last executing test programs: 2.957714022s ago: executing program 1 (id=2432): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_usb_connect(0x3, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000ce0ab50801222c01e03f0000000109021b00014000000109041300016172d1000905", @ANYRES8=r0, @ANYBLOB='J!'], 0x0) 2.282614306s ago: executing program 2 (id=2445): syz_usb_connect(0x1, 0x2d, &(0x7f0000000340)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d0009058223"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x800000000000) 2.050741062s ago: executing program 3 (id=2448): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7d, &(0x7f0000001d80)={0x0, @in6={{0xa, 0x4e23, 0x20006, @empty, 0x6}}, 0x7f, 0x2, 0x0, 0x5, 0x392, 0x94}, 0x9c) 1.98112564s ago: executing program 3 (id=2450): prctl$PR_SET_THP_DISABLE(0x41, 0x3) mprotect(&(0x7f0000003000/0x1000)=nil, 0x1000, 0xf) 1.917818768s ago: executing program 3 (id=2451): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file0\x00', 0x8c0, &(0x7f0000000700)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030332c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c0000000000000000000000000000000094e75823e6233e62000eda1bfcf177b287d04dd9b7733f4cf32912198b1c8f24a33ca4179abb5a93898637ebfa474c7c5ab9dcc1946bb4ad2c0eb63b343752e41275fabf137ca645d4b63452308c00a874fbd43e9818851640283c95c3ff5e3456da1b16f4ffb13e90a744b530fdfee2a5ccff068c45258290bdae914c69bb31fd4b4ade4b70816978b61abcb20c1928188de100548a72ec896d7ac8c05b815265d2489daab05553648fb4cc8fd2b1cf887d298f46b619f39c8b55b7532ec3f972841afd8b05d2e9e51683c9c38e"], 0x1, 0x443b, &(0x7f0000009e40)="$eJzs3U9sFFUcAOA30yotAhbkgImJm0iiUdO0nNCSWEqhtFAxKMR4WbbtAtVtl7Rb44FDvZF4MvFgPBBNPNkT6cErHj168YgnDyR68GJiQqzZ3WnpzO6mC+m2Qr4vobPz/re/nTdvDsOLE5Xrs4u52cVcYT5Xnr66eCz3abm0NFcM8Q7Z7f5pTyfiJPa758KpM+9fPhbCTzO/3l9bW1sLVd2hqcFNn//+6+b05uO6OFOn2m7z1rbLRyGEww3jquoKIXz4YwhRCOFkkjaSHHtDCAdCPe/yzS+u5LZpNHfuFU/kH0zeWh06OrFye7Xxd19LRCF8U3rxzWtzf7zSNfTb69vUPQAAAAAAAAAAAAAAAAAAT7ixixcuvTcwGO5GoXslanxfdyw5tno/dm3bvNz5XxYAAAAAAAAAAAAAAAAAAAD+px6+/5+LDjV5/380OQ63qL/2TufHSOeMv3th9PTAYLL/e9SQP5wk/XmyKxxssu97dv/3k5n6zfd/b+zncR2P0v32hSjuT53HcX9/CN8lG78fifbGpfJi5Y2r5aX5mW0bxhMrHf/67v2p6CQb+m8V/99/rpcbybTf+f3/X2j4NlXPr2zfV+yplo5/VzZ7z/qH7z+P2rr+T2Ua2In48/jS8e+upfVuLjBcnwCq8f+ye+v4j2ba71T8D4QQclF1rLnUDFBdw1TTW61XSEvH/5laWmrqTP6Qra7/fzLxP51pf7fm/+XsjYim0vF/tpbWkyoRh3AziX+89fV/JtP+bsS/Ov5l9/+2pOOf3O67U0Vqf8mH8389sVX8xzLtdyr+l+JknAei1DdgJaqnt/r/6khLx7+nIf/4xvNf3Nb672ym/k49/633u/78tz79vxbVn/9oLh3/3kzuw+9Du+u/8UwLnZ7/h8MP2SmHR5CO/95aWnrt3Ff72W78JzLtb1/8G1YltaThzPr/3z319G+t/9qSjv9z9cR4c4nl2s/a+i/aev1/LtP+bqz/quNfjjvb69MiHf99LctV4/9LG/f/85l6nY9/42qiu9MdPkXS8d/fslzt+u/ZOv6TmXqdjv+rnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Akwkhz7QhT3p87juL8/hFPJ+ZGwN5oqzOSnSuXpTxZDGE3Sc+FQdK1UniqU8rPz5ZlivlAqladDOJ3kHw490WKpXMnPFW6c2WirN7peLCxUpoqFSghhLEl/Kexfb2tqtjJXuBFCOLuR93xcXrhxvTCfn5ldeHtgYGAgjG+M4WBU/KxSnK/Ue6/nhjCxUbcv2jS4Wva5jbHsiz4uLy3MF0q19POb6pTK04XSpjqTSd5X4WBUWViany5UivlS+dp6f7tpODmOjl/84OL5wYb8K1H9OLKzwwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgEd0deuvrEEJ3/SwOIeSi5EOU/Eu5c694Iv9g8tbq0NGJldur95uVAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEvHKBEDURiA34yFlh7DKiSdbUQRLYwInsDUnsDDaOM9cgnvYGFhayHLkgSWkLBpdqvva97AY2b+4gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY7/apeX4sq4gUZ/+nEV379b27vx/m+9X8/ZMjZORw7h6a65uyiq79fJ3bX6Z+/tQ5tse/37eXmJmjj0lPpn3qpb25lvq2lG/89zxSLiKiHvYXKeeiWPcWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoq+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfgUAAP//wL8omg==") open$dir(&(0x7f0000000000)='./file0\x00', 0x40, 0x0) 1.426708087s ago: executing program 1 (id=2456): socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$tipc(r0, &(0x7f00000004c0)=@id={0x1e, 0x3, 0x1, {0x4e20, 0x4}}, 0x10) 1.291283911s ago: executing program 1 (id=2458): syz_mount_image$vfat(&(0x7f0000000500), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040)={[{@utf8no}, {@fat=@umask={'umask', 0x3d, 0xcf7f}}, {@utf8no}, {@fat=@check_strict}, {@uni_xlate}, {@uni_xlate}, {@fat=@check_strict}, {@uni_xlateno}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@shortname_winnt}, {@uni_xlateno}, {@fat=@sys_immutable}, {@uni_xlateno}, {@shortname_lower}, {@rodir}]}, 0x26, 0x34b, &(0x7f0000000700)="$eJzs3TtoZNUbAPBv9uYN+0+KPwStRjtBlk3EQquEZYXFFLoy+GocTNZH7riQwYFskdlpFEvFRtDKzkLLrcVCxM7C1hVkVWzcbmEXr8zcm5k7j2hWTOKyv18RPr5zvjnn3HvC3LxOXlmL7c3puHTz5o2Ym6vE1Nq5tbhViaU4FUnkrsaIzmgCALiX3Mqy+D3LldLLk3t/sLAfzRzD3ACAo9F7/3/t9CAxe5KzAQCOwwFf/496ZmL28pFNCwA4QmPv/w8PNY98m3+q/zsBAMC967kXX3p6fSPiYrU6F9F4t1Vr1eLJQfv6pXgj0tiKs7EYdyLyB4X8aaH78akLG+fPVrt+Xopat6JVi2i0W7X8SWE96dXPxkosxlJRn/Xrk279Sq++GhFX273xo1Fp1aZjoRj/h4XYitVYjP+P1Udc2Di/Wi1eoNbYr29HdGJufxHd+Z+Jxfju1bgcaWxGt3Yw/72VavVctlGqr/d+ELJ5EjcEAAAAAAAAAAAAAAAAAAAAAID7wplq31L//Jus0W69c3G0w1L5fJ1WLW8uzgfq5OcDZbP7p/O8l4yeDzR8Pk+rNhWnTnTlAAAAAAAAAAAAAAAAAAAA8N/R3J2Jeppu7TR3r2yXg3Yp89Y3n381H6N93kwGmZjKX26oT5GLUlUS/fKsX54lQ32KIIkYdP7sWn/GeSaZsJaxVcz2FljOVIo51dP09EM/fTw26O6V7T8GmSTGLstwUClGLjU1/pen/qLq4GD1b/pcz7LsoPK9j8arohIxNXbj/o3g6xuvP/BYc/nxXubL4tCHRx5dfP76h5/+ul1Po7g0aTqz07yT/eOxktL+qRTXuRITNtvEoDPIdHaau/Xk+99eePD9b4f6zI9tkiLIypm394O54dtdT9MvRkefyYPuNA+z0ukJm39y8PLt/u69+4u5/Mla/drej78ctqr0ieWgDgAAAAAAAAAAAAAAAAAAOBalvxW/C088e3QzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjN/j//6WgM5Y5THC7HeNNs1s7zQMHnz/WpQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcB/7MwAA//+xzHAn") link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') 1.212171116s ago: executing program 0 (id=2459): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000ac0)="d8000000180081064e81f782db4cb904021d0800fe027c05e8fe55a10a0005000140e90003600e41b0000900ac00060011000000a4000500000000000000035c3b61c1d6ddb2c124c2110e00367f6f94007174cf6efb8000a007a290eb49e2f11d457fbace2ee5a7cef4094200001b14d6d930dfe1d9d322fe7c4a50b5b9bd6ee6f61e59eb4edbb57a00e97a6f6e7b7e2720637a1e7892811eb64252f19e00360db798262f3d40fad95667e006dcdf61951f215ce3bb9ad809d5ad42ce81ed0bffece0b4ff010000000000000dd6e4edef3d93452a09004b", 0xd8}], 0x1}, 0x0) 927.231033ms ago: executing program 0 (id=2460): r0 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r0, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10, 0x0}, 0x10) 891.197896ms ago: executing program 3 (id=2461): r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000001340)=[{{&(0x7f0000000000)={0x2, 0x4e23, @rand_addr=0x64010102}, 0x10, &(0x7f0000000100), 0x3, &(0x7f0000000140)=[@ip_ttl={{0x13}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}], 0x30}}], 0x1, 0x4000000) 839.561917ms ago: executing program 2 (id=2462): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0) ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc01064b8, &(0x7f0000000dc0)={0x1, 0x1, 0x1}) 713.235813ms ago: executing program 0 (id=2463): syz_mount_image$bfs(&(0x7f0000000040), &(0x7f0000000000)='./bus\x00', 0x98, &(0x7f00000000c0)=ANY=[], 0xff, 0xa4, &(0x7f0000000180)="$eJzs0b+pAkEQB+C5e/C4A9EC7OFq0CKswBKMBEEsyFYswdTIwNTkZHFFuGDBQFH4Ptg/P4ZdBuZw3U9jHNFvI/q/eOiT1XoXJf/FKr+gzmeThj655/M8YhYRVaqn7bJZHvMaPF80xd9Hb+sbAAB4XTXIdXTdM53afGk/2RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAN7kFAAD//z7jFwY=") creat(&(0x7f0000000080)='./control\x00', 0x2c) 665.710375ms ago: executing program 2 (id=2464): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300021000000000000000000000000200080008000000040000000000000005000600000000000a00000000000000fe8000000000000000000000000000000000000000000000020001000000000000f9ff000000000005000500000000000a"], 0x80}, 0x1, 0x7}, 0x0) 643.63419ms ago: executing program 1 (id=2465): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000002c0)="d80000001c0081064e81f782db44b9040a1d08040e00000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162756aa5e8d7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x48090) 465.679347ms ago: executing program 2 (id=2466): r0 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='0', 0x1}, {&(0x7f00000000c0)="0c2460ad", 0x4}], 0x2, 0x7, 0x20001) 460.072586ms ago: executing program 0 (id=2467): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a0012000a002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0) 327.949911ms ago: executing program 1 (id=2468): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000980)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdb1dd9467f5cd2d6c4e8b9d4f50d338ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESHEX=0x0], 0x11, 0x314, &(0x7f0000000b80)="$eJzs3U1rE08cB/Dv7KZN+m/pf7UVwYNINWAvovUiXiIlL8KTqE0KxSWitviAYBVPIvbu3aNXX4N4UQTP9eRJPHiqBxmZh2SfN6lmd1P9fsCy2dmZ/e3OzlPALIjon7Xa3n11/ov6JwAXLvDsIuAAaAA1AEdwtLHV29zY9LudvIJcHK+bXAImp0gcs9brpmVtwOawPPWphrnwPiqGlPLS56qDoMrp1i/d6M4Tuieo29apExsVxZfl8f6zfJsBsF1EMBMlv6bEHvZwD/OlhUNERBNJmPHdseP8nJ2/Ow7QtIOJSpu48f937VUdQOFkbmpo/NerLClUvf+vk4L1nl7CqXSnv0pMK+t17PNU7PM0zNMTmV2KYatKHYszs77hd8+s3fQ7Dp6gZYUOW9R/O/bxtCLR1hNFL6WsTXMMSpvJPESkzyhn9TVMqWtYMfHfBRCJfyH3jAUQ78QHcUV4eInOYP5Xk0JVk64pL1ZTJv6z2SXqq/TUUbDdRqvVciKHHNInOWbPYA25ygbcrDNO2zIjXxB4w+LUuQ7HcpmrOzck10JqrhW9vQwnI9diJJe6mvUN/232qUohXojLYglf8Qbt0PzfUfE1kWyZoYc+aDWiaYYCfcdV64zWbEitaXsiPXJsfdp9aPYnm8vgLiYbrPUjv0+jfXiO67iA+Tv3H9xwfb97W21c89XjqjcGe27N2Q2/O/UUCCdNyga2gz11SC1xcH9QKjOw5bEWqPqPlCTVsHrf+3tUKxtW4KM/jUf1A4XeutkRrmJ/G/2uazwFtt+P50HqTxsiST+llCU2oh17Z+JJ1XRLVK6g0kc7PmWqQwebqlJh1n/BeqVmJnvqj5c6Tx/xiwBbolRz7MEKLsgrzYwcwH85K7i0YjNXcMk1V2LNqNdcJ08Dp0Y/o2fj/EuINj7iKr//JyIiIiIiIiIiIiIiIiIiIiIiIiI6aMr4zzBVXyMRERERERERERERERERERERERERERER0UG32oD53Wv03/+L0d7/G38Vi2t+Enws7//d6YHv/yUq3q8AAAD///B/c8c=") openat(0xffffffffffffff9c, &(0x7f0000000280)='./bus\x00', 0x4040, 0x0) 304.245467ms ago: executing program 2 (id=2469): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x100000000006, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, {0x0, 0xb77, 0x3014, 0x0, 0x3, 0x9, 0x1, 0x164ae0bc5ce04ee5}}) 260.988139ms ago: executing program 0 (id=2470): r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2180, 0x0) ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x92, 0x0, 0x0, 0x4}) 234.363014ms ago: executing program 3 (id=2471): setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000180)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2, 0x4e24, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x87}, {0x0, 0x2}, {0x0, 0x400000000000000, 0xfffffffffffffffa}, 0xfffffffc, 0x0, 0x1}, {{@in=@broadcast, 0x40000, 0x3c}, 0xa, @in6=@loopback, 0x800000, 0x4, 0x0, 0x0, 0x0, 0x207}}, 0xe8) syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff006c000000000011424203"], 0x0) 149.593958ms ago: executing program 2 (id=2472): ioperm(0x8001, 0x9, 0x10) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) 93.908408ms ago: executing program 3 (id=2473): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x37c13, 0x51a23}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x20040040) 61.413271ms ago: executing program 0 (id=2474): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84}, 0x48) bpf$MAP_UPDATE_BATCH(0x18, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0xff, r0}, 0x38) 0s ago: executing program 1 (id=2475): r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) write$cgroup_int(r0, &(0x7f0000000080)=0x3, 0x12) kernel console output (not intermixed with test programs): bcdDevice=6c.77 [ 126.764251][ T5802] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239 [ 126.782707][ T5802] usb 1-1: Product: syz [ 126.787392][ T5802] usb 1-1: Manufacturer: syz [ 126.792044][ T5802] usb 1-1: SerialNumber: syz [ 126.810954][ T5802] usb 1-1: config 0 descriptor?? [ 126.825701][ T5774] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 126.837851][ T5802] gspca_main: sq905-2.14.0 probing 2770:9120 [ 127.223740][ T7642] loop2: detected capacity change from 0 to 1764 [ 127.272763][ T5802] gspca_sq905: sq905_command: usb_control_msg failed 2 (-71) [ 127.304094][ T5802] sq905: probe of 1-1:0.0 failed with error -71 [ 127.325320][ T5802] usb 1-1: USB disconnect, device number 5 [ 127.382747][ T7648] loop1: detected capacity change from 0 to 1024 [ 127.432216][ T7648] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 127.700606][ T5765] Bluetooth: hci3: command tx timeout [ 127.819260][ T7665] loop3: detected capacity change from 0 to 64 [ 128.212018][ T7683] netlink: 'syz.1.847': attribute type 7 has an invalid length. [ 128.403508][ T7694] loop0: detected capacity change from 0 to 1024 [ 128.407831][ T7692] loop2: detected capacity change from 0 to 256 [ 128.450186][ T7692] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 128.489018][ T7692] FAT-fs (loop2): Filesystem has been set read-only [ 128.500912][ T7692] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 128.565100][ T7692] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 128.591216][ T27] audit: type=1800 audit(1773312983.877:12): pid=7692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.853" name="file1" dev="loop2" ino=1048594 res=0 errno=0 [ 128.614912][ T7692] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 128.701512][ T2924] hfsplus: b-tree write err: -5, ino 25 [ 128.710331][ T2924] hfsplus: b-tree write err: -5, ino 4 [ 128.726336][ T2924] hfsplus: b-tree write err: -5, ino 2 [ 128.786130][ T7704] netdevsim netdevsim3 netdevsim3: entered allmulticast mode [ 128.970572][ T7714] capability: warning: `syz.2.862' uses deprecated v2 capabilities in a way that may be insecure [ 129.120305][ T7718] loop1: detected capacity change from 0 to 512 [ 129.169918][ T7718] EXT4-fs (loop1): Test dummy encryption mode enabled [ 129.209430][ T7718] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 129.288315][ T7718] EXT4-fs (loop1): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 129.356795][ T7725] loop0: detected capacity change from 0 to 8 [ 129.384993][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.417473][ T7725] SQUASHFS error: Unknown inode type 257 in squashfs_iget! [ 129.640324][ T7712] loop3: detected capacity change from 0 to 32768 [ 129.692466][ T7712] ERROR: (device loop3): dbAllocNext: Corrupt dmap page [ 129.692466][ T7712] [ 129.720607][ T7712] ialloc: diAlloc returned -5! [ 130.223459][ T7751] ieee802154 phy0 wpan0: encryption failed: -90 [ 130.393213][ T7762] netlink: 20 bytes leftover after parsing attributes in process `syz.1.886'. [ 130.423330][ T7762] netlink: 36 bytes leftover after parsing attributes in process `syz.1.886'. [ 130.696420][ T7775] vivid-000: disconnect [ 130.722337][ T7773] vivid-000: reconnect [ 130.734316][ T5825] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 130.747931][ T7777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.894'. [ 130.820789][ T7780] overlay: Unknown parameter 'subj_role' [ 130.964002][ T5825] usb 4-1: Using ep0 maxpacket: 8 [ 130.989599][ T5825] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 131.001162][ T5825] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 131.020920][ T5825] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 131.041081][ T5825] usb 4-1: Product: syz [ 131.051210][ T5825] usb 4-1: Manufacturer: syz [ 131.061557][ T5825] usb 4-1: SerialNumber: syz [ 131.083244][ T7786] loop2: detected capacity change from 0 to 4096 [ 131.118926][ T7786] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 131.154830][ T7790] loop1: detected capacity change from 0 to 1024 [ 131.255799][ T7790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 131.324664][ T7790] EXT4-fs error (device loop1): ext4_lookup:1850: inode #2: comm syz.1.900: bad inode number: 15 [ 131.346834][ T5825] usb 4-1: Handspring Visor / Palm OS: No valid connect info available [ 131.363938][ T5825] usb 4-1: Handspring Visor / Palm OS: port 82, is for unknown use [ 131.382216][ T5825] usb 4-1: Handspring Visor / Palm OS: port 223, is for HotSync use [ 131.395022][ T5825] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2 [ 131.474985][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.547964][ T5825] usb 4-1: palm_os_3_probe - error -71 getting bytes available request [ 131.580876][ T5825] visor 4-1:1.0: Handspring Visor / Palm OS converter detected [ 131.604321][ T5825] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 131.635199][ T5825] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 131.647601][ T5825] usb 4-1: USB disconnect, device number 9 [ 131.654017][ T28] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 131.685475][ T7803] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 131.697778][ T5825] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 131.721135][ T5825] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 131.732035][ T5825] visor 4-1:1.0: device disconnected [ 131.757350][ T7805] dlm: Unknown command passed to DLM device : 11 [ 131.757350][ T7805] [ 131.861978][ T28] usb 1-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=c7.b3 [ 131.881640][ T28] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.896871][ T28] usb 1-1: Product: syz [ 131.901457][ T28] usb 1-1: Manufacturer: syz [ 131.908149][ T28] usb 1-1: SerialNumber: syz [ 131.933687][ T28] usb 1-1: config 0 descriptor?? [ 131.955591][ T28] cypress_cy7c63 1-1:0.0: Cypress CY7C63xxx device now attached [ 132.073374][ T27] audit: type=1326 audit(1773312987.357:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7814 comm="syz.2.