using dummy_hcd [ 1170.957902][ T9491] loop5: detected capacity change from 0 to 1024 [ 1171.042753][ T9491] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 1171.089010][ T8491] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 1171.108814][ T8491] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1171.121368][ T9448] loop2: detected capacity change from 0 to 32768 [ 1171.141834][ T9448] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop2 scanned by syz.2.14386 (9448) [ 1171.146476][ T9500] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1171.187616][ T8491] usb 2-1: config 0 has no interface number 0 [ 1171.208715][ T8491] usb 2-1: config 0 interface 52 has no altsetting 0 [ 1171.237271][ T9448] BTRFS info (device loop2): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 1171.237747][ T8491] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 1171.287034][ T8491] usb 2-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 1171.294973][ T9448] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 1171.311553][ T8491] usb 2-1: Manufacturer: syz [ 1171.327194][ T9448] BTRFS info (device loop2): turning on async discard [ 1171.358865][ T8491] usb 2-1: config 0 descriptor?? [ 1171.367022][ T9448] BTRFS info (device loop2): using free space tree [ 1171.387375][ T8491] hub 2-1:0.52: bad descriptor, ignoring hub [ 1171.418432][ T8491] hub: probe of 2-1:0.52 failed with error -5 [ 1171.749716][ T9448] BTRFS info (device loop2): enabling ssd optimizations [ 1171.939407][ T4277] BTRFS info (device loop2): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 1172.007331][ T8491] usb 2-1: USB disconnect, device number 52 [ 1172.954002][ T9598] mkiss: ax0: crc mode is auto. [ 1173.003065][ T9611] loop5: detected capacity change from 0 to 128 [ 1173.046487][ T9611] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 1173.100271][ T9611] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1173.142040][ T9611] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:511: comm syz.5.14422: Block bitmap for bg 0 marked uninitialized [ 1173.409298][T17992] EXT4-fs (loop5): unmounting filesystem. [ 1173.719545][ T9647] loop1: detected capacity change from 0 to 512 [ 1173.830997][ T9647] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 1173.913328][ T9647] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it [ 1173.985493][ T9647] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.14431: Corrupt directory, running e2fsck is recommended [ 1174.018857][ T9662] xt_policy: too many policy elements [ 1174.038490][ T9647] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 1174.057638][ T9647] EXT4-fs error (device loop1): ext4_iget_extra_inode:4763: inode #15: comm syz.1.14431: corrupted in-inode xattr [ 1174.122390][ T9647] EXT4-fs error (device loop1): ext4_orphan_get:1410: comm syz.1.14431: couldn't read orphan inode 15 (err -117) [ 1174.155447][ T9647] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1174.321402][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1174.410170][ T9628] loop3: detected capacity change from 0 to 32768 [ 1174.514717][ T4371] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1174.937241][T17401] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 1175.171055][T17401] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1175.185817][T17401] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1175.228127][T17401] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1175.276531][T17401] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1175.288729][ T9726] loop5: detected capacity change from 0 to 128 [ 1175.352521][ T9726] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 1175.354651][T17401] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1175.402615][ T9726] hpfs: filesystem error: improperly stopped [ 1175.425843][ T9726] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1175.438157][ T9735] netlink: 16 bytes leftover after parsing attributes in process `syz.1.14453'. [ 1175.447862][T17401] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1175.484353][T17401] usb 3-1: Product: syz [ 1175.496610][T17401] usb 3-1: Manufacturer: syz [ 1175.497612][ T9726] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories [ 1175.524197][ T9726] hpfs: You really don't want any checks? You are crazy... [ 1175.535899][ T9726] hpfs: hpfs_map_sector(): read error [ 1175.545653][T17401] cdc_wdm 3-1:1.0: skipping garbage [ 1175.556453][ T9726] hpfs: code page support is disabled [ 1175.565874][ T9726] hpfs: hpfs_map_4sectors(): unaligned read [ 1175.566513][T17401] cdc_wdm 3-1:1.0: skipping garbage [ 1175.580973][ T9726] hpfs: hpfs_map_4sectors(): unaligned read [ 1175.607650][ T9726] hpfs: filesystem error: unable to find root dir [ 1175.674937][T17401] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 1175.725410][T17401] cdc_wdm 3-1:1.0: Unknown control protocol [ 1175.773767][T17401] usb 3-1: USB disconnect, device number 47 [ 1176.036587][ T9775] loop5: detected capacity change from 0 to 1024 [ 1176.600585][ T9800] loop1: detected capacity change from 0 to 512 [ 1176.636016][ T9800] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1176.639023][ T9808] loop2: detected capacity change from 0 to 256 [ 1176.666826][ T9800] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 1176.735721][ T9815] loop0: detected capacity change from 0 to 512 [ 1176.744432][ T9800] System zones: 1-12 [ 1176.767278][ T9800] EXT4-fs (loop1): 1 truncate cleaned up [ 1176.801537][ T9815] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1176.807774][ T9808] FAT-fs (loop2): Directory bread(block 64) failed [ 1176.824982][ T9800] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1176.857179][T17401] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 1176.865826][ T9808] FAT-fs (loop2): Directory bread(block 65) failed [ 1176.928392][ T9808] FAT-fs (loop2): Directory bread(block 66) failed [ 1176.935745][ T9808] FAT-fs (loop2): Directory bread(block 67) failed [ 1176.969832][ T4278] EXT4-fs (loop0): unmounting filesystem. [ 1177.014288][ T9808] FAT-fs (loop2): Directory bread(block 68) failed [ 1177.047616][ T9808] FAT-fs (loop2): Directory bread(block 69) failed [ 1177.054735][ T9824] Bluetooth: MGMT ver 1.22 [ 1177.072784][T17401] usb 6-1: Using ep0 maxpacket: 16 [ 1177.077530][ T9808] FAT-fs (loop2): Directory bread(block 70) failed [ 1177.085285][ T9808] FAT-fs (loop2): Directory bread(block 71) failed [ 1177.115686][T17401] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1177.130477][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1177.142708][ T9808] FAT-fs (loop2): Directory bread(block 72) failed [ 1177.151221][ T9808] FAT-fs (loop2): Directory bread(block 73) failed [ 1177.167390][T17401] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1177.227697][T17401] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1177.267114][T17401] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1177.287081][T17401] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1177.318274][T17401] usb 6-1: config 0 descriptor?? [ 1177.341756][ T9834] netlink: 'syz.3.14475': attribute type 5 has an invalid length. [ 1177.419795][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.420246][ C1] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured! [ 1177.426580][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.491053][ T9837] loop0: detected capacity change from 0 to 1764 [ 1177.790746][T17401] microsoft 0003:045E:07DA.0003: ignoring exceeding usage max [ 1177.913857][T17401] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0003/input/input51 [ 1178.136716][T17401] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 1178.200293][T17401] usb 6-1: USB disconnect, device number 30 [ 1178.626978][ T7637] usb 2-1: new full-speed USB device number 53 using dummy_hcd [ 1178.651839][ T9893] fido_id[9893]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 1178.742935][ T9924] IPVS: stopping backup sync thread 9927 ... [ 1178.753026][ T9927] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 786440, id = 0 [ 1178.821349][ T9930] vivid-004: disconnect [ 1178.846335][ T9929] vivid-004: reconnect [ 1178.854745][ T7637] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1178.886197][ T7637] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 7 [ 1178.959497][ T7637] usb 2-1: New USB device found, idVendor=056a, idProduct=00f4, bcdDevice= 0.00 [ 1179.004908][ T7637] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1179.079541][ T7637] usb 2-1: config 0 descriptor?? [ 1179.275998][ T9950] loop2: detected capacity change from 0 to 2048 [ 1179.340198][ T9950] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1179.389482][ T9950] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1179.513825][ T7637] wacom 0003:056A:00F4.0004: ignoring exceeding usage max [ 1179.571857][ T7637] wacom 0003:056A:00F4.0004: unknown main item tag 0x0 [ 1179.617034][ T7637] wacom 0003:056A:00F4.0004: unknown main item tag 0x0 [ 1179.624347][ T7637] wacom 0003:056A:00F4.0004: unknown main item tag 0x0 [ 1179.666034][ T7637] wacom 0003:056A:00F4.0004: unknown main item tag 0x0 [ 1179.674354][ T7637] wacom 0003:056A:00F4.0004: unknown main item tag 0x0 [ 1179.695988][ T7637] wacom 0003:056A:00F4.0004: unknown main item tag 0x0 [ 1179.747020][ T7637] wacom 0003:056A:00F4.0004: unknown main item tag 0x0 [ 1179.754257][ T7637] wacom 0003:056A:00F4.0004: unknown main item tag 0x0 [ 1179.859123][ T7637] wacom 0003:056A:00F4.0004: hidraw0: USB HID v0.08 Device [HID 056a:00f4] on usb-dummy_hcd.1-1/input0 [ 1179.945949][ T7637] usb 2-1: USB disconnect, device number 53 [ 1180.281276][T10003] loop0: detected capacity change from 0 to 4096 [ 1180.332420][T10003] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1180.367767][ T9992] fido_id[9992]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1180.392575][T10007] loop5: detected capacity change from 0 to 4096 [ 1180.406141][T10003] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 4096) [ 1180.416300][T10012] loop2: detected capacity change from 0 to 1024 [ 1180.537642][T10017] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1180.744416][T10023] loop3: detected capacity change from 0 to 512 [ 1180.877738][ T4371] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1181.277418][T10046] loop2: detected capacity change from 0 to 128 [ 1181.404062][T31172] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1182.573312][T10114] loop3: detected capacity change from 0 to 2048 [ 1182.605252][T10114] /dev/loop3: Can't open blockdev [ 1183.080219][T10136] loop5: detected capacity change from 0 to 16 [ 1183.088335][T10127] loop1: detected capacity change from 0 to 4096 [ 1183.118379][T10089] loop2: detected capacity change from 0 to 32768 [ 1183.125496][T10127] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 1183.147385][T10136] erofs: (device loop5): mounted with root inode @ nid 36. [ 1183.489484][ T4271] ntfs3: loop1: ntfs_sync_fs r=1a failed, -22. [ 1183.502099][T10142] /dev/loop3: Can't open blockdev [ 1183.514921][ T4271] ntfs3: loop1: ntfs_evict_inode r=1a failed, -22. [ 1183.553501][ T4271] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1183.679897][T10151] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1183.763269][T10151] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1183.779049][T10151] EXT4-fs error (device loop5): ext4_quota_enable:7045: comm syz.5.14540: Bad quota inum: 2, type: 2 [ 1183.861589][T10151] EXT4-fs warning (device loop5): ext4_enable_quotas:7093: Failed to enable quota tracking (type=2, err=-117, ino=2). Please run e2fsck to fix. [ 1183.909098][T10162] erofs: (device loop2): mounted with root inode @ nid 36. [ 1183.954381][T10151] EXT4-fs (loop5): Cannot turn on quotas: error -117 [ 1183.991426][T10154] EXT4-fs: Ignoring removed orlov option [ 1184.007042][T10151] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1184.059004][T10154] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1184.188861][T10154] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1184.237415][ T7637] usb 1-1: new high-speed USB device number 55 using dummy_hcd [ 1184.281080][T10181] set_capacity_and_notify: 4 callbacks suppressed [ 1184.281102][T10181] loop2: detected capacity change from 0 to 16 [ 1184.282538][T10154] EXT4-fs: Can't set or change test_dummy_encryption on remount [ 1184.304292][T17992] EXT4-fs (loop5): unmounting filesystem. [ 1184.362561][T10181] erofs: (device loop2): mounted with root inode @ nid 36. [ 1184.429511][T10181] erofs: (device loop2): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36 [ 1184.450674][ T7637] usb 1-1: Using ep0 maxpacket: 8 [ 1184.458441][ T7637] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1184.489233][ T7637] usb 1-1: New USB device found, idVendor=056a, idProduct=0059, bcdDevice= 0.00 [ 1184.490488][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1184.506817][T10181] syz.2.14544: attempt to access beyond end of device [ 1184.506817][T10181] loop2: rw=0, sector=296, nr_sectors = 8 limit=16 [ 1184.541069][ T7637] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1184.564311][T10181] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117] [ 1184.588593][ T7637] usb 1-1: config 0 descriptor?? [ 1184.625682][ T7637] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 1184.637364][T10181] erofs: (device loop2): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 1184.856531][T10166] netlink: 24 bytes leftover after parsing attributes in process `syz.0.14543'. [ 1184.919614][ T7637] usb 1-1: USB disconnect, device number 55 [ 1185.083321][T10210] loop2: detected capacity change from 0 to 4096 [ 1185.137801][T10210] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 1185.779160][T10242] loop2: detected capacity change from 0 to 128 [ 1185.892683][T10242] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1185.938073][T10242] hpfs: filesystem error: improperly stopped [ 1185.944621][T10242] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1185.976677][T10256] loop5: detected capacity change from 0 to 64 [ 1186.017213][T10242] hpfs: You really don't want any checks? You are crazy... [ 1186.097370][T10242] hpfs: hpfs_map_sector(): read error [ 1186.103118][T10242] hpfs: code page support is disabled [ 1186.175110][T10242] hpfs: hpfs_map_4sectors(): unaligned read [ 1186.207765][T10242] hpfs: hpfs_map_4sectors(): unaligned read [ 1186.214167][T10242] hpfs: filesystem error: unable to find root dir [ 1186.349225][T10271] loop5: detected capacity change from 0 to 16 [ 1186.387306][T10271] erofs: (device loop5): mounted with root inode @ nid 36. [ 1186.437002][ T7637] usb 2-1: new high-speed USB device number 54 using dummy_hcd [ 1186.636978][ T7637] usb 2-1: Using ep0 maxpacket: 16 [ 1186.644341][ T7637] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1186.717256][ T7637] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1186.745934][ T7637] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1186.779100][ T7637] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1186.816988][ T7637] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1186.848544][ T7637] usb 2-1: config 0 descriptor?? [ 1187.283923][ T7637] microsoft 0003:045E:07DA.0005: ignoring exceeding usage max [ 1187.356563][ T7637] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0005/input/input55 [ 1187.407921][T10322] loop0: detected capacity change from 0 to 1024 [ 1187.482777][ T7637] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 1187.543861][ T7637] usb 2-1: USB disconnect, device number 54 [ 1187.786036][T10294] loop2: detected capacity change from 0 to 32768 [ 1187.884698][T10294] JBD2: Ignoring recovery information on journal [ 1188.010688][T10347] fido_id[10347]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1188.030763][T10294] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 1188.071156][T10294] (syz.2.14573,10294,1):ocfs2_reflink_ioctl:4433 ERROR: status = -14 [ 1188.240795][T10363] loop0: detected capacity change from 0 to 512 [ 1188.273192][T10364] netlink: 20 bytes leftover after parsing attributes in process `syz.3.14587'. [ 1188.294669][ T4277] ocfs2: Unmounting device (7,2) on (node local) [ 1188.327031][T10363] EXT4-fs (loop0): 1 truncate cleaned up [ 1188.333303][T10363] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1188.349424][T10363] EXT4-fs warning (device loop0): verify_group_input:151: Cannot add at group 3 (only 1 groups) [ 1188.420466][ T4278] EXT4-fs (loop0): unmounting filesystem. [ 1189.071955][T10403] vivid-003: disconnect [ 1189.088103][T10402] vivid-003: reconnect [ 1189.157073][ T8488] usb 1-1: new high-speed USB device number 56 using dummy_hcd [ 1189.175128][T30373] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 1189.367152][T30373] usb 4-1: Using ep0 maxpacket: 32 [ 1189.372096][ T8488] usb 1-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 1189.375815][T30373] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 1189.418321][ T8488] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1189.423945][T30373] usb 4-1: config 0 has no interface number 0 [ 1189.426452][ T8488] usb 1-1: Product: syz [ 1189.468782][T30373] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1189.468846][ T8488] usb 1-1: Manufacturer: syz [ 1189.486986][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 1189.487004][ T26] audit: type=1326 audit(1189.432:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10413 comm="syz.5.14600" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3839cdd9 code=0x7ffc0000 [ 1189.493691][T30373] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1189.521861][ T8488] usb 1-1: SerialNumber: syz [ 1189.544728][ T8488] usb 1-1: config 0 descriptor?? [ 1189.550692][T10384] loop2: detected capacity change from 0 to 32768 [ 1189.551117][ T26] audit: type=1326 audit(1189.442:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10413 comm="syz.5.14600" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3839cdd9 code=0x7ffc0000 [ 1189.590071][ T8488] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 1189.628854][ T8488] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1189.660302][ T8488] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 1189.671549][ T26] audit: type=1326 audit(1189.492:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10413 comm="syz.5.14600" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f0d3839cdd9 code=0x7ffc0000 [ 1189.709739][ T9] JFS: metapage_get_blocks failed [ 1189.715521][ T9] JFS: metapage_get_blocks failed [ 1189.715588][ T8488] usb 1-1: media controller created [ 1189.743044][T30373] usb 4-1: Product: syz [ 1189.759148][T10384] JFS: metapage_get_blocks failed [ 1189.760790][ T107] blkno = 50030, nblocks = 1 [ 1189.767953][T30373] usb 4-1: Manufacturer: syz [ 1189.774283][T30373] usb 4-1: SerialNumber: syz [ 1189.777250][ T107] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 1189.777250][ T107] [ 1189.810198][ T26] audit: type=1326 audit(1189.492:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10413 comm="syz.5.14600" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3839cdd9 code=0x7ffc0000 [ 1189.838063][T30373] usb 4-1: config 0 descriptor?? [ 1189.852057][ T8488] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1189.878444][T30373] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1189.907021][ T26] audit: type=1326 audit(1189.492:813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10413 comm="syz.5.14600" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3839cdd9 