last executing test programs: 25.472033155s ago: executing program 2 (id=603): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={r0, 0x58, &(0x7f0000000280)={0x0, 0x0}}, 0x10) r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001740)={r1}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x5}, {}, {}, {}, {0x85, 0x0, 0x0, 0x83}}]}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 25.442900737s ago: executing program 2 (id=604): r0 = io_uring_setup(0x28d5, &(0x7f0000000100)={0x0, 0x0, 0x40, 0x0, 0x214}) close(r0) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000180)={[0x4000000000]}, 0x8, 0x0) read$qrtrtun(r1, &(0x7f0000000180)=""/210, 0xd2) 24.528360831s ago: executing program 2 (id=618): socket$inet6(0xa, 0x3, 0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x28, r1, 0x325, 0xfffffffe, 0x0, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}}, 0x0) 24.487816353s ago: executing program 2 (id=619): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") syz_mount_image$fuse(0x0, &(0x7f0000000300)='./bus\x00', 0x3000001, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0x0) 24.28005486s ago: executing program 2 (id=620): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x18) r1 = io_uring_setup(0x64b2, &(0x7f00000002c0)={0x0, 0x4d49, 0x40, 0x5, 0x1ed}) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x13, &(0x7f0000000080)=[0x7ff, 0x2], 0x2) 23.893499661s ago: executing program 2 (id=621): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f00000002c0)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0) preadv2(r1, &(0x7f0000000280)=[{&(0x7f00000008c0)=""/211, 0xd3}], 0x1, 0x0, 0x0, 0x0) 23.627928363s ago: executing program 32 (id=621): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f00000002c0)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0) preadv2(r1, &(0x7f0000000280)=[{&(0x7f00000008c0)=""/211, 0xd3}], 0x1, 0x0, 0x0, 0x0) 1.519959818s ago: executing program 3 (id=859): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x70, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_LABELS={0xc, 0x16, 0x1, 0x0, [0x2, 0x3]}]}, 0x70}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x40, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0xed79]}, @CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820) 1.48883991s ago: executing program 3 (id=861): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000080)={0x91, 0x1, {0x27, 0x24, 0xc, 0x7, 0xa, 0x1ff, 0x6, 0x8}}) 1.314008785s ago: executing program 3 (id=864): r0 = epoll_create(0x3) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x22002, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000140)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000080)={0x40000001}) 1.168190106s ago: executing program 3 (id=868): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x100000000) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) 1.063882415s ago: executing program 0 (id=870): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x7, 0x2000}) fcntl$lock(r0, 0x25, &(0x7f00000000c0)={0x1, 0x0, 0xfd97}) fcntl$lock(r0, 0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x6}) 1.063633354s ago: executing program 4 (id=871): sendmsg$unix(0xffffffffffffffff, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018"], &(0x7f0000001f80)=""/212, 0x26, 0xd4, 0xa}, 0x28) 1.026200427s ago: executing program 0 (id=872): syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000002380)='./file1\x00', 0x3a0cc0a, &(0x7f00000023c0)=ANY=[@ANYBLOB='hide,dmode=0x0000000000000005,map=normal,map=normal,session=0x000000000000000e,overriderockperm,showassoc,nocompress,utf8,map=normal,session=0x0000000000000006,map=acorn,mode=0x0000000000000086,uid=', @ANYRESDEC=0x0, @ANYBLOB='\x00\x00', @ANYRESDEC, @ANYRESDEC, @ANYRES8, @ANYRESDEC], 0x43, 0xa02, &(0x7f0000003640)="$eJzs3U9sXdWdB/DvfbYTj4lCgAyTQUBewgQMZBzbGcJEbCaxnxMz/jOyHYloNCIMSaooVqmgSIAqNZWqroraRdUF3SF10xUSG9hU2bXbbrqoVLHuDnUVddFX3fueYzv283MSxzbh87Ge3/3zu+f8zrv33SNfv3dP+CZrNpvV4x7nL/xmO5Nl9zk7/tWnn31cPn50I3vSk1eKL5L+JPWkN8mhJGPjc7PTXQq6nlxKcjMpkuxN63lTLqX4WfYtz99M8auq3tKFe2wYm9LkW22njz8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiNirHx4eGRIlOTMxfeqHdWDQHeaWVtubwvq1G/iy+71psU5SP9/UtDfR86uLz6yfLX0Tzdmnu6GpA8/fnokScPvPZEb21p+w0Svht/bw+GfNcbvvfhR9ffWly88m6H9T3t5tx3hrvUucbM5Pzs5PSZc4365Pxs/fSpU8Mnzk/M1ycmpxrzF+cXGtP1sbnGmYXZufrg2Iv1kdOnT9YbQxdnL8ycGx+aaiwtfPXfR4eHT9VfH/qfxpm5+dmZE68PzY+dn5yampw5V8WUq8uYV8sD8b8nF+oLjTPT9frVa4tXTq7KaJ2Xugwa6daSMmi0W9Do8OjoyMjo6MipV06/8urwcO/ygp5UC4bvkDWb3D5os+/hPS6+hT6pbSKoPDnWt/DsDfen1u7/M5XJzORC3kh93Z+xjGcus5nusL5tqf8/dqKxYb0r+/+lXv7Q8uqnUvX/z7bmnu3U/3fIZft+3suH+SjX81YWs5greXfV2r33UGKzuX6rfv2H1mux0y1e/XMujcxkMvOZzWSmc6ZaUm8vqed0TuVUhvNmzmci86lnIpOZSiPzuZj5LKRRHVFjmUsjZ7LQ22rjYMbyYuoZyemczsnU08hQLmY2FzKTcxnPmaqUq7lWve4nN8jxdtDIZoJGNwjaoP9vL7iL/p9vqa0+hcM9a7b7/z13LK+tDR0c266kAAAAgC31r7/P/oOP/+7PSV+eqa6xAwAAAA+b6uN6T5dPfeXUMykmJqcaw2sD39/+3AAAAICtUVTfsSuSDORwa2rpm1DrXAQAAAAAvomq//8/Wz4NlFOHU/j7HwAAAB423e+x3zWiOJ56bpSr6pdbkZfbEe37/A5MTE41hsZmp14byfPVXQaqbxqsKa0nB5Lq6wcv5Ugr6shA63lgdYn9ZdTI0Gsj6c/RdkMGnyufnhtcJ3K0jHwpL7QiX1iK7M+ayJNlJAA87I5u0B9vtv9/KcdbEcefqm7f3vvUOn3wcKtn/eEOtRMAWNZ9jJ2uEcV/LA3/0+Hv/55cPdz6SMFQ3s47WczlHK++bVB94qBdam4WWS51YMXHEI53uRowsGKEl+NL1wMO71v3esDAioFejq+5ItAp9uS6r12x5XsDALbH0TX98Ab9f7PZmlpz/X/jv/8HfKQQAHaV2yPYP8CJO+vs25mmAgBtnXvpDfQ8wIQAAAAAAAAAAAAAAAAAAAAAAAAAAADgIfAg7/9fS/JgRxa4j4kbSXZBGts88Zf2bl+zqr38xo5nuGJib+6/nP5tGeHiw//bs4sP9Xub2MGTEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANumSHrWW15L9ia9w0lObH9WD86NnU5ghxW3cisfZP9O5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8LBp3/+/ltbzI61F6a0lx5JcSvK/O53jVrq10wnssBX3/y/3eZpFelu7PUXf2Pjc7HS5+7O3XP/Vp599XD7upZ6ygLKGVYNLtGvovNVj1VYD41feu/79d75XHz9bJXl2YWJqfPrc3H8tBz5ZfJ7U03osWcr3B0X7KF7d8s/Llnavt6xloqp3fG29/7Le1rfrPfbbn3du27LlNK4tXhkta1povLHw/nevfbAi6PEcSZ4bTAZX1/Sd8tGhpiPp26je4uviJ8X+/DKXqv1fplE0i3IXPZrsSe2frl5bvDL09juLlzvkdCCHk1xO+jef0+G1e2JJddTV+spah6ug8tfBLuVt6JGe/c1mq8SRDm14rDpkBu6qDfXObah0ed3bbTzZIaMn8vxd7+nnu9TY9rdmS2uu+Lr4U3E+f8yPV4z/USv3/7Fs5t1ZxlSRK46Uzm0+ttzy0ZUr3rwzsuO7kgfgp/n//Oft/V9bcf5v76vtOR+tqPGBvS+KVi/UVk0fvKNHap99OmXZzvNgK6pDnv+cl9du1yXPl7ucUbbo/b9a8XXxSTGYv+aG8X8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdr0h61lteS44lOZDk0XK+njS3or7aQLEVxWzSnjVLbmxj7btH7fZUcSu38kH272g6AAAAAAAAAGyZs+NfffrZx+Wj+n98T/6t+CLpb/2nvzfJgeIXfWPjc7PTXQrqSy4luVlO999dDuV22bc8f7OcO3T3bQEANucfAQAA//+INm5i") name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 981.359541ms ago: executing program 1 (id=873): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee01, 0x0) keyctl$setperm(0x5, r0, 0x30925) keyctl$read(0xb, r0, &(0x7f00000003c0)=""/224, 0xe0) 910.717857ms ago: executing program 4 (id=874): syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f0000000500)=ANY=[], 0xc, 0xac, &(0x7f0000000100)="$eJzs0jFqwzAUBuBnY7cdu3foDXwHn6BnMB3tzZNLJ9+nlyh07RFygwxZsygYyUP2QAh8H0hPP/8ikP7PP2+xRryvESmlJu2aSPPyNQ7TvLTjMEVEG3+RVWU+Bw+uLs/ZR/4DWz72uatKfzh9f+4rNx+/eT7d7+IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEPV63Wuo+vK8WXbLgEAAP//2Bwh+A==") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r0, 0x400, 0x1) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') 882.164559ms ago: executing program 3 (id=875): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x4, 0x8}) readv(r0, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x1000}], 0x1) 792.092626ms ago: executing program 1 (id=876): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000001180)='pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYRESOCT, @ANYRESDEC=r1], 0x8b) 791.748066ms ago: executing program 3 (id=877): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000140)='./file1\x00', 0x1010088, &(0x7f0000002640)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8ab3590cb9281206380e749e04e46b1bf2f16321564d5e744d2488864ab5ecd10f9310442828692f07853d2049c6790b35f903b6f261f207711e64a7a6b99a5bb930fe4497b7c54508edd546a5cf1a837597e4bbee5fba18171cab1c81a041d4f7dfef6a4e5012aac458d76056750b576d25e7d06a1eaff13730f3716258b4a95d07c475daf121105320d6368b7ee9d9747df5e0ccff4c08b808390", @ANYRES16], 0x9, 0x444f, &(0x7f0000008900)="$eJzs3c9PHNcdAPA3A67B9Q9wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXtYLrG3ahbVgiXKwFHKzlFOkHCIfrETKjZPFP+D8Cbnk6JwtJYdcIkWyQrS7s7Az7Iq1vYtD9PkcGPb9/C7fmdk3h+XFicr9pbXc0lqusJIrL9xdO597p1xaXy6G+AAMtZv/yMHMT+de8TwJG90fky66cenKv26fD+HzxS9fbG9vb4eq/tDSWNPv3337cKH52BBn+lTHbT1at/w3hHBmT1xVfSGE/yQBXUzKJpPjYAjhRAghCiHcfvjBnVyXonn6vHgh/3Lu0db4udnNJ1vt33sUwuPSr/98b/nr3/WNf/XHLk0PAAAAAAAAAAAAAAAAAMAhN33zxq1/jo6FZ1Ho34z2fl93Ojm2+37sdtf8tvdvFgAAAAAAAAAAAAAAAAAAAH6idr//n4tOt/j+/1RynGjTf/vvbSqOdjdOemPmHzemLo+OJfu/R3vq/5IUfXOxLwy32Pc9u//7xUz/1vu/J4P2vXn8jfga8w6FKB7Zfm+nfijE8chICJ8mG7+fjY7FpfJa5U93y+sri28+/2GXzn99s/zUWZDsn99p/icz4/d+//9fhexZW319Z++pTAvp/Le/ID97P+oo/5cy/Q4i/7y+dP77a2WDzQ0m6jeAav4/7N8//1OZ8XuV/5MhhFxUjTWXugNU1zDV8nbrFdLS+T9SK0vdOpM/ZLvr//tM/i9nxm+X/1Ndewet7/8b2Q8iWkrn/xe1soFUi93rfzje//q/khn/bXz+V+Pf8PnfkXT+k4e2/lST2l+y0/v/dGb8XuX/VpzEeTJKnQGbUb283f+rIy2d/4E99bvPf3FH67+rmf61/O+5Frt3cTbia8xbe/5reg75Q1R//muj8LhrkRxO6fwPtm3X6fU/k+nX6/v/RG39x+tK5/9YrSy9dh6q/ew0/7OZ8XuV/9qqZKCR/937yQ9H6+WfWP91JJ3/X9YL4+YWG7WftfVftP/6/1pm/Lex/qvGvxH3dtafi3T+j7dtV83/Fx18/l/P9Ot9/kMYtdZ/ben8n2jbrnb9D+yf/7lMv17n//e9HBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgEJhMjkMhikdSr+N4ZCSES8nrs+FYNF9YzM+Xygv/XwthKinPhdPRvVJ5vlDKL62UF4v5QqlUXgjhclJ/JgxEa6VyJb9ceHBlZ6zB6H6xsFqZLxYqIYTppPw34URjrPmlynLhQQjh6k7dqbi8+uB+YSW/uLT6t9HR0dEwsxPDcFR8t1JcqdRnr9eGMLvTdyhqCq5WfW0nluPR/8rrqyuFUq38elOfUnmhUGrqM5fUfRSGo8rq+spCoVLMl8r3GvO9TRPJcWrm5r9vXh/bU38nqh8nDzYsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF7Rs/G/fhxC6K+/ikMIE41folbtnz4vXsi/nHu0NX5udvPJ1ot27QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JEdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSsRAFAbgN2Ohdh7DKiSdbYIiWhgRPIEew8PEo3gJ72BhYWshgpkBjbuQZrf6vuZBfl7eDwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDqXd+P9bdtFpDj6Oox4eXx9+51flzkN88yL/YM99WQ3rm7G84u2K989/cvPyqP3Pv+knx9PD7FhVs/D3/3l/zSrd4639pqGdf1rv3r3JFJuIqIv+WnKuWnWvQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvtmBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwLAAAAAAjzt46ibwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+BQAA//8cRyE4") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) pwrite64(r0, &(0x7f0000000100)='2', 0x1, 0xfec9) truncate(&(0x7f0000000000)='./file1\x00', 0xfbb0) 743.33814ms ago: executing program 0 (id=878): unshare(0x2c020680) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f00000000c0)={0x84, @multicast2, 0x4e20, 0x3, 'nq\x00', 0x30, 0x4, 0x68}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @broadcast, 0x4e21, 0x3, 'fo\x00', 0x11, 0x3240, 0x3a}, {@loopback, 0x4e23, 0x4, 0xc3, 0x12d5c, 0x12d5c}}, 0x44) 715.231932ms ago: executing program 1 (id=879): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_STATION(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r0, 0x1, 0x2, 0x80, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x1ff}]}, 0x30}, 0x1, 0x0, 0x0, 0x24004870}, 0x0) 627.969719ms ago: executing program 4 (id=880): setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'dh\x00', 0x4, 0x5, 0x11}, 0x2c) socket$packet(0x11, 0xa, 0x300) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x300}, 0x48) 580.400513ms ago: executing program 1 (id=881): bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="170000000400000000000000000000000000000011551466332827b704aca8eada58be76ba938a245957369ce76f4056293605551d76c17f10df38ec48f031b9e74295fa6d909834ffa436"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b40)=ANY=[@ANYBLOB="b702000009000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065060400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c008cbdd3b4c3b7f28754860c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05ae8a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3cf96f9483ff19a6471bf5abc742d9cbcfb964b11b31034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df424d1bafe5725c8a404724f8a4f1cda7997b65954f74097560b91da309b887af2485c2d9ab09b523000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb7818000000009dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbef88811dc8c1b27ac7d9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009d81003f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e750339643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2dfae60ab958e9f3ef9b4aaa4e8d6166f636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d5ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e6735305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aa620d27e91aa0aa0ed6fcacfc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d2986334c2576bef69145d3fbd78a9059e454474f92e65828b018174a9f4738b8c71fbdeac26ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a378ed4c6267965af78b861bd025312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68f78215d65f96eb55db8cbcb060008000d988374f85451a694ffe38a1d03916ff10dc82b31c98d42e1a1bda1290de1a499a5a385b31112a48ba3e6d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553e4ece78d4c1501c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a11993d54f97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a923655800a2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa753ba528f7ba77e825051ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8e220bb4d83de1e4dc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a409315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f0000000086e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e801015642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c298fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240e454db103fb0c4a143673a3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4054605558ab31f339f6a4caf2ee2fd01f34dca3300000000000000000000000000000000f59f8e6e00000000c44130098d833a24000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c595426ae40d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd603fd7f8898c70b5c65f2e28f22e1a79a6af3a54861b07f124642e98389557affbdede09b5566a4a1ee73b20846810030a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829503ba4b66e27154cb6e34aa13450522df1723130b6fe347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbdd3f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd25091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a674bd16b8f7e6aed12a305366599f5f029a7b24558c027518c669760500002f1c19d16a6f391906000000cc0bbbfb8c698ecc137d96711100e0108d3bd2afed0b279ebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc784c9f940d9fb0464a6cce635e14b80dc5c1c64e75e6bd5355d84f8df272f18f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de1b3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f9f8ad16eeb8342278f311cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706b584d8408c9652b3fe68500747f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2ccb600ae7a4b128cae19df160e7c207b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af911dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2befd1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bc5348229fa84ae78af8421a22c4b4c17a3d24a4a0104000000000000d77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2c2b5c976dacf3dda7191c757f208000000000000005f7ed983f65723fbb36b9b51abb0dbcd335700000000000000000000000000000086666201251aa4f139d0485ffcf89f01639fd1579a3802f720a0215c720a97071f5065a23642a58275dbca444b00e2e5835185d5d5b2796eb0fe32cf3b0633f58ecc7648c3c6efe82f93a3008052416512eea30ea9472e0b456a652883c0907323cf03be193a05008cdef7a98a1671a1918df310dc4bfd61c3db4819ab1c57b348a8ff1ed36364a20fe846f1cd086058d139ce528425b31c5d08b433562ffb318c1285011f9b78b2401989384311101e452f54661ecdb2514a6ae50dbdd422de0f0f8c670000000000390be79688f80c47314cb1b14afcaa5d23f9032e0ec51f45f447d6a7c798fcf7e60e2180e289410801e4f03a0e140f388f25b92da1025d8409e171a2336ed71cca86eb4658fe06df286e0e20276b0618eeffd05774f15686cd9d3182ca2fec863875f305fed6baf48a594db12582a38cfdffffffffffffff0cf8d920517835fe7d09cfcb624f6931f1cc6f6b71f58de9ddc38e0c43992f6bc57a718d0cfd197b5324b4e05ef1caa96db3ae1f2f2e5791faba2ebbe1a6faf21f2748fb1fb6743c3ca8af4e6b02518c9b7fdc1b5721eb1c3ed98db25536f74ac7861afc94544e52dcb5c60460a05802e3b437ac977bfa26b887a2443e8d559c58187f004eb82b07937df6e96f77ed551926bec4e0188fae10a35d1c5f1768ac6be829bea46f1babc3d74adc31ca71bdab9079e4288881b434484eadde9da6b81802842abd462d546c59d87acc014f81d3414759bda12d2a2c6bc1bfa807bd3101eb227184a61107b6d0618e2a3b842671e084ac3f0ff94dc48b51601247318ab4d1c5106458000000000008000000000000cfee0107e6c2fe8639d926829fdbbd86bf591a8c3c235d8939af9d923f648165881a6c29997234406400b3b1c321cc158dbe17123eace30000000000009ea77cb4d3ca892600000000796de6ae4ae40bdf9a6e8c5dc29562262af9cd54e8e3ecc7e3c8cba0ecc791683496c4e5c1a5729714d9f9031f49b400cd2667b4ea6df54809615a4f973f93e6ccec72f16ff998e29ed99df733680a9d5cea57f99cc139b6ea9014f3000000000000000000000000000000000000feeab45a4046a622b0dceb413e4e39b7317e92cbed46b41ab5115bfb542c933783d750852dfdc6656aaf15e10615a88821f2f1bc53969b52d6852755e7681ad5beda80b38ccd34116b99f50b4fdd967b3f20f260455412b67563e40e323bde9d673fceda0ad6981565c8a183d928903b4f4472dde41b6dcd75314c31e704dfcb222c8359fe88944f852242270c932abfaeece0843d708f5cd25b2a63ae1e79723c1c3c013836b47da0a35d0f34c070000000000000422ae2c148d444dd437a7d2f5e575009bc2d17a199802409329dae8baa58d3de63ad45328a9d4dc1ace543dfe11913c6c6413f8f7a15657d012fea460bb4656a20df1ba26932b0ef49f8ea88d7b4c1289314ba789661640f1b5d7cbae103fa95b0035f1e8e866307d4796eab0992704f9e00be4b1af8dfa9e94ad74e607ea9d7d7a95ed5a15429426abbed8d2c657018305c6f9e5159a5453f958991a908ff4cb2e8cbccb1d3c8daf754e4b01b2edd023e5bfdf293bd28fc1f8885f6edd5a715df4d180247feb08e9e2e5126c48be6098e711f0d86de5d76fdccae34eef9197c32ab4e6fcb52eb9ce18fdb621a75913a97254d783778203ec0bd1a8859683e1d01da4e81fb73bb3b358340a0310bf5ae17b917208da607fd7b125cf99fd3e9056f5184df7570ede94b736ae354b5b8ae2cc473b455f2f86d47c69027676bf1141f316b0f278f1692406572ee82766f8e5ff1cfec2a7a6cab7d0f2582a877c9bd4ca81089373f738d02e6bb4d3df30ac0f041e51ad36e1ff140812baf54b80635cc80963c8f69fa4506f7a30c99d3e538cc0aeafcad86ead38ed949aa3c204aea50e5e0039f01b82595b7dc921a8acc1f76340f060cc9a3acad3451c17dc9b5ca5d10a0cb1708592d1900a046f33761d50895febd9fd58cb132989766cf7c252daac259576ec218e3857e6fa97fe445d1fab51d87302a4bb28a4cfe462ee4849cc6832650188ca187d85509d8beccf9d9cf752368985804195b9fd2faf1aff8248f3981bd55cbbf514cd8365fee72cc7af053e5388ceadadb967ef735181df6a90cab13f58f6d563c9ab4ad37297aecffd8446cb2b14ec36a99af8393e3760d5970ba1debdcbccd54012c559ee2797ff962328aa6a252c0756e396ce4d52937546675203bdf1d6b120acac576523f8b1daa922188bf61536312f90dba92fb380c3c6fb5f9883a2c4dd99a1bac9b7cb25ff2ef9bd58ff97ddfdd2d4bcc371ee82245b57cd91a7fa3479cd339f54a5c422b753cd42d441ea881d46e419312db1f0cccce"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff48}, 