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 132.107572][ T27] audit: type=1326 audit(1773312987.387:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7814 comm="syz.2.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 132.149983][ T27] audit: type=1326 audit(1773312987.397:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7814 comm="syz.2.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 132.212906][ T28] usb 1-1: USB disconnect, device number 6 [ 132.219447][ T28] cypress_cy7c63 1-1:0.0: Cypress CY7C63xxx device now disconnected [ 132.239149][ T27] audit: type=1326 audit(1773312987.397:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7814 comm="syz.2.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 132.311845][ T27] audit: type=1326 audit(1773312987.397:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7814 comm="syz.2.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 132.364372][ T27] audit: type=1326 audit(1773312987.397:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7814 comm="syz.2.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 132.388230][ T27] audit: type=1326 audit(1773312987.397:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7814 comm="syz.2.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 132.410307][ C1] vkms_vblank_simulate: vblank timer overrun [ 132.427006][ T27] audit: type=1326 audit(1773312987.397:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7814 comm="syz.2.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 132.450604][ T27] audit: type=1326 audit(1773312987.397:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7814 comm="syz.2.911" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 132.472735][ C1] vkms_vblank_simulate: vblank timer overrun [ 132.621812][ T7834] netlink: 264 bytes leftover after parsing attributes in process `syz.1.920'. [ 132.632623][ T7834] netlink: 264 bytes leftover after parsing attributes in process `syz.1.920'. [ 132.645002][ T8] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 132.648696][ T7834] netlink: 175 bytes leftover after parsing attributes in process `syz.1.920'. [ 132.858042][ T8] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 132.879350][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.898466][ T8] usb 4-1: Product: syz [ 132.903427][ T7844] loop1: detected capacity change from 0 to 8 [ 132.910850][ T8] usb 4-1: Manufacturer: syz [ 132.917771][ T8] usb 4-1: SerialNumber: syz [ 132.946048][ T7844] SQUASHFS error: Failed to read block 0x33c: -5 [ 132.952887][ T7844] SQUASHFS error: Unable to read metadata cache entry [33c] [ 132.964248][ T8] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 133.005701][ T9] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 133.020797][ T7844] SQUASHFS error: Failed to read block 0x85: -5 [ 133.038892][ T7844] SQUASHFS error: Failed to read block 0x85: -5 [ 133.098928][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.107071][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.324746][ C0] usb 4-1: ath9k_htc: invalid pkt_len (fd7e) [ 133.528194][ T28] usb 4-1: USB disconnect, device number 10 [ 133.574312][ T5825] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 133.778547][ T5825] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 133.798547][ T5825] usb 3-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3 [ 133.801695][ T7882] netlink: 48 bytes leftover after parsing attributes in process `syz.0.944'. [ 133.817073][ T5825] usb 3-1: Product: syz [ 133.831933][ T5825] usb 3-1: Manufacturer: syz [ 133.841691][ T5825] usb 3-1: SerialNumber: syz [ 133.858123][ T5825] usb 3-1: config 0 descriptor?? [ 133.875780][ T5825] ch341 3-1:0.0: ch341-uart converter detected [ 133.908027][ T7886] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 134.002510][ T7890] loop0: detected capacity change from 0 to 512 [ 134.030343][ T7890] EXT4-fs: Ignoring removed mblk_io_submit option [ 134.058470][ T7890] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 134.094126][ T9] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 134.096155][ T7890] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 134.111475][ T9] ath9k_htc: Failed to initialize the device [ 134.128669][ T28] usb 4-1: ath9k_htc: USB layer deinitialized [ 134.145443][ T7890] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 134.165687][ T7890] EXT4-fs (loop0): orphan cleanup on readonly fs [ 134.189755][ T7890] __quota_error: 1 callbacks suppressed [ 134.189770][ T7890] Quota error (device loop0): do_insert_tree: Free block already used in tree: block 4 [ 134.220194][ T7890] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota [ 134.232242][ T7890] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.948: Failed to acquire dquot type 1 [ 134.249341][ T7890] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:478: comm syz.0.948: Invalid block bitmap block 0 in block_group 0 [ 134.267927][ T7890] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:478: comm syz.0.948: Invalid block bitmap block 0 in block_group 0 [ 134.272873][ T7890] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:478: comm syz.0.948: Invalid block bitmap block 0 in block_group 0 [ 134.300674][ T5825] usb 3-1: failed to send control message: -71 [ 134.307324][ T5825] ch341-uart: probe of ttyUSB0 failed with error -71 [ 134.316234][ T5825] usb 3-1: USB disconnect, device number 6 [ 134.317129][ T7890] Quota error (device loop0): write_blk: dquota write failed [ 134.323128][ T5825] ch341 3-1:0.0: device disconnected [ 134.373461][ T7890] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 134.373501][ T7890] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.948: Failed to acquire dquot type 1 [ 134.376450][ T7890] Quota error (device loop0): write_blk: dquota write failed [ 134.430124][ T7890] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 134.481793][ T7890] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.948: Failed to acquire dquot type 1 [ 134.508309][ T7890] EXT4-fs (loop0): 1 orphan inode deleted [ 134.526523][ T7890] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 134.632008][ T7890] EXT4-fs error (device loop0): ext4_lookup:1862: inode #2: comm syz.0.948: deleted inode referenced: 12 [ 134.725214][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.059452][ T7920] No such timeout policy "syz0" [ 135.145388][ T7925] CIFS: VFS: Malformed UNC in devname [ 135.292642][ T7931] netlink: 56 bytes leftover after parsing attributes in process `syz.2.967'. [ 135.511974][ T7941] netlink: 220 bytes leftover after parsing attributes in process `syz.3.973'. [ 135.864230][ T5802] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 135.933209][ T7960] loop3: detected capacity change from 0 to 2048 [ 135.948585][ T7960] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 136.000056][ T7965] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 136.077279][ T5802] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10 [ 136.087922][ T7964] loop0: detected capacity change from 0 to 4096 [ 136.100042][ T5802] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24929, setting to 1024 [ 136.130323][ T7964] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 136.158652][ T5802] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf [ 136.173303][ T7964] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 136.189838][ T5802] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.226157][ T5802] usb 3-1: Product: syz [ 136.235716][ T7964] ntfs: (device loop0): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 136.247919][ T5802] usb 3-1: Manufacturer: syz [ 136.252553][ T5802] usb 3-1: SerialNumber: syz [ 136.296860][ T5802] usb 3-1: config 0 descriptor?? [ 136.304396][ T7964] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 136.337442][ T5802] usb 3-1: Found UVC 0.00 device syz (18ec:3288) [ 136.369178][ T5802] usb 3-1: No valid video chain found. [ 136.387333][ T7964] ntfs: volume version 3.1. [ 136.614635][ T5802] usb 3-1: USB disconnect, device number 7 [ 136.710877][ T7983] netlink: 268 bytes leftover after parsing attributes in process `syz.1.994'. [ 136.739876][ T7983] unsupported nla_type 65024 [ 136.970129][ T7993] loop3: detected capacity change from 0 to 256 [ 137.147780][ T7993] FAT-fs (loop3): Directory bread(block 64) failed [ 137.167449][ T7993] FAT-fs (loop3): Directory bread(block 65) failed [ 137.204163][ T7993] FAT-fs (loop3): Directory bread(block 66) failed [ 137.210741][ T7993] FAT-fs (loop3): Directory bread(block 67) failed [ 137.244034][ T7993] FAT-fs (loop3): Directory bread(block 68) failed [ 137.250676][ T7993] FAT-fs (loop3): Directory bread(block 69) failed [ 137.258871][ T7993] FAT-fs (loop3): Directory bread(block 70) failed [ 137.275304][ T7993] FAT-fs (loop3): Directory bread(block 71) failed [ 137.281960][ T7993] FAT-fs (loop3): Directory bread(block 72) failed [ 137.304279][ T7993] FAT-fs (loop3): Directory bread(block 73) failed [ 137.349444][ T8001] netlink: 'syz.1.1002': attribute type 11 has an invalid length. [ 137.357694][ T7991] loop0: detected capacity change from 0 to 32768 [ 137.373502][ T7991] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.996 (7991) [ 137.417245][ T7991] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 137.445099][ T7991] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 137.474018][ T7991] BTRFS info (device loop0): using free space tree [ 137.575177][ T7991] BTRFS info (device loop0): enabling ssd optimizations [ 137.582175][ T7991] BTRFS info (device loop0): auto enabling async discard [ 137.816936][ T5766] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 138.607299][ T8025] loop3: detected capacity change from 0 to 32768 [ 138.725605][ T8049] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1017'. [ 138.980698][ T8055] loop1: detected capacity change from 0 to 1764 [ 139.036997][ T8057] loop0: detected capacity change from 0 to 128 [ 139.045575][ T8055] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 139.482386][ T8069] loop3: detected capacity change from 0 to 128 [ 139.552062][ T8069] syz.3.1027: attempt to access beyond end of device [ 139.552062][ T8069] loop3: rw=0, sector=25674, nr_sectors = 2 limit=128 [ 139.600288][ T8069] Buffer I/O error on dev loop3, logical block 12837, async page read [ 139.646409][ T8069] Trying to free block not in datazone [ 139.656325][ T5800] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 139.811781][ T8077] xt_TCPMSS: Only works on TCP SYN packets [ 139.863994][ T5800] usb 2-1: Using ep0 maxpacket: 32 [ 139.900417][ T5800] usb 2-1: config 0 has an invalid interface number: 16 but max is 0 [ 139.934217][ T5800] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 139.964097][ T5800] usb 2-1: config 0 has no interface number 0 [ 139.970265][ T5800] usb 2-1: config 0 interface 16 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 255 [ 139.991069][ T5800] usb 2-1: config 0 interface 16 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 140.037252][ T5800] usb 2-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d [ 140.058486][ T5800] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.085084][ T5800] usb 2-1: Product: syz [ 140.089464][ T5800] usb 2-1: Manufacturer: syz [ 140.096380][ T5800] usb 2-1: SerialNumber: syz [ 140.115032][ T5800] usb 2-1: config 0 descriptor?? [ 140.124527][ T8063] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 140.140946][ T5800] usb 2-1: Quirk or no altest; falling back to MIDI 1.0 [ 140.488432][ T8099] loop3: detected capacity change from 0 to 256 [ 140.527038][ T9] usb 2-1: USB disconnect, device number 7 [ 140.673436][ T8099] FAT-fs (loop3): Directory bread(block 64) failed [ 140.692066][ T8099] FAT-fs (loop3): Directory bread(block 65) failed [ 140.711527][ T8099] FAT-fs (loop3): Directory bread(block 66) failed [ 140.735843][ T8099] FAT-fs (loop3): Directory bread(block 67) failed [ 140.756471][ T8099] FAT-fs (loop3): Directory bread(block 68) failed [ 140.763112][ T8099] FAT-fs (loop3): Directory bread(block 69) failed [ 140.784044][ T8099] FAT-fs (loop3): Directory bread(block 70) failed [ 140.791042][ T8099] FAT-fs (loop3): Directory bread(block 71) failed [ 140.817240][ T8099] FAT-fs (loop3): Directory bread(block 72) failed [ 140.843198][ T8099] FAT-fs (loop3): Directory bread(block 73) failed [ 140.996262][ T8110] raw_sendmsg: syz.2.1047 forgot to set AF_INET. Fix it! [ 141.272793][ T8101] loop0: detected capacity change from 0 to 32768 [ 141.274006][ T8114] loop3: detected capacity change from 0 to 2048 [ 141.327539][ T8114] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 141.353588][ T8101] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 141.412420][ T8114] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 141.587904][ T8101] XFS (loop0): Ending clean mount [ 141.614480][ T5800] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 141.909944][ T5766] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 141.966930][ T5800] usb 2-1: unable to get BOS descriptor or descriptor too short [ 141.985887][ T5800] usb 2-1: not running at top speed; connect to a high speed hub [ 142.006475][ T5800] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 142.016764][ T5800] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 142.043979][ T5800] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 142.053084][ T5800] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 8193, setting to 64 [ 142.129172][ T5800] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 142.144409][ T5800] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.152447][ T5800] usb 2-1: Product: syz [ 142.183926][ T5800] usb 2-1: Manufacturer: syz [ 142.188589][ T5800] usb 2-1: SerialNumber: syz [ 142.463233][ T5800] usb 2-1: 0:2 : does not exist [ 142.541413][ T5800] usb 2-1: USB disconnect, device number 8 [ 142.582872][ T7646] udevd[7646]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 142.856551][ T8168] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1071'. [ 142.892632][ T8168] debugfs: Directory '!!' with parent 'ieee80211' already present! [ 142.893662][ T8166] loop3: detected capacity change from 0 to 4096 [ 142.952458][ T8166] __ntfs_error: 13 callbacks suppressed [ 142.952473][ T8166] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 142.976237][ T8166] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 143.004263][ T8166] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 143.024592][ T8166] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 143.037734][ T8166] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 143.061581][ T8166] ntfs: volume version 3.1. [ 143.081156][ T8166] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 143.114179][ T8166] ntfs: (device loop3): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 143.156688][ T8166] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 143.207065][ T8166] ntfs: (device loop3): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 143.247736][ T8166] ntfs: (device loop3): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 143.837183][ T8198] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 144.044354][ T5802] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 144.256256][ T5802] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 144.271107][ T5802] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 144.284365][ T8] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 144.294462][ T5802] usb 3-1: config 220 has no interface number 2 [ 144.300790][ T5802] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 144.319911][ T5802] usb 3-1: config 220 interface 0 has no altsetting 0 [ 144.327657][ T5802] usb 3-1: config 220 interface 76 has no altsetting 0 [ 144.336021][ T5802] usb 3-1: config 220 interface 1 has no altsetting 0 [ 144.350719][ T5802] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 144.360009][ T5802] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.368371][ T5802] usb 3-1: Product: syz [ 144.373018][ T5802] usb 3-1: Manufacturer: syz [ 144.378037][ T5802] usb 3-1: SerialNumber: syz [ 144.485077][ T8] usb 2-1: not running at top speed; connect to a high speed hub [ 144.495084][ T8] usb 2-1: config 129 has an invalid interface number: 35 but max is 0 [ 144.503700][ T8] usb 2-1: config 129 has no interface number 0 [ 144.516226][ T8] usb 2-1: config 129 interface 35 has no altsetting 0 [ 144.528831][ T8] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0102, bcdDevice=26.99 [ 144.538819][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.555893][ T8] usb 2-1: Product: syz [ 144.563085][ T8] usb 2-1: Manufacturer: syz [ 144.570401][ T8] usb 2-1: SerialNumber: syz [ 144.632099][ T5802] usb 3-1: selecting invalid altsetting 0 [ 144.656445][ T5802] usb 3-1: Found UVC 7.01 device syz (8086:0b07) [ 144.662879][ T5802] usb 3-1: No valid video chain found. [ 144.684581][ T5802] usb 3-1: selecting invalid altsetting 0 [ 144.695025][ T5802] usbtest: probe of 3-1:220.1 failed with error -22 [ 144.717899][ T5802] usb 3-1: USB disconnect, device number 8 [ 144.812448][ T8] usb_ehset_test: probe of 2-1:129.35 failed with error -32 [ 144.836614][ T8] usb 2-1: USB disconnect, device number 9 [ 145.163923][ T5825] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 145.339095][ T8240] loop0: detected capacity change from 0 to 32768 [ 145.360423][ T5825] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 145.374029][ T5825] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.401009][ T5825] usb 4-1: config 0 descriptor?? [ 145.678339][ T5825] [drm] vendor descriptor length:6 data:06 5f 01 00 00 00 00 00 00 00 00 [ 145.685969][ T8253] loop2: detected capacity change from 0 to 2048 [ 145.708628][ T5825] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 145.712462][ T8253] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 145.745703][ T8253] NILFS (loop2): unrecognized mount option "g)-aؠ" [ 145.831612][ T8253] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 145.862828][ T5825] [drm:udl_init] *ERROR* Selecting channel failed [ 145.863514][ T8257] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 145.950434][ T5825] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2 [ 145.997154][ T5825] [drm] Initialized udl on minor 2 [ 146.026499][ T5825] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 146.088441][ T5825] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 146.141002][ T8] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 146.161067][ T5825] usb 4-1: USB disconnect, device number 11 [ 146.205752][ T8] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 146.215808][ T8267] netlink: 'syz.1.1121': attribute type 1 has an invalid length. [ 146.256298][ T8267] netlink: 112865 bytes leftover after parsing attributes in process `syz.1.1121'. [ 146.654222][ T8] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 146.855884][ T8] usb 2-1: config index 0 descriptor too short (expected 133, got 72) [ 146.879500][ T8] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 146.909341][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.929634][ T8] usb 2-1: Product: syz [ 146.946711][ T8] usb 2-1: Manufacturer: syz [ 146.969819][ T8] usb 2-1: SerialNumber: syz [ 146.985716][ T8] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 147.008954][ T5825] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 147.304453][ C0] usb 2-1: ath9k_htc: over RX MAX_PKT_NUM [ 147.438138][ T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 147.532161][ T28] usb 2-1: USB disconnect, device number 10 [ 147.644229][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 147.652243][ T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 147.678707][ T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 147.687891][ T8319] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1147'. [ 147.704322][ T8] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 147.715420][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.723454][ T8] usb 3-1: Product: syz [ 147.742848][ T8] usb 3-1: Manufacturer: syz [ 147.748491][ T8] usb 3-1: SerialNumber: syz [ 148.098726][ T5825] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 148.142946][ T5825] ath9k_htc: Failed to initialize the device [ 148.173996][ T28] usb 2-1: ath9k_htc: USB layer deinitialized [ 148.181972][ T8] usb 3-1: cannot find UAC_HEADER [ 148.232316][ T8] snd-usb-audio: probe of 3-1:1.0 failed with error -22 [ 148.274179][ T8] usb 3-1: USB disconnect, device number 9 [ 148.312658][ T7646] udevd[7646]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 148.498009][ T8342] loop1: detected capacity change from 0 to 4096 [ 148.516502][ T8342] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 148.573036][ T27] kauditd_printk_skb: 6 callbacks suppressed [ 148.573049][ T27] audit: type=1326 audit(1773313003.857:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8345 comm="syz.0.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 148.653670][ T27] audit: type=1326 audit(1773313003.857:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8345 comm="syz.0.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 148.705069][ T27] audit: type=1326 audit(1773313003.867:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8345 comm="syz.0.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 148.709729][ T8348] loop0: detected capacity change from 0 to 512 [ 148.765741][ T8348] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.1161: Invalid inode bitmap blk 4 in block_group 0 [ 148.766949][ T27] audit: type=1326 audit(1773313003.867:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8345 comm="syz.0.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 148.790138][ T8348] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.808522][ T27] audit: type=1326 audit(1773313003.867:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8345 comm="syz.0.1160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 148.851248][ T8334] loop3: detected capacity change from 0 to 32768 [ 149.009691][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.344528][ T8362] loop1: detected capacity change from 0 to 1024 [ 149.530498][ T11] hfsplus: b-tree write err: -5, ino 25 [ 149.544325][ T11] hfsplus: b-tree write err: -5, ino 4 [ 149.555843][ T11] hfsplus: b-tree write err: -5, ino 2 [ 149.718972][ T8370] netlink: 209820 bytes leftover after parsing attributes in process `syz.1.1171'. [ 149.848448][ T8358] loop0: detected capacity change from 0 to 32768 [ 149.939733][ T8358] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 150.057731][ T8358] XFS (loop0): Ending clean mount [ 150.077754][ T8390] netlink: 'syz.2.1176': attribute type 1 has an invalid length. [ 150.112439][ T8358] XFS (loop0): Quotacheck needed: Please wait. [ 150.242196][ T8358] XFS (loop0): Quotacheck: Done. [ 150.292964][ T8399] netlink: 'syz.3.1182': attribute type 1 has an invalid length. [ 150.321215][ T8399] netlink: 'syz.3.1182': attribute type 3 has an invalid length. [ 150.350666][ T8399] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1182'. [ 150.598892][ T5766] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 151.155028][ T8432] loop1: detected capacity change from 0 to 256 [ 151.694343][ T8451] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1200'. [ 151.794890][ T8425] loop3: detected capacity change from 0 to 32768 [ 151.882887][ T8425] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 151.967719][ T8425] XFS (loop3): Ending clean mount [ 152.142916][ T5774] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 152.321818][ T8480] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1211'. [ 152.346341][ T8480] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 152.464186][ T5825] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 152.677980][ T5825] usb 1-1: Using ep0 maxpacket: 8 [ 152.685958][ T5825] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 152.714065][ T5825] usb 1-1: config 179 has no interface number 0 [ 152.720406][ T5825] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 152.761155][ T5825] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 152.778824][ T5825] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 152.793657][ T5825] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 152.809726][ T5825] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 152.838688][ T5825] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 152.849382][ T5825] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.867039][ T8500] loop3: detected capacity change from 0 to 512 [ 152.905671][ T8475] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 152.989964][ T8500] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.031185][ T8500] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 153.185512][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.304059][ T8] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 153.331816][ T8513] x_tables: unsorted underflow at hook 4 [ 153.457599][ T5825] usb 1-1: USB disconnect, device number 7 [ 153.457673][ C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 153.457726][ C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 153.528217][ T8] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 153.540584][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.544453][ T5800] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 153.549435][ T8] usb 3-1: Product: syz [ 153.549452][ T8] usb 3-1: Manufacturer: syz [ 153.549466][ T8] usb 3-1: SerialNumber: syz [ 153.554788][ T8] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 153.587956][ T9] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 153.764032][ T5800] usb 4-1: Using ep0 maxpacket: 32 [ 153.771274][ T5800] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 153.779845][ T5800] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 153.790050][ T5800] usb 4-1: config 0 has no interface number 0 [ 153.796405][ T5800] usb 4-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 153.812767][ T5800] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 153.822799][ T5800] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.831290][ T5800] usb 4-1: Product: syz [ 153.835858][ T5800] usb 4-1: Manufacturer: syz [ 153.840516][ T5800] usb 4-1: SerialNumber: syz [ 153.860678][ T5800] usb 4-1: config 0 descriptor?? [ 153.876234][ T5800] radio-si470x 4-1:0.35: could not find interrupt in endpoint [ 153.884016][ T5800] radio-si470x: probe of 4-1:0.35 failed with error -5 [ 153.964031][ T5802] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 154.100644][ T5825] usb 3-1: USB disconnect, device number 10 [ 154.100753][ T5800] radio-raremono 4-1:0.35: this is not Thanko's Raremono. [ 154.126637][ T5800] usbhid 4-1:0.35: couldn't find an input interrupt endpoint [ 154.164251][ T5802] usb 2-1: Using ep0 maxpacket: 32 [ 154.172822][ T5802] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 154.186820][ T5802] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 154.196632][ T5802] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.204996][ T5802] usb 2-1: Product: syz [ 154.209350][ T5802] usb 2-1: Manufacturer: syz [ 154.214413][ T5802] usb 2-1: SerialNumber: syz [ 154.222773][ T5802] usb 2-1: config 0 descriptor?? [ 154.230729][ T5802] usb 2-1: bad CDC descriptors [ 154.236472][ T5802] usb 2-1: unsupported MDLM descriptors [ 154.351109][ T8] usb 4-1: USB disconnect, device number 12 [ 154.458535][ T5802] usb 2-1: USB disconnect, device number 11 [ 154.658772][ T9] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 154.685808][ T9] ath9k_htc: Failed to initialize the device [ 154.685986][ T8537] geneve3: entered allmulticast mode [ 154.703200][ T5825] usb 3-1: ath9k_htc: USB layer deinitialized [ 155.121455][ T8553] vim2m vim2m.0: Fourcc format (0x47425247) invalid. [ 155.121598][ T8552] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1244'. [ 155.214544][ T8557] libceph: resolve '@e2OAqcz' (ret=-3): failed [ 155.283256][ T8562] --map-set only usable from mangle table [ 155.987544][ T8594] loop2: detected capacity change from 0 to 136 [ 156.022790][ T8596] loop3: detected capacity change from 0 to 512 [ 156.037484][ T8594] Attempt to read inode for relocated directory [ 156.091209][ T5800] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 156.139676][ T8596] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.139803][ T8596] ext4 filesystem being mounted at /258/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 156.284003][ T5800] usb 2-1: Using ep0 maxpacket: 16 [ 156.284921][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.294444][ T5800] usb 2-1: config 0 has an invalid interface number: 105 but max is 0 [ 156.321547][ T5800] usb 2-1: config 0 has an invalid descriptor of length 214, skipping remainder of the config [ 156.342238][ T5800] usb 2-1: config 0 has no interface number 0 [ 156.373779][ T5800] usb 2-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28 [ 156.403298][ T5800] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.434052][ T5800] usb 2-1: Product: syz [ 156.442643][ T5800] usb 2-1: Manufacturer: syz [ 156.460417][ T5800] usb 2-1: SerialNumber: syz [ 156.507037][ T5800] usb 2-1: config 0 descriptor?? [ 156.592945][ T8615] netlink: 'syz.3.1274': attribute type 2 has an invalid length. [ 156.601299][ T8615] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.1274'. [ 156.769054][ T5825] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 156.788768][ T787] usb 2-1: USB disconnect, device number 12 [ 156.929769][ T8627] xfrm0 speed is unknown, defaulting to 1000 [ 156.966372][ T5825] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 156.983418][ T5825] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.004404][ T5825] usb 1-1: config 0 descriptor?? [ 157.017257][ T5825] cp210x 1-1:0.0: cp210x converter detected [ 157.168287][ T8638] syz.2.1285: attempt to access beyond end of device [ 157.168287][ T8638] loop5: rw=0, sector=0, nr_sectors = 1 limit=0 [ 157.182316][ T8638] FAT-fs (loop5): unable to read boot sector [ 157.227857][ T5825] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -121 [ 157.254326][ T5825] cp210x 1-1:0.0: querying part number failed [ 157.289701][ T5825] usb 1-1: cp210x converter now attached to ttyUSB0 [ 157.476812][ T5800] usb 1-1: USB disconnect, device number 8 [ 157.492186][ T5800] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 157.532876][ T5800] cp210x 1-1:0.0: device disconnected [ 158.154101][ T8674] netlink: 'syz.0.1301': attribute type 2 has an invalid length. [ 159.330590][ T8728] loop0: detected capacity change from 0 to 256 [ 159.538125][ T8736] netlink: 144 bytes leftover after parsing attributes in process `syz.2.1332'. [ 159.679716][ T8736] team0: Port device team_slave_0 removed [ 159.705405][ T8736] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 159.854685][ T8744] loop1: detected capacity change from 0 to 4096 [ 159.880043][ T8744] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 159.910053][ T8744] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 159.957025][ T8744] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 159.987342][ T8744] ntfs: volume version 3.1. [ 160.169176][ T8758] vlan0: entered promiscuous mode [ 160.259729][ T8760] loop2: detected capacity change from 0 to 512 [ 160.308731][ T5763] ntfs: (device loop1): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 160.347149][ T8760] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.513233][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.734294][ T8773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1348'. [ 161.222524][ T27] audit: type=1326 audit(1773313016.507:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8793 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 161.225856][ T8794] syz.2.1359 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 161.287608][ T27] audit: type=1326 audit(1773313016.507:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8793 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 161.354957][ T27] audit: type=1326 audit(1773313016.507:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8793 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 161.414961][ T27] audit: type=1326 audit(1773313016.597:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8793 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 161.472977][ T27] audit: type=1326 audit(1773313016.597:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8793 comm="syz.2.1359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 161.503128][ T8801] netlink: 'syz.3.1363': attribute type 11 has an invalid length. [ 161.802291][ T8807] loop0: detected capacity change from 0 to 4096 [ 161.848252][ T8807] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 161.961062][ T8807] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 161.997526][ T8807] ntfs3: loop0: ino=1f, "file2" failed to open parent directory r=5 to update [ 162.174209][ T11] ntfs3: loop0: ino=1f, failed to open parent directory r=5 to update [ 162.328523][ T8828] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1374'. [ 162.488592][ T8825] loop1: detected capacity change from 0 to 8192 [ 162.543270][ T8836] loop3: detected capacity change from 0 to 256 [ 162.550479][ T8836] exfat: Unknown parameter 'd' [ 162.608983][ T6201] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 162.644228][ T8836] afs: Unexpected value for 'dyn' [ 163.120736][ T8856] QAT: Device 3 not found [ 163.198932][ T27] audit: type=1326 audit(1773313018.487:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8859 comm="syz.2.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 163.207715][ T8860] loop2: detected capacity change from 0 to 512 [ 163.261830][ T8860] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 163.285111][ T8860] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it [ 163.296446][ T8860] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1392: Corrupt directory, running e2fsck is recommended [ 163.358253][ T8863] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 163.379428][ T8863] overlayfs: missing 'lowerdir' [ 163.399340][ T8860] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 163.408796][ T8860] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.1392: corrupted in-inode xattr: e_name out of bounds [ 163.472340][ T8860] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.1392: couldn't read orphan inode 15 (err -117) [ 163.518850][ T8860] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.597795][ T8867] loop3: detected capacity change from 0 to 4096 [ 163.630183][ T8867] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 163.698765][ T8867] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 163.719019][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.062317][ T8881] loop1: detected capacity change from 0 to 4096 [ 164.121358][ T8881] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 164.183162][ T8881] ntfs3: loop1: Failed to load $Extend (-22). [ 164.211649][ T8881] ntfs3: loop1: Failed to initialize $Extend. [ 164.662583][ T8897] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 164.678203][ T8903] loop0: detected capacity change from 0 to 256 [ 164.823037][ T8906] loop2: detected capacity change from 0 to 4096 [ 165.262445][ T8920] netlink: 'syz.3.1421': attribute type 5 has an invalid length. [ 165.295230][ T8920] ip6erspan0: entered promiscuous mode [ 165.310284][ T8922] IPv6: Can't replace route, no match found [ 166.033927][ T27] kauditd_printk_skb: 18 callbacks suppressed [ 166.033942][ T27] audit: type=1326 audit(1773313021.317:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.2.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 166.086855][ T8977] loop3: detected capacity change from 0 to 64 [ 166.107637][ T27] audit: type=1326 audit(1773313021.317:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.2.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 166.164156][ T8977] syz.3.1440: attempt to access beyond end of device [ 166.164156][ T8977] loop3: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 166.233975][ T27] audit: type=1326 audit(1773313021.327:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.2.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 166.273921][ T8977] Buffer I/O error on dev loop3, logical block 512, async page read [ 166.282108][ T8977] syz.3.1440: attempt to access beyond end of device [ 166.282108][ T8977] loop3: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 166.332479][ T8989] capability: warning: `syz.1.1443' uses 32-bit capabilities (legacy support in use) [ 166.346282][ T8977] Buffer I/O error on dev loop3, logical block 56576, async page read [ 166.356153][ T27] audit: type=1326 audit(1773313021.327:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.2.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 166.418726][ T27] audit: type=1326 audit(1773313021.327:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.2.1439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 166.776507][ T9013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1450'. [ 167.111683][ T8991] loop0: detected capacity change from 0 to 32768 [ 167.189612][ T8991] JBD2: Ignoring recovery information on journal [ 167.315990][ T8991] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 167.452338][ T9049] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 167.483455][ T8991] OCFS2: ERROR (device loop0): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 167.504795][ T9049] CIFS mount error: No usable UNC path provided in device string! [ 167.504795][ T9049] [ 167.523945][ T8991] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 167.539930][ T9049] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 167.549038][ T8991] OCFS2: File system is now read-only. [ 167.549121][ T8991] (syz.0.1444,8991,0):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 167.689976][ T5766] ocfs2: Unmounting device (7,0) on (node local) [ 167.934538][ T9073] netlink: 'syz.1.1467': attribute type 4 has an invalid length. [ 167.943144][ T9073] netlink: 204 bytes leftover after parsing attributes in process `syz.1.1467'. [ 168.468092][ T9107] netlink: 'syz.3.1479': attribute type 1 has an invalid length. [ 169.206952][ T9158] loop2: detected capacity change from 0 to 512 [ 169.238093][ T9158] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 170.012244][ T9209] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1511'. [ 170.044102][ T9209] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1511'. [ 170.053696][ T9209] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1511'. [ 170.235094][ T9224] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 170.403958][ T788] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 170.585920][ T788] usb 4-1: config 0 has an invalid interface number: 238 but max is 0 [ 170.619746][ T788] usb 4-1: config 0 has no interface number 0 [ 170.630677][ T788] usb 4-1: config 0 interface 238 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 170.656871][ T9222] loop2: detected capacity change from 0 to 32768 [ 170.663459][ T788] usb 4-1: config 0 interface 238 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0 [ 170.684080][ T788] usb 4-1: config 0 interface 238 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 170.711103][ T788] usb 4-1: config 0 interface 238 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0 [ 170.738814][ T9222] JBD2: Ignoring recovery information on journal [ 170.759515][ T788] usb 4-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=f6.6a [ 170.813375][ T788] usb 4-1: New USB device strings: Mfr=181, Product=147, SerialNumber=160 [ 170.891242][ T788] usb 4-1: Product: syz [ 170.912374][ T788] usb 4-1: Manufacturer: syz [ 170.931612][ T788] usb 4-1: SerialNumber: syz [ 170.940178][ T9222] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 170.965030][ T788] usb 4-1: config 0 descriptor?? [ 171.029465][ T788] ni6501 4-1:0.238: driver 'ni6501' failed to auto-configure device. [ 171.093970][ T9222] OCFS2: ERROR (device loop2): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 171.146263][ T9222] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 171.184016][ T9222] OCFS2: File system is now read-only. [ 171.189657][ T9222] (syz.2.1514,9222,0):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 171.223787][ T787] usb 4-1: USB disconnect, device number 13 [ 171.341630][ T5770] ocfs2: Unmounting device (7,2) on (node local) [ 171.423502][ T9271] loop0: detected capacity change from 0 to 16 [ 171.466371][ T9271] erofs: (device loop0): mounted with root inode @ nid 36. [ 171.527608][ T9271] syz.0.1526: attempt to access beyond end of device [ 171.527608][ T9271] loop0: rw=524288, sector=131758, nr_sectors = 2 limit=16 [ 171.574167][ T9271] syz.0.1526: attempt to access beyond end of device [ 171.574167][ T9271] loop0: rw=524288, sector=74, nr_sectors = 2 limit=16 [ 171.602192][ T9271] syz.0.1526: attempt to access beyond end of device [ 171.602192][ T9271] loop0: rw=524288, sector=262336, nr_sectors = 2 limit=16 [ 171.623961][ T9271] syz.0.1526: attempt to access beyond end of device [ 171.623961][ T9271] loop0: rw=524288, sector=172, nr_sectors = 2 limit=16 [ 171.644052][ T9271] syz.0.1526: attempt to access beyond end of device [ 171.644052][ T9271] loop0: rw=524288, sector=131274, nr_sectors = 2 limit=16 [ 171.666547][ T9271] syz.0.1526: attempt to access beyond end of device [ 171.666547][ T9271] loop0: rw=524288, sector=178, nr_sectors = 2 limit=16 [ 171.682466][ T9271] syz.0.1526: attempt to access beyond end of device [ 171.682466][ T9271] loop0: rw=524288, sector=131284, nr_sectors = 2 limit=16 [ 171.722223][ T9271] syz.0.1526: attempt to access beyond end of device [ 171.722223][ T9271] loop0: rw=524288, sector=178, nr_sectors = 2 limit=16 [ 171.744285][ T9271] syz.0.1526: attempt to access beyond end of device [ 171.744285][ T9271] loop0: rw=524288, sector=4830, nr_sectors = 2 limit=16 [ 171.788620][ T9271] syz.0.1526: attempt to access beyond end of device [ 171.788620][ T9271] loop0: rw=524288, sector=1556797440, nr_sectors = 2 limit=16 [ 171.822262][ T9278] loop2: detected capacity change from 0 to 4096 [ 171.915884][ T9284] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 171.924199][ T9266] loop1: detected capacity change from 0 to 32768 [ 171.984979][ T9266] (syz.1.1525,9266,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 172.004657][ T9278] NILFS error (device loop2): nilfs_dotdot: directory #12 missing '.' [ 172.037678][ T9278] Remounting filesystem read-only [ 172.059409][ T9266] (syz.1.1525,9266,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 172.166960][ T9266] JBD2: Ignoring recovery information on journal [ 172.315807][ T9266] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 172.665918][ T5763] ocfs2: Unmounting device (7,1) on (node local) [ 172.834283][ T9321] netlink: 'syz.0.1538': attribute type 13 has an invalid length. [ 173.289469][ T9338] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 173.313608][ T9307] loop2: detected capacity change from 0 to 32768 [ 173.360853][ T9307] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 173.517217][ T9372] bond1: entered promiscuous mode [ 173.524155][ T9307] XFS (loop2): Ending clean mount [ 173.547548][ T9372] 8021q: adding VLAN 0 to HW filter on device bond1 [ 173.571216][ T9307] XFS (loop2): Quotacheck needed: Please wait. [ 173.624999][ T9307] XFS (loop2): Quotacheck: Done. [ 173.654066][ T9] usb 2-1: new full-speed USB device number 13 using dummy_hcd [ 173.743456][ T9413] loop0: detected capacity change from 0 to 64 [ 173.770331][ T5770] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 173.860632][ T9] usb 2-1: config index 0 descriptor too short (expected 39, got 27) [ 173.907318][ T9] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 173.963930][ T9] usb 2-1: config 0 interface 0 has no altsetting 0 [ 173.987443][ T9] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 174.013422][ T9] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 174.043926][ T9] usb 2-1: Product: syz [ 174.048143][ T9] usb 2-1: Manufacturer: syz [ 174.061166][ T9] usb 2-1: SerialNumber: syz [ 174.076791][ T9] usb 2-1: config 0 descriptor?? [ 174.107600][ T9] hub 2-1:0.0: bad descriptor, ignoring hub [ 174.113562][ T9] hub: probe of 2-1:0.0 failed with error -5 [ 174.156483][ T9] usb 2-1: selecting invalid altsetting 0 [ 174.230185][ T9442] loop0: detected capacity change from 0 to 22 [ 174.268756][ T9442] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 174.302142][ T9442] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 174.574868][ T5825] usb 2-1: USB disconnect, device number 13 [ 174.954055][ T9] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 175.026305][ T9459] loop3: detected capacity change from 0 to 32768 [ 175.073533][ T9459] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 175.181216][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 175.225474][ T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 175.248087][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 175.281805][ T9510] netlink: 'syz.1.1566': attribute type 10 has an invalid length. [ 175.293717][ T9] usb 1-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5 [ 175.315488][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.340034][ T9] usb 1-1: Product: syz [ 175.348511][ T9] usb 1-1: Manufacturer: syz [ 175.353239][ T9] usb 1-1: SerialNumber: syz [ 175.353392][ T9459] XFS (loop3): Ending clean mount [ 175.362611][ T9] usb 1-1: config 0 descriptor?? [ 175.451592][ T9510] team0: Port device wlan1 added [ 175.498769][ T5774] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 175.682223][ T787] usb 1-1: USB disconnect, device number 9 [ 175.916661][ T9542] kAFS: unparsable volume name [ 176.243914][ T788] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 176.348875][ T9576] netlink: 'syz.3.1582': attribute type 5 has an invalid length. [ 176.436274][ T788] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 176.453899][ T788] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.470212][ T9580] syz.3.1584 (9580): drop_caches: 0 [ 176.488728][ T788] usb 2-1: config 0 descriptor?? [ 176.938082][ T788] ath6kl: Failed to submit usb control message: -71 [ 176.963945][ T788] ath6kl: unable to send the bmi data to the device: -71 [ 176.983342][ T788] ath6kl: Unable to send get target info: -71 [ 177.016250][ T788] ath6kl: Failed to init ath6kl core: -71 [ 177.023305][ T788] ath6kl_usb: probe of 2-1:0.0 failed with error -71 [ 177.084117][ T788] usb 2-1: USB disconnect, device number 14 [ 177.128017][ T9619] netlink: 'syz.0.1594': attribute type 3 has an invalid length. [ 177.163013][ T9624] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 177.177479][ T27] audit: type=1326 