code=0x7ffc0000 [ 1189.917489][ T107] ERROR: (device loop2): remounting filesystem as read-only [ 1189.997944][ T107] blkno = 5002c, nblocks = 4 [ 1190.002772][ T107] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 1190.002772][ T107] [ 1190.053229][ T26] audit: type=1326 audit(1189.492:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10413 comm="syz.5.14600" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f0d3839cdd9 code=0x7ffc0000 [ 1190.065995][T30373] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1190.170458][T30373] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1190.184226][ T26] audit: type=1326 audit(1189.552:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10413 comm="syz.5.14600" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3839cdd9 code=0x7ffc0000 [ 1190.209842][ T8488] DVB: Unable to find symbol mt352_attach() [ 1190.247389][ T4277] JFS: metapage_get_blocks failed [ 1190.277192][ T4277] JFS: metapage_get_blocks failed [ 1190.376621][ T26] audit: type=1326 audit(1189.552:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10413 comm="syz.5.14600" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d3839cdd9 code=0x7ffc0000 [ 1190.503158][ T8488] DVB: Unable to find symbol nxt6000_attach() [ 1190.526964][ T8488] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 1190.581965][ T8488] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input56 [ 1190.616809][ C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1190.670640][T17401] usb 4-1: USB disconnect, device number 50 [ 1190.677986][ T8488] dvb-usb: schedule remote query interval to 1000 msecs. [ 1190.685276][ T8488] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 1190.717356][T17401] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1190.781556][ T8488] dvb-usb: bulk message failed: -22 (7/0) [ 1190.789022][T17401] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1190.811042][ T8488] dvb-usb: bulk message failed: -22 (7/0) [ 1190.840677][T17401] quatech2 4-1:0.51: device disconnected [ 1190.847266][ T8488] usb 1-1: USB disconnect, device number 56 [ 1190.981303][ T8488] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 1191.419011][T10514] loop0: detected capacity change from 0 to 8192 [ 1191.438591][T10514] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1191.463555][T10524] team0: Device vlan2 is already an upper device of the team interface [ 1191.504771][T10514] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 1191.578211][T10514] REISERFS (device loop0): using ordered data mode [ 1191.585157][T10514] reiserfs: using flush barriers [ 1191.648009][T10514] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1191.717852][T10514] REISERFS (device loop0): checking transaction log (loop0) [ 1191.773201][T10514] REISERFS (device loop0): Using r5 hash to sort names [ 1191.823206][T10514] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 1192.595083][T10577] loop3: detected capacity change from 0 to 64 [ 1192.795576][ T4285] Bluetooth: hci4: command 0x0405 tx timeout [ 1193.455695][T10545] loop2: detected capacity change from 0 to 40427 [ 1193.485938][T10545] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff [ 1193.496528][T10545] F2FS-fs (loop2): inline encryption not supported [ 1193.516371][T10545] F2FS-fs (loop2): invalid crc value [ 1193.534618][T10545] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1193.547121][T29481] usb 2-1: new low-speed USB device number 55 using dummy_hcd [ 1193.620497][T10545] F2FS-fs (loop2): Start checkpoint disabled! [ 1193.635010][T10545] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 1193.677049][ T8488] usb 1-1: new high-speed USB device number 57 using dummy_hcd [ 1193.749245][T29481] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 1193.767046][T29481] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 1193.796637][T29481] usb 2-1: config 0 has no interface number 0 [ 1193.817427][T29481] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 1193.837217][T29481] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1193.868378][ T8488] usb 1-1: Using ep0 maxpacket: 8 [ 1193.881090][T29481] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 1193.889395][ T8488] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1193.901123][T29481] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1193.947890][ T8488] usb 1-1: New USB device found, idVendor=056a, idProduct=00b0, bcdDevice= 0.00 [ 1193.964941][T29481] usb 2-1: config 0 descriptor?? [ 1193.999149][ T8488] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1194.012547][T10632] loop5: detected capacity change from 0 to 64 [ 1194.051008][ T8488] usb 1-1: config 0 descriptor?? [ 1194.496671][ T8488] wacom 0003:056A:00B0.0006: unknown main item tag 0x3 [ 1194.539645][ T8488] wacom 0003:056A:00B0.0006: unknown main item tag 0x0 [ 1194.567116][ T8488] wacom 0003:056A:00B0.0006: unknown main item tag 0x0 [ 1194.595310][ T8488] wacom 0003:056A:00B0.0006: unknown main item tag 0x0 [ 1194.612922][T29481] usb 2-1: USB disconnect, device number 55 [ 1194.640140][ T8488] wacom 0003:056A:00B0.0006: unknown main item tag 0x0 [ 1194.685374][ T8488] wacom 0003:056A:00B0.0006: unknown main item tag 0x0 [ 1194.724332][ T8488] wacom 0003:056A:00B0.0006: unknown main item tag 0x0 [ 1194.753376][T10667] loop5: detected capacity change from 0 to 16 [ 1194.753636][ T8488] wacom 0003:056A:00B0.0006: unknown main item tag 0x0 [ 1194.798034][ T8488] wacom 0003:056A:00B0.0006: Unknown device_type for 'HID 056a:00b0'. Assuming pen. [ 1194.811925][T10667] erofs: (device loop5): mounted with root inode @ nid 36. [ 1194.844594][ T8488] wacom 0003:056A:00B0.0006: hidraw0: USB HID v0.00 Device [HID 056a:00b0] on usb-dummy_hcd.0-1/input0 [ 1194.875344][T10667] erofs: (device loop5): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet [ 1194.879453][ T8488] input: Wacom Intuos3 4x5 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:00B0.0006/input/input58 [ 1194.896468][T10667] fuse: Bad value for 'fd' [ 1195.020423][ T8488] usb 1-1: USB disconnect, device number 57 [ 1195.153889][T10688] loop5: detected capacity change from 0 to 512 [ 1195.162999][T10687] loop3: detected capacity change from 0 to 512 [ 1195.312135][T10707] loop1: detected capacity change from 0 to 256 [ 1195.341856][T10688] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2750: inode #11: comm syz.5.14655: corrupted xattr block 95 [ 1195.438302][T10688] EXT4-fs (loop5): Remounting filesystem read-only [ 1195.478434][T10688] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm syz.5.14655: bg 0: block 7: invalid block bitmap [ 1195.567214][T10688] EXT4-fs (loop5): Remounting filesystem read-only [ 1195.595526][T10693] fido_id[10693]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 1195.617061][T10688] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6180: Corrupt filesystem [ 1195.661202][T10688] EXT4-fs (loop5): Remounting filesystem read-only [ 1195.687237][T10688] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2916: inode #11: comm syz.5.14655: corrupted xattr block 95 [ 1195.733388][T10688] EXT4-fs (loop5): Remounting filesystem read-only [ 1195.741883][T10688] EXT4-fs warning (device loop5): ext4_evict_inode:301: xattr delete (err -117) [ 1195.752404][T10688] EXT4-fs (loop5): 1 orphan inode deleted [ 1195.759680][T10688] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1196.028409][T17992] EXT4-fs (loop5): unmounting filesystem. [ 1196.134626][T10736] mkiss: ax0: crc mode is auto. [ 1196.252331][T10755] loop5: detected capacity change from 0 to 128 [ 1196.483754][T10761] loop2: detected capacity change from 0 to 512 [ 1196.586749][T10761] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 1196.607168][T10761] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it [ 1196.626855][T10774] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (at-a2150c) [ 1196.717120][T10761] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.14668: Corrupt directory, running e2fsck is recommended [ 1196.760290][T10761] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 1196.807171][T10761] EXT4-fs error (device loop2): ext4_iget_extra_inode:4763: inode #15: comm syz.2.14668: corrupted in-inode xattr [ 1196.883347][T10761] EXT4-fs error (device loop2): ext4_orphan_get:1410: comm syz.2.14668: couldn't read orphan inode 15 (err -117) [ 1196.946603][T10761] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1197.042772][T10726] loop3: detected capacity change from 0 to 32768 [ 1197.104861][ T4277] EXT4-fs (loop2): unmounting filesystem. [ 1197.150894][ T5798] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1197.347359][ T8488] usb 1-1: new high-speed USB device number 58 using dummy_hcd [ 1197.537158][ T8488] usb 1-1: Using ep0 maxpacket: 16 [ 1197.546381][ T8488] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1197.592014][ T8488] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1197.633577][ T8488] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1197.677524][T10818] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14682'. [ 1197.697029][ T8488] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1197.727142][ T8488] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1197.766366][ T8488] usb 1-1: config 0 descriptor?? [ 1198.057012][T29481] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 1198.218136][ T8488] microsoft 0003:045E:07DA.0007: ignoring exceeding usage max [ 1198.259054][T29481] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1198.279706][ T8488] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0007/input/input61 [ 1198.297120][T29481] usb 6-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 1198.307287][T30380] usb 2-1: new full-speed USB device number 56 using dummy_hcd [ 