0x48) sendmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="10000000070000000401"], 0x10}, 0x331e5c6805043cda) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x20e, 0xe40, 0xfd000004, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff310000003c0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7472ce0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28) 546.268026ms ago: executing program 0 (id=882): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x5, 0x8, 0x8}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r0}, 0x20) recvfrom$inet6(r0, 0x0, 0x0, 0x4000af00, 0x0, 0x0) 449.067654ms ago: executing program 0 (id=883): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000000)=[{0x30, 0x0, 0x0, 0xff7ff010}, {0x6}]}, 0x10) syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, '\x00', 0x14, 0x6, 0xff, @dev={0xfe, 0x80, '\x00', 0x39}, @local, {[], {{0x4e22, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0xc2, 0x3, 0x0, 0x3}}}}}}}, 0x0) 410.166847ms ago: executing program 1 (id=884): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000002600)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xe}, {0xfff1, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_RATE={0x6, 0x5, {0x7f, 0x7}}]}, 0x38}}, 0x0) 184.406755ms ago: executing program 0 (id=885): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000) syz_usb_connect(0x0, 0x3b, &(0x7f0000000080)=ANY=[@ANYBLOB="120100001b3ebd40d80483009c000102030109022900010000000009040000000202010005020000"], 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) migrate_pages(r0, 0x5, &(0x7f0000000040)=0x9, &(0x7f0000000080)=0x272) 134.086089ms ago: executing program 1 (id=886): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") r0 = creat(&(0x7f00000000c0)='./file1\x00', 0x1) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x20052f9, 0xfffffff8, 0x100802, 0x2, 0x8}) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 133.704709ms ago: executing program 4 (id=887): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@local}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000040)={&(0x7f0000000280)={{@host}, {@local, 0x6}, 0x400, "787c2ce2fba15d4e9f8e96bc11e2ca247a20c3e26661b174fe1825253be9e8480cb4f3524914f59ba189c1429727ef39b4164f93bb821987b3b7f73495bc8e745304668e0e46798c7f5917ea8428d41cab5612336f04000300000000008e9c1c86a394feb64fb06f77dadbcb20fc62741432b7dca37007d68e98fe46135d6a1c5ed42102f58daa5211319db84aa9abac734be47c908dc3ffa3aa7b61ec16d3d1209fc618f6c4532ea582628502ac46d167db6d53d8f3184df68414e6b6ec0109664c570e155654e03d58dadd0e5a7bab42bbb4a9afdefc115eb1609e7b50dbd94b94ba09000000000000001c9e4a41d3e16af21d6c897a1121bc14de16e78d6d7f2ae79db44e302539fd926e0b91e0fc589e2fa19b218d0508b5ce3ad40d03936693ca5aa41ddc07cf492874569ab037e0530e38245b98131ae0c9afd871df5f51331938764f5a7dd96890edd467b2fbc335ed081729b5ea722a98b34d0dac6de995de4ee263c81b2567b3f87e0897857edd5d7e97d61fc67076eab4846010d4828cc879f95cddb69ff6438f2a109285c46d8224c36069d30c3c9cf4a6800ae224111136bd9c1e06c4bfc4685d7bb6a72345772b3ce9bf105490743dc4b700f24ce6b250b95e6c383fe44967a55d140baf0ec339e3815b29a2246cb5c953048c43266485bbd9d0caecf00e9501a4433b54930cba54e06607ada2f5d818e4804294fcf53058e58e0d33d4aa6dc943811056908fe9116e65cdddac1d2fb24d1eacee389af38b7e5a7056d0de50c6b49fb38388cf28c2d6dd3dbbab84ffbef4b0c02a77f018e8a9749a557909e6aa96185d268dad7744b094d8c6134b89efe26674d65f908f9c3a8c201f661fc26efe0eff248d3a473fe32a5b3643bfad8f186c2af3fbaa1d38560c1244c79a0e48893eefb792af281650f34f6c2d9a6c622aba234b63586713cb66179a0897d98ee5228569c32c1a682807c8db7eb197ccbbd6549db86a6a9aebbf5dc14060f22e2b07d6166f43c25ae0c88be7a4dc38e7ed08972a355b0e5d6fc43b8e5594fa6b36a36a44bb94b75eaff11dc17105f54beda54da2a1ea1acfab354745057dd2e7725f2c8450b19fdf37e19f6ce43449e9191f5a5beb4a1bc176f6130052e83acefd8ff18d592bb75f15f86c9113e4bd67ad420c33ae706cdc10060277b83ef30a50d4ac19c9a791b309377aa20a4743bbb799abc3ba58071b628c9ba8103bbfe389939e55296ec9b4f8d3a03aff30ce9aa0dd6e5158a672be8f3da8349ed4ad82f6ca67ee29e8b234840cf7846e604e5b8135abd94d71fe0a79180e75d4e193ea8df466c087b660fe984943751a9f6df8545699701d478c2b3daa949155770e74835bcd972de27afd20b02ce0e504c15b0237437200"}, 0x418, 0x7fffffef}) 70.950534ms ago: executing program 4 (id=888): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) wait4(r0, 0x0, 0x20000000, 0x0) ptrace$getsig(0x4202, r0, 0x40, 0xffffffffffffffff) 0s ago: executing program 4 (id=889): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xd) read(r0, 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x33) kernel console output (not intermixed with test programs): invalid access to FAT (entry 0x00000100) [ 90.683439][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.691523][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.699639][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.708221][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.716359][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.738543][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.764178][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.784049][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.791983][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.814384][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.834236][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.852466][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.884085][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.891961][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.903134][ T6346] loop0: detected capacity change from 0 to 128 [ 90.913605][ T6346] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 90.925706][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.933555][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.943098][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.953115][ T6346] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 90.967764][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.984300][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 90.993629][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 91.014022][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 91.022016][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 91.030219][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 91.038311][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 91.068800][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 91.086364][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 91.098149][ T2952] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 91.140129][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 91.165815][ T6322] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 91.244002][ T27] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 91.311434][ T28] audit: type=1326 audit(1755618109.861:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6351 comm="syz.1.192" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb4d078ebe9 code=0x0 [ 91.342931][ T6344] loop3: detected capacity change from 0 to 32768 [ 91.445793][ T6356] ialloc: diAlloc returned -17! [ 91.454221][ T27] usb 3-1: Using ep0 maxpacket: 32 [ 91.461764][ T27] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.478190][ T27] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 91.498654][ T27] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 91.514145][ T27] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 91.522743][ T27] usb 3-1: Product: syz [ 91.527547][ T27] usb 3-1: Manufacturer: syz [ 91.538430][ T27] hub 3-1:4.0: USB hub found [ 91.574335][ T787] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 91.634316][ T6360] loop3: detected capacity change from 0 to 64 [ 91.749289][ T27] hub 3-1:4.0: 2 ports detected [ 91.774913][ T787] usb 1-1: Using ep0 maxpacket: 32 [ 91.792048][ T787] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 91.802405][ T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.810704][ T787] usb 1-1: Product: syz [ 91.815991][ T787] usb 1-1: Manufacturer: syz [ 91.820728][ T787] usb 1-1: SerialNumber: syz [ 91.829667][ T787] usb 1-1: config 0 descriptor?? [ 91.839755][ T787] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 91.954632][ C1] raw-gadget.0 gadget.2: ignoring, device is not running [ 91.962779][ C1] raw-gadget.0 gadget.2: ignoring, device is not running [ 91.976420][ T27] hub 3-1:4.0: hub_hub_status failed (err = -71) [ 91.986126][ T27] hub 3-1:4.0: config failed, can't get hub status (err -71) [ 92.035607][ T27] usb 3-1: USB disconnect, device number 3 [ 92.061353][ T6362] loop3: detected capacity change from 0 to 32768 [ 92.070887][ T6362] XFS: attr2 mount option is deprecated. [ 92.083331][ T6362] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 92.128749][ T6362] XFS (loop3): Ending clean mount [ 92.141656][ T6362] XFS (loop3): Quotacheck needed: Please wait. [ 92.192578][ T6362] XFS (loop3): Quotacheck: Done. [ 92.250391][ T6362] XFS (loop3): User initiated shutdown received. [ 92.257669][ T6362] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 92.287013][ T6362] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 92.336835][ T5784] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 92.657487][ T6382] netlink: 4 bytes leftover after parsing attributes in process `syz.1.203'. [ 92.669888][ T787] gspca_stk1135: reg_w 0x5 err -71 [ 92.679313][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 92.687595][ T787] gspca_stk1135: Sensor write failed [ 92.698646][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 92.717356][ T787] gspca_stk1135: Sensor write failed [ 92.723776][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 92.750809][ T787] gspca_stk1135: Sensor read failed [ 92.762590][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 92.777399][ T787] gspca_stk1135: Sensor read failed [ 92.791185][ T787] gspca_stk1135: Detected sensor type unknown (0x0) [ 92.810674][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 92.827936][ T787] gspca_stk1135: Sensor read failed [ 92.837771][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 92.850256][ T787] gspca_stk1135: Sensor read failed [ 92.855912][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 92.862408][ T787] gspca_stk1135: Sensor write failed [ 92.873102][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 92.879785][ T787] gspca_stk1135: Sensor write failed [ 92.889618][ T787] stk1135: probe of 1-1:0.0 failed with error -71 [ 92.914288][ T787] usb 1-1: USB disconnect, device number 4 [ 93.294146][ T5914] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 93.322152][ T6389] loop3: detected capacity change from 0 to 40427 [ 93.339317][ T6389] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 93.349335][ T6389] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 93.369040][ T6389] F2FS-fs (loop3): invalid crc value [ 93.389100][ T6389] F2FS-fs (loop3): Found nat_bits in checkpoint [ 93.475652][ T6389] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 93.494146][ T6389] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 93.506172][ T5914] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 93.524990][ T5914] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 93.558225][ T5914] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 93.581121][ T5914] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 93.594066][ T5914] usb 3-1: Manufacturer: syz [ 93.601083][ T5914] usb 3-1: config 0 descriptor?? [ 93.610450][ T6407] loop1: detected capacity change from 0 to 512 [ 93.692360][ T6407] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.710806][ T5914] rc_core: IR keymap rc-hauppauge not found [ 93.717444][ T5914] Registered IR keymap rc-empty [ 93.735315][ T6407] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 93.752478][ T5914] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 93.785796][ T5914] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input7 [ 93.866862][ C1] igorplugusb 3-1:0.0: Error: urb status = -32 [ 93.875933][ T6397] loop0: detected capacity change from 0 to 40427 [ 93.888903][ T6397] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x7ffff [ 93.889861][ T5914] usb 3-1: USB disconnect, device number 4 [ 93.907727][ T6397] F2FS-fs (loop0): invalid crc value [ 93.927079][ T6407] EXT4-fs error (device loop1): ext4_get_first_dir_block:3584: inode #12: comm syz.1.211: Attempting to read directory block (0) that is past i_size (3) [ 93.951811][ T6397] F2FS-fs (loop0): Found nat_bits in checkpoint [ 93.960995][ T6407] EXT4-fs (loop1): Remounting filesystem read-only [ 94.013009][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.074090][ T6397] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 94.173464][ T6419] binder: 6418:6419 ioctl c0306201 200000000040 returned -14 [ 94.217667][ T5782] syz-executor: attempt to access beyond end of device [ 94.217667][ T5782] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 94.259883][ T5782] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 94.744036][ T5822] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 94.904363][ T787] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 94.933982][ T5822] usb 2-1: Using ep0 maxpacket: 32 [ 94.941695][ T5822] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 94.958563][ T5822] usb 2-1: config 0 has no interface number 0 [ 94.982264][ T5822] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 94.992913][ T5822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 95.012385][ T5822] usb 2-1: Product: syz [ 95.022525][ T5822] usb 2-1: Manufacturer: syz [ 95.032657][ T5822] usb 2-1: SerialNumber: syz [ 95.044957][ T5822] usb 2-1: config 0 descriptor?? [ 95.056697][ T5822] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 95.096855][ T5914] hid-generic 0005:0004:A9D3.0001: unknown main item tag 0x0 [ 95.116700][ T787] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 95.132311][ T6441] loop0: detected capacity change from 0 to 512 [ 95.137414][ T5914] hid-generic 0005:0004:A9D3.0001: unknown main item tag 0x0 [ 95.154065][ T787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 95.169401][ T5914] hid-generic 0005:0004:A9D3.0001: unknown main item tag 0x0 [ 95.172056][ T6441] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 95.178825][ T787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 65535, setting to 64 [ 95.207596][ T6441] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 95.211370][ T5914] hid-generic 0005:0004:A9D3.0001: hidraw0: BLUETOOTH HID v0.00 Device [syz0] on syz1 [ 95.236388][ T787] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 95.265176][ T6441] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 95.269471][ T787] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 95.293321][ T787] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 95.305952][ T6441] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 95.320268][ T5822] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 95.324219][ T787] usb 3-1: Manufacturer: syz [ 95.335287][ T6441] System zones: 0-2, 18-18, 34-34 [ 95.343439][ T5822] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 95.362994][ T6441] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.222: iget: bad