audit(1773313032.467:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9627 comm="syz.3.1596" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f390459c799 code=0x0 [ 177.204755][ T9624] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 177.442696][ T9645] dlm: non-version read from control device 36 [ 177.609881][ T9655] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1605'. [ 178.216380][ T9700] loop1: detected capacity change from 0 to 4096 [ 178.228821][ T9700] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 178.254391][ T5802] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 178.254775][ T9700] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 178.272099][ T9700] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 178.285386][ T9700] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 178.312285][ T9700] ntfs: volume version 3.1. [ 178.362669][ T9700] ntfs: (device loop1): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 178.374055][ T9700] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x40 as bad. Run chkdsk. [ 178.414010][ T788] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 178.474148][ T5802] usb 4-1: Using ep0 maxpacket: 32 [ 178.485691][ T5802] usb 4-1: unable to get BOS descriptor or descriptor too short [ 178.504783][ T5825] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 178.505271][ T5802] usb 4-1: config 7 has an invalid interface number: 187 but max is 0 [ 178.531852][ T5802] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 178.543195][ T5802] usb 4-1: config 7 has no interface number 0 [ 178.550018][ T5802] usb 4-1: config 7 interface 187 altsetting 6 endpoint 0x7 has invalid wMaxPacketSize 0 [ 178.560682][ T5802] usb 4-1: config 7 interface 187 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 178.574264][ T5802] usb 4-1: config 7 interface 187 has no altsetting 0 [ 178.585365][ T5802] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 178.602779][ T5802] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 178.605779][ T788] usb 3-1: config index 0 descriptor too short (expected 39, got 27) [ 178.618516][ T5802] usb 4-1: Product: syz [ 178.623097][ T5802] usb 4-1: Manufacturer: syz [ 178.627867][ T5802] usb 4-1: SerialNumber: syz [ 178.629366][ T788] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 178.649813][ T788] usb 3-1: config 0 interface 0 has no altsetting 0 [ 178.659637][ T788] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 178.694406][ T788] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 178.702671][ T788] usb 3-1: Product: syz [ 178.707637][ T788] usb 3-1: Manufacturer: syz [ 178.712259][ T788] usb 3-1: SerialNumber: syz [ 178.718696][ T5825] usb 1-1: too many configurations: 65, using maximum allowed: 8 [ 178.729566][ T5825] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 178.742925][ T788] usb 3-1: config 0 descriptor?? [ 178.753265][ T788] hub 3-1:0.0: bad descriptor, ignoring hub [ 178.760903][ T5825] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 178.771394][ T788] hub: probe of 3-1:0.0 failed with error -5 [ 178.780824][ T788] usb 3-1: selecting invalid altsetting 0 [ 178.789816][ T5825] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 178.809359][ T5825] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 178.835404][ T5825] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 178.855900][ T5825] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 178.856879][ T5802] usb 4-1: Limiting number of CPorts to U8_MAX [ 178.868256][ T5825] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 178.885898][ T5825] usb 1-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config [ 178.898103][ T5825] usb 1-1: New USB device found, idVendor=046d, idProduct=08b8, bcdDevice=ee.8d [ 178.909081][ T5802] usb 4-1: Unknown endpoint type found, address 0x07 [ 178.934094][ T5825] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.943251][ T5802] usb 4-1: Not enough endpoints found in device, aborting! [ 178.974589][ T5825] pwc: Logitech QuickCam detected (reserved ID). [ 179.011322][ T5825] pwc: Warning: more than 1 configuration available. [ 179.089436][ T5800] usb 4-1: USB disconnect, device number 14 [ 179.225479][ T8] usb 3-1: USB disconnect, device number 11 [ 179.257051][ T9724] loop1: detected capacity change from 0 to 32768 [ 179.275767][ T9724] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1622 (9724) [ 179.313496][ T9724] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 179.328142][ T9724] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 179.340315][ T9724] BTRFS warning (device loop1): excessive commit interval 65536 [ 179.355758][ T9724] BTRFS info (device loop1): using free space tree [ 179.396072][ T5825] pwc: send_video_command error -71 [ 179.409247][ T5825] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 179.412812][ T9724] BTRFS info (device loop1): enabling ssd optimizations [ 179.419053][ T5825] Philips webcam: probe of 1-1:250.0 failed with error -71 [ 179.435671][ T5825] usb 1-1: USB disconnect, device number 10 [ 179.442104][ T9724] BTRFS info (device loop1): auto enabling async discard [ 179.570970][ T5763] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 179.732673][ T7646] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop1 scanned by udevd (7646) [ 180.509283][ T9824] loop0: detected capacity change from 0 to 4096 [ 180.524463][ T9824] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 180.530474][ T9787] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 180.571717][ T9787] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 180.599779][ T9824] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 180.613923][ T9787] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 180.631773][ T9787] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 180.651832][ T9787] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 180.701433][ T9787] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 180.732439][ T9787] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 180.749464][ T9787] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 180.757815][ T9787] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 180.776936][ T9787] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 180.783925][ T9787] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 180.807680][ T9787] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 181.358430][ T9877] loop3: detected capacity change from 0 to 64 [ 181.933950][ T5765] Bluetooth: hci0: command 0x0c1a tx timeout [ 182.090102][ T9917] loop0: detected capacity change from 0 to 256 [ 182.139705][ T9917] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 182.496008][ T27] audit: type=1326 audit(1773313037.777:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9942 comm="syz.0.1669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 182.565278][ T27] audit: type=1326 audit(1773313037.777:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9942 comm="syz.0.1669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 182.606209][ T27] audit: type=1326 audit(1773313037.787:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9942 comm="syz.0.1669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 182.614549][ T9948] netlink: 'syz.0.1670': attribute type 3 has an invalid length. [ 182.644251][ T27] audit: type=1326 audit(1773313037.787:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9942 comm="syz.0.1669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 182.675001][ T5765] Bluetooth: hci1: command 0x0c1a tx timeout [ 182.686383][ T9948] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1670'. [ 182.694599][ T27] audit: type=1326 audit(1773313037.787:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9942 comm="syz.0.1669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 182.734337][ T5765] Bluetooth: hci2: command 0x0c1a tx timeout [ 182.823977][ T5765] Bluetooth: hci3: command 0x0c1a tx timeout [ 182.837472][ T9921] loop1: detected capacity change from 0 to 32768 [ 182.863180][ T9921] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 182.880476][ T9921] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 182.890095][ T9921] BTRFS info (device loop1): using free space tree [ 183.002413][ T9921] BTRFS info (device loop1): enabling ssd optimizations [ 183.030457][ T9921] BTRFS info (device loop1): auto enabling async discard [ 183.202129][ T5763] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 183.224338][ T9980] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 183.256706][ T9980] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 183.275204][ T9980] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 183.294201][ T9980] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 183.670473][T10016] loop3: detected capacity change from 0 to 256 [ 183.750253][T10016] FAT-fs (loop3): Directory bread(block 64) failed [ 183.769959][T10016] FAT-fs (loop3): Directory bread(block 65) failed [ 183.783984][ T5802] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 183.791963][T10016] FAT-fs (loop3): Directory bread(block 66) failed [ 183.816232][T10016] FAT-fs (loop3): Directory bread(block 67) failed [ 183.874279][T10016] FAT-fs (loop3): Directory bread(block 68) failed [ 183.880906][T10016] FAT-fs (loop3): Directory bread(block 69) failed [ 183.891486][T10016] FAT-fs (loop3): Directory bread(block 70) failed [ 183.933119][T10016] FAT-fs (loop3): Directory bread(block 71) failed [ 183.948012][T10016] FAT-fs (loop3): Directory bread(block 72) failed [ 183.959620][T10016] FAT-fs (loop3): Directory bread(block 73) failed [ 183.983945][ T5802] usb 3-1: Using ep0 maxpacket: 8 [ 183.991545][ T5802] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 184.021239][ T5802] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 184.049244][ T5802] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 184.083881][ T5802] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 184.113932][ T5802] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 184.125464][ T5802] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 184.134950][ T5802] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.156157][ T5802] usb 3-1: config 0 descriptor?? [ 184.166963][T10005] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 184.626285][T10066] futex_wake_op: syz.0.1695 tries to shift op by 32; fix this program [ 184.667088][ T5765] Bluetooth: hci4: Opcode 0x0c03 failed: -71 [ 184.668630][ T8] usb 3-1: USB disconnect, device number 12 [ 185.029497][T10102] ubi0: attaching mtd0 [ 185.080291][T10102] ubi0 error: ubi_attach_mtd_dev: bad VID header (2147483647) or data offsets (-2147483585) [ 185.133960][ T5765] Bluetooth: hci0: command 0x0c1a tx timeout [ 185.275215][T10114] netlink: 'syz.0.1711': attribute type 21 has an invalid length. [ 185.294425][ T5765] Bluetooth: hci3: command 0x0c1a tx timeout [ 185.294446][ T5083] Bluetooth: hci2: command 0x0c1a tx timeout [ 185.300467][ T5765] Bluetooth: hci1: command 0x0c1a tx timeout [ 185.319223][T10114] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1711'. [ 185.355340][T10114] netlink: 'syz.0.1711': attribute type 4 has an invalid length. [ 185.381985][T10114] netlink: 'syz.0.1711': attribute type 5 has an invalid length. [ 185.412574][T10114] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1711'. [ 185.797886][T10146] loop3: detected capacity change from 0 to 1024 [ 185.868895][T10155] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1724'. [ 185.907600][T10155] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1724'. [ 186.940537][T10211] loop1: detected capacity change from 0 to 4096 [ 186.974020][T10211] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 187.126906][T10193] loop0: detected capacity change from 0 to 32768 [ 187.144202][T10211] ntfs3: loop1: failed to convert "c46c" to cp437 [ 187.184403][T10193] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1735 (10193) [ 187.217854][ T5765] Bluetooth: hci0: command 0x0c1a tx timeout [ 187.318042][T10193] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 187.368460][T10193] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 187.377444][ T5765] Bluetooth: hci2: command 0x0c1a tx timeout [ 187.377488][ T5765] Bluetooth: hci3: command 0x0c1a tx timeout [ 187.389579][ T5083] Bluetooth: hci1: command 0x0c1a tx timeout [ 187.398224][T10193] BTRFS info (device loop0): max_inline at 6 [ 187.404427][T10193] BTRFS info (device loop0): enabling disk space caching [ 187.411481][T10193] BTRFS info (device loop0): turning off barriers [ 187.418195][T10193] BTRFS info (device loop0): disabling tree log [ 187.426137][T10193] BTRFS info (device loop0): force clearing of disk cache [ 187.433874][T10193] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 187.449382][T10193] BTRFS info (device loop0): force lzo compression, level 0 [ 187.457357][T10193] BTRFS info (device loop0): enabling tree log [ 187.464502][T10193] BTRFS info (device loop0): max_inline at 0 [ 187.470530][T10193] BTRFS info (device loop0): disk space caching is enabled [ 187.686959][T10193] BTRFS info (device loop0): enabling ssd optimizations [ 187.716967][T10264] loop2: detected capacity change from 0 to 1024 [ 187.724672][T10193] BTRFS info (device loop0): rebuilding free space tree [ 187.768627][T10264] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 187.802821][T10193] BTRFS info (device loop0): disabling free space tree [ 187.837761][T10193] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 187.855495][T10264] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 187.878848][T10193] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 187.918416][T10264] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.1752: missing EA_INODE flag [ 187.922277][ T27] audit: type=1800 audit(1773313043.197:64): pid=10264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1752" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 188.005730][T10264] EXT4-fs (loop2): Remounting filesystem read-only [ 188.014192][ T5766] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 188.040164][T10264] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 188.145882][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.155109][ T5800] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 188.364241][ T5800] usb 4-1: Using ep0 maxpacket: 16 [ 188.381531][ T5800] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 188.421003][ T5800] usb 4-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d [ 188.453957][ T5800] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 188.462010][ T5800] usb 4-1: Product: syz [ 188.508319][ T5800] usb 4-1: Manufacturer: syz [ 188.525142][ T5800] usb 4-1: SerialNumber: syz [ 188.562025][ T5800] usb 4-1: config 0 descriptor?? [ 188.574983][ T5800] gspca_main: STV06xx-2.14.0 probing 046d:08f0 [ 188.614231][ T5800] gspca_stv06xx: st6422 sensor detected [ 188.703524][T10316] loop2: detected capacity change from 0 to 256 [ 188.889974][T10319] loop1: detected capacity change from 0 to 4096 [ 188.912061][T10319] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 189.048785][T10319] ntfs3: loop1: Failed to load $Extend (-22). [ 189.066649][T10319] ntfs3: loop1: Failed to initialize $Extend. [ 189.100579][ T5800] STV06xx: probe of 4-1:0.0 failed with error -71 [ 189.113448][ T5800] usb 4-1: USB disconnect, device number 15 [ 189.602695][T10364] loop1: detected capacity change from 0 to 4096 [ 189.645627][T10364] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 189.692707][T10364] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 189.735756][T10372] loop3: detected capacity change from 0 to 1024 [ 189.780053][T10364] ntfs3: loop1: failed to convert "c46c" to macinuit [ 190.376960][T10414] xt_hashlimit: size too large, truncated to 1048576 [ 190.383717][T10414] xt_hashlimit: max too large, truncated to 1048576 [ 190.694894][T10443] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1799'. [ 190.831907][T10454] netlink: 'syz.2.1801': attribute type 2 has an invalid length. [ 190.884014][ T5800] usb 