1198.325633][T29481] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1198.362844][ T8488] microsoft 0003:045E:07DA.0007: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 1198.371069][T29481] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 1198.433522][ T8488] usb 1-1: USB disconnect, device number 58 [ 1198.498951][T30380] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1198.523778][T30380] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1198.545016][T30380] usb 2-1: config 0 descriptor?? [ 1198.573396][T30380] cp210x 2-1:0.0: cp210x converter detected [ 1198.773641][T10886] loop2: detected capacity change from 0 to 1024 [ 1198.850724][T10869] fido_id[10869]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 1198.970705][T14626] hfsplus: b-tree write err: -5, ino 25 [ 1198.985317][T14626] hfsplus: b-tree write err: -5, ino 4 [ 1199.002440][T30380] usb 2-1: cp210x converter now attached to ttyUSB0 [ 1199.023607][T14626] hfsplus: b-tree write err: -5, ino 2 [ 1199.060326][T14626] hfsplus: b-tree write err: -5, ino 17 [ 1199.151818][T10905] device ipvlan2 entered promiscuous mode [ 1199.165234][T10905] bridge0: port 3(ipvlan2) entered blocking state [ 1199.182406][T10905] bridge0: port 3(ipvlan2) entered disabled state [ 1199.223804][T30374] usb 2-1: USB disconnect, device number 56 [ 1199.241091][T30374] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1199.292973][T30374] cp210x 2-1:0.0: device disconnected [ 1199.435950][T29481] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -32 [ 1199.459554][T29481] stv0680 6-1:4.0: STV(e): camera ping failed!! [ 1199.485022][T29481] stv0680 6-1:4.0: last error: 0, command = 0x0 [ 1199.734036][T29481] usb 6-1: USB disconnect, device number 31 [ 1199.796338][T10945] loop3: detected capacity change from 0 to 64 [ 1199.896723][T10936] loop2: detected capacity change from 0 to 4096 [ 1200.080177][T10912] loop0: detected capacity change from 0 to 40427 [ 1200.128549][T10912] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 1200.166605][T10912] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 1200.220013][T10912] F2FS-fs (loop0): invalid crc value [ 1200.262011][T10912] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 1200.525761][T10912] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 1200.568098][T10912] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1200.933875][ T26] audit: type=1326 audit(1200.882:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10989 comm="syz.5.14712" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0d3839cdd9 code=0x0 [ 1201.011630][T10993] ptrace attach of "ci2-linux-6-1-kasan/syz-executor exec"[4277] was attempted by ""[10993] [ 1201.510739][T11009] loop2: detected capacity change from 0 to 8192 [ 1201.522899][T11011] loop1: detected capacity change from 0 to 4096 [ 1201.545884][T11011] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1201.577200][T11009] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1201.679362][T11009] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 1201.720281][T11011] ntfs: volume version 3.1. [ 1201.725052][T11009] REISERFS (device loop2): using ordered data mode [ 1201.757285][T11009] reiserfs: using flush barriers [ 1201.773983][T11009] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1201.937892][T11009] REISERFS (device loop2): checking transaction log (loop2) [ 1201.980442][T11009] REISERFS (device loop2): Using r5 hash to sort names [ 1202.027537][T11009] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 1202.027725][ T4382] ntfs: (device loop1): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 1202.127092][T30374] usb 4-1: new full-speed USB device number 51 using dummy_hcd [ 1202.329375][T30374] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1202.361474][T30374] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 7 [ 1202.409671][T30374] usb 4-1: New USB device found, idVendor=056a, idProduct=00f4, bcdDevice= 0.00 [ 1202.435064][T30374] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1202.470386][T30374] usb 4-1: config 0 descriptor?? [ 1202.712206][T11069] loop2: detected capacity change from 0 to 256 [ 1202.857026][T17401] usb 2-1: new full-speed USB device number 57 using dummy_hcd [ 1202.908728][T30374] wacom 0003:056A:00F4.0008: ignoring exceeding usage max [ 1202.948524][T30374] wacom 0003:056A:00F4.0008: unknown main item tag 0x0 [ 1202.956290][T30374] wacom 0003:056A:00F4.0008: unknown main item tag 0x0 [ 1203.015720][T11076] loop2: detected capacity change from 0 to 256 [ 1203.024224][T30374] wacom 0003:056A:00F4.0008: unknown main item tag 0x0 [ 1203.041154][T30374] wacom 0003:056A:00F4.0008: unknown main item tag 0x0 [ 1203.051677][T17401] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1203.062511][T30374] wacom 0003:056A:00F4.0008: unknown main item tag 0x0 [ 1203.072689][T17401] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1203.100427][T30374] wacom 0003:056A:00F4.0008: unknown main item tag 0x0 [ 1203.114077][T17401] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 1203.124492][T30374] wacom 0003:056A:00F4.0008: unknown main item tag 0x0 [ 1203.153745][T17401] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1203.162347][T30374] wacom 0003:056A:00F4.0008: unknown main item tag 0x0 [ 1203.176205][T11076] FAT-fs (loop2): Directory bread(block 64) failed [ 1203.191911][T11076] FAT-fs (loop2): Directory bread(block 65) failed [ 1203.196749][T17401] usb 2-1: config 0 descriptor?? [ 1203.207600][T30374] wacom 0003:056A:00F4.0008: hidraw0: USB HID v0.08 Device [HID 056a:00f4] on usb-dummy_hcd.3-1/input0 [ 1203.219632][T17401] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 1203.227805][T11076] FAT-fs (loop2): Directory bread(block 66) failed [ 1203.248835][T11076] FAT-fs (loop2): Directory bread(block 67) failed [ 1203.258591][T17401] dvb-usb: bulk message failed: -22 (3/0) [ 1203.260247][T11076] FAT-fs (loop2): Directory bread(block 68) failed [ 1203.279995][T17401] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 1203.284261][T30374] usb 4-1: USB disconnect, device number 51 [ 1203.341118][T11076] FAT-fs (loop2): Directory bread(block 69) failed [ 1203.375692][T11076] FAT-fs (loop2): Directory bread(block 70) failed [ 1203.380653][T17401] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 1203.413994][T11076] FAT-fs (loop2): Directory bread(block 71) failed [ 1203.418064][T17401] usb 2-1: media controller created [ 1203.457427][T11076] FAT-fs (loop2): Directory bread(block 72) failed [ 1203.470576][T17401] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1203.484801][T11076] FAT-fs (loop2): Directory bread(block 73) failed [ 1203.546424][T17401] dvb-usb: bulk message failed: -22 (6/0) [ 1203.587241][T17401] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 1203.624596][T17401] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input65 [ 1203.626228][T11097] fido_id[11097]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 1203.695457][T17401] dvb-usb: schedule remote query interval to 150 msecs. [ 1203.716076][T11120] loop0: detected capacity change from 0 to 1024 [ 1203.737019][T17401] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 1203.761778][T17401] usb 2-1: USB disconnect, device number 57 [ 1203.888305][T17401] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 1204.021994][T14630] hfsplus: b-tree write err: -5, ino 25 [ 1204.037785][T14630] hfsplus: b-tree write err: -5, ino 4 [ 1204.053976][T14630] hfsplus: b-tree write err: -5, ino 2 [ 1204.126015][T14630] hfsplus: b-tree write err: -5, ino 17 [ 1204.224000][T11146] sg_write: process 5947 (syz.2.14742) changed security contexts after opening file descriptor, this is not allowed. [ 1204.633155][T11175] loop3: detected capacity change from 0 to 512 [ 1205.166202][T11205] loop3: detected capacity change from 0 to 16 [ 1205.236281][T11205] erofs: (device loop3): mounted with root inode @ nid 36. [ 1205.396836][T11205] syz.3.14759: attempt to access beyond end of device [ 1205.396836][T11205] loop3: rw=524288, sector=16, nr_sectors = 32 limit=16 [ 1205.455935][T11205] syz.3.14759: attempt to access beyond end of device [ 1205.455935][T11205] loop3: rw=524288, sector=8, nr_sectors = 32 limit=16 [ 1205.808526][T11238] device ipvlan2 entered promiscuous mode [ 1205.830002][T11238] bridge0: port 1(ipvlan2) entered blocking state [ 1205.855740][T11238] bridge0: port 1(ipvlan2) entered disabled state [ 1206.067058][ T8488] usb 2-1: new high-speed USB device number 58 using dummy_hcd [ 1206.108730][T11259] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14774'. [ 1206.257549][ T8488] usb 2-1: Using ep0 maxpacket: 8 [ 1206.272435][ T8488] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1206.290415][ T8491] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x4 [ 1206.308360][ T8488] usb 2-1: config 4 interface 0 has no altsetting 0 [ 1206.323147][ T8491] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x2 [ 1206.338149][ T8488] usb 2-1: string descriptor 0 read error: -22 [ 1206.350759][ T8488] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 1206.363693][ T8491] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x3 [ 1206.399357][ T8488] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3 [ 1206.467114][ T8488] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 1206.495983][ T8491] hid-generic 0000:3000000:0000.0009: hidraw0: HID v0.00 Device [sy] on syz0 [ 1206.521263][ T8488] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1206.582499][ T8488] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 1206.624102][ T8488] usb 2-1: media controller created [ 1206.745099][ T8488] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1206.822417][T11279] fido_id[11279]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1206.877166][ T8488] zl10353_read_register: readreg error (reg=127, ret==0) [ 1207.041674][ T8488] usb 2-1: USB disconnect, device number 58 [ 1207.087178][T11314] loop0: detected capacity change from 0 to 24 [ 1207.368579][T30373] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 1207.557248][T30373] usb 3-1: Using ep0 maxpacket: 32 [ 1207.564874][T30373] usb 3-1: config 0 has an invalid interface number: 196 but max is 0 [ 1207.616167][T30373] usb 3-1: config 0 has no interface number 0 [ 1207.646129][T30373] usb 3-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 1207.676428][T30373] usb 3-1: config 0 interface 196 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1207.736951][T30373] usb 3-1: config 0 interface 196 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 1207.770537][T30373] usb 3-1: config 0 interface 196 has no altsetting 0 [ 1207.786700][T11344] loop5: detected capacity change from 0 to 4096 [ 1207.815734][T30373] usb 3-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a [ 1207.837936][T11344] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1207.878366][T30373] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1207.896694][T30373] usb 3-1: Product: syz [ 1207.902540][T30373] usb 3-1: Manufacturer: syz [ 1207.914039][T11358] IPVS: Error connecting to the multicast addr [ 1207.928778][T11344] ntfs: (device loop5): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 1207.947154][T30373] usb 3-1: SerialNumber: syz [ 1207.963468][T30373] usb 3-1: config 0 descriptor?? [ 1207.984219][T11313] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1208.019777][T11344] ntfs: (device loop5): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 1208.055905][T11344] ntfs: (device loop5): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 1208.228641][T11344] ntfs: (device loop5): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 1208.287008][T11344] ntfs: (device loop5): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 1208.366374][T11377] loop1: detected capacity change from 0 to 64 [ 1208.372394][T11344] ntfs: (device loop5): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 1208.428617][T11344] ntfs: (device loop5): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 1208.489060][T30373] ipheth 3-1:0.196: Apple iPhone USB Ethernet device attached [ 1208.514552][T11344] ntfs: (device loop5): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 1208.546057][T11344] ntfs: (device loop5): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 1208.611778][T11344] ntfs: volume version 3.1. [ 1208.624999][T30373] usb 3-1: USB disconnect, device number 48 [ 1208.798202][T30373] ipheth 3-1:0.196: Apple iPhone USB Ethernet now disconnected [ 1208.821441][T11406] tipc: Invalid UDP bearer configuration [ 1208.821498][T11406] tipc: Enabling of bearer rejected, failed to enable media [ 1208.863220][T11407] netlink: 56 bytes leftover after parsing attributes in process `syz.1.14804'. [ 1209.446463][T11437] loop2: detected capacity change from 0 to 1024 [ 1209.480684][T11426] loop3: detected capacity change from 0 to 4096 [ 1209.510177][T11426] /dev/loop3: Can't open blockdev [ 1209.566119][ T4371] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1209.690487][T11437] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1209.861920][T11455] loop0: detected capacity change from 0 to 256 [ 1209.906679][ T4277] EXT4-fs (loop2): unmounting filesystem. [ 1209.963495][T11455] exFAT-fs (loop0): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 1210.072388][T11455] exFAT-fs (loop0): error, found bogus dentry(11) beyond unused empty group(10) (start_clu : 5, cur_clu : 5) [ 1210.144685][T11455] exFAT-fs (loop0): Filesystem has been set read-only [ 1210.415293][T11482] loop0: detected capacity change from 0 to 1024 [ 1210.427307][T11486] netlink: 'syz.3.14821': attribute type 1 has an invalid length. [ 1210.448115][T11471] loop2: detected capacity change from 0 to 4096 [ 1210.458145][T11482] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1210.519069][T11471] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 1210.533785][T11482] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1210.712898][T11471] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 1210.748462][T11482] EXT4-fs (loop0): Online resizing not supported with bigalloc [ 1210.950498][ T4278] EXT4-fs (loop0): unmounting filesystem. [ 1210.967195][T30373] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 1211.159434][T30373] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1211.197764][T30373] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1211.248083][T30373] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 1211.292306][T30373] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1211.335620][T30373] usb 4-1: config 0 descriptor?? [ 1211.353240][T11523] loop0: detected capacity change from 0 to 8192 [ 1211.392555][T11523] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1211.461673][T11523] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 1211.499586][T11523] REISERFS (device loop0): using ordered data mode [ 1211.532480][T11523] reiserfs: using flush barriers [ 1211.557748][T11523] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1211.570084][T11537] loop2: detected capacity change from 0 to 1024 [ 1211.620045][T11523] REISERFS (device loop0): checking transaction log (loop0) [ 1211.676849][T11523] REISERFS (device loop0): Using tea hash to sort names [ 1211.698699][T11537] hfsplus: bad catalog entry type [ 1211.703066][T11523] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 1211.800108][T30373] cm6533_jd 0003:0D8C:0022.000A: unbalanced delimiter at end of report description [ 1211.839246][T30373] cm6533_jd 0003:0D8C:0022.000A: parse failed [ 1211.866067][T30373] cm6533_jd: probe of 0003:0D8C:0022.000A failed with error -22 [ 1212.012976][T30373] usb 4-1: USB disconnect, device number 52 [ 1212.038421][T11550] netlink: 104 bytes leftover after parsing attributes in process `syz.5.14833'. [ 1212.604819][T11588] loop5: detected capacity change from 0 to 64 [ 1212.876452][T11602] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14842'. [ 1212.947734][T11602] netlink: 192 bytes leftover after parsing attributes in process `syz.1.14842'. [ 1213.115788][T11615] loop3: detected capacity change from 0 to 256 [ 1213.171534][T11615] exfat: Deprecated parameter 'namecase' [ 1213.247885][T11615] exfat: Deprecated parameter 'utf8' [ 1213.327233][T11615] /dev/loop3: Can't open blockdev [ 1213.347482][ T8491] usb 1-1: new high-speed USB device number 59 using dummy_hcd [ 1213.406383][T11621] loop2: detected capacity change from 0 to 512 [ 1213.503344][T11621] __quota_error: 9 callbacks suppressed [ 1213.503366][T11621] Quota error (device loop2): do_check_range: Getting dqdh_next_free 256 out of range 0-7 [ 1213.567217][ T8491] usb 1-1: Using ep0 maxpacket: 16 [ 1213.576826][ T8491] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1213.598541][ T8491] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1213.633775][ T8491] usb 1-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00 [ 1213.647808][T11621] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 1213.671301][T11621] EXT4-fs error (device loop2): ext4_acquire_dquot:6841: comm syz.2.14846: Failed to acquire dquot type 1 [ 1213.694587][ T8491] usb 1-1: New USB device strings: Mfr=34, Product=0, SerialNumber=0 [ 1213.725044][T11621] EXT4-fs error (device loop2): ext4_do_update_inode:5279: inode #16: comm syz.2.14846: corrupted inode contents [ 1213.740083][ T8491] usb 1-1: Manufacturer: syz [ 1213.758609][ T8491] usb 1-1: config 0 descriptor?? [ 1213.781041][T11621] EXT4-fs error (device loop2): ext4_dirty_inode:6156: inode #16: comm syz.2.14846: mark_inode_dirty error [ 1213.849996][T11621] EXT4-fs error (device loop2): ext4_do_update_inode:5279: inode #16: comm syz.2.14846: corrupted inode contents [ 1213.922971][T11621] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.14846: mark_inode_dirty error [ 1213.959654][T11621] EXT4-fs error (device loop2): ext4_do_update_inode:5279: inode #16: comm syz.2.14846: corrupted inode contents [ 1214.017428][T11621] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem [ 1214.092399][T11621] EXT4-fs error (device loop2): ext4_do_update_inode:5279: inode #16: comm syz.2.14846: corrupted inode contents [ 1214.145874][T11621] EXT4-fs error (device loop2): ext4_truncate:4325: inode #16: comm syz.2.14846: mark_inode_dirty error [ 1214.176239][T11621] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem [ 1214.200845][ T8491] hid (null): unknown global tag 0xd [ 1214.208424][T11621] EXT4-fs (loop2): 1 truncate cleaned up [ 1214.214803][T11621] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1214.220511][ T8491] creative-sb0540 0003:041E:3100.000B: unknown global tag 0xd [ 1214.257071][ T8491] creative-sb0540 0003:041E:3100.000B: item 0 1 1 13 parsing failed [ 1214.269958][T11640] loop3: detected capacity change from 0 to 16384 [ 1214.278214][ T8491] creative-sb0540 0003:041E:3100.000B: parse failed [ 1214.294779][ T8491] creative-sb0540: probe of 0003:041E:3100.000B failed with error -22 [ 1214.413787][ T8491] usb 1-1: USB disconnect, device number 59 [ 1214.519120][ T4277] EXT4-fs (loop2): unmounting filesystem. [ 1214.556094][T11667] netlink: 12 bytes leftover after parsing attributes in process `syz.3.14854'. [ 1215.385927][T11702] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (at-a2150c) [ 1215.928331][T11723] netlink: 24 bytes leftover after parsing attributes in process `syz.5.14867'. [ 1216.035226][T11685] loop3: detected capacity change from 0 to 32768 [ 1216.036227][T11685] /dev/loop3: Can't open blockdev [ 1216.088736][ T4371] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1216.489277][T11748] loop2: detected capacity change from 0 to 256 [ 1216.608630][T11748] FAT-fs (loop2): Directory bread(block 64) failed [ 1216.634453][T11748] FAT-fs (loop2): Directory bread(block 65) failed [ 1216.644558][T11748] FAT-fs (loop2): Directory bread(block 66) failed [ 1216.666943][T11748] FAT-fs (loop2): Directory bread(block 67) failed [ 1216.674442][T11748] FAT-fs (loop2): Directory bread(block 68) failed [ 1216.697437][ T8491] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 1216.703356][T11748] FAT-fs (loop2): Directory bread(block 69) failed [ 1216.714582][T11748] FAT-fs (loop2): Directory bread(block 70) failed [ 1216.723004][T11748] FAT-fs (loop2): Directory bread(block 71) failed [ 1216.732940][T11748] FAT-fs (loop2): Directory bread(block 72) failed [ 1216.743306][T11748] FAT-fs (loop2): Directory bread(block 73) failed [ 1216.887158][ T8491] usb 2-1: Using ep0 maxpacket: 32 [ 1216.895819][ T8491] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1216.947091][ T8491] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1217.007103][ T8491] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1217.035754][ T8491] usb 2-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1217.053268][ T8491] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1217.095433][ T8491] usb 2-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 1217.134117][ T8491] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1217.167167][ T8491] usb 2-1: config 0 descriptor?? [ 1217.417246][ T8488] usb 3-1: new full-speed USB device number 49 using dummy_hcd [ 1217.600284][ T8491] corsair-cpro 0003:1B1C:0C10.000C: hidraw0: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.1-1/input0 [ 1217.629964][ T8488] usb 3-1: too many endpoints for config 0 interface 0 altsetting 2: 254, using maximum allowed: 30 [ 1217.669068][ T8488] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1217.699891][ T8488] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1217.724191][ T8491] corsair-cpro: probe of 0003:1B1C:0C10.000C failed with error -38 [ 1217.733894][ T8488] usb 3-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 1217.800064][T11814] netlink: 'syz.3.14890': attribute type 1 has an invalid length. [ 1217.814929][ T8488] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1217.831669][T30373] usb 6-1: new low-speed USB device number 32 using dummy_hcd [ 1217.842064][T29481] usb 2-1: USB disconnect, device number 59 [ 1217.849440][ T8488] usb 3-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00 [ 1217.849474][ T8488] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1217.867986][T11814] netlink: 120 bytes leftover after parsing attributes in process `syz.3.14890'. [ 1217.882689][ T8488] usb 3-1: config 0 descriptor?? [ 1218.064512][T30373] usb 6-1: config 0 interface 0 altsetting 41 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1218.093405][T11815] fido_id[11815]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1218.117008][T30373] usb 6-1: config 0 interface 0 altsetting 41 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1218.142712][T30373] usb 6-1: config 0 interface 0 altsetting 41 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1218.206200][T30373] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1218.215917][T30373] usb 6-1: New USB device found, idVendor=056a, idProduct=00b4, bcdDevice= 0.00 [ 1218.227619][T30373] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1218.265461][T30373] usb 6-1: config 0 descriptor?? [ 1218.358557][ T8488] ryos 0003:1E7D:3138.000D: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.2-1/input0 [ 1218.475035][T11844] netlink: 'syz.0.14895': attribute type 2 has an invalid length. [ 1218.556814][T30380] usb 3-1: USB disconnect, device number 49 [ 1218.732394][T30373] wacom 0003:056A:00B4.000E: Unknown device_type for 'HID 056a:00b4'. Assuming pen. [ 1218.759378][T30373] wacom 0003:056A:00B4.000E: hidraw0: USB HID v0.09 Device [HID 056a:00b4] on usb-dummy_hcd.5-1/input0 [ 1218.785971][T11875] usb usb8: usbfs: process 11875 (syz.1.14899) did not claim interface 5 before use [ 1218.809627][T30373] input: Wacom Intuos3 12x19 Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:00B4.000E/input/input67 [ 1218.874327][T11855] fido_id[11855]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 1219.006743][T30380] usb 6-1: USB disconnect, device number 32 [ 1219.296401][T11906] netlink: 'syz.2.14902': attribute type 4 has an invalid length. [ 1219.316259][T11889] fido_id[11889]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 1219.514940][T11912] loop1: detected capacity change from 0 to 512 [ 1219.603462][T11912] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1219.760432][T11912] EXT4-fs (loop1): 1 truncate cleaned up [ 1219.766355][T11912] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1219.785127][T11917] loop2: detected capacity change from 0 to 8192 [ 1219.864663][T11917] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1219.881077][T11917] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 1219.922093][T11852] loop3: detected capacity change from 0 to 40427 [ 1219.937185][T11917] REISERFS (device loop2): using ordered data mode [ 1219.947736][T11917] reiserfs: using flush barriers [ 1219.957554][T11917] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1220.013040][T11917] REISERFS (device loop2): checking transaction log (loop2) [ 1220.026176][T11917] REISERFS (device loop2): Using tea hash to sort names [ 1220.035313][T11917] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 1220.051465][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1220.782962][T11960] loop2: detected capacity change from 0 to 4096 [ 1220.937122][T11978] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1221.061948][T11984] support for cryptoloop has been removed. Use dm-crypt instead. [ 1221.308770][T11977] loop3: detected capacity change from 0 to 8192 [ 1222.054171][ T26] audit: type=1326 audit(1222.002:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12015 comm="syz.3.14927" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc5e4f9cdd9 code=0x0 [ 1222.456239][T12037] x_tables: ip_tables: socket.0 match: invalid size 0 (kernel) != (user) 8 [ 1222.667725][T11972] loop5: detected capacity change from 0 to 40427 [ 1222.698304][T11972] F2FS-fs (loop5): Corrupted extension count (64 + 1 > 64) [ 1222.734048][T11972] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1222.754143][T11972] F2FS-fs (loop5): invalid crc value [ 1222.791187][T11972] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 1223.032232][T11972] F2FS-fs (loop5): Start checkpoint disabled! [ 1223.047197][ T8491] usb 1-1: new high-speed USB device number 60 using dummy_hcd [ 1223.070053][T11972] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1223.097101][T11972] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 1223.257165][ T8491] usb 1-1: Using ep0 maxpacket: 32 [ 1223.279244][ T8491] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1223.398566][ T8491] usb 1-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1223.490522][ T8491] usb 1-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1223.554001][ T8491] usb 1-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1223.643225][ T8491] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1223.714777][ T8491] usb 1-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 1223.763337][ T8491] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1223.846339][ T8491] usb 1-1: config 0 descriptor?? [ 1224.337332][ T8491] corsair-cpro 0003:1B1C:0C10.000F: hidraw0: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.0-1/input0 [ 1224.454104][T12123] loop5: detected capacity change from 0 to 128 [ 1224.485454][T12123] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1224.510735][ T8491] corsair-cpro: probe of 0003:1B1C:0C10.000F failed with error -38 [ 1224.572569][T12123] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1224.589921][ T8491] usb 1-1: USB disconnect, device number 60 [ 1224.976969][T30380] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 1225.010641][T12139] fido_id[12139]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 1225.188799][T30380] usb 6-1: Using ep0 maxpacket: 8 [ 1225.198989][T30380] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1225.252735][T30380] usb 6-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e [ 1225.296439][T30380] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1225.369795][T30380] usb 6-1: config 0 descriptor?? [ 1225.413038][T30380] usb 6-1: bad CDC descriptors [ 1225.440182][T30380] usb 6-1: bad CDC descriptors [ 1225.482096][T30380] cdc_acm 6-1:0.0: Control and data interfaces are not separated! [ 1225.539151][T12105] loop1: detected capacity change from 0 to 32768 [ 1225.550911][T30380] cdc_acm 6-1:0.0: This needs exactly 3 endpoints [ 1225.586927][T30380] cdc_acm: probe of 6-1:0.0 failed with error -22 [ 1225.623377][T12105] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.14947 (12105) [ 1225.648221][T30380] usb 6-1: USB disconnect, device number 33 [ 1225.683867][ C1] vkms_vblank_simulate: vblank timer overrun [ 1225.698854][T12165] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14957'. [ 1225.758675][T12105] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 1225.767256][T12165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14957'. [ 1225.770984][T12105] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 1225.816202][T12165] netlink: 'syz.0.14957': attribute type 12 has an invalid length. [ 1225.823716][T12105] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 1225.868747][T12105] BTRFS info (device loop1): use zstd compression, level 3 [ 1225.879051][T12105] BTRFS info (device loop1): using free space tree [ 1226.197203][T12105] BTRFS