i_size value: 360287970189639680 [ 95.386844][ T787] usb 3-1: config 0 descriptor?? [ 95.406060][ T6441] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.222: couldn't read orphan inode 15 (err -117) [ 95.438368][ T6441] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.592784][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.597066][ T6446] loop3: detected capacity change from 0 to 256 [ 95.618795][ T6446] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 95.658929][ T6446] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 95.675505][ T6446] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 95.694370][ T787] rc_core: IR keymap rc-hauppauge not found [ 95.701569][ T787] Registered IR keymap rc-empty [ 95.713729][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 95.748992][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 95.757171][ T5914] usb 2-1: USB disconnect, device number 4 [ 95.757400][ C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 95.780034][ T5914] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 95.796947][ T787] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 95.813202][ T5914] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 95.826855][ T787] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input8 [ 95.835836][ T6453] loop3: detected capacity change from 0 to 1024 [ 95.840861][ T5914] quatech2 2-1:0.51: device disconnected [ 95.858708][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 95.914347][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 95.944589][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 95.984302][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 95.984957][ T11] hfsplus: b-tree write err: -5, ino 8 [ 96.017465][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 96.054483][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 96.096435][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 96.134503][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 96.167643][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 96.208668][ T787] mceusb 3-1:0.0: Error: mce write urb status = -71 [ 96.245609][ T787] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 96.259216][ T787] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 96.272062][ T787] usb 3-1: USB disconnect, device number 5 [ 96.387485][ T6463] Driver unsupported XDP return value 0 on prog (id 29) dev N/A, expect packet loss! [ 96.590108][ T6470] loop0: detected capacity change from 0 to 256 [ 96.621193][ T6470] FAT-fs (loop0): Directory bread(block 64) failed [ 96.628689][ T6470] FAT-fs (loop0): Directory bread(block 65) failed [ 96.638885][ T6470] FAT-fs (loop0): Directory bread(block 66) failed [ 96.649875][ T6470] FAT-fs (loop0): Directory bread(block 67) failed [ 96.656700][ T6470] FAT-fs (loop0): Directory bread(block 68) failed [ 96.663427][ T6470] FAT-fs (loop0): Directory bread(block 69) failed [ 96.678734][ T6470] FAT-fs (loop0): Directory bread(block 70) failed [ 96.686271][ T6470] FAT-fs (loop0): Directory bread(block 71) failed [ 96.689803][ T6472] sch_fq: defrate 1 ignored. [ 96.692969][ T6470] FAT-fs (loop0): Directory bread(block 72) failed [ 96.709232][ T6470] FAT-fs (loop0): Directory bread(block 73) failed [ 96.955280][ T6476] loop2: detected capacity change from 0 to 4096 [ 97.037531][ T6476] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 97.311095][ T6474] loop1: detected capacity change from 0 to 32768 [ 97.343361][ T6483] loop2: detected capacity change from 0 to 1024 [ 97.359923][ T6474] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 97.378967][ T6474] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 97.400799][ T6478] loop3: detected capacity change from 0 to 32768 [ 97.449219][ T6474] XFS (loop1): Ending clean mount [ 97.473852][ T6474] XFS (loop1): Quotacheck needed: Please wait. [ 97.532027][ T6478] overlayfs: upper fs needs to support d_type. [ 97.551373][ T6474] XFS (loop1): Quotacheck: Done. [ 97.575148][ T6478] overlayfs: upper fs does not support tmpfile. [ 97.619558][ T6478] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 97.632301][ T5783] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 97.655687][ T6478] ERROR: (device loop3): dbAlloc: the hint is outside the map [ 97.655687][ T6478] [ 97.694930][ T6478] overlayfs: failed to set uuid (/file0, err=-5); falling back to uuid=null. [ 97.740874][ T6478] ERROR: (device loop3): dbAlloc: the hint is outside the map [ 97.740874][ T6478] [ 97.793359][ T6478] overlayfs: failed to verify origin (/, ino=2, err=-5) [ 97.829546][ T6478] overlayfs: failed to verify upper root origin [ 97.915021][ T11] read_mapping_page failed! [ 97.931084][ T11] ERROR: (device loop3): txCommit: [ 97.931084][ T11] [ 97.945227][ T11] jfs_write_inode: jfs_commit_inode failed! [ 98.154036][ T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 98.173523][ T6501] loop2: detected capacity change from 0 to 32768 [ 98.346071][ T9] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 98.357149][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.367772][ T9] usb 1-1: config 0 descriptor?? [ 98.375447][ T9] cp210x 1-1:0.0: cp210x converter detected [ 98.400642][ T6513] loop2: detected capacity change from 0 to 8192 [ 98.628199][ T6517] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 98.800898][ T9] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 98.824706][ T9] usb 1-1: cp210x converter now attached to ttyUSB0 [ 98.835485][ T6525] loop3: detected capacity change from 0 to 8 [ 98.933874][ T6529] loop3: detected capacity change from 0 to 1024 [ 98.955514][ T6529] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 98.968808][ T6529] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 99.012580][ T6529] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 3: comm syz.3.256: lblock 3 mapped to illegal pblock 3 (length 3) [ 99.034093][ T6533] loop2: detected capacity change from 0 to 8192 [ 99.059304][ T6529] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 99.084400][ T9] usb 1-1: USB disconnect, device number 5 [ 99.101182][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 99.115294][ T6529] EXT4-fs (loop3): This should not happen!! Data will be lost [ 99.115294][ T6529] [ 99.132231][ T9] cp210x 1-1:0.0: device disconnected [ 99.151633][ T6537] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: block 3: comm syz.3.256: lblock 3 mapped to illegal pblock 3 (length 1) [ 99.189831][ T6537] EXT4-fs error (device loop3): ext4_ext_remove_space:2929: inode #15: comm syz.3.256: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 99.211285][ T6537] EXT4-fs error (device loop3) in ext4_setattr:5645: Corrupt filesystem [ 99.301557][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 99.403375][ T6545] loop3: detected capacity change from 0 to 512 [ 99.425647][ T6545] EXT4-fs (loop3): orphan cleanup on readonly fs [ 99.442401][ T6545] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.262: bad orphan inode 13 [ 99.460563][ T6545] ext4_test_bit(bit=12, block=18) = 1 [ 99.478515][ T6545] is_bad_inode(inode)=0 [ 99.489276][ T6545] NEXT_ORPHAN(inode)=2130706432 [ 99.504803][ T6545] max_ino=32 [ 99.508056][ T6545] i_nlink=1 [ 99.512520][ T6545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 99.537956][ T6550] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.594825][ T6545] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 99.638019][ T6545] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.262: bg 0: block 248: padding at end of block bitmap is not set [ 99.661707][ T6554] loop2: detected capacity change from 0 to 2048 [ 99.672169][ T6554] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=3932051, location=3932051 [ 99.694552][ T6545] Quota error (device loop3): write_blk: dquota write failed [ 99.713864][ T6554] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 99.723740][ T6545] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 99.754058][ T6545] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.262: Failed to acquire dquot type 1 [ 99.791425][ T6545] EXT4-fs warning (device loop3): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 99.890945][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.012989][ T6563] loop2: detected capacity change from 0 to 512 [ 100.047172][ T6563] EXT4-fs (loop2): orphan cleanup on readonly fs [ 100.065993][ T6563] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.277: bad orphan inode 13 [ 100.089997][ T6563] ext4_test_bit(bit=12, block=18) = 1 [ 100.105640][ T6562] loop3: detected capacity change from 0 to 8192 [ 100.110285][ T6563] is_bad_inode(inode)=0 [ 100.116422][ T6563] NEXT_ORPHAN(inode)=2130706432 [ 100.121410][ T6563] max_ino=32 [ 100.129400][ T6563] i_nlink=1 [ 100.142950][ T6563] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 100.251736][ T6563] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 100.284386][ T6563] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.277: bg 0: block 248: padding at end of block bitmap is not set [ 100.306090][ T6559] loop0: detected capacity change from 0 to 32768 [ 100.318198][ T6563] Quota error (device loop2): write_blk: dquota write failed [ 100.319008][ T6559] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.267 (6559) [ 100.337966][ T6563] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 100.354373][ T6563] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.277: Failed to acquire dquot type 1 [ 100.375538][ T6563] EXT4-fs warning (device loop2): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 100.398696][ T6559] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 100.420814][ T6559] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 100.444093][ T6559] BTRFS info (device loop0): setting nodatacow, compression disabled [ 100.456396][ T6559] BTRFS info (device loop0): max_inline at 0 [ 100.469842][ T6559] BTRFS info (device loop0): enabling disk space caching [ 100.477201][ T6559] BTRFS info (device loop0): turning on flush-on-commit [ 100.486505][ T6559] BTRFS info (device loop0): force clearing of disk cache [ 100.487357][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.494615][ T6559] BTRFS info (device loop0): enabling ssd optimizations [ 100.516473][ T6559] BTRFS info (device loop0): turning off barriers [ 100.523785][ T6559] BTRFS info (device loop0): max_inline at 4096 [ 100.530309][ T6559] BTRFS info (device loop0): disk space caching is enabled [ 100.561989][ T6557] loop1: detected capacity change from 0 to 40427 [ 100.574410][ T6557] F2FS-fs (loop1): build fault injection attr: rate: 25, type: 0x7ffff [ 100.582824][ T6557] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x7698c [ 100.596141][ T6557] F2FS-fs (loop1): invalid crc value [ 100.612753][ T6557] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1d6/0x920 [ 100.629389][ T6557] F2FS-fs (loop1): Found nat_bits in checkpoint [ 100.641588][ T6584] loop2: detected capacity change from 0 to 2048 [ 100.649871][ T6584] EXT4-fs: inline encryption not supported [ 100.656341][ T6559] BTRFS info (device loop0): auto enabling async discard [ 100.675229][ T6557] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920 [ 100.675313][ T6559] BTRFS info (device loop0): rebuilding free space tree [ 100.705761][ T6557] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 100.723367][ T6584] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.734096][ T27] usb 4-1: new low-speed USB device number 3 using dummy_hcd [ 100.748200][ T6559] BTRFS info (device loop0): disabling free space tree [ 100.758898][ T6557] F2FS-fs (loop1): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0 [ 100.764103][ T6559] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 100.801763][ T6584] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.271: bg 0: block 234: padding at end of block bitmap is not set [ 100.812547][ T6559] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 100.826587][ T6584] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 9 with error 117 [ 100.826639][ T6584] EXT4-fs (loop2): This should not happen!! Data will be lost [ 100.826639][ T6584] [ 100.850733][ T5783] syz-executor: attempt to access beyond end of device [ 100.850733][ T5783] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 100.865464][ T5783] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 100.936339][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.957282][ T27] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 100.975054][ T27] usb 4-1: config 0 has no interface number 0 [ 100.997670][ T27] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 101.026310][ T27] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 101.058707][ T27] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 101.079610][ T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.095157][ T5782] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 101.119760][ T27] usb 4-1: config 0 descriptor?? [ 101.128048][ T6567] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 101.146802][ T27] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 101.207962][ T6592] loop2: detected capacity change from 0 to 4096 [ 101.255479][ T6592] ntfs: (device loop2): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 101.294625][ T6592] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 101.314178][ T6592] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 101.351899][ T6592] ntfs: volume version 3.1. [ 101.405567][ T27] usb 4-1: USB disconnect, device number 3 [ 101.498330][ T42] ntfs: (device loop2): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 101.529899][ T5779] ntfs: (device loop2): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 101.694919][ T6599] loop2: detected capacity change from 0 to 1024 [ 101.920106][ T6597] loop0: detected capacity change from 0 to 32768 [ 101.959325][ T6597] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 101.968536][ T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 102.002654][ T6613] serio: Serial port ttyS3 [ 102.069120][ T6597] XFS (loop0): Ending clean mount [ 102.176639][ T9] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 102.185895][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.196548][ T9] usb 2-1: config 0 descriptor?? [ 102.204677][ T9] cp210x 2-1:0.0: cp210x converter detected [ 102.296669][ T5782] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 102.700258][ T9] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 102.719067][ T9] usb 2-1: cp210x converter now attached to ttyUSB0 [ 102.740028][ T6627] loop0: detected capacity change from 0 to 2048 [ 102.747926][ T6627] EXT4-fs: inline encryption not supported [ 102.795265][ T6627] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.831420][ T6624] loop2: detected capacity change from 0 to 32768 [ 102.851342][ T6624] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 102.867931][ T6627] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.283: bg 0: block 234: padding at end of block bitmap is not set [ 102.890237][ T6627] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 9 with error 117 [ 102.902922][ T6627] EXT4-fs (loop0): This should not happen!! Data will be lost [ 102.902922][ T6627] [ 102.937523][ T9] usb 2-1: USB disconnect, device number 5 [ 102.946631][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 102.962293][ T9] cp210x 2-1:0.0: device disconnected [ 102.981766][ T6624] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 103.015833][ T6624] XFS (loop2): Starting recovery (logdev: internal) [ 103.056958][ T6624] XFS (loop2): Ending recovery (logdev: internal) [ 103.093790][ T6624] XFS (loop2): Quotacheck needed: Please wait. [ 103.115312][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.117597][ T6629] loop3: detected capacity change from 0 to 32768 [ 103.150886][ T6629] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 103.153249][ T6624] XFS (loop2): Quotacheck: Done. [ 103.246896][ T6629] XFS (loop3): Ending clean mount [ 103.271005][ T6629] XFS (loop3): Quotacheck needed: Please wait. [ 103.289271][ T5779] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 103.301547][ T6650] netlink: 'syz.0.287': attribute type 11 has an invalid length. [ 103.344258][ T6629] XFS (loop3): Quotacheck: Done. [ 103.382357][ T6652] loop0: detected capacity change from 0 to 1024 [ 103.426288][ T5784] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 103.620852][ T6655] serio: Serial port ttyS3 [ 103.648731][ T27] kernel write not supported for file /sg0 (pid: 27 comm: kworker/1:1) [ 103.843197][ T6668] capability: warning: `syz.0.302' uses deprecated v2 capabilities in a way that may be insecure [ 104.193858][ T6678] loop0: detected capacity change from 0 to 4096 [ 104.219252][ T6678] NILFS (loop0): invalid segment: Checksum error in segment payload [ 104.243995][ T6678] NILFS (loop0): trying rollback from an earlier position [ 104.282891][ T6678] NILFS (loop0): recovery complete [ 104.284775][ T6667] loop1: detected capacity change from 0 to 32768 [ 104.290709][ T6683] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 104.335042][ T6667] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 104.548953][ T6667] XFS (loop1): Ending clean mount [ 104.644315][ T6694] loop3: detected capacity change from 0 to 4096 [ 104.671433][ T6694] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 104.696602][ T6694] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096) [ 104.751634][ T6702] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 104.844922][ T6694] NILFS error (device loop3): nilfs_readdir: zero-length directory entry [ 104.869999][ T6694] Remounting filesystem read-only [ 104.890852][ T6705] loop0: detected capacity change from 0 to 1024 [ 104.926798][ T6705] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 104.990767][ T5783] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 105.021639][ T6705] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.190680][ T6710] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 105.240730][ T6710] EXT4-fs error (device loop0): ext4_xattr_inode_iget:440: inode #11: comm syz.0.306: missing EA_INODE flag [ 105.282329][ T6710] EXT4-fs (loop0): Remounting filesystem read-only [ 105.289540][ T6710] EXT4-fs warning (device loop0): ext4_xattr_inode_dec_ref_all:1238: inode #18: comm syz.0.306: ea_inode dec ref err=-5 [ 105.314310][ T6710] EXT4-fs warning (device loop0): ext4_evict_inode:272: xattr delete (err -5) [ 105.407577][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.518525][ T6718] loop2: detected capacity change from 0 to 4096 [ 105.550315][ T6718] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 105.610775][ T6722] loop0: detected capacity change from 0 to 4096 [ 105.648784][ T6722] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 105.658699][ T6722] ntfs3: loop0: Failed to load $Extend (-22). [ 105.675689][ T6722] ntfs3: loop0: Failed to initialize $Extend. [ 105.677732][ T28] audit: type=1800 audit(1755618124.231:9): pid=6718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.310" name="file1" dev="loop2" ino=33 res=0 errno=0 [ 105.752992][ T28] audit: type=1800 audit(1755618124.271:10): pid=6718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.310" name="file3" dev="loop2" ino=31 res=0 errno=0 [ 105.773303][ C1] vkms_vblank_simulate: vblank timer overrun [ 106.577674][ T6737] loop2: detected capacity change from 0 to 32768 [ 106.617000][ T6737] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 106.737717][ T6737] XFS (loop2): Ending clean mount [ 106.764844][ T6754] loop3: detected capacity change from 0 to 2048 [ 106.798522][ T6754] NILFS (loop3): invalid segment: Magic number mismatch [ 106.824218][ T6754] NILFS (loop3): trying rollback from an earlier position [ 106.866182][ T6754] NILFS (loop3): recovery complete [ 106.912481][ T6755] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 106.978944][ T6754] overlayfs: upper fs does not support tmpfile. [ 107.024517][ T6754] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 107.040982][ T6754] overlayfs: failed to set xattr on upper [ 107.062057][ T6754] overlayfs: ...falling back to redirect_dir=nofollow. [ 107.065493][ T6744] loop0: detected capacity change from 0 to 32768 [ 107.098544][ T6744] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 107.109289][ T6754] overlayfs: ...falling back to uuid=null. [ 107.134481][ T5779] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 107.359888][ T6744] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 107.378454][ T6766] loop1: detected capacity change from 0 to 256 [ 107.447739][ T6766] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 107.460968][ T6744] XFS (loop0): Starting recovery (logdev: internal) [ 107.472363][ T50] Bluetooth: hci1: command tx timeout [ 107.511447][ T6744] XFS (loop0): Ending recovery (logdev: internal) [ 107.531432][ T6744] XFS (loop0): Quotacheck needed: Please wait. [ 107.547323][ T6766] exFAT-fs (loop1): error, invalid size(size(1) > aligned(9223372036854777344) [ 107.547323][ T6766] [ 107.590927][ T6766] exFAT-fs (loop1): Filesystem has been set read-only [ 107.610560][ T6744] XFS (loop0): Quotacheck: Done. [ 107.831549][ T5782] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 107.948855][ T6770] loop3: detected capacity change from 0 to 32768 [ 107.975619][ T6770] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.323 (6770) [ 108.002406][ T6770] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 108.034092][ T6770] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 108.063202][ T6770] BTRFS info (device loop3): setting nodatacow, compression disabled [ 108.084119][ T6770] BTRFS info (device loop3): max_inline at 0 [ 108.090168][ T6770] BTRFS info (device loop3): enabling disk space caching [ 108.113998][ T6770] BTRFS info (device loop3): turning on flush-on-commit [ 108.121018][ T6770] BTRFS info (device loop3): force clearing of disk cache [ 108.133982][ T6770] BTRFS info (device loop3): enabling ssd optimizations [ 108.140979][ T6770] BTRFS info (device loop3): turning off barriers [ 108.164005][ T6770] BTRFS info (device loop3): max_inline at 4096 [ 108.170310][ T6770] BTRFS info (device loop3): disk space caching is enabled [ 108.281701][ T6770] BTRFS info (device loop3): auto enabling async discard [ 108.312656][ T6770] BTRFS info (device loop3): rebuilding free space tree [ 108.358415][ T6770] BTRFS info (device loop3): disabling free space tree [ 108.377350][ T6770] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 108.397595][ T6770] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 108.608566][ T5784] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 108.881034][ T6809] loop1: detected capacity change from 0 to 1024 [ 108.901614][ T6809] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 108.942657][ T6809] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 109.026442][ T6809] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: inode #11: comm syz.1.337: missing EA_INODE flag [ 109.049176][ T6809] EXT4-fs (loop1): Remounting filesystem read-only [ 109.069612][ T6809] EXT4-fs warning (device loop1): ext4_xattr_inode_dec_ref_all:1238: inode #18: comm syz.1.337: ea_inode dec ref err=-5 [ 109.097383][ T6809] EXT4-fs warning (device loop1): ext4_evict_inode:272: xattr delete (err -5) [ 109.152106][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.244363][ T27] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 109.368427][ T28] audit: type=1326 audit(1755618127.921:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6825 comm="syz.2.342" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2609d8ebe9 code=0x0 [ 109.437985][ T6828] tap0: tun_chr_ioctl cmd 1074025677 [ 109.443718][ T6828] tap0: linktype set to 6 [ 109.451963][ T27] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 109.462161][ T27] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 109.477369][ T27] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 109.487769][ T27] usb 4-1: config 220 has no interface number 2 [ 109.494142][ T27] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 109.507902][ T27] usb 4-1: config 220 interface 0 has no altsetting 0 [ 109.515608][ T27] usb 4-1: config 220 interface 76 has no altsetting 0 [ 109.522559][ T27] usb 4-1: config 220 interface 1 has no altsetting 0 [ 109.546252][ T27] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 109.561886][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.584051][ T27] usb 4-1: Product: syz [ 109.588272][ T27] usb 4-1: Manufacturer: syz [ 109.592878][ T27] usb 4-1: SerialNumber: syz [ 109.634765][ T6830] capability: warning: `syz.0.344' uses 32-bit capabilities (legacy support in use) [ 109.676747][ T6822] loop1: detected capacity change from 0 to 32768 [ 109.695913][ T6822] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 109.738901][ T6822] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 109.772424][ T6822] XFS (loop1): Starting recovery (logdev: internal) [ 109.801351][ T6822] XFS (loop1): Ending recovery (logdev: internal) [ 109.813331][ T6822] XFS (loop1): Quotacheck needed: Please wait. [ 109.830448][ T27] usb 4-1: Found UVC 7.01 device syz (8086:0b07) [ 109.838894][ T27] usb 4-1: No valid video chain found. [ 109.845405][ T27] usb 4-1: selecting invalid altsetting 0 [ 109.872359][ T6822] XFS (loop1): Quotacheck: Done. [ 109.880417][ T27] usb 4-1: selecting invalid altsetting 0 [ 109.895373][ T27] usbtest: probe of 4-1:220.1 failed with error -22 [ 109.916929][ T27] usb 4-1: USB disconnect, device number 4 [ 110.055947][ T5783] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 110.313266][ T6842] loop0: detected capacity change from 0 to 40427 [ 110.343625][ T6847] loop2: detected capacity change from 0 to 1024 [ 110.351607][ T6842] F2FS-fs (loop0): invalid crc value [ 110.359544][ T6842] F2FS-fs (loop0): Found nat_bits in checkpoint [ 110.374035][ T6847] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 110.413711][ T6842] F2FS-fs (loop0): Start checkpoint disabled! [ 110.431678][ T6847] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.445212][ T6842] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 110.537037][ T6847] EXT4-fs error (device loop2): ext4_xattr_inode_iget:440: inode #11: comm syz.2.348: missing EA_INODE flag [ 110.583049][ T6847] EXT4-fs (loop2): Remounting filesystem read-only [ 110.589950][ T6847] EXT4-fs warning (device loop2): ext4_xattr_inode_dec_ref_all:1238: inode #18: comm syz.2.348: ea_inode dec ref err=-5 [ 110.604673][ T6847] EXT4-fs warning (device loop2): ext4_evict_inode:272: xattr delete (err -5) [ 110.654961][ T42] kworker/u4:2: attempt to access beyond end of device [ 110.654961][ T42] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 110.676325][ T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 110.684991][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.844055][ T27] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 111.003235][ T6873] loop2: detected capacity change from 0 to 128 [ 111.022541][ T50] block nbd0: Receive control failed (result -32) [ 111.034050][ T27] usb 2-1: Using ep0 maxpacket: 32 [ 111.047944][ T27] usb 2-1: config 0 has an invalid interface number: 85 but max is 0 [ 111.074008][ T27] usb 2-1: config 0 has no interface number 0 [ 111.083093][ T27] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 111.096000][ T27] usb 2-1: config 0 interface 85 has no altsetting 0 [ 111.110106][ T27] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 111.133424][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.161918][ T27] usb 2-1: Product: syz [ 111.171185][ T27] usb 2-1: Manufacturer: syz [ 111.184883][ T27] usb 2-1: SerialNumber: syz [ 111.196452][ T27] usb 2-1: config 0 descriptor?? [ 111.231183][ T6879] sctp: Trying to GSO but underlying device doesn't support it. [ 111.482691][ T6889] loop2: detected capacity change from 0 to 16 [ 111.505856][ T6889] erofs: (device loop2): mounted with root inode @ nid 36. [ 111.823612][ T27] appletouch 2-1:0.85: Geyser mode initialized. [ 111.843568][ T27] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input9 [ 112.063717][ T9] usb 2-1: USB disconnect, device number 6 [ 112.097832][ T9] appletouch 2-1:0.85: input: appletouch disconnected [ 112.536296][ T6908] loop0: detected capacity change from 0 to 32768 [ 112.546770][ T6908] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.373 (6908) [ 112.562047][ T6908] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 112.572647][ T8] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 112.574599][ T6908] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 112.595996][ T6908] BTRFS info (device loop0): force clearing of disk cache [ 112.603367][ T6908] BTRFS info (device loop0): turning on sync discard [ 112.614270][ T6908] BTRFS info (device loop0): enabling auto defrag [ 112.623462][ T6908] BTRFS info (device loop0): max_inline at 0 [ 112.631890][ T6908] BTRFS info (device loop0): enabling disk space caching [ 112.641148][ T6908] BTRFS info (device loop0): disk space caching is enabled [ 112.706689][ T6908] BTRFS info (device loop0): enabling ssd optimizations [ 112.725237][ T6908] BTRFS info (device loop0): rebuilding free space tree [ 112.762012][ T8] usb 3-1: config 0 has an invalid interface number: 138 but max is 0 [ 112.787542][ T8] usb 3-1: config 0 has no interface number 0 [ 112.802567][ T6908] BTRFS info (device loop0): disabling free space tree [ 112.814173][ T6908] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 112.814176][ T8] usb 3-1: config 0 interface 138 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 112.816260][ T8] usb 3-1: New USB device found, idVendor=07c4, idProduct=a004, bcdDevice=b4.df [ 112.840440][ T6908] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 112.846165][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.863102][ T8] usb 3-1: Product: syz [ 112.867338][ T8] usb 3-1: Manufacturer: syz [ 112.871952][ T8] usb 3-1: SerialNumber: syz [ 112.880063][ T8] usb 3-1: config 0 descriptor?? [ 112.887423][ T6910] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 112.906730][ T8] ums-datafab 3-1:0.138: USB Mass Storage device detected [ 112.922260][ T8] scsi host1: usb-storage 3-1:0.138 [ 112.953577][ T6929] loop1: detected capacity change from 0 to 4096 [ 112.990715][ T6929] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 113.039405][ T6936] syzkaller0: tun_chr_ioctl cmd 35092 [ 113.110863][ T76] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 113.146073][ T6929] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 113.174909][ T6938] loop3: detected capacity change from 0 to 2048 [ 113.191436][ T6938] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 113.215673][ T5782] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 113.233259][ T6938] NILFS (loop3): mounting unchecked fs [ 113.249560][ T6929] ntfs3: loop1: ino=5, "/" directory corrupted [ 113.282827][ T6938] NILFS (loop3): recovery complete [ 113.300982][ T6939] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 113.334888][ T5783] ntfs3: loop1: ino=1a, ntfs_sync_fs failed, -22. [ 113.456638][ T8] usb 3-1: USB disconnect, device number 6 [ 113.776562][ T6952] loop0: detected capacity change from 0 to 256 [ 113.792126][ T6952] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 113.805965][ T28] audit: type=1326 audit(1755618132.361:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49a738ebe9 code=0x7ffc0000 [ 113.860222][ T28] audit: type=1326 audit(1755618132.361:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49a738ebe9 code=0x7ffc0000 [ 113.882694][ T28] audit: type=1326 audit(1755618132.361:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49a738ebe9 code=0x7ffc0000 [ 113.905229][ T28] audit: type=1326 audit(1755618132.361:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49a738ebe9 code=0x7ffc0000 [ 113.932291][ T28] audit: type=1326 audit(1755618132.361:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49a738ebe9 code=0x7ffc0000 [ 113.957870][ T28] audit: type=1326 audit(1755618132.401:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49a738ebe9 code=0x7ffc0000 [ 113.980340][ T28] audit: type=1326 audit(1755618132.401:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49a738ebe9 code=0x7ffc0000 [ 114.046610][ T28] audit: type=1326 audit(1755618132.401:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f49a7385ba7 code=0x7ffc0000 [ 114.097906][ T28] audit: type=1326 audit(1755618132.401:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f49a732add9 code=0x7ffc0000 [ 114.161791][ T28] audit: type=1326 audit(1755618132.401:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.3.386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49a738ebe9 code=0x7ffc0000 [ 114.212730][ T6962] loop0: detected capacity change from 0 to 128 [ 114.275848][ T6962] VFS: Found a Xenix FS (block size = 512) on device loop0 [ 114.330032][ T6962] sysv_free_block: trying to free block not in datazone [ 114.411728][ T5782] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 114.478544][ T6966] loop3: detected capacity change from 0 to 1024 [ 114.527391][ T6966] hfsplus: xattr searching failed [ 114.540211][ T6966] hfsplus: xattr searching failed [ 114.685718][ T6960] loop2: detected capacity change from 0 to 32768 [ 114.745695][ T6960] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 114.858100][ T6960] XFS (loop2): Ending clean mount [ 114.903427][ T6978] loop0: detected capacity change from 0 to 4096 [ 114.957209][ T5779] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 114.965539][ T6978] ntfs: volume version 3.1. [ 115.395218][ T6996] loop1: detected capacity change from 0 to 128 [ 115.512995][ T6998] loop2: detected capacity change from 0 to 1024 [ 115.580152][ T6998] hfsplus: xattr searching failed [ 115.609865][ T6998] hfsplus: xattr searching failed [ 115.654094][ T787] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 115.866833][ T787] usb 1-1: config 0 has an invalid interface number: 138 but max is 0 [ 115.883970][ T787] usb 1-1: config 0 has no interface number 0 [ 115.890476][ T787] usb 1-1: config 0 interface 138 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 115.904379][ T787] usb 1-1: New USB device found, idVendor=07c4, idProduct=a004, bcdDevice=b4.df [ 115.914013][ T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.922067][ T787] usb 1-1: Product: syz [ 115.926401][ T787] usb 1-1: Manufacturer: syz [ 115.931024][ T787] usb 1-1: SerialNumber: syz [ 115.945282][ T787] usb 1-1: config 0 descriptor?? [ 115.957363][ T6994] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 115.969253][ T787] ums-datafab 1-1:0.138: USB Mass Storage device detected [ 115.979582][ T787] scsi host1: usb-storage 1-1:0.138 [ 115.990154][ T7005] loop2: detected capacity change from 0 to 40427 [ 116.003641][ T7005] F2FS-fs (loop2): Found nat_bits in checkpoint [ 116.029894][ T7005] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 116.048733][ T7005] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 116.133759][ T5779] syz-executor: attempt to access beyond end of device [ 116.133759][ T5779] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 116.152832][ T5779] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 116.430952][ T27] usb 1-1: USB disconnect, device number 6 [ 116.654584][ T7023] loop2: detected capacity change from 0 to 4096 [ 116.681853][ T7023] ntfs: volume version 3.1. [ 116.726181][ T7019] loop1: detected capacity change from 0 to 32768 [ 116.767378][ T7019] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 116.889221][ T7019] XFS (loop1): Ending clean mount [ 117.024601][ T7043] loop3: detected capacity change from 0 to 256 [ 117.041865][ T5783] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 117.065495][ T7043] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 117.680789][ T7045] loop1: detected capacity change from 0 to 32768 [ 117.716995][ T7045] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 117.742844][ T7045] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 117.827923][ T7057] loop2: detected capacity change from 0 to 512 [ 117.835504][ T7057] EXT4-fs: Ignoring removed i_version option [ 117.858662][ T7057] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 117.925867][ T7057] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.958069][ T7057] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.971435][ T5783] ocfs2: Unmounting device (7,1) on (node local) [ 118.120003][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.462348][ T7067] loop3: detected capacity change from 0 to 32768 [ 118.633500][ T7069] loop0: detected capacity change from 0 to 32768 [ 118.646374][ T7069] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 118.693726][ T7069] XFS (loop0): Ending clean mount [ 118.740318][ T5782] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 118.932400][ T7089] loop1: detected capacity change from 0 to 128 [ 119.254437][ T787] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 119.440193][ T7094] loop2: detected capacity change from 0 to 32768 [ 119.446845][ T787] usb 1-1: Using ep0 maxpacket: 32 [ 119.452511][ T7094] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.435 (7094) [ 119.460981][ T7094] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 119.477136][ T7094] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 119.486036][ T7094] BTRFS info (device loop2): turning on async discard [ 119.490045][ T7104] loop1: detected capacity change from 0 to 512 [ 119.492925][ T7094] BTRFS info (device loop2): using free space tree [ 119.514519][ T787] usb 1-1: config 0 has an invalid interface number: 85 but max is 0 [ 119.524026][ T787] usb 1-1: config 0 has no interface number 0 [ 119.530174][ T787] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 119.532953][ T7104] EXT4-fs: Ignoring removed nobh option [ 119.543832][ T7106] netlink: 20 bytes leftover after parsing attributes in process `syz.3.440'. [ 119.553053][ T7104] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 119.558736][ T787] usb 1-1: config 0 interface 85 has no altsetting 0 [ 119.593666][ T787] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 119.594630][ T7094] BTRFS info (device loop2): enabling ssd optimizations [ 119.603955][ T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.617847][ T787] usb 1-1: Product: syz [ 119.622121][ T787] usb 1-1: Manufacturer: syz [ 119.626978][ T787] usb 1-1: SerialNumber: syz [ 119.633968][ T787] usb 1-1: config 0 descriptor?? [ 119.697909][ T7094] BTRFS error (device loop2): balance: invalid convert metadata profile raid1c4 [ 119.746317][ T7104] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6 [ 119.766465][ T5779] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 120.277978][ T7104] loop1: detected capacity change from 0 to 32768 [ 120.294395][ T787] appletouch 1-1:0.85: Geyser mode initialized. [ 120.315948][ T787] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input10 [ 120.364063][ T7104] syz.1.438: attempt to access beyond end of device [ 120.364063][ T7104] loop14: rw=0, sector=8, nr_sectors = 8 limit=0 [ 120.387831][ T7133] netlink: 24 bytes leftover after parsing attributes in process `syz.3.445'. [ 120.398519][ T7104] lbmIODone: I/O error in JFS log [ 120.398725][ T7104] *** Log Format Error ! *** [ 120.399175][ T7104] lmLogInit: exit(-22) [ 120.399437][ T7104] lmLogOpen: exit(-22) [ 120.598688][ T27] usb 1-1: USB disconnect, device number 7 [ 120.621129][ T27] appletouch 1-1:0.85: input: appletouch disconnected [ 120.779615][ T7147] loop1: detected capacity change from 0 to 64 [ 120.808851][ T967] hid-generic 0005:15C2:3010.0002: item fetching failed at offset 0/1 [ 120.832298][ T967] hid-generic: probe of 0005:15C2:3010.0002 failed with error -22 [ 120.857244][ T7147] hfs: request for non-existent node 1280 in B*Tree [ 120.866961][ T7147] hfs: request for non-existent node 1280 in B*Tree [ 121.074036][ T787] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 121.225755][ T7166] loop1: detected capacity change from 0 to 1024 [ 121.250200][ T7166] hfsplus: xattr search failed [ 121.264207][ T787] usb 4-1: Using ep0 maxpacket: 8 [ 121.277139][ T787] usb 4-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 121.287953][ T787] usb 4-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 121.298841][ T787] usb 4-1: Product: syz [ 121.303560][ T787] usb 4-1: Manufacturer: syz [ 121.311951][ T787] usb 4-1: SerialNumber: syz [ 121.320031][ T787] usb 4-1: config 0 descriptor?? [ 121.331780][ T787] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 121.420280][ T8] hid-generic 0003:0004:0FFF.0003: unknown main item tag 0x0 [ 121.428913][ T8] hid-generic 0003:0004:0FFF.0003: unknown main item tag 0x0 [ 121.436728][ T8] hid-generic 0003:0004:0FFF.0003: unknown main item tag 0x0 [ 121.449208][ T8] hid-generic 0003:0004:0FFF.0003: hidraw0: USB HID v0.03 Device [syz0] on syz0 [ 121.454116][ T27] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 121.587398][ T7179] loop1: detected capacity change from 0 to 64 [ 121.596950][ T7179] hfs: unable to locate alternate MDB [ 121.603731][ T7179] hfs: continuing without an alternate MDB [ 121.677454][ T27] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 121.697331][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.729823][ T27] usb 1-1: config 0 descriptor?? [ 121.738201][ T27] cp210x 1-1:0.0: cp210x converter detected [ 121.857079][ T7184] loop1: detected capacity change from 0 to 1024 [ 121.890883][ T7184] hfsplus: keylen 65060 too large [ 121.897805][ T7184] hfsplus: xattr search failed [ 121.952251][ T787] input: gspca_zc3xx as /devices/platform/dummy_hcd.3/usb4/4-1/input/input11 [ 122.153663][ T8] usb 4-1: USB disconnect, device number 5 [ 122.949369][ T7188] loop1: detected capacity change from 0 to 131072 [ 122.958930][ T7188] F2FS-fs (loop1): Invalid log sectorsize (67108873) [ 122.965715][ T7188] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 122.974278][ T27] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 122.995674][ T27] usb 1-1: cp210x converter now attached to ttyUSB0 [ 123.002362][ T7188] F2FS-fs (loop1): invalid crc value [ 123.024871][ T7188] F2FS-fs (loop1): Found nat_bits in checkpoint [ 123.069275][ T7188] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 123.076528][ T7188] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 123.099346][ T28] kauditd_printk_skb: 178 callbacks suppressed [ 123.099360][ T28] audit: type=1800 audit(1755618141.651:188): pid=7188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.469" name="file1" dev="loop1" ino=7 res=0 errno=0 [ 123.190899][ T27] usb 1-1: USB disconnect, device number 8 [ 123.208835][ T27] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 123.227455][ T27] cp210x 1-1:0.0: device disconnected [ 123.401302][ T7205] loop2: detected capacity change from 0 to 32768 [ 123.409450][ T7205] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.476 (7205) [ 123.426416][ T7205] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 123.436695][ T7205] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 123.447349][ T7205] BTRFS info (device loop2): setting nodatacow, compression disabled [ 123.457777][ T7205] BTRFS info (device loop2): max_inline at 0 [ 123.463798][ T7205] BTRFS info (device loop2): enabling disk space caching [ 123.471114][ T7205] BTRFS info (device loop2): turning on flush-on-commit [ 123.482577][ T7205] BTRFS info (device loop2): force clearing of disk cache [ 123.492977][ T7205] BTRFS info (device loop2): enabling ssd optimizations [ 123.504584][ T7205] BTRFS info (device loop2): turning off barriers [ 123.511363][ T7205] BTRFS info (device loop2): max_inline at 4096 [ 123.518284][ T7205] BTRFS info (device loop2): disk space caching is enabled [ 123.524362][ T8] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 123.585991][ T7205] BTRFS info (device loop2): auto enabling async discard [ 123.596559][ T7205] BTRFS info (device loop2): rebuilding free space tree [ 123.612426][ T7205] BTRFS info (device loop2): disabling free space tree [ 123.625210][ T7205] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 123.638433][ T7205] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 123.721708][ T8] usb 4-1: unable to get BOS descriptor or descriptor too short [ 123.733311][ T8] usb 4-1: no configurations [ 123.738128][ T8] usb 4-1: can't read configurations, error -22 [ 123.756641][ T5779] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 124.284325][ T7223] loop3: detected capacity change from 0 to 1024 [ 124.292522][ T7223] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 124.335363][ T7223] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.387952][ T7223] EXT4-fs error (device loop3): ext4_xattr_inode_iget:440: inode #11: comm syz.3.477: missing EA_INODE flag [ 124.429507][ T7223] EXT4-fs (loop3): Remounting filesystem read-only [ 124.444161][ T7223] EXT4-fs warning (device loop3): ext4_xattr_inode_dec_ref_all:1238: inode #18: comm syz.3.477: ea_inode dec ref err=-5 [ 124.464437][ T7223] EXT4-fs warning (device loop3): ext4_evict_inode:272: xattr delete (err -5) [ 124.579473][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.726700][ T50] block nbd1: Receive control failed (result -32) [ 124.827916][ T7227] loop0: detected capacity change from 0 to 40427 [ 124.848087][ T7227] F2FS-fs (loop0): Found nat_bits in checkpoint [ 124.931672][ T7227] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 125.063020][ T5782] syz-executor: attempt to access beyond end of device [ 125.063020][ T5782] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 125.085542][ T5782] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 125.274762][ T7238] loop3: detected capacity change from 0 to 32768 [ 125.293521][ T7238] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 125.325528][ T7238] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 125.349616][ T7238] XFS (loop3): Starting recovery (logdev: internal) [ 125.375968][ T7238] XFS (loop3): Ending recovery (logdev: internal) [ 125.394441][ T7238] XFS (loop3): Quotacheck needed: Please wait. [ 125.431763][ T5842] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 125.455115][ T7238] XFS (loop3): Quotacheck: Done. [ 125.573168][ T5784] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 125.641900][ T5842] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 125.669218][ T5842] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 125.689983][ T5842] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 125.701664][ T5842] usb 2-1: config 220 has no interface number 2 [ 125.708130][ T5842] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 125.731532][ T5842] usb 2-1: config 220 interface 0 has no altsetting 0 [ 125.743548][ T5842] usb 2-1: config 220 interface 76 has no altsetting 0 [ 125.751014][ T5842] usb 2-1: config 220 interface 1 has no altsetting 0 [ 125.760801][ T5842] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 125.781254][ T5842] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.794594][ T5842] usb 2-1: Product: syz [ 125.804388][ T5842] usb 2-1: Manufacturer: syz [ 125.809123][ T5842] usb 2-1: SerialNumber: syz [ 126.041625][ T5842] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 126.056146][ T5842] usb 2-1: No valid video chain found. [ 126.071997][ T5842] usb 2-1: selecting invalid altsetting 0 [ 126.107997][ T5842] usb 2-1: selecting invalid altsetting 0 [ 126.113875][ T5842] usbtest: probe of 2-1:220.1 failed with error -22 [ 126.141154][ T5842] usb 2-1: USB disconnect, device number 7 [ 126.265305][ T7259] loop2: detected capacity change from 0 to 32768 [ 126.304279][ T7259] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 126.338419][ T7259] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 126.447508][ T7259] (syz.2.486,7259,1):ocfs2_read_blocks:239 ERROR: status = -12 [ 126.473540][ T7259] (syz.2.486,7259,1):ocfs2_search_chain:1761 ERROR: status = -12 [ 126.490616][ T7259] (syz.2.486,7259,1):ocfs2_search_chain:1871 ERROR: status = -12 [ 126.511838][ T7259] (syz.2.486,7259,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -12 [ 126.546904][ T7259] (syz.2.486,7259,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -12 [ 126.559791][ T7265] loop3: detected capacity change from 0 to 40427 [ 126.565899][ T7259] (syz.2.486,7259,1):__ocfs2_claim_clusters:2355 ERROR: status = -12 [ 126.581188][ T7259] (syz.2.486,7259,1):__ocfs2_claim_clusters:2363 ERROR: status = -12 [ 126.590081][ T7259] (syz.2.486,7259,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -12 [ 126.617356][ T7259] (syz.2.486,7259,0):ocfs2_local_alloc_new_window:1228 ERROR: status = -12 [ 126.626497][ T7259] (syz.2.486,7259,0):ocfs2_local_alloc_slide_window:1302 ERROR: status = -12 [ 126.636638][ T7259] (syz.2.486,7259,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -12 [ 126.639885][ T7265] F2FS-fs (loop3): Found nat_bits in checkpoint [ 126.648273][ T7259] (syz.2.486,7259,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -12 [ 126.663189][ T7259] (syz.2.486,7259,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -12 [ 126.674577][ T7269] (syz.2.486,7269,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 126.682528][ T7269] (syz.2.486,7269,0):ocfs2_search_chain:1761 ERROR: status = -12 [ 126.691915][ T7259] (syz.2.486,7259,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -12 [ 126.712033][ T7265] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 126.712167][ T7269] (syz.2.486,7269,0):ocfs2_search_chain:1871 ERROR: status = -12 [ 126.730669][ T7259] (syz.2.486,7259,0):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -12 [ 126.744644][ T7259] (syz.2.486,7259,0):ocfs2_lock_allocators:2672 ERROR: status = -12 [ 126.744687][ T7265] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 126.762959][ T7269] (syz.2.486,7269,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -12 [ 126.771577][ T7269] (syz.2.486,7269,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -12 [ 126.779617][ T7259] (syz.2.486,7259,0):ocfs2_extend_allocation:592 ERROR: status = -12 [ 126.780239][ T7269] (syz.2.486,7269,1):__ocfs2_claim_clusters:2355 ERROR: status = -12 [ 126.796573][ T7269] (syz.2.486,7269,1):__ocfs2_claim_clusters:2363 ERROR: status = -12 [ 126.804890][ T7269] (syz.2.486,7269,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -12 [ 126.813637][ T7269] (syz.2.486,7269,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -12 [ 126.821072][ T7259] (syz.2.486,7259,0):ocfs2_extend_no_holes:1029 ERROR: status = -12 [ 126.823597][ T7269] (syz.2.486,7269,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -12 [ 126.839668][ T7269] (syz.2.486,7269,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -12 [ 126.847867][ T7259] (syz.2.486,7259,0):ocfs2_expand_nonsparse_inode:1623 ERROR: status = -12 [ 126.851492][ T7269] (syz.2.486,7269,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -12 [ 126.863149][ T7259] (syz.2.486,7259,0):ocfs2_write_begin_nolock:1690 ERROR: status = -12 [ 126.866953][ T7269] (syz.2.486,7269,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -12 [ 126.879757][ T7259] (syz.2.486,7259,0):ocfs2_write_begin:1907 ERROR: status = -12 [ 126.892391][ T7269] (syz.2.486,7269,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -12 [ 126.901755][ T7269] (syz.2.486,7269,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -12 [ 126.910067][ T7259] syz.2.486 (7259) used greatest stack depth: 19376 bytes left [ 126.911256][ T7269] (syz.2.486,7269,1):ocfs2_symlink:1914 ERROR: status = -12 [ 126.927603][ T7269] (syz.2.486,7269,1):ocfs2_symlink:2068 ERROR: status = -12 [ 126.966781][ T5784] syz-executor: attempt to access beyond end of device [ 126.966781][ T5784] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 126.999767][ T5779] ocfs2: Unmounting device (7,2) on (node local) [ 127.008482][ T5784] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 127.504361][ T8] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 127.532906][ T7294] loop0: detected capacity change from 0 to 8 [ 127.698128][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 127.705881][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 127.716222][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 127.727199][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 127.737388][ T8] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 127.748597][ T8] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 127.762516][ T8] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 127.771774][ T8] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 127.779822][ T8] usb 3-1: Manufacturer: syz [ 127.788733][ T8] usb 3-1: config 0 descriptor?? [ 128.064007][ T8] rc_core: IR keymap rc-hauppauge not found [ 128.070028][ T8] Registered IR keymap rc-empty [ 128.075268][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.104165][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.136827][ T8] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 128.152830][ T8] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input12 [ 128.171763][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.205800][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.234245][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.274283][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.304159][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.350049][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.404098][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.464083][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.505513][ T7303] loop1: detected capacity change from 0 to 4096 [ 128.514073][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.521330][ T7303] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 128.544554][ T8] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 128.560030][ T7309] bridge0: port 3(syz_tun) entered blocking state [ 128.576635][ T8] mceusb 3-1:0.0: Registered Є with mce emulator interface version 1 [ 128.578367][ T7309] bridge0: port 3(syz_tun) entered disabled state [ 128.585300][ T8] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 128.598054][ T7309] syz_tun: entered allmulticast mode [ 128.613665][ T7309] syz_tun: entered promiscuous mode [ 128.621493][ T7309] bridge0: port 3(syz_tun) entered blocking state [ 128.628641][ T7309] bridge0: port 3(syz_tun) entered forwarding state [ 128.629773][ T8] usb 3-1: USB disconnect, device number 7 [ 128.976937][ T7322] loop1: detected capacity change from 0 to 2048 [ 128.991210][ T7325] tc_dump_action: action bad kind [ 129.018665][ T7322] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.042414][ T7322] overlayfs: failed to resolve './file0': -2 [ 129.070805][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.730252][ T7351] loop0: detected capacity change from 0 to 2048 [ 129.737929][ T7351] EXT4-fs: Ignoring removed nomblk_io_submit option [ 129.749233][ T7351] EXT4-fs: Ignoring removed nobh option [ 129.799099][ T7351] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.953607][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.967473][ T7345] loop2: detected capacity change from 0 to 32768 [ 129.989829][ T7345] (syz.2.516,7345,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 130.006882][ T7345] (syz.2.516,7345,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 130.074418][ T7345] (syz.2.516,7345,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 130.139706][ T7345] JBD2: Ignoring recovery information on journal [ 130.217187][ T7369] loop0: detected capacity change from 0 to 128 [ 130.249538][ T7345] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 130.292359][ T7369] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 130.332159][ T7369] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.463458][ T5782] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 130.496604][ T5779] ocfs2: Unmounting device (7,2) on (node local) [ 130.676172][ T7385] netlink: 4 bytes leftover after parsing attributes in process `syz.3.535'. [ 130.992142][ T7379] loop1: detected capacity change from 0 to 32768 [ 131.212869][ T7383] loop0: detected capacity change from 0 to 32768 [ 131.294031][ T7383] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 131.308423][ T7383] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 131.370401][ T7383] XFS (loop0): Ending clean mount [ 131.390354][ T7383] XFS (loop0): Quotacheck needed: Please wait. [ 131.475872][ T7383] XFS (loop0): Quotacheck: Done. [ 131.550105][ T5782] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 131.723935][ T7415] IPv6: NLM_F_CREATE should be specified when creating new route [ 131.774378][ T8] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 131.791622][ T7417] netlink: 24 bytes leftover after parsing attributes in process `syz.1.545'. [ 131.842017][ T28] audit: type=1326 audit(1755618150.391:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7418 comm="syz.1.546" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb4d078ebe9 code=0x0 [ 131.968066][ T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 131.978736][ T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 131.989341][ T8] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 131.998665][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 132.006807][ T8] usb 3-1: SerialNumber: syz [ 132.207144][ T7424] loop3: detected capacity change from 0 to 256 [ 132.245561][ T8] usb 3-1: 0:2 : does not exist [ 132.251513][ T8] usb 3-1: unit 255 not found! [ 132.293817][ T8] usb 3-1: USB disconnect, device number 8 [ 132.857338][ T7441] loop1: detected capacity change from 0 to 512 [ 132.870952][ T7441] EXT4-fs: Ignoring removed mblk_io_submit option [ 132.881731][ T7441] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 132.898742][ T7441] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 132.922937][ T7441] EXT4-fs (loop1): 1 truncate cleaned up [ 132.929958][ T7441] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.037198][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.056715][ T7449] loop3: detected capacity change from 0 to 64 [ 133.103640][ T28] audit: type=1800 audit(1755618151.651:190): pid=7449 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.560" name="file1" dev="loop3" ino=18 res=0 errno=0 [ 133.149469][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.158363][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.191654][ T7453] loop0: detected capacity change from 0 to 4096 [ 133.204168][ T7453] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 133.267820][ T7453] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 133.304214][ T7457] netlink: 4 bytes leftover after parsing attributes in process `syz.3.562'. [ 133.514789][ T7470] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 133.716656][ T7479] loop2: detected capacity change from 0 to 256 [ 133.726497][ T7479] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 133.741183][ T7479] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 133.771098][ T7482] loop0: detected capacity change from 0 to 1024 [ 133.772928][ T7480] Falling back ldisc for ptm0. [ 133.795905][ T7479] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 133.803401][ T28] audit: type=1800 audit(1755618152.351:191): pid=7482 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.574" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 133.872676][ T2952] hfsplus: b-tree write err: -5, ino 4 [ 133.911746][ T7484] loop3: detected capacity change from 0 to 512 [ 133.945142][ T7486] loop0: detected capacity change from 0 to 1024 [ 133.955657][ T7484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.968659][ T7484] ext4 filesystem being mounted at /149/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 133.969184][ T7486] EXT4-fs: inline encryption not supported [ 134.008349][ T7486] EXT4-fs: Ignoring removed bh option [ 134.016072][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.049826][ T7486] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.284760][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.304166][ T7498] ALSA: seq fatal error: cannot create timer (-19) [ 134.338421][ T7506] loop1: detected capacity change from 0 to 8 [ 134.995473][ T7515] loop0: detected capacity change from 0 to 32768 [ 135.030888][ T7515] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 135.050084][ T7515] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 135.132711][ T7515] XFS (loop0): Ending clean mount [ 135.176242][ T7515] XFS (loop0): Quotacheck needed: Please wait. [ 135.241269][ T7515] XFS (loop0): Quotacheck: Done. [ 135.327831][ T5782] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 135.388442][ T7524] loop3: detected capacity change from 0 to 40427 [ 135.410159][ T7524] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff [ 135.447309][ T7524] F2FS-fs (loop3): Image doesn't support compression [ 135.467507][ T7524] F2FS-fs (loop3): heap/no_heap options were deprecated [ 135.487094][ T7524] F2FS-fs (loop3): Image doesn't support compression [ 135.513085][ T7524] F2FS-fs (loop3): invalid crc value [ 135.522509][ T7524] F2FS-fs (loop3): Found nat_bits in checkpoint [ 135.600319][ T7524] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 135.685641][ T7524] syz.3.591: attempt to access beyond end of device [ 135.685641][ T7524] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 135.716924][ T7524] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 135.728125][ T7524] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 135.875268][ T7557] loop0: detected capacity change from 0 to 4096 [ 135.900238][ T7557] NILFS (loop0): invalid segment: Checksum error in segment payload [ 135.924197][ T7557] NILFS (loop0): trying rollback from an earlier position [ 135.978808][ T7557] NILFS (loop0): recovery complete [ 136.298348][ T7572] loop3: detected capacity change from 0 to 128 [ 136.309356][ T7572] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (54270!=39978) [ 136.319659][ T7572] EXT4-fs (loop3): group descriptors corrupted! [ 136.580127][ T7569] loop0: detected capacity change from 0 to 32768 [ 136.588620][ T7569] XFS: noikeep mount option is deprecated. [ 136.599101][ T7569] XFS (loop0): invalid logbufsize: 34816 [not 16k,32k,64k,128k or 256k] [ 136.632222][ T7580] netlink: 'syz.3.611': attribute type 11 has an invalid length. [ 136.693628][ T7582] netlink: 12 bytes leftover after parsing attributes in process `syz.3.612'. [ 136.744216][ T50] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 137.021458][ T7597] loop2: detected capacity change from 0 to 1024 [ 137.028753][ T7597] EXT4-fs: Ignoring removed bh option [ 137.035639][ T7597] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 137.058402][ T7597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.099471][ T7597] EXT4-fs error (device loop2): ext4_find_dest_de:2115: inode #12: block 7: comm syz.2.619: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 137.122975][ T7597] EXT4-fs (loop2): Remounting filesystem read-only [ 137.129698][ T7597] overlayfs: cleanup of 'index/#a' failed (-5) [ 137.194066][ T5842] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 137.201724][ T787] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 137.394099][ T787] usb 4-1: Using ep0 maxpacket: 16 [ 137.401019][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 137.412375][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1088, setting to 64 [ 137.423400][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 137.434674][ T787] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.445832][ T787] usb 4-1: config 0 interface 0 has no altsetting 0 [ 137.452456][ T787] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 137.461593][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 137.471719][ T5842] usb 2-1: New USB device found, idVendor=1e71, idProduct=2019, bcdDevice= 0.00 [ 137.481086][ T787] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.489194][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.504426][ T787] usb 4-1: config 0 descriptor?? [ 137.510235][ T6619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.512026][ T5842] usb 2-1: config 0 descriptor?? [ 137.528134][ T7589] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 137.607166][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.798132][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.924409][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.014494][ T787] nzxt-smart2 0003:1E71:2009.0005: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0 [ 138.039284][ T5842] nzxt-smart2 0003:1E71:2019.0004: hidraw1: USB HID v0.07 Device [HID 1e71:2019] on usb-dummy_hcd.1-1/input0 [ 138.111822][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.198646][ T787] usb 2-1: USB disconnect, device number 8 [ 138.301636][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 138.313559][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 138.323163][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 138.340891][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 138.350618][ T50] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 138.358794][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 138.390112][ T5842] usb 4-1: USB disconnect, device number 8 [ 138.774611][ T787] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 138.823233][ T7619] loop1: detected capacity change from 0 to 1024 [ 138.888589][ T7608] chnl_net:caif_netlink_parms(): no params data found [ 138.940395][ T76] hfsplus: b-tree write err: -5, ino 8 [ 138.963975][ T787] usb 1-1: Using ep0 maxpacket: 16 [ 138.975422][ T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 138.994858][ T787] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 138.997681][ T5788] Bluetooth: hci1: command tx timeout [ 139.013249][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.044152][ T787] usb 1-1: config 0 descriptor?? [ 139.116182][ T7621] IPv6: NLM_F_REPLACE set, but no existing node found! [ 139.243792][ T7608] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.252172][ T7608] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.264302][ T7608] bridge_slave_0: entered allmulticast mode [ 139.278965][ T7608] bridge_slave_0: entered promiscuous mode [ 139.352873][ T7608] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.368031][ T7608] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.378763][ T7608] bridge_slave_1: entered allmulticast mode [ 139.393054][ T7608] bridge_slave_1: entered promiscuous mode [ 139.465460][ T787] mcp2221 0003:04D8:00DD.0006: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 139.545755][ T7608] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 139.581467][ T7608] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 139.667505][ T7631] loop3: detected capacity change from 0 to 32768 [ 139.708271][ T7608] team0: Port device team_slave_0 added [ 139.816957][ T7608] team0: Port device team_slave_1 added [ 139.867013][ T7608] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 139.884097][ T7608] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.910338][ T787] usb 1-1: USB disconnect, device number 9 [ 139.960220][ T7608] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 140.021471][ T7608] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 140.035754][ T7608] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.061871][ T7608] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 140.146464][ T7635] team_slave_0: entered promiscuous mode [ 140.152728][ T7635] team_slave_1: entered promiscuous mode [ 140.160686][ T7635] macsec1: entered promiscuous mode [ 140.167516][ T7635] team0: entered promiscuous mode [ 140.174493][ T7635] team0: Device macsec1 is already an upper device of the team interface [ 140.194724][ T7635] team0: left promiscuous mode [ 140.200193][ T7635] team_slave_0: left promiscuous mode [ 140.205736][ T7635] team_slave_1: left promiscuous mode [ 140.353117][ T11] hsr_slave_0: left promiscuous mode [ 140.369431][ T11] hsr_slave_1: left promiscuous mode [ 140.380957][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 140.390150][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 140.394379][ T7643] support for cryptoloop has been removed. Use dm-crypt instead. [ 140.408202][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 140.424223][ T5788] Bluetooth: hci0: command tx timeout [ 140.443976][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 140.482094][ T11] bridge_slave_1: left allmulticast mode [ 140.492685][ T11] bridge_slave_1: left promiscuous mode [ 140.516492][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.551367][ T11] bridge_slave_0: left allmulticast mode [ 140.575740][ T11] bridge_slave_0: left promiscuous mode [ 140.589366][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.659755][ T11] veth1_macvtap: left promiscuous mode [ 140.667816][ T11] veth0_macvtap: left promiscuous mode [ 140.673633][ T11] veth1_vlan: left promiscuous mode [ 140.680704][ T11] veth0_vlan: left promiscuous mode [ 141.458999][ T7671] loop0: detected capacity change from 0 to 1024 [ 141.469607][ T7671] EXT4-fs: Ignoring removed nomblk_io_submit option [ 141.524887][ T7671] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.542373][ T11] team0 (unregistering): Port device team_slave_1 removed [ 141.612152][ T11] team0 (unregistering): Port device team_slave_0 removed [ 141.656242][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.699870][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 141.789980][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 142.059349][ T7682] loop0: detected capacity change from 0 to 1024 [ 142.100777][ T7682] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.114136][ T7682] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.216560][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.399976][ T11] bond0 (unregistering): Released all slaves [ 142.504646][ T7608] hsr_slave_0: entered promiscuous mode [ 142.511400][ T7608] hsr_slave_1: entered promiscuous mode [ 142.514078][ T5788] Bluetooth: hci0: command tx timeout [ 142.527388][ T7661] warning: `syz.3.645' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 142.605095][ T787] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 142.607784][ T7690] loop3: detected capacity change from 0 to 64 [ 142.825575][ T787] usb 1-1: Using ep0 maxpacket: 16 [ 142.832946][ T787] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 142.841640][ T787] usb 1-1: config 0 has no interface number 0 [ 142.855232][ T787] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 142.899291][ T787] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 142.933660][ T787] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 142.953053][ T787] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 142.963783][ T787] usb 1-1: Product: syz [ 142.973145][ T787] usb 1-1: SerialNumber: syz [ 142.989256][ T787] usb 1-1: config 0 descriptor?? [ 143.002236][ T787] cm109 1-1:0.8: invalid payload size 0, expected 4 [ 143.038418][ T787] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input13 [ 143.088659][ T7608] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 143.120857][ T11] IPVS: stop unused estimator thread 0... [ 143.129570][ T7608] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 143.154667][ T7608] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 143.173113][ T7608] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 143.207609][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 143.336404][ T7608] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.367739][ T7608] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.381381][ T76] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.388628][ T76] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.412300][ T2952] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.419634][ T2952] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.443388][ T7700] loop1: detected capacity change from 0 to 32768 [ 143.451484][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 143.460691][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 143.467968][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 143.475570][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 143.482696][ T787] usb 1-1: USB disconnect, device number 10 [ 143.482768][ C1] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 143.495639][ C1] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 143.508304][ T787] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 143.529854][ T7700] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.661 (7700) [ 143.549075][ T7700] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 143.559465][ T7700] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 143.570084][ T7700] BTRFS info (device loop1): enabling auto defrag [ 143.576834][ T7700] BTRFS info (device loop1): doing ref verification [ 143.583462][ T7700] BTRFS info (device loop1): use no compression [ 143.589852][ T7700] BTRFS info (device loop1): force clearing of disk cache [ 143.597224][ T7700] BTRFS info (device loop1): setting nodatacow, compression disabled [ 143.605506][ T7700] BTRFS info (device loop1): disabling free space tree [ 143.646823][ T7700] BTRFS info (device loop1): enabling ssd optimizations [ 143.654682][ T7700] BTRFS info (device loop1): auto enabling async discard [ 143.670412][ T7700] BTRFS info (device loop1): rebuilding free space tree [ 143.691251][ T7700] BTRFS info (device loop1): disabling free space tree [ 143.698947][ T7700] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 143.709158][ T7700] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 143.742614][ T7608] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.751236][ T28] audit: type=1800 audit(1755618162.311:192): pid=7700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.661" name="file2" dev="loop1" ino=261 res=0 errno=0 [ 143.963691][ T5783] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 144.192206][ T7608] veth0_vlan: entered promiscuous mode [ 144.255243][ T7608] veth1_vlan: entered promiscuous mode [ 144.376826][ T7741] loop0: detected capacity change from 0 to 1024 [ 144.388835][ T7608] veth0_macvtap: entered promiscuous mode [ 144.403103][ T7608] veth1_macvtap: entered promiscuous mode [ 144.466821][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.491935][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.509982][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.520681][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.531676][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.544719][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.565240][ T7608] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 144.591835][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 144.594237][ T5788] Bluetooth: hci0: command tx timeout [ 144.623984][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.642106][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 144.652785][ T787] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 144.665213][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.681697][ T7608] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 144.692473][ T7608] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.704786][ T7608] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 144.732459][ T7608] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.750439][ T7608] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.761477][ T7608] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.776984][ T7608] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.854502][ T787] usb 2-1: Using ep0 maxpacket: 8 [ 144.866558][ T787] usb 2-1: config index 0 descriptor too short (expected 30, got 18) [ 144.912350][ T787] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 144.922934][ T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.936721][ T787] usb 2-1: Product: syz [ 144.941033][ T787] usb 2-1: Manufacturer: syz [ 144.947332][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.955460][ T787] usb 2-1: SerialNumber: syz [ 144.960131][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.970952][ T787] usb 2-1: config 0 descriptor?? [ 144.983668][ T787] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 145.004447][ T787] usb 2-1: setting power ON [ 145.016441][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.027192][ T787] dvb-usb: bulk message failed: -22 (2/0) [ 145.037103][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.059878][ T787] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 145.073141][ T787] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 145.086491][ T787] usb 2-1: media controller created [ 145.132826][ T787] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 145.184120][ T787] usb 2-1: selecting invalid altsetting 6 [ 145.205049][ T787] usb 2-1: digital interface selection failed (-22) [ 145.211752][ T787] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 145.213360][ T7742] dvb-usb: bulk message failed: -22 (3/0) [ 145.225216][ T787] usb 2-1: setting power OFF [ 145.245258][ T7742] dvb-usb: bulk message failed: -22 (37/0) [ 145.261408][ T7756] dvb-usb: bulk message failed: -22 (3/0) [ 145.284321][ T787] dvb-usb: bulk message failed: -22 (2/0) [ 145.305045][ T7756] dvb-usb: bulk message failed: -22 (3/0) [ 145.311281][ T787] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 145.328242][ T787] (NULL device *): no alternate interface [ 145.385978][ T787] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 145.434393][ T787] usb 2-1: USB disconnect, device number 9 [ 145.672134][ T7772] loop3: detected capacity change from 0 to 1024 [ 145.742285][ T28] audit: type=1800 audit(1755618164.291:193): pid=7772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.678" name="file1" dev="loop3" ino=2 res=0 errno=0 [ 145.845684][ T7772] hfsplus: b-tree write err: -5, ino 3 [ 145.998737][ T76] hfsplus: bad catalog file entry [ 146.260930][ T7788] loop3: detected capacity change from 0 to 4096 [ 146.273427][ T7788] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 146.299444][ T7790] loop0: detected capacity change from 0 to 2048 [ 146.313566][ T7788] ntfs3: loop3: MFT: r=18, expect seq=1 instead of 0! [ 146.325906][ T7788] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 146.337088][ T7788] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 146.356120][ T7790] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.389821][ T7790] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 146.528291][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.629816][ T7800] loop0: detected capacity change from 0 to 64 [ 146.664185][ T5788] Bluetooth: hci0: command tx timeout [ 147.081843][ T7812] relay: one or more items not logged [item size (56) > sub-buffer size (7)] [ 147.187383][ T7814] loop0: detected capacity change from 0 to 2048 [ 147.189305][ T7798] loop3: detected capacity change from 0 to 40427 [ 147.219164][ T7814] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 147.219288][ T7798] F2FS-fs (loop3): invalid crc value [ 147.253989][ T7798] F2FS-fs (loop3): Found nat_bits in checkpoint [ 147.323844][ T7798] F2FS-fs (loop3): Start checkpoint disabled! [ 147.334368][ T7798] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 147.434024][ T787] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 147.564011][ T2952] kworker/u4:8: attempt to access beyond end of device [ 147.564011][ T2952] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 147.591890][ T2952] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 147.600164][ T2952] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 147.614260][ T2952] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 147.646853][ T787] usb 5-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 147.666080][ T787] usb 5-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b [ 147.678435][ T787] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.694278][ T787] usb 5-1: Product: syz [ 147.699152][ T787] usb 5-1: Manufacturer: syz [ 147.704126][ T787] usb 5-1: SerialNumber: syz [ 147.719717][ T787] usb 5-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state [ 147.866997][ T7836] pimreg: tun_chr_ioctl cmd 1074812117 [ 148.126360][ T7844] loop0: detected capacity change from 0 to 256 [ 148.182792][ T7844] FAT-fs (loop0): Directory bread(block 64) failed [ 148.196315][ T7844] FAT-fs (loop0): Directory bread(block 65) failed [ 148.214106][ T7844] FAT-fs (loop0): Directory bread(block 66) failed [ 148.232144][ T7844] FAT-fs (loop0): Directory bread(block 67) failed [ 148.253231][ T7844] FAT-fs (loop0): Directory bread(block 68) failed [ 148.269577][ T7844] FAT-fs (loop0): Directory bread(block 69) failed [ 148.282863][ T7844] FAT-fs (loop0): Directory bread(block 70) failed [ 148.304259][ T7844] FAT-fs (loop0): Directory bread(block 71) failed [ 148.312245][ T7844] FAT-fs (loop0): Directory bread(block 72) failed [ 148.331244][ T7844] FAT-fs (loop0): Directory bread(block 73) failed [ 148.388312][ T7838] loop1: detected capacity change from 0 to 32768 [ 148.473461][ T7846] input: syz0 as /devices/virtual/input/input14 [ 148.541779][ T787] usb 5-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter) [ 148.572381][ T787] usb 5-1: USB disconnect, device number 2 [ 148.652611][ T5842] IPVS: starting estimator thread 0... [ 148.744260][ T7851] IPVS: using max 18 ests per chain, 43200 per kthread [ 148.751400][ T5788] Bluetooth: hci0: command tx timeout [ 148.767576][ T7857] mmap: syz.0.717 (7857) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 149.367839][ T7884] loop1: detected capacity change from 0 to 47 [ 149.453419][ T7884] syz.1.712: attempt to access beyond end of device [ 149.453419][ T7884] loop1: rw=2049, sector=48, nr_sectors = 2 limit=47 [ 149.484816][ T7884] Buffer I/O error on dev loop1, logical block 24, lost async page write [ 149.499367][ T7891] syz.1.712: attempt to access beyond end of device [ 149.499367][ T7891] loop1: rw=2049, sector=50, nr_sectors = 2 limit=47 [ 149.535205][ T7891] Buffer I/O error on dev loop1, logical block 25, lost async page write [ 149.612047][ T7894] loop0: detected capacity change from 0 to 512 [ 149.648895][ T7894] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 149.684264][ T7894] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 149.733807][ T28] audit: type=1800 audit(1755618168.281:194): pid=7894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.733" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 149.775851][ T7886] loop4: detected capacity change from 0 to 32768 [ 149.811801][ T7886] JBD2: Ignoring recovery information on journal [ 149.819822][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.902607][ T7886] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 149.998526][ T7908] process 'syz.0.737' launched './file1' with NULL argv: empty string added [ 150.021095][ T7608] ocfs2: Unmounting device (7,4) on (node local) [ 150.139417][ T7911] loop1: detected capacity change from 0 to 256 [ 150.169133][ T5822] kernel write not supported for file /395/clear_refs (pid: 5822 comm: kworker/0:3) [ 150.205217][ T7911] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 150.232680][ T7911] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 150.443637][ T7924] team0: entered promiscuous mode [ 150.449308][ T7924] team_slave_0: entered promiscuous mode [ 150.459628][ T7924] team_slave_1: entered promiscuous mode [ 150.470637][ T7922] team0: left promiscuous mode [ 150.484077][ T7922] team_slave_0: left promiscuous mode [ 150.494441][ T7922] team_slave_1: left promiscuous mode [ 150.500691][ T7925] Zero length message leads to an empty skb [ 150.530706][ T7927] loop1: detected capacity change from 0 to 512 [ 150.583715][ T7927] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.746: casefold flag without casefold feature [ 150.611684][ T7927] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.746: couldn't read orphan inode 15 (err -117) [ 150.636131][ T7927] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.776489][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.975205][ T967] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 151.188810][ T967] usb 4-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00 [ 151.208750][ T967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.236489][ T967] usb 4-1: config 0 descriptor?? [ 151.667496][ T967] elecom 0003:056E:00FB.0007: unknown main item tag 0x0 [ 151.695561][ T967] elecom 0003:056E:00FB.0007: unknown