1-1: new full-speed USB device number 11 using dummy_hcd [ 191.063944][ T787] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 191.106129][ T5800] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 191.124536][ T5800] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 191.135681][ T5800] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 191.153871][ T5800] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.176387][ T5800] hub 1-1:4.0: USB hub found [ 191.234370][T10480] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 191.274138][ T787] usb 2-1: Using ep0 maxpacket: 32 [ 191.285820][ T787] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 191.308347][ T787] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 191.341420][ T787] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 191.358463][T10493] loop2: detected capacity change from 0 to 8 [ 191.361814][ T787] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 191.370330][T10493] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 191.404031][ T787] usb 2-1: Product: syz [ 191.408342][ T787] usb 2-1: Manufacturer: syz [ 191.414783][ T7646] udevd[7646]: incorrect cramfs checksum on /dev/loop2 [ 191.421248][T10493] cramfs: Error -3 while decompressing! [ 191.424412][ T5800] hub 1-1:4.0: 9 ports detected [ 191.432066][T10493] cramfs: ffffffff973f6368(26)->ffff88805af04000(4096) [ 191.432528][ T5800] usb 1-1: selecting invalid altsetting 1 [ 191.440707][T10493] cramfs: Error -5 while decompressing! [ 191.451661][ T5800] hub 1-1:4.0: Using single TT (err -22) [ 191.457230][T10493] cramfs: ffffffff973f6382(26)->ffff88805af05000(4096) [ 191.469413][ T7646] udevd[7646]: incorrect cramfs checksum on /dev/loop2 [ 191.471963][T10493] cramfs: Error -3 while decompressing! [ 191.478595][ T787] hub 2-1:4.0: USB hub found [ 191.488327][T10493] cramfs: ffffffff973f639c(16)->ffff888059090000(4096) [ 191.494250][ T5800] hub 1-1:4.0: insufficient power available to use all downstream ports [ 191.506651][T10493] cramfs: Error -3 while decompressing! [ 191.512276][T10493] cramfs: ffffffff973f6368(26)->ffff88805af04000(4096) [ 191.520525][ T27] audit: type=1800 audit(1773313046.807:65): pid=10493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1811" name="file2" dev="loop2" ino=348 res=0 errno=0 [ 191.583970][ T8] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 191.616392][ T5800] hub 1-1:4.0: hub_hub_status failed (err = -71) [ 191.622856][ T5800] hub 1-1:4.0: config failed, can't get hub status (err -71) [ 191.694251][ T5800] usb 1-1: USB disconnect, device number 11 [ 191.725105][ T787] hub 2-1:4.0: 5 ports detected [ 191.744588][ T787] hub 2-1:4.0: insufficient power available to use all downstream ports [ 191.773937][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 191.795843][ T8] usb 4-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 191.812049][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 191.821770][ T8] usb 4-1: Product: syz [ 191.828964][ T8] usb 4-1: Manufacturer: syz [ 191.835518][ T8] usb 4-1: SerialNumber: syz [ 191.842516][ T8] usb 4-1: config 0 descriptor?? [ 191.908644][T10520] netlink: 'syz.2.1816': attribute type 3 has an invalid length. [ 191.917107][T10520] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1816'. [ 191.929183][ T787] hub 2-1:4.0: hub_hub_status failed (err = -71) [ 191.942527][ T787] hub 2-1:4.0: config failed, can't get hub status (err -71) [ 191.995344][ T787] usb 2-1: USB disconnect, device number 15 [ 192.100943][ T8] speedtch 4-1:0.0: speedtch_bind: data interface not found! [ 192.102746][T10533] netlink: 'syz.2.1818': attribute type 5 has an invalid length. [ 192.116648][ T8] speedtch 4-1:0.0: usbatm_usb_probe: bind failed: -19! [ 192.360815][ T8] usb 4-1: USB disconnect, device number 16 [ 192.374710][T10548] tmpfs: Bad value for 'mpol' [ 192.573553][T10565] xt_hashlimit: size too large, truncated to 1048576 [ 192.590061][T10565] xt_hashlimit: max too large, truncated to 1048576 [ 192.741689][T10578] loop1: detected capacity change from 0 to 64 [ 192.965622][T10586] loop2: detected capacity change from 0 to 1024 [ 193.037203][T10597] overlayfs: conflicting options: userxattr,metacopy=on [ 193.368355][ T27] audit: type=1326 audit(1773313048.657:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10617 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 193.456892][ T27] audit: type=1326 audit(1773313048.687:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10617 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 193.542022][ T27] audit: type=1326 audit(1773313048.707:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10617 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 193.591318][ T27] audit: type=1326 audit(1773313048.727:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10617 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 193.641522][ T27] audit: type=1326 audit(1773313048.727:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10617 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 193.666414][ T27] audit: type=1326 audit(1773313048.767:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f77e6b5cfce code=0x7ffc0000 [ 193.738264][ T27] audit: type=1326 audit(1773313048.917:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10626 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f77e6b9c799 code=0x7ffc0000 [ 193.831696][ T27] audit: type=1326 audit(1773313049.117:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10641 comm="syz.1.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9274b9c799 code=0x7ffc0000 [ 193.935399][ T27] audit: type=1326 audit(1773313049.117:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10641 comm="syz.1.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9274b9c799 code=0x7ffc0000 [ 194.013935][ T27] audit: type=1326 audit(1773313049.147:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10641 comm="syz.1.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f9274b9c799 code=0x7ffc0000 [ 194.187276][T10667] ip6tnl3: entered promiscuous mode [ 194.225354][T10667] ip6tnl3: entered allmulticast mode [ 194.435731][T10687] (syz.3.1863,10687,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 194.464781][T10687] (syz.3.1863,10687,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 194.510889][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.517443][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.749322][T10702] bond2: entered allmulticast mode [ 194.927825][T10746] QAT: failed to copy from user cfg_data. [ 195.289920][T10772] loop2: detected capacity change from 0 to 64 [ 195.686327][T10795] bridge3: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms) [ 195.808380][T10808] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1890'. [ 195.897509][T10810] loop0: detected capacity change from 0 to 2048 [ 195.915511][T10810] ext2: Unknown parameter 'uid<00000000000000000000' [ 196.153214][T10832] loop0: detected capacity change from 0 to 1024 [ 196.335645][T10844] program syz.3.1898 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 196.434309][ T4119] hfsplus: b-tree write err: -5, ino 25 [ 196.449349][ T4119] hfsplus: b-tree write err: -5, ino 4 [ 196.474104][ T4119] hfsplus: b-tree write err: -5, ino 2 [ 196.714135][ T5800] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 196.917138][ T5800] usb 3-1: Using ep0 maxpacket: 16 [ 196.928900][ T5800] usb 3-1: config 0 has no interfaces? [ 196.940110][ T5800] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 196.959979][ T5800] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 196.976661][ T5800] usb 3-1: Product: syz [ 196.991157][ T5800] usb 3-1: Manufacturer: syz [ 197.001525][ T5800] usb 3-1: SerialNumber: syz [ 197.022274][ T5800] r8152-cfgselector 3-1: config 0 descriptor?? [ 197.257147][ T5800] usbip-host 3-1: 3-1 is not in match_busid table... skip! [ 197.372722][T10878] loop3: detected capacity change from 0 to 32768 [ 197.451752][T10878] ERROR: (device loop3): dbAlloc: unable to allocate blocks [ 197.451752][T10878] [ 197.495664][T10878] ERROR: (device loop3): remounting filesystem as read-only [ 197.496494][ T787] usb 3-1: USB disconnect, device number 13 [ 197.533454][T10878] jfs_rename: dtInsert returned -EIO [ 197.952632][T10939] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 198.708496][T10980] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 198.745719][T10980] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 198.791318][T10983] ieee802154 phy0 wpan0: encryption failed: -22 [ 198.887731][T10979] loop2: detected capacity change from 0 to 4096 [ 199.030541][T10953] loop3: detected capacity change from 0 to 40427 [ 199.064231][T10953] F2FS-fs (loop3): heap/no_heap options were deprecated [ 199.083941][T10953] F2FS-fs (loop3): build fault injection attr: rate: 19, type: 0x7ffff [ 199.092513][T10953] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x77e8c [ 199.131361][T10953] F2FS-fs (loop3): invalid crc value [ 199.152557][T10953] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21d/0x9b0 [ 199.164042][T10998] x_tables: duplicate underflow at hook 3 [ 199.237162][T10953] F2FS-fs (loop3): Found nat_bits in checkpoint [ 199.382606][T11012] xt_TCPMSS: Only works on TCP SYN packets [ 199.402074][T10953] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x134/0x650 [ 199.438441][ C1] F2FS-fs (loop3): inject read IO error in f2fs_read_end_io of blk_update_request+0x597/0xe40 [ 199.476574][T10953] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 199.604038][ T8] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 199.675439][T11025] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1951'. [ 199.814020][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 199.824929][ T8] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 199.871283][ T8] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 199.896713][ T8] usb 3-1: config 0 interface 0 has no altsetting 0 [ 199.917506][ T8] usb 3-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 199.954148][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.962204][ T8] usb 3-1: Product: syz [ 199.978016][ T8] usb 3-1: Manufacturer: syz [ 199.982675][ T8] usb 3-1: SerialNumber: syz [ 200.017434][ T8] usb 3-1: config 0 descriptor?? [ 200.049934][ T8] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 found [ 200.072385][T11043] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1957'. [ 200.282144][ T8] snd_usb_toneport 3-1:0.0: cannot get proper max packet size [ 200.512715][ T8] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 now disconnected [ 200.529881][ T8] snd_usb_toneport: probe of 3-1:0.0 failed with error -22 [ 200.545749][ T8] usb 3-1: USB disconnect, device number 14 [ 200.961822][T11087] netlink: 'syz.1.1968': attribute type 1 has an invalid length. [ 200.976688][T11087] netlink: 'syz.1.1968': attribute type 2 has an invalid length. [ 200.988971][T11087] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1968'. [ 201.222353][T11105] netlink: 'syz.0.1973': attribute type 4 has an invalid length. [ 201.327161][T11116] netlink: 'syz.0.1975': attribute type 3 has an invalid length. [ 201.415233][ T5800] usb 2-1: new low-speed USB device number 16 using dummy_hcd [ 201.504164][ T787] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 201.512586][T11132] qrtr: Invalid version 15 [ 201.565102][T11135] loop3: detected capacity change from 0 to 512 [ 201.573541][T11135] EXT4-fs: Ignoring removed orlov option [ 201.587067][T11135] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 201.621795][ T5800] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 201.635251][T11135] EXT4-fs (loop3): 1 orphan inode deleted [ 201.637633][ T5800] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 201.641210][T11135] EXT4-fs (loop3): 1 truncate cleaned up [ 201.657544][ T5800] usb 2-1: config 1 interface 0 has no altsetting 0 [ 201.658535][T11135] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.672003][ T5800] usb 2-1: string descriptor 0 read error: -22 [ 201.690359][ T5800] usb 2-1: New USB device found, idVendor=0644, idProduct=800e, bcdDevice= 0.40 [ 201.699692][ T788] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 201.731683][ T787] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 201.744253][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.750661][ T787] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 201.767560][ T5800] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=3 [ 201.779259][ T787] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 201.795809][ T5800] usb 2-1: 0:2 : does not exist [ 201.811409][ T787] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.837084][ T787] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.858471][ T5800] usb-storage 2-1:1.1: USB Mass Storage device detected [ 201.871611][ T787] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 201.878719][ T788] usb 1-1: Using ep0 maxpacket: 32 [ 201.885155][ T787] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 201.896825][ T787] usb 3-1: Product: syz [ 201.901921][ T787] usb 3-1: Manufacturer: syz [ 201.912760][ T787] cdc_wdm 3-1:1.0: skipping garbage [ 201.918357][ T787] cdc_wdm 3-1:1.0: skipping garbage [ 201.919295][ T788] usb 1-1: unable to get BOS descriptor or descriptor too short [ 201.955402][ T787] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 201.965437][ T788] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 120, changing to 7 [ 201.971941][ T787] cdc_wdm 3-1:1.0: Unknown control protocol [ 201.984504][ T788] usb 1-1: string descriptor 0 read error: -22 [ 201.991058][ T788] usb 1-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice= 0.40 [ 202.005349][ T788] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.142484][T11108] cdc_wdm 3-1:1.0: Error submitting int urb - -90 [ 202.162471][ T787] usb 3-1: USB disconnect, device number 15 [ 202.229666][ T5800] us122l: couldn't allocate write buffer [ 202.237383][ T5800] snd-usb-us122l: probe of 2-1:1.1 failed with error -22 [ 202.251277][ T5800] usb 2-1: USB disconnect, device number 16 [ 202.282997][ T788] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 202.487242][ T788] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 202.525121][T11198] loop3: detected capacity change from 0 to 512 [ 202.546720][ T788] usb 1-1: USB disconnect, device number 12 [ 202.589115][T11198] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 202.612529][T11198] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 202.622091][T11198] EXT4-fs error (device loop3): ext4_orphan_get:1424: comm syz.3.1988: bad orphan inode 13 [ 202.640038][T11198] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 202.764682][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.940161][T11239] loop2: detected capacity change from 0 to 512 [ 202.972032][T11239] EXT4-fs: Ignoring removed nomblk_io_submit option [ 203.017055][T11239] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 203.053067][T11239] ext4 filesystem being mounted at /549/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 203.138535][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.462557][T11263] loop1: detected capacity change from 0 to 4096 [ 203.475915][T11263] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 203.512067][T11263] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 203.540936][T11263] ntfs3: loop1: Failed to load $BadClus (-22). [ 203.898067][T11294] usb usb8: usbfs: process 11294 (syz.0.2008) did not claim interface 0 before use [ 203.922983][T11297] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2009'. [ 204.399211][T11326] loop1: detected capacity change from 0 to 8 [ 204.429512][T11326] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 204.438603][T11281] loop3: detected capacity change from 0 to 32768 [ 204.471677][T11326] cramfs: Error -5 while decompressing! [ 204.496515][ T7646] udevd[7646]: incorrect cramfs checksum on /dev/loop1 [ 204.497457][T11326] cramfs: ffffffff973fa348(18)->ffff888074a3a000(4096) [ 204.530022][T11326] cramfs: Error -5 while decompressing! [ 204.531116][T11281] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 204.549724][T11326] cramfs: ffffffff973fa348(18)->ffff888074a3a000(4096) [ 204.564015][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 204.564031][ T27] audit: type=1800 audit(1773313059.847:87): pid=11326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2016" name="file1" dev="loop1" ino=324 res=0 errno=0 [ 204.617664][ T7646] udevd[7646]: incorrect cramfs checksum on /dev/loop1 [ 204.692399][T11281] XFS (loop3): Ending clean mount [ 204.979119][ T5774] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 205.224290][ T8] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 205.379034][T11391] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2032'. [ 205.434598][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 205.447946][ T8] usb 3-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 205.462343][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.502745][ T8] usb 3-1: Product: syz [ 205.508433][ T8] usb 3-1: Manufacturer: syz [ 205.513156][ T8] usb 3-1: SerialNumber: syz [ 205.538660][ T8] usb 3-1: config 0 descriptor?? [ 205.566926][ T8] ums-onetouch 3-1:0.0: USB Mass Storage device detected [ 205.812153][ T5800] usb 3-1: USB disconnect, device number 16 [ 206.047646][T11446] loop1: detected capacity change from 0 to 256 [ 206.089133][T11446] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x395e47cf, utbl_chksum : 0xe619d30d) [ 206.125866][T11450] netlink: 'syz.3.2047': attribute type 58 has an invalid length. [ 206.144745][T11450] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2047'. [ 206.225204][T11458] xt_CT: You must specify a L4 protocol and not use inversions on it [ 206.465779][ T27] audit: type=1326 audit(1773313061.757:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11476 comm="syz.0.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 206.502094][ T27] audit: type=1326 audit(1773313061.757:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11476 comm="syz.0.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 206.524508][ C1] vkms_vblank_simulate: vblank timer overrun [ 206.530855][ T5800] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 206.539692][ T27] audit: type=1326 audit(1773313061.757:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11476 comm="syz.0.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 206.561974][ C1] vkms_vblank_simulate: vblank timer overrun [ 206.614338][ T27] audit: type=1326 audit(1773313061.757:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11476 comm="syz.0.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 206.674910][ T27] audit: type=1326 audit(1773313061.787:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11476 comm="syz.0.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 206.710121][ T27] audit: type=1326 audit(1773313061.817:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11476 comm="syz.0.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f396595cfce code=0x7ffc0000 [ 206.738490][ T27] audit: type=1326 audit(1773313061.827:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11476 comm="syz.0.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 206.760747][ C1] vkms_vblank_simulate: vblank timer overrun [ 206.775509][ T27] audit: type=1326 audit(1773313061.827:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11476 comm="syz.0.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 206.802324][ T5800] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 206.815345][ T5800] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 206.827649][ T5800] usb 2-1: config 220 has no interface number 2 [ 206.835361][ T5800] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 206.851416][ T5800] usb 2-1: config 220 interface 0 has no altsetting 0 [ 206.860002][ T27] audit: type=1326 audit(1773313061.827:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11476 comm="syz.0.2053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 206.890147][ T5800] usb 2-1: config 220 interface 76 has no altsetting 0 [ 206.897448][ T5800] usb 2-1: config 220 interface 1 has no altsetting 0 [ 206.909722][ T5800] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 206.920743][ T5800] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.936999][ T5800] usb 2-1: Product: syz [ 206.941250][ T5800] usb 2-1: Manufacturer: syz [ 206.957455][ T5800] usb 2-1: SerialNumber: syz [ 207.035545][T11505] vlan0: left promiscuous mode [ 207.208976][ T5800] usb 2-1: selecting invalid altsetting 0 [ 207.234515][ T5800] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 207.255508][ T5800] usb 2-1: No valid video chain found. [ 207.273249][ T5800] usb 2-1: selecting invalid altsetting 0 [ 207.286728][ T5800] usbtest: probe of 2-1:220.1 failed with error -22 [ 207.331605][ T5800] usb 2-1: USB disconnect, device number 17 [ 207.332876][T11527] netlink: 'syz.3.2067': attribute type 21 has an invalid length. [ 208.450715][T11602] usb usb7: usbfs: process 11602 (syz.1.2090) did not claim interface 0 before use [ 208.641912][T11618] loop3: detected capacity change from 0 to 256 [ 208.709189][T11618] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x68d18d75, utbl_chksum : 0xe619d30d) [ 208.807518][T11618] exFAT-fs (loop3): error, invalid access to FAT (entry 0x00000008) bogus content (0x00080000) [ 208.807621][T11618] exFAT-fs (loop3): Filesystem has been set read-only [ 210.039036][T11701] loop3: detected capacity change from 0 to 4096 [ 210.100349][T11701] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 210.383008][T11728] loop2: detected capacity change from 0 to 2048 [ 211.821064][T11771] loop2: detected capacity change from 0 to 32768 [ 211.882908][T11771] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 211.997762][ T787] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 212.115764][ T5770] ocfs2: Unmounting device (7,2) on (node local) [ 212.229723][ T787] usb 4-1: config index 0 descriptor too short (expected 39, got 27) [ 212.254636][ T787] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 212.288117][ T787] usb 4-1: config 0 interface 0 has no altsetting 0 [ 212.320746][ T787] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 212.345210][ T787] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 212.363720][ T787] usb 4-1: Product: syz [ 212.373604][ T787] usb 4-1: Manufacturer: syz [ 212.383730][ T787] usb 4-1: SerialNumber: syz [ 212.396922][ T787] usb 4-1: config 0 descriptor?? [ 212.444638][ T787] hub 4-1:0.0: bad descriptor, ignoring hub [ 212.457491][ T787] hub: probe of 4-1:0.0 failed with error -5 [ 212.498762][ T787] usb 4-1: selecting invalid altsetting 0 [ 212.568503][T11859] netlink: 'syz.2.2163': attribute type 27 has an invalid length. [ 212.844311][ T28] usb 4-1: USB disconnect, device number 17 [ 213.129479][T11905] netlink: 'syz.2.2172': attribute type 1 has an invalid length. [ 213.137310][T11905] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2172'. [ 213.849882][T11951] loop3: detected capacity change from 0 to 512 [ 213.907917][T11951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 213.922200][T11951] ext4 filesystem being mounted at /488/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 214.084106][T11969] loop2: detected capacity change from 0 to 4096 [ 214.104560][T11969] __ntfs_error: 1 callbacks suppressed [ 214.104576][T11969] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 214.135940][T11969] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 214.138029][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.150321][T11969] ntfs: volume version 3.1. [ 214.613420][T11964] loop1: detected capacity change from 0 to 32768 [ 214.636883][T11964] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.2192 (11964) [ 214.649665][T11991] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2199'. [ 214.671144][T11991] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2199'. [ 214.687761][T11991] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2199'. [ 214.719206][T11964] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 214.750929][T11964] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 214.776989][T11964] BTRFS info (device loop1): force zlib compression, level 3 [ 214.804462][T11964] BTRFS info (device loop1): force clearing of disk cache [ 214.811638][T11964] BTRFS info (device loop1): setting nodatasum [ 214.858263][T11964] BTRFS info (device loop1): allowing degraded mounts [ 214.871123][T11964] BTRFS info (device loop1): enabling disk space caching [ 214.902267][T11964] BTRFS info (device loop1): disk space caching is enabled [ 214.918597][T12005] befs: (loop2): No write support. Marking filesystem read-only [ 214.946486][T12005] bio_check_eod: 339 callbacks suppressed [ 214.946503][T12005] syz.2.2203: attempt to access beyond end of device [ 214.946503][T12005] loop2: rw=0, sector=0, nr_sectors = 2 limit=0 [ 214.972889][T12005] befs: (loop2): unable to read superblock [ 214.999852][T12015] [U]  [ 215.003248][T12015] [U] K{ [ 215.006462][T12015] [U] t 1ŠFfˊ`GJgo/mC [ 215.013454][T12015] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 215.064401][T12015] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 215.075322][T11964] BTRFS info (device loop1): auto enabling async discard [ 215.116810][T12015] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 215.178824][T11964] BTRFS info (device loop1): rebuilding free space tree [ 215.219593][T12015] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 215.244247][T11964] BTRFS info (device loop1): disabling free space tree [ 215.251203][T11964] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 215.261464][T11964] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 215.279080][T12015] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 215.290961][T12015] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 215.346134][T12015] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 215.501332][ T5763] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 215.602300][T12015] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 215.650464][T12015] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 215.726905][T12015] [U] 22Ʃx?0;3u [ 215.731175][T12015] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 215.756172][T12049] No such timeout policy "syz0" [ 215.792187][T12050] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2213'. [ 215.801321][T12015] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 215.825084][T12015] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 215.872999][T12015] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 215.911692][T12015] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 215.940273][T12015] [U] ec [ 215.943449][T12015] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 216.038935][T12015] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 216.451200][T12101] loop3: detected capacity change from 0 to 256 [ 216.540689][T12101] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 216.588954][T12108] loop0: detected capacity change from 0 to 512 [ 216.624114][T12108] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 216.640435][T12108] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 216.669676][T12108] EXT4-fs (loop0): 1 truncate cleaned up [ 216.702122][T12108] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 216.862503][T12108] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 217.077303][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.326328][T12162] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 217.534405][T12178] loop1: detected capacity change from 0 to 16 [ 217.554408][T12178] erofs: (device loop1): mounted with root inode @ nid 36. [ 217.941986][T12206] loop3: detected capacity change from 0 to 512 [ 217.966944][T12206] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 218.023561][T12206] EXT4-fs (loop3): 1 truncate cleaned up [ 218.041854][T12206] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 218.178462][ T5774] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.372052][T12198] loop2: detected capacity change from 0 to 32768 [ 218.481166][T12198] jfs_lookup: iget failed on inum 32 [ 219.239755][T12280] loop1: detected capacity change from 0 to 1024 [ 219.421244][T12293] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2277'. [ 219.611126][T12307] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 219.936984][T12326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2288'. [ 219.952479][T12327] xt_policy: too many policy elements [ 220.468236][T12345] loop1: detected capacity change from 0 to 256 [ 220.503444][T12345] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 220.629994][T12350] loop0: detected capacity change from 0 to 1764 [ 220.649325][T12321] loop2: detected capacity change from 0 to 40427 [ 220.677601][T12321] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 220.686842][T12350] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 220.700303][T12321] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 220.704832][ T4119] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 220.770044][T12321] F2FS-fs (loop2): Found nat_bits in checkpoint [ 220.988994][T12321] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 221.026276][T12321] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 221.174825][T12374] x_tables: unsorted underflow at hook 3 [ 221.441993][T12386] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2304'. [ 221.622109][T12398] loop3: detected capacity change from 0 to 1024 [ 221.649452][T12398] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 221.928969][T12411] mmap: syz.3.2311 (12411): VmData 37453824 exceed data ulimit 131072. Update limits or use boot option ignore_rlimit_data. [ 222.582387][T12399] loop1: detected capacity change from 0 to 40427 [ 222.620756][T12399] F2FS-fs (loop1): Fix alignment : done, start(4096) end(16896) block(12288) [ 222.656700][T12399] F2FS-fs (loop1): invalid crc value [ 222.673569][T12399] F2FS-fs (loop1): invalid crc value [ 222.683969][T12399] F2FS-fs (loop1): Failed to get valid F2FS checkpoint [ 222.745344][T12458] loop3: detected capacity change from 0 to 256 [ 222.868385][T12458] FAT-fs (loop3): Directory bread(block 64) failed [ 222.895811][T12458] FAT-fs (loop3): Directory bread(block 65) failed [ 222.916048][ T788] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 222.927403][T12458] FAT-fs (loop3): Directory bread(block 66) failed [ 222.946577][T12458] FAT-fs (loop3): Directory bread(block 67) failed [ 222.953271][T12458] FAT-fs (loop3): Directory bread(block 68) failed [ 222.976337][T12458] FAT-fs (loop3): Directory bread(block 69) failed [ 222.983050][T12458] FAT-fs (loop3): Directory bread(block 70) failed [ 223.015856][T12458] FAT-fs (loop3): Directory bread(block 71) failed [ 223.032838][T12458] FAT-fs (loop3): Directory bread(block 72) failed [ 223.042526][T12458] FAT-fs (loop3): Directory bread(block 73) failed [ 223.128786][ T788] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 223.153629][ T788] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.176799][ T788] usb 1-1: Product: syz [ 223.184128][ T788] usb 1-1: Manufacturer: syz [ 223.188770][ T788] usb 1-1: SerialNumber: syz [ 223.238463][ T788] usb 1-1: config 0 descriptor?? [ 223.478782][ T788] cx82310_eth: probe of 1-1:0.0 failed with error -22 [ 223.495597][ T788] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 223.519026][ T788] usb 1-1: USB disconnect, device number 13 [ 224.031310][T12533] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (18446744073709551615) [ 224.289746][ T27] audit: type=1326 audit(1773313079.577:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 224.318821][ T27] audit: type=1326 audit(1773313079.577:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 224.342312][ T27] audit: type=1326 audit(1773313079.597:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 224.359875][T12524] loop1: detected capacity change from 0 to 40427 [ 224.366008][ T27] audit: type=1326 audit(1773313079.607:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 224.391041][T12524] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 224.418014][T12524] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 224.455881][ T27] audit: type=1326 audit(1773313079.607:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12542 comm="syz.0.2347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f396599c799 code=0x7ffc0000 [ 224.457651][T12524] F2FS-fs (loop1): Found nat_bits in checkpoint [ 224.667978][T12524] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 224.693892][T12524] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 225.236439][T12585] loop0: detected capacity change from 0 to 4096 [ 225.270539][T12585] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 225.399090][T12585] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 225.434124][T12585] ntfs3: loop0: mft corrupted [ 225.439005][T12585] ntfs3: loop0: Failed to load $Extend (-22). [ 225.458776][T12585] ntfs3: loop0: Failed to initialize $Extend. [ 225.565317][T12585] ntfs3: loop0: ino=1b, "file0" failed to parse mft record [ 225.583965][T12585] ntfs3: loop0: ino=1b, "file0" attr_set_size [ 226.219288][T12647] netlink: 'syz.3.2375': attribute type 21 has an invalid length. [ 226.246414][T12647] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2375'. [ 226.276321][T12647] netlink: 'syz.3.2375': attribute type 5 has an invalid length. [ 226.299930][T12647] netlink: 'syz.3.2375': attribute type 6 has an invalid length. [ 226.323880][T12647] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2375'. [ 226.664798][T12673] kAFS: unable to lookup cell '' [ 226.844337][T12686] netlink: 'syz.0.2389': attribute type 3 has an invalid length. [ 227.023257][T12699] tipc: Can't bind to reserved service type 0 [ 227.037646][T12701] loop1: detected capacity change from 0 to 256 [ 227.079929][T12701] exfat: Deprecated parameter 'utf8' [ 227.105889][T12701] exfat: Deprecated parameter 'utf8' [ 227.107306][T12707] xt_hashlimit: max too large, truncated to 1048576 [ 227.111614][T12701] exfat: Deprecated parameter 'namecase' [ 227.157081][T12701] exfat: Deprecated parameter 'namecase' [ 227.180171][T12701] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 227.647335][T12738] autofs4:pid:12738:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.2147483646), cmd(0xc0189375) [ 227.699321][T12738] autofs4:pid:12738:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189375) [ 227.893185][T12756] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2410'. [ 228.899103][T12831] overlay: Unknown parameter 'smackfstransmute' [ 229.074282][ T5825] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 229.202902][T12852] loop0: detected capacity change from 0 to 256 [ 229.232203][T12852] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 229.264207][T12852] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 229.274550][ T5825] usb 2-1: Using ep0 maxpacket: 8 [ 229.303491][T12852] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 229.318153][ T5825] usb 2-1: config 64 has an invalid interface number: 19 but max is 0 [ 229.329228][ T5825] usb 2-1: config 64 has no interface number 0 [ 229.342309][ T5825] usb 2-1: config 64 interface 19 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 33 [ 229.378964][ T5825] usb 2-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0 [ 229.401211][ T5825] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.432055][T12820] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 229.451762][ T5825] usb 2-1: probing VID:PID(2201:012C) [ 229.485376][ T5825] usb 2-1: vub300 testing BULK OUT EndPoint(0) 03 [ 229.519832][ T5825] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs [ 229.555634][T12876] TCP: TCP_TX_DELAY enabled [ 229.575737][ T5825] vub300: probe of 2-1:64.19 failed with error -22 [ 229.664950][ T5825] usb 2-1: USB disconnect, device number 18 [ 229.707774][T12891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2449'. [ 229.731224][T12891] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2449'. [ 229.743158][T12891] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2449'. [ 229.763979][ T28] usb 3-1: new low-speed USB device number 17 using dummy_hcd [ 229.965683][ T28] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 229.965710][ T28] usb 3-1: config 0 has no interface number 0 [ 229.965756][ T28] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 229.965781][ T28] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 229.965816][ T28] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 229.965837][ T28] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.968197][ T28] usb 3-1: config 0 descriptor?? [ 229.995831][ T28] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 230.227898][T12867] iowarrior 3-1:0.1: Error -90 while submitting URB [ 230.271158][ T8] usb 3-1: USB disconnect, device number 17 [ 230.329545][T12900] loop3: detected capacity change from 0 to 32768 [ 230.397467][T12900] JBD2: Ignoring recovery information on journal [ 230.450776][T12936] loop1: detected capacity change from 0 to 256 [ 230.550811][T12900] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 230.575641][T12936] FAT-fs (loop1): Directory bread(block 64) failed [ 230.615201][T12936] FAT-fs (loop1): Directory bread(block 65) failed [ 230.632991][T12936] FAT-fs (loop1): Directory bread(block 66) failed [ 230.646991][T12936] FAT-fs (loop1): Directory bread(block 67) failed [ 230.668741][T12900] (syz.3.2451,12900,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10 [ 230.671524][T12936] FAT-fs (loop1): Directory bread(block 68) failed [ 230.687414][T12944] netlink: 'syz.0.2459': attribute type 5 has an invalid length. [ 230.700913][T12900] (syz.3.2451,12900,0):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 230.711393][T12900] (syz.3.2451,12900,0):ocfs2_mknod:298 ERROR: status = -2 [ 230.713914][T12936] FAT-fs (loop1): Directory bread(block 69) failed [ 230.725321][T12900] (syz.3.2451,12900,0):ocfs2_mknod:502 ERROR: status = -2 [ 230.732774][T12900] (syz.3.2451,12900,0):ocfs2_create:676 ERROR: status = -2 [ 230.743641][T12936] FAT-fs (loop1): Directory bread(block 70) failed [ 230.757474][T12936] FAT-fs (loop1): Directory bread(block 71) failed [ 230.777364][T12936] FAT-fs (loop1): Directory bread(block 72) failed [ 230.796894][T12936] FAT-fs (loop1): Directory bread(block 73) failed [ 230.884633][ T5774] ocfs2: Unmounting device (7,3) on (node local) [ 231.063132][T12957] loop0: detected capacity change from 0 to 64 [ 231.148725][T12957] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 231.241587][T12966] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2465'. [ 231.476795][T12982] loop1: detected capacity change from 0 to 64 [ 231.502827][T12982] hfs: unable to locate alternate MDB [ 231.510460][T12982] hfs: continuing without an alternate MDB [ 231.583864][ T27] audit: type=1800 audit(1773313086.857:103): pid=12982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2468" name="bus" dev="loop1" ino=21 res=0 errno=0 [ 231.705850][ T4119] hfs: new node 0 already hashed? [ 231.711475][ T4119] ------------[ cut here ]------------ [ 231.717230][ T4119] WARNING: CPU: 1 PID: 4119 at fs/hfs/bnode.c:520 hfs_bnode_create+0x3b9/0x440 [ 231.726882][ T4119] Modules linked in: [ 231.730834][ T4119] CPU: 1 PID: 4119 Comm: kworker/u4:8 Not tainted syzkaller #0 [ 231.738807][ T4119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 231.749558][ T4119] Workqueue: writeback wb_workfn (flush-7:1) [ 231.755626][ T4119] RIP: 0010:hfs_bnode_create+0x3b9/0x440 [ 231.761424][ T4119] Code: d4 e0 8a 89 ee e8 47 8c 1f 08 e9 73 fd ff ff e8 1d 1c 2d ff 4c 89 ef e8 45 bc 34 08 48 c7 c7 c0 d4 e0 8a 89 ee e8 27 8c 1f 08 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fc ff ff 4c [ 231.782080][ T4119] RSP: 0018:ffffc9000e256e18 EFLAGS: 00010246 [ 231.788342][ T4119] RAX: 000000000000001f RBX: ffff88802d154000 RCX: eff3513b6db36500 [ 231.796405][ T4119] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 231.804717][ T4119] RBP: 0000000000000000 R08: ffffc9000e256b27 R09: 1ffff92001c4ad64 [ 231.812776][ T4119] R10: dffffc0000000000 R11: fffff52001c4ad65 R12: 0000000000000000 [ 231.820839][ T4119] R13: ffff88802d1540e0 R14: ffff888026551000 R15: dffffc0000000000 [ 231.828885][ T4119] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 231.837933][ T4119] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 231.844581][ T4119] CR2: 00007f396674da08 CR3: 00000000647a5000 CR4: 00000000003506e0 [ 231.852611][ T4119] Call Trace: [ 231.856002][ T4119] [ 231.858952][ T4119] hfs_bmap_alloc+0x541/0x5d0 [ 231.863648][ T4119] ? hfs_bmap_reserve+0x430/0x430 [ 231.868796][ T4119] hfs_btree_inc_height+0x101/0xac0 [ 231.874076][ T4119] ? hfs_brec_insert+0x6fa/0xbd0 [ 231.879045][ T4119] ? hfs_brec_insert+0xbd0/0xbd0 [ 231.885069][ T4119] ? do_raw_spin_unlock+0x121/0x230 [ 231.890326][ T4119] hfs_brec_insert+0x748/0xbd0 [ 231.895440][ T4119] ? hfs_brec_keylen+0x360/0x360 [ 231.900466][ T4119] __hfs_ext_write_extent+0x2a1/0x470 [ 231.905956][ T4119] hfs_ext_write_extent+0x17f/0x210 [ 231.911189][ T4119] ? verify_lock_unused+0x140/0x140 [ 231.916500][ T4119] ? hfs_ext_find_block+0x190/0x190 [ 231.921739][ T4119] ? blk_start_plug+0x51/0x1a0 [ 231.926649][ T4119] hfs_write_inode+0xdc/0x880 [ 231.931373][ T4119] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 231.937058][ T4119] ? __writeback_single_inode+0x48d/0xec0 [ 231.942823][ T4119] ? __lock_acquire+0x7d40/0x7d40 [ 231.947922][ T4119] ? do_raw_spin_lock+0x11f/0x2c0 [ 231.952998][ T4119] ? __rwlock_init+0x150/0x150 [ 231.957926][ T4119] __writeback_single_inode+0x705/0xec0 [ 231.963522][ T4119] writeback_sb_inodes+0x7cd/0xf50 [ 231.968748][ T4119] ? queue_io+0x550/0x550 [ 231.973115][ T4119] ? rcu_is_watching+0x15/0xb0 [ 231.977989][ T4119] wb_writeback+0x46a/0xbf0 [ 231.982525][ T4119] ? queue_io+0x3b1/0x550 [ 231.987761][ T4119] ? percpu_ref_tryget+0x250/0x250 [ 231.992914][ T4119] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 231.999100][ T4119] ? _raw_spin_unlock_irq+0x23/0x50 [ 232.004419][ T4119] wb_workfn+0x400/0xe60 [ 232.008687][ T4119] ? inode_wait_for_writeback+0x230/0x230 [ 232.014514][ T4119] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 232.020541][ T4119] ? read_lock_is_recursive+0x20/0x20 [ 232.025999][ T4119] ? _raw_spin_unlock_irq+0x23/0x50 [ 232.031209][ T4119] ? process_scheduled_works+0x96f/0x15d0 [ 232.037063][ T4119] ? process_scheduled_works+0x96f/0x15d0 [ 232.042809][ T4119] process_scheduled_works+0xa5d/0x15d0 [ 232.048439][ T4119] ? worker_attach_to_pool+0x380/0x380 [ 232.053963][ T4119] ? assign_work+0x3d2/0x5d0 [ 232.058551][ T4119] worker_thread+0xa55/0xfc0 [ 232.063143][ T4119] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 232.069203][ T4119] ? _raw_spin_unlock+0x40/0x40 [ 232.074120][ T4119] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 232.080053][ T4119] kthread+0x2fa/0x390 [ 232.084224][ T4119] ? pr_cont_work+0x560/0x560 [ 232.089573][ T4119] ? kthread_blkcg+0xd0/0xd0 [ 232.094434][ T4119] ret_from_fork+0x48/0x80 [ 232.098886][ T4119] ? kthread_blkcg+0xd0/0xd0 [ 232.103529][ T4119] ret_from_fork_asm+0x11/0x20 [ 232.108379][ T4119] [ 232.111417][ T4119] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 232.118694][ T4119] CPU: 1 PID: 4119 Comm: kworker/u4:8 Not tainted syzkaller #0 [ 232.126236][ T4119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 232.136297][ T4119] Workqueue: writeback wb_workfn (flush-7:1) [ 232.142288][ T4119] Call Trace: [ 232.145576][ T4119] [ 232.148508][ T4119] dump_stack_lvl+0x18c/0x250 [ 232.153185][ T4119] ? show_regs_print_info+0x20/0x20 [ 232.158427][ T4119] ? load_image+0x400/0x400 [ 232.162933][ T4119] panic+0x2dc/0x730 [ 232.167019][ T4119] ? bpf_jit_dump+0xd0/0xd0 [ 232.171716][ T4119] ? ret_from_fork_asm+0x11/0x20 [ 232.176681][ T4119] __warn+0x2e0/0x470 [ 232.180678][ T4119] ? hfs_bnode_create+0x3b9/0x440 [ 232.185719][ T4119] ? hfs_bnode_create+0x3b9/0x440 [ 232.190856][ T4119] report_bug+0x2be/0x4f0 [ 232.195212][ T4119] ? hfs_bnode_create+0x3b9/0x440 [ 232.200453][ T4119] ? hfs_bnode_create+0x3b9/0x440 [ 232.205471][ T4119] ? hfs_bnode_create+0x3bb/0x440 [ 232.210492][ T4119] handle_bug+0xcf/0x120 [ 232.214734][ T4119] exc_invalid_op+0x1a/0x50 [ 232.219234][ T4119] asm_exc_invalid_op+0x1a/0x20 [ 232.224200][ T4119] RIP: 0010:hfs_bnode_create+0x3b9/0x440 [ 232.229832][ T4119] Code: d4 e0 8a 89 ee e8 47 8c 1f 08 e9 73 fd ff ff e8 1d 1c 2d ff 4c 89 ef e8 45 bc 34 08 48 c7 c7 c0 d4 e0 8a 89 ee e8 27 8c 1f 08 <0f> 0b eb b7 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fc ff ff 4c [ 232.249548][ T4119] RSP: 0018:ffffc9000e256e18 EFLAGS: 00010246 [ 232.255616][ T4119] RAX: 000000000000001f RBX: ffff88802d154000 RCX: eff3513b6db36500 [ 232.263670][ T4119] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 232.271632][ T4119] RBP: 0000000000000000 R08: ffffc9000e256b27 R09: 1ffff92001c4ad64 [ 232.279602][ T4119] R10: dffffc0000000000 R11: fffff52001c4ad65 R12: 0000000000000000 [ 232.287569][ T4119] R13: ffff88802d1540e0 R14: ffff888026551000 R15: dffffc0000000000 [ 232.295548][ T4119] ? hfs_bnode_create+0x3b9/0x440 [ 232.300569][ T4119] hfs_bmap_alloc+0x541/0x5d0 [ 232.305243][ T4119] ? hfs_bmap_reserve+0x430/0x430 [ 232.310264][ T4119] hfs_btree_inc_height+0x101/0xac0 [ 232.315553][ T4119] ? hfs_brec_insert+0x6fa/0xbd0 [ 232.320482][ T4119] ? hfs_brec_insert+0xbd0/0xbd0 [ 232.325413][ T4119] ? do_raw_spin_unlock+0x121/0x230 [ 232.330608][ T4119] hfs_brec_insert+0x748/0xbd0 [ 232.335379][ T4119] ? hfs_brec_keylen+0x360/0x360 [ 232.340310][ T4119] __hfs_ext_write_extent+0x2a1/0x470 [ 232.345762][ T4119] hfs_ext_write_extent+0x17f/0x210 [ 232.350959][ T4119] ? verify_lock_unused+0x140/0x140 [ 232.356240][ T4119] ? hfs_ext_find_block+0x190/0x190 [ 232.361440][ T4119] ? blk_start_plug+0x51/0x1a0 [ 232.366198][ T4119] hfs_write_inode+0xdc/0x880 [ 232.370908][ T4119] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 232.376289][ T4119] ? __writeback_single_inode+0x48d/0xec0 [ 232.382076][ T4119] ? __lock_acquire+0x7d40/0x7d40 [ 232.387104][ T4119] ? do_raw_spin_lock+0x11f/0x2c0 [ 232.392128][ T4119] ? __rwlock_init+0x150/0x150 [ 232.396896][ T4119] __writeback_single_inode+0x705/0xec0 [ 232.402536][ T4119] writeback_sb_inodes+0x7cd/0xf50 [ 232.407663][ T4119] ? queue_io+0x550/0x550 [ 232.412004][ T4119] ? rcu_is_watching+0x15/0xb0 [ 232.416773][ T4119] wb_writeback+0x46a/0xbf0 [ 232.421277][ T4119] ? queue_io+0x3b1/0x550 [ 232.425605][ T4119] ? percpu_ref_tryget+0x250/0x250 [ 232.430713][ T4119] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 232.436694][ T4119] ? _raw_spin_unlock_irq+0x23/0x50 [ 232.441888][ T4119] wb_workfn+0x400/0xe60 [ 232.446143][ T4119] ? inode_wait_for_writeback+0x230/0x230 [ 232.451869][ T4119] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 232.457903][ T4119] ? read_lock_is_recursive+0x20/0x20 [ 232.463274][ T4119] ? _raw_spin_unlock_irq+0x23/0x50 [ 232.468467][ T4119] ? process_scheduled_works+0x96f/0x15d0 [ 232.474188][ T4119] ? process_scheduled_works+0x96f/0x15d0 [ 232.479903][ T4119] process_scheduled_works+0xa5d/0x15d0 [ 232.485469][ T4119] ? worker_attach_to_pool+0x380/0x380 [ 232.490927][ T4119] ? assign_work+0x3d2/0x5d0 [ 232.495512][ T4119] worker_thread+0xa55/0xfc0 [ 232.500094][ T4119] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 232.505986][ T4119] ? _raw_spin_unlock+0x40/0x40 [ 232.510929][ T4119] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 232.516825][ T4119] kthread+0x2fa/0x390 [ 232.520881][ T4119] ? pr_cont_work+0x560/0x560 [ 232.525556][ T4119] ? kthread_blkcg+0xd0/0xd0 [ 232.530141][ T4119] ret_from_fork+0x48/0x80 [ 232.534547][ T4119] ? kthread_blkcg+0xd0/0xd0 [ 232.539127][ T4119] ret_from_fork_asm+0x11/0x20 [ 232.543896][ T4119] [ 232.547266][ T4119] Kernel Offset: disabled [ 232.551654][ T4119] Rebooting in 86400 seconds..