info (device loop1): enabling ssd optimizations [ 1226.636667][ T4271] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 1226.678629][T12218] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.14963'. [ 1226.801215][ C1] vkms_vblank_simulate: vblank timer overrun [ 1226.870470][ C1] vkms_vblank_simulate: vblank timer overrun [ 1227.083843][ C1] vkms_vblank_simulate: vblank timer overrun [ 1227.103405][T12230] loop3: detected capacity change from 0 to 2048 [ 1227.135147][T12198] loop0: detected capacity change from 0 to 32768 [ 1227.197246][ T8488] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 1227.216929][ C1] vkms_vblank_simulate: vblank timer overrun [ 1227.418804][ T8488] usb 3-1: too many configurations: 9, using maximum allowed: 8 [ 1227.469559][ T8488] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1227.502193][ T8488] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1227.586504][ C1] vkms_vblank_simulate: vblank timer overrun [ 1227.616164][ T8488] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1227.668627][ T8488] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1227.703578][ T8488] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1227.737134][ T8488] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1227.766766][ T8488] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1227.786232][ C1] vkms_vblank_simulate: vblank timer overrun [ 1227.786519][ T8488] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1227.822439][T12247] loop3: detected capacity change from 0 to 256 [ 1227.843625][T12247] exfat: Deprecated parameter 'utf8' [ 1227.850052][ T8488] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1227.874273][T12247] /dev/loop3: Can't open blockdev [ 1227.893482][ T8488] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1227.905131][ T8488] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1227.916349][ C1] vkms_vblank_simulate: vblank timer overrun [ 1227.918185][ T8488] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1227.945362][ T8488] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1228.034841][ T8488] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1228.107779][ T8488] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1228.129487][ T8488] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1228.157124][ T8488] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1228.199573][ T8488] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1228.229223][ T8488] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1228.267166][ T8488] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1228.298143][ T8488] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1228.338080][ T8488] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1228.408233][ T8488] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1228.460965][ T8488] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1228.500669][ T8488] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 1228.537217][ T8488] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 1228.567449][T12274] loop0: detected capacity change from 0 to 2048 [ 1228.577237][ T8488] usb 3-1: Product: syz [ 1228.583122][ T8488] usb 3-1: Manufacturer: syz [ 1228.591248][T12274] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1228.604695][ T8488] usb 3-1: SerialNumber: syz [ 1228.630991][ T8488] usb 3-1: config 0 descriptor?? [ 1228.667076][T12280] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1228.707075][ T8488] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0 [ 1229.113175][T30371] usb 3-1: USB disconnect, device number 50 [ 1229.141391][T30371] yurex 3-1:0.0: USB YUREX #0 now disconnected [ 1229.514545][T12259] loop3: detected capacity change from 0 to 40427 [ 1229.575075][T12275] loop5: detected capacity change from 0 to 32768 [ 1229.577067][ T4371] I/O error, dev loop3, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1229.752654][T12317] loop1: detected capacity change from 0 to 512 [ 1229.830435][T12317] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1229.912578][T12323] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (at-a2150c) [ 1229.997974][T12317] EXT4-fs (loop1): 1 truncate cleaned up [ 1230.004693][T12317] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1230.182497][T12292] loop0: detected capacity change from 0 to 32768 [ 1230.199936][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1230.267452][T12292] ea_get: extended attribute size too large: 2617245744 > INT_MAX [ 1230.481563][T12292] read_mapping_page failed! [ 1230.940028][T12356] loop1: detected capacity change from 0 to 64 [ 1231.245980][T12369] binder: BINDER_SET_CONTEXT_MGR already set [ 1231.280625][T12369] binder: 12367:12369 ioctl 40046207 0 returned -16 [ 1231.339114][T12371] loop5: detected capacity change from 0 to 512 [ 1231.353987][T12371] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 1231.440024][T12371] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1126: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 1231.464513][T12371] Quota error (device loop5): write_blk: dquota write failed [ 1231.473286][T12371] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota [ 1231.483959][T12371] EXT4-fs error (device loop5): ext4_acquire_dquot:6841: comm syz.5.14996: Failed to acquire dquot type 0 [ 1231.505537][T12371] EXT4-fs (loop5): 1 truncate cleaned up [ 1231.511906][T12371] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1231.759948][T17992] EXT4-fs (loop5): unmounting filesystem. [ 1231.897224][T30377] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 1232.094851][T12412] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1232.107334][T30377] usb 4-1: Using ep0 maxpacket: 32 [ 1232.135114][T30377] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 1232.219916][T30377] usb 4-1: config 0 has no interface number 0 [ 1232.262430][T30377] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1232.289038][T30377] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1232.330251][T30377] usb 4-1: Product: syz [ 1232.335828][T30377] usb 4-1: Manufacturer: syz [ 1232.365417][T30377] usb 4-1: SerialNumber: syz [ 1232.421393][T17992] EXT4-fs (loop5): unmounting filesystem. [ 1232.440728][T30377] usb 4-1: config 0 descriptor?? [ 1232.472087][T30377] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1232.680326][T30377] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1232.701088][T30377] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1232.730879][ T8491] usb 2-1: new high-speed USB device number 60 using dummy_hcd [ 1232.923263][ C1] quatech-serial ttyUSB0: qt2_process_read_urb - change_port message too short [ 1232.942971][T12403] set_capacity_and_notify: 2 callbacks suppressed [ 1232.942993][T12403] loop2: detected capacity change from 0 to 32768 [ 1232.960452][ T8491] usb 2-1: Using ep0 maxpacket: 16 [ 1232.972069][ T8491] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1233.020325][ T8491] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1233.060494][ T8491] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1233.085622][T12403] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 1233.138611][ C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1233.145595][ T8491] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1233.227149][ T8491] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1233.252944][ T8488] usb 4-1: USB disconnect, device number 53 [ 1233.273551][ T8491] usb 2-1: config 0 descriptor?? [ 1233.285549][ T4277] ocfs2: Unmounting device (7,2) on (node local) [ 1233.320000][ T8488] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1233.407933][ T8488] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1233.495183][ T8488] quatech2 4-1:0.51: device disconnected [ 1233.722184][ T8491] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 1233.757732][ T8491] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 1233.807769][ T8491] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 1233.836223][ T8491] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0010/input/input70 [ 1233.865300][T12511] loop5: detected capacity change from 0 to 64 [ 1233.893171][T12512] tipc: Started in network mode [ 1233.919953][T12512] tipc: Node identity 4615d3249b2f, cluster identity 4711 [ 1233.937617][ T8491] microsoft 0003:045E:07DA.0010: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 1233.982369][T12512] tipc: Enabled bearer , priority 10 [ 1234.000668][ T8491] usb 2-1: USB disconnect, device number 60 [ 1234.326521][T12543] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15023'. [ 1234.405269][T12525] fido_id[12525]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1234.627400][T12552] sp0: Synchronizing with TNC [ 1234.679642][T12562] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (at-a2150c) [ 1234.838313][T12568] netlink: 16 bytes leftover after parsing attributes in process `syz.1.15030'. [ 1234.921013][T12574] netlink: 104 bytes leftover after parsing attributes in process `syz.0.15031'. [ 1235.093473][ T8488] tipc: Node number set to 3711619876 [ 1235.209536][T12585] loop3: detected capacity change from 0 to 512 [ 1235.242338][T12585] EXT4-fs: Ignoring removed oldalloc option [ 1235.255695][T12585] /dev/loop3: Can't open blockdev [ 1235.270780][T12592] hugetlbfs: Bad value 'ó' for mount option 'size' [ 1235.270780][T12592] [ 1235.312772][T12588] loop5: detected capacity change from 0 to 2048 [ 1235.334578][T12588] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=3932051, location=3932051 [ 1235.487454][T12588] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1235.532403][T12606] loop2: detected capacity change from 0 to 64 [ 1235.706138][T12606] [ 1235.708743][T12606] ====================================================== [ 1235.716942][T12606] WARNING: possible circular locking dependency detected [ 1235.725309][T12606] syzkaller #0 Not tainted [ 1235.730815][T12606] ------------------------------------------------------ [ 1235.739038][T12606] syz.2.15040/12606 is trying to acquire lock: [ 1235.746279][T12606] ffff888053743b78 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xfb/0x13f0 [ 1235.758017][T12606] [ 1235.758017][T12606] but task is already holding lock: [ 1235.765941][T12606] ffff88807e3420b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0 [ 1235.776956][T12606] [ 1235.776956][T12606] which lock already depends on the new lock. [ 1235.776956][T12606] [ 1235.788379][T12606] [ 1235.788379][T12606] the existing dependency chain (in reverse order) is: [ 1235.798489][T12606] [ 1235.798489][T12606] -> #1 (&tree->tree_lock#2/1){+.