main item tag 0x0 [ 151.704000][ T967] elecom 0003:056E:00FB.0007: unknown main item tag 0x0 [ 151.721622][ T967] elecom 0003:056E:00FB.0007: unknown main item tag 0x0 [ 151.736908][ T967] elecom 0003:056E:00FB.0007: unknown main item tag 0x0 [ 151.740257][ T7957] loop1: detected capacity change from 0 to 32768 [ 151.747597][ T967] elecom 0003:056E:00FB.0007: unknown main item tag 0x0 [ 151.774185][ T967] elecom 0003:056E:00FB.0007: unknown main item tag 0x0 [ 151.793650][ T967] elecom 0003:056E:00FB.0007: hidraw0: USB HID v10.00 Device [HID 056e:00fb] on usb-dummy_hcd.3-1/input0 [ 151.886252][ T5842] usb 4-1: USB disconnect, device number 9 [ 152.097300][ T7982] Bluetooth: MGMT ver 1.22 [ 152.191189][ T7987] loop4: detected capacity change from 0 to 128 [ 152.200180][ T7987] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 152.220455][ T7987] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 152.454908][ T7996] netlink: 4 bytes leftover after parsing attributes in process `syz.4.779'. [ 152.474211][ T7996] netlink: 39 bytes leftover after parsing attributes in process `syz.4.779'. [ 152.654209][ T967] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 152.691952][ T7992] loop0: detected capacity change from 0 to 32768 [ 152.741451][ T7992] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 152.837954][ T7992] XFS (loop0): Ending clean mount [ 152.853624][ T7992] XFS (loop0): User initiated shutdown received. [ 152.865755][ T967] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 152.877864][ T7992] XFS (loop0): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 152.891413][ T967] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 152.908140][ T967] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 152.915473][ T7992] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 152.917349][ T967] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 152.937331][ T967] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 152.950574][ T967] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 152.963962][ T967] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 152.982210][ T967] usb 2-1: Product: syz [ 152.988182][ T967] usb 2-1: Manufacturer: syz [ 153.003832][ T5782] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 153.005353][ T967] cdc_wdm 2-1:1.0: skipping garbage [ 153.028202][ T967] cdc_wdm 2-1:1.0: skipping garbage [ 153.054241][ T967] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 153.060238][ T967] cdc_wdm 2-1:1.0: Unknown control protocol [ 153.083560][ T7998] loop3: detected capacity change from 0 to 32768 [ 153.093729][ T7998] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.780 (7998) [ 153.134367][ T7998] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 153.164642][ T7998] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 153.194159][ T7998] BTRFS info (device loop3): enabling auto defrag [ 153.205457][ T7998] BTRFS info (device loop3): doing ref verification [ 153.223864][ T7998] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 153.254130][ T7998] BTRFS info (device loop3): trying to use backup root at mount time [ 153.262313][ T7998] BTRFS info (device loop3): max_inline at 4096 [ 153.279638][ T7998] BTRFS info (device loop3): enabling ssd optimizations [ 153.294041][ T7998] BTRFS info (device loop3): using spread ssd allocation scheme [ 153.312003][ T7998] BTRFS info (device loop3): using free space tree [ 153.409948][ T7998] BTRFS info (device loop3): auto enabling async discard [ 153.491614][ T5784] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 153.522396][ T8044] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 153.921660][ T8054] loop4: detected capacity change from 0 to 512 [ 153.945681][ T8054] EXT4-fs: Ignoring removed orlov option [ 153.967797][ T8054] EXT4-fs: Ignoring removed nomblk_io_submit option [ 153.985553][ T8054] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 154.028261][ T8054] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 154.045962][ T8059] sp0: Synchronizing with TNC [ 154.051030][ T8054] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.796: corrupted in-inode xattr: e_value size too large [ 154.071391][ T8059] [U] è [ 154.080227][ T8054] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.796: couldn't read orphan inode 15 (err -117) [ 154.097599][ T8054] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 154.128388][ T8047] loop0: detected capacity change from 0 to 32768 [ 154.138762][ T8047] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.794 (8047) [ 154.187001][ T7608] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.199140][ T8047] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 154.221560][ T8047] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 154.230878][ T8047] BTRFS info (device loop0): using free space tree [ 154.278782][ T8047] BTRFS info (device loop0): enabling ssd optimizations [ 154.286433][ T8047] BTRFS info (device loop0): auto enabling async discard [ 154.396615][ T8086] netlink: 340 bytes leftover after parsing attributes in process `syz.3.800'. [ 154.433612][ T5782] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 154.616823][ T5842] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 154.834107][ T5842] usb 5-1: Using ep0 maxpacket: 8 [ 154.845767][ T5842] usb 5-1: config 0 has an invalid interface number: 31 but max is 0 [ 154.864013][ T5842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 154.875694][ T5842] usb 5-1: config 0 has no interface number 0 [ 154.887193][ T5842] usb 5-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 154.896549][ T5842] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.904859][ T5842] usb 5-1: Product: syz [ 154.909179][ T5842] usb 5-1: Manufacturer: syz [ 154.913932][ T5842] usb 5-1: SerialNumber: syz [ 154.922050][ T5842] usb 5-1: config 0 descriptor?? [ 155.133028][ T5914] usb 5-1: USB disconnect, device number 3 [ 155.345138][ T5842] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 155.397541][ T5914] usb 2-1: USB disconnect, device number 10 [ 155.482648][ T8110] loop1: detected capacity change from 0 to 8192 [ 155.557859][ T5842] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 155.570761][ T5842] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 155.582502][ T5842] usb 1-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 155.591831][ T5842] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.616335][ T5842] usb 1-1: config 0 descriptor?? [ 156.041891][ T5842] steelseries 0003:1038:12B6.0008: unknown main item tag 0x0 [ 156.064174][ T5842] steelseries 0003:1038:12B6.0008: unknown main item tag 0x0 [ 156.083675][ T5842] steelseries 0003:1038:12B6.0008: unknown main item tag 0x0 [ 156.100560][ T5842] steelseries 0003:1038:12B6.0008: unknown main item tag 0x0 [ 156.112383][ T5842] steelseries 0003:1038:12B6.0008: unknown main item tag 0x0 [ 156.122416][ T5842] steelseries 0003:1038:12B6.0008: unknown main item tag 0x0 [ 156.132262][ T5842] steelseries 0003:1038:12B6.0008: unknown main item tag 0x0 [ 156.159306][ T5842] steelseries 0003:1038:12B6.0008: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.0-1/input0 [ 156.237583][ T8112] loop3: detected capacity change from 0 to 40427 [ 156.267195][ T8114] loop1: detected capacity change from 0 to 32768 [ 156.276562][ T8112] F2FS-fs (loop3): invalid crc value [ 156.296485][ T8112] F2FS-fs (loop3): Found nat_bits in checkpoint [ 156.346258][ T8114] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 156.362568][ T8112] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 156.417304][ T5784] syz-executor: attempt to access beyond end of device [ 156.417304][ T5784] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 156.432299][ T5784] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 156.442342][ T5783] (syz-executor,5783,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 76 [ 156.460569][ T5822] usb 1-1: USB disconnect, device number 11 [ 156.484560][ T5783] ocfs2: Unmounting device (7,1) on (node local) [ 157.145026][ T8135] loop4: detected capacity change from 0 to 32768 [ 157.181757][ T8135] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.821 (8135) [ 157.229087][ T8135] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 157.251154][ T8135] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 157.274038][ T8135] BTRFS info (device loop4): doing ref verification [ 157.280694][ T8135] BTRFS info (device loop4): using free space tree [ 157.382144][ T8156] netlink: 8 bytes leftover after parsing attributes in process `syz.0.825'. [ 157.443997][ T8135] BTRFS info (device loop4): enabling ssd optimizations [ 157.474095][ T8135] BTRFS info (device loop4): auto enabling async discard [ 157.490287][ T8137] loop1: detected capacity change from 0 to 40427 [ 157.512649][ T8143] loop3: detected capacity change from 0 to 32768 [ 157.527895][ T8137] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff [ 157.531718][ T8143] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.823 (8143) [ 157.561500][ T8137] F2FS-fs (loop1): invalid crc value [ 157.570317][ T8143] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 157.576204][ T8137] F2FS-fs (loop1): Found nat_bits in checkpoint [ 157.583382][ T8143] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 157.608277][ T8143] BTRFS info (device loop3): enabling disk space caching [ 157.633221][ T8143] BTRFS info (device loop3): doing ref verification [ 157.634405][ T7608] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 157.651450][ T8143] BTRFS info (device loop3): setting nodatacow, compression disabled [ 157.673162][ T8143] BTRFS info (device loop3): force clearing of disk cache [ 157.693423][ T8143] BTRFS info (device loop3): doing ref verification [ 157.700789][ T8143] BTRFS info (device loop3): disk space caching is enabled [ 157.710433][ T8137] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 157.825316][ T28] audit: type=1800 audit(1755618176.371:195): pid=8137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.819" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 157.879168][ T5783] syz-executor: attempt to access beyond end of device [ 157.879168][ T5783] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 157.929639][ T5783] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 157.946632][ T8143] BTRFS info (device loop3): auto enabling async discard [ 157.985241][ T8143] BTRFS info (device loop3): rebuilding free space tree [ 158.114046][ T8143] BTRFS info (device loop3): disabling free space tree [ 158.121441][ T8143] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 158.131831][ T8143] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 158.311093][ T5784] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 158.637823][ T8203] netlink: 4 bytes leftover after parsing attributes in process `syz.4.837'. [ 158.671160][ T8207] netlink: 24 bytes leftover after parsing attributes in process `syz.0.838'. [ 158.968326][ T8220] loop3: detected capacity change from 0 to 1024 [ 159.000086][ T8220] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c118, mo2=0002] [ 159.012731][ T8220] System zones: 0-1, 3-12 [ 159.028479][ T8220] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.101559][ T8220] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2797: inode #14: comm syz.3.844: corrupted in-inode xattr: bad magic number in in-inode xattr [ 159.140797][ T8231] loop4: detected capacity change from 0 to 2048 [ 159.160831][ T8220] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #14: comm syz.3.844: attempt to clear invalid blocks 1886221359 len 1 [ 159.189379][ T8231] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 159.253117][ T28] audit: type=1800 audit(1755618177.801:196): pid=8231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.847" name="file1" dev="loop4" ino=1346 res=0 errno=0 [ 159.291264][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 159.489199][ T8235] loop4: detected capacity change from 0 to 512 [ 159.528651][ T8235] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.571842][ T8229] loop0: detected capacity change from 0 to 32768 [ 159.579592][ T28] audit: type=1800 audit(1755618178.131:197): pid=8235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.849" name="file0" dev="loop4" ino=13 res=0 errno=0 [ 159.654569][ T8244] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in; [ 159.654569][ T8244] program syz.3.852 not setting count and/or reply_len properly [ 159.718368][ T7608] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.823289][ T8248] netlink: 180 bytes leftover after parsing attributes in process `syz.3.856'. [ 160.036868][ T8259] loop0: detected capacity change from 0 to 256 [ 160.069909][ T8259] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x467a0815, utbl_chksum : 0xe619d30d) [ 160.099255][ T8259] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 160.142875][ T8259] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000006) [ 160.280806][ T8269] syz.1.865 (8269) used greatest stack depth: 18696 bytes left [ 160.587358][ T8284] loop0: detected capacity change from 0 to 1764 [ 160.607775][ T8289] loop4: detected capacity change from 0 to 65 [ 160.659564][ T8289] BFS-fs: bfs_fill_super(): NOTE: filesystem loop4 was created with 512 inodes, the real maximum is 511, mounting anyway [ 160.841528][ T8] IPVS: starting estimator thread 0... [ 160.944835][ T8300] IPVS: using max 19 ests per chain, 45600 per kthread [ 161.289949][ T8295] loop3: detected capacity change from 0 to 32768 [ 161.341997][ T8295] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 161.370391][ T8316] loop1: detected capacity change from 0 to 128 [ 161.382595][ T8316] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 161.402120][ T8316] ext4 filesystem being mounted at /206/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 161.441452][ T8295] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 161.472202][ T8295] [ 161.474668][ T8295] ====================================================== [ 161.481701][ T8295] WARNING: possible circular locking dependency detected [ 161.488747][ T8295] 6.6.102-syzkaller #0 Not tainted [ 161.493876][ T8295] ------------------------------------------------------ [ 161.500908][ T8295] syz.3.877/8295 is trying to acquire lock: [ 161.506786][ T8295] ffff88805ee49538 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_init_acl+0x2fa/0x720 [ 161.516091][ T8295] [ 161.516091][ T8295] but task is already holding lock: [ 161.523452][ T8295] ffff88807c04c990 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1e7d/0x20c0 [ 161.532727][ T8295] [ 161.532727][ T8295] which lock already depends on the new lock. [ 161.532727][ T8295] [ 161.543130][ T8295] [ 161.543130][ T8295] the existing dependency chain (in reverse order) is: [ 161.552138][ T8295] [ 161.552138][ T8295] -> #5 (jbd2_handle){++++}-{0:0}: [ 161.559428][ T8295] start_this_handle+0x1e9d/0x20c0 [ 161.565152][ T8295] jbd2__journal_start+0x2bb/0x5b0 [ 161.570790][ T8295] jbd2_journal_start+0x2a/0x40 [ 161.576359][ T8295] ocfs2_start_trans+0x376/0x6c0 [ 161.582071][ T8295] ocfs2_mknod+0xe47/0x20f0 [ 161.587110][ T8295] ocfs2_create+0x196/0x410 [ 161.592161][ T8295] path_openat+0x1277/0x3190 [ 161.597281][ T8295] do_filp_open+0x1c5/0x3d0 [ 161.602354][ T8295] do_sys_openat2+0x12c/0x1c0 [ 161.607578][ T8295] __x64_sys_openat+0x139/0x160 [ 161.612968][ T8295] do_syscall_64+0x55/0xb0 [ 161.617902][ T8295] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 161.624324][ T8295] [ 161.624324][ T8295] -> #4 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 161.632902][ T8295] down_read+0x46/0x2e0 [ 161.637578][ T8295] ocfs2_start_trans+0x36a/0x6c0 [ 161.643043][ T8295] ocfs2_mknod+0xe47/0x20f0 [ 161.648087][ T8295] ocfs2_create+0x196/0x410 [ 161.653137][ T8295] path_openat+0x1277/0x3190 [ 161.658246][ T8295] do_filp_open+0x1c5/0x3d0 [ 161.663265][ T8295] do_sys_openat2+0x12c/0x1c0 [ 161.668477][ T8295] __x64_sys_openat+0x139/0x160 [ 161.673862][ T8295] do_syscall_64+0x55/0xb0 [ 161.678829][ T8295] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 161.685295][ T8295] [ 161.685295][ T8295] -> #3 (sb_internal#2){.+.+}-{0:0}: [ 161.692905][ T8295] ocfs2_start_trans+0x26b/0x6c0 [ 161.698568][ T8295] ocfs2_mknod+0xe47/0x20f0 [ 161.703698][ T8295] ocfs2_create+0x196/0x410 [ 161.708732][ T8295] path_openat+0x1277/0x3190 [ 161.713851][ T8295] do_filp_open+0x1c5/0x3d0 [ 161.718982][ T8295] do_sys_openat2+0x12c/0x1c0 [ 161.724037][ T5914] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 161.724162][ T8295] __x64_sys_openat+0x139/0x160 [ 161.724184][ T8295] do_syscall_64+0x55/0xb0 [ 161.742031][ T8295] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 161.748449][ T8295] [ 161.748449][ T8295] -> #2 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}: [ 161.758967][ T8295] down_write+0x97/0x1f0 [ 161.763733][ T8295] ocfs2_reserve_local_alloc_bits+