+.}-{3:3}: [ 1235.808392][T12606] __mutex_lock+0x12d/0xaf0 [ 1235.814034][T12606] hfs_find_init+0x15b/0x1d0 [ 1235.814683][T12620] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15044'. [ 1235.820023][T12606] hfs_extend_file+0x35d/0x13f0 [ 1235.820063][T12606] hfs_bmap_reserve+0x103/0x420 [ 1235.820087][T12606] hfs_cat_create+0x204/0x8e0 [ 1235.820111][T12606] hfs_create+0x62/0xd0 [ 1235.820133][T12606] path_openat+0x1181/0x2ee0 [ 1235.820150][T12606] do_filp_open+0x1f1/0x430 [ 1235.820166][T12606] do_sys_openat2+0x150/0x4b0 [ 1235.820189][T12606] __x64_sys_openat+0x135/0x160 [ 1235.878485][T12606] do_syscall_64+0x4c/0xa0 [ 1235.883835][T12606] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1235.890514][T12606] [ 1235.890514][T12606] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}: [ 1235.900848][T12606] __lock_acquire+0x2d07/0x7d10 [ 1235.906889][T12606] lock_acquire+0x1bb/0x4a0 [ 1235.913081][T12606] __mutex_lock+0x12d/0xaf0 [ 1235.918783][T12606] hfs_extend_file+0xfb/0x13f0 [ 1235.924333][T12606] hfs_bmap_reserve+0x103/0x420 [ 1235.930431][T12606] __hfs_ext_write_extent+0x1fa/0x470 [ 1235.936660][T12606] __hfs_ext_cache_extent+0x6b/0x9b0 [ 1235.942796][T12606] hfs_extend_file+0x39c/0x13f0 [ 1235.948592][T12606] hfs_get_block+0x40f/0xc50 [ 1235.954107][T12606] __block_write_begin_int+0x55d/0x1a80 [ 1235.960685][T12606] block_write_begin+0x96/0x1e0 [ 1235.967376][T12606] cont_write_begin+0x5ea/0x800 [ 1235.972897][T12606] hfs_write_begin+0x87/0xd0 [ 1235.978171][T12606] generic_perform_write+0x2fa/0x5c0 [ 1235.984307][T12606] __generic_file_write_iter+0x148/0x2a0 [ 1235.990799][T12606] generic_file_write_iter+0xab/0x2e0 [ 1235.997707][T12606] vfs_write+0x4b1/0xa30 [ 1236.003775][T12606] ksys_write+0x14c/0x250 [ 1236.010498][T12606] do_syscall_64+0x4c/0xa0 [ 1236.015944][T12606] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1236.022961][T12606] [ 1236.022961][T12606] other info that might help us debug this: [ 1236.022961][T12606] [ 1236.034231][T12606] Possible unsafe locking scenario: [ 1236.034231][T12606] [ 1236.043669][T12606] CPU0 CPU1 [ 1236.049639][T12606] ---- ---- [ 1236.055492][T12606] lock(&tree->tree_lock#2/1); [ 1236.061020][T12606] lock(&HFS_I(tree->inode)->extents_lock); [ 1236.071143][T12606] lock(&tree->tree_lock#2/1); [ 1236.079909][T12606] lock(&HFS_I(tree->inode)->extents_lock); [ 1236.087009][T12606] [ 1236.087009][T12606] *** DEADLOCK *** [ 1236.087009][T12606] [ 1236.098561][T12606] 5 locks held by syz.2.15040/12606: [ 1236.104857][T12606] #0: ffff888073e7d268 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2ae/0x360 [ 1236.115489][T12606] #1: ffff88805429c460 (sb_writers#16){.+.+}-{0:0}, at: vfs_write+0x26b/0xa30 [ 1236.125323][T12606] #2: ffff888053743028 (&sb->s_type->i_mutex_key#34){+.+.}-{3:3}, at: generic_file_write_iter+0x7f/0x2e0 [ 1236.137630][T12606] #3: ffff888053742e78 (&HFS_I(inode)->extents_lock#2){+.+.}-{3:3}, at: hfs_extend_file+0xfb/0x13f0 [ 1236.150350][T12606] #4: ffff88807e3420b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x15b/0x1d0 [ 1236.160980][T12606] [ 1236.160980][T12606] stack backtrace: [ 1236.167169][T12606] CPU: 1 PID: 12606 Comm: syz.2.15040 Not tainted syzkaller #0 [ 1236.176602][T12606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1236.188269][T12606] Call Trace: [ 1236.189459][T12643] loop0: detected capacity change from 0 to 1024 [ 1236.192109][T12606] [ 1236.192122][T12606] dump_stack_lvl+0x188/0x24e [ 1236.192157][T12606] ? load_image+0x400/0x400 [ 1236.212606][T12606] ? show_regs_print_info+0x12/0x12 [ 1236.218219][T12606] ? print_circular_bug+0x12b/0x1a0 [ 1236.223753][T12606] check_noncircular+0x296/0x330 [ 1236.229250][T12606] ? arch_stack_walk+0xf2/0x140 [ 1236.234434][T12606] ? look_up_lock_class+0x75/0x140 [ 1236.240226][T12606] ? add_chain_block+0x940/0x940 [ 1236.245230][T12606] ? lockdep_lock+0xf1/0x1f0 [ 1236.250777][T12606] ? _find_first_zero_bit+0xcf/0x100 [ 1236.256603][T12606] __lock_acquire+0x2d07/0x7d10 [ 1236.262139][T12606] ? __kernel_text_address+0x9/0x30 [ 1236.267739][T12606] ? unwind_get_return_address+0x49/0x80 [ 1236.274507][T12606] ? stack_trace_save+0xf0/0xf0 [ 1236.279655][T12606] ? verify_lock_unused+0x140/0x140 [ 1236.285084][T12606] ? stack_trace_save+0xa6/0xf0 [ 1236.290167][T12606] ? stack_trace_snprint+0xf0/0xf0 [ 1236.295847][T12606] ? check_noncircular+0x189/0x330 [ 1236.301290][T12606] lock_acquire+0x1bb/0x4a0 [ 1236.306086][T12606] ? hfs_extend_file+0xfb/0x13f0 [ 1236.311702][T12606] ? add_lock_to_list+0x191/0x280 [ 1236.317798][T12606] ? __might_sleep+0xd0/0xd0 [ 1236.323040][T12606] ? read_lock_is_recursive+0x10/0x10 [ 1236.329186][T12606] ? __lock_acquire+0x28c4/0x7d10 [ 1236.335323][T12606] __mutex_lock+0x12d/0xaf0 [ 1236.340725][T12606] ? hfs_extend_file+0xfb/0x13f0 [ 1236.346212][T12606] ? hfs_extend_file+0xfb/0x13f0 [ 1236.351613][T12606] ? mutex_lock_nested+0x10/0x10 [ 1236.357032][T12606] hfs_extend_file+0xfb/0x13f0 [ 1236.362909][T12606] ? hfs_get_block+0xc50/0xc50 [ 1236.368151][T12606] ? __mutex_trylock_common+0x155/0x260 [ 1236.373911][T12606] ? trace_raw_output_contention_end+0xd0/0xd0 [ 1236.380920][T12606] ? memset+0x1e/0x40 [ 1236.385224][T12606] ? hfs_brec_find+0x197/0x500 [ 1236.391112][T12606] hfs_bmap_reserve+0x103/0x420 [ 1236.396726][T12606] __hfs_ext_write_extent+0x1fa/0x470 [ 1236.403060][T12606] __hfs_ext_cache_extent+0x6b/0x9b0 [ 1236.409518][T12606] ? hfs_find_init+0x15b/0x1d0 [ 1236.414889][T12606] hfs_extend_file+0x39c/0x13f0 [ 1236.420263][T12606] ? verify_lock_unused+0x140/0x140 [ 1236.426030][T12606] ? hfs_get_block+0xc50/0xc50 [ 1236.431744][T12606] ? memset+0x1e/0x40 [ 1236.436592][T12606] ? lockdep_init_map_type+0x98/0x8d0 [ 1236.444663][T12606] hfs_get_block+0x40f/0xc50 [ 1236.449923][T12606] ? __lock_acquire+0x7d10/0x7d10 [ 1236.456249][T12606] ? hfs_free_extents+0x430/0x430 [ 1236.462740][T12606] ? do_raw_spin_unlock+0x11d/0x230 [ 1236.468550][T12606] ? create_page_buffers+0x24f/0x4a0 [ 1236.474557][T12606] __block_write_begin_int+0x55d/0x1a80 [ 1236.480760][T12606] ? filemap_add_folio+0x188/0x3c0 [ 1236.486701][T12606] ? xas_load+0x119/0x140 [ 1236.492037][T12606] ? hfs_free_extents+0x430/0x430 [ 1236.499764][T12606] ? page_zero_new_buffers+0x650/0x650 [ 1236.506328][T12606] ? PageHeadHuge+0x8f/0x1c0 [ 1236.511560][T12606] ? hfs_free_extents+0x430/0x430 [ 1236.517520][T12606] block_write_begin+0x96/0x1e0 [ 1236.523828][T12606] cont_write_begin+0x5ea/0x800 [ 1236.529756][T12606] ? generic_cont_expand_simple+0x200/0x200 [ 1236.537155][T12606] ? fault_in_readable+0x139/0x1f0 [ 1236.543557][T12606] ? fault_in_readable+0x13e/0x1f0 [ 1236.549293][T12606] hfs_write_begin+0x87/0xd0 [ 1236.554443][T12606] ? hfs_free_extents+0x430/0x430 [ 1236.561600][T12606] generic_perform_write+0x2fa/0x5c0 [ 1236.567119][T12606] ? generic_file_direct_write+0x330/0x330 [ 1236.573221][T12606] ? __file_remove_privs+0x5f0/0x5f0 [ 1236.579059][T12606] ? rwsem_write_trylock+0x135/0x1c0 [ 1236.584561][T12606] ? clear_nonspinnable+0x60/0x60 [ 1236.589990][T12606] ? generic_write_checks_count+0x3d9/0x4c0 [ 1236.596830][T12606] __generic_file_write_iter+0x148/0x2a0 [ 1236.603203][T12606] generic_file_write_iter+0xab/0x2e0 [ 1236.609051][T12606] vfs_write+0x4b1/0xa30 [ 1236.613928][T12606] ? file_end_write+0x250/0x250 [ 1236.619431][T12606] ? __fget_files+0x43d/0x4b0 [ 1236.624957][T12606] ? __fdget_pos+0x2ae/0x360 [ 1236.629781][T12606] ? ksys_write+0x71/0x250 [ 1236.634418][T12606] ksys_write+0x14c/0x250 [ 1236.639041][T12606] ? __ia32_sys_read+0x80/0x80 [ 1236.644154][T12606] ? lockdep_hardirqs_on+0x94/0x140 [ 1236.649826][T12606] do_syscall_64+0x4c/0xa0 [ 1236.654607][T12606] ? clear_bhb_loop+0x60/0xb0 [ 1236.659394][T12606] ? clear_bhb_loop+0x60/0xb0 [ 1236.664504][T12606] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1236.671424][T12606] RIP: 0033:0x7f52f819cdd9 [ 1236.676145][T12606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1236.696924][T12606] RSP: 002b:00007f52f9078028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1236.706031][T12606] RAX: ffffffffffffffda RBX: 00007f52f8415fa0 RCX: 00007f52f819cdd9 [ 1236.714751][T12606] RDX: 000000000208e24b RSI: 0000200000000100 RDI: 0000000000000004 [ 1236.723955][T12606] RBP: 00007f52f8232d69 R08: 0000000000000000 R09: 0000000000000000 [ 1236.733011][T12606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1236.741736][T12606] R13: 00007f52f8416038 R14: 00007f52f8415fa0 R15: 00007ffe834b9aa8 [ 1236.750882][T12606] [ 1236.850650][T12652] loop5: detected capacity change from 0 to 64 [ 1236.909819][ T4277] hfs: node 4:3 still has 1 user(s)! [ 1236.971727][T14630] hfsplus: b-tree write err: -5, ino 25 [ 1236.978102][T14630] hfsplus: b-tree write err: -5, ino 4 [ 1236.984604][T14630] hfsplus: b-tree write err: -5, ino 2 [ 1236.991235][T14630] hfsplus: b-tree write err: -5, ino 26 [ 1238.858860][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.865683][ T1277] ieee802154 phy1 wpan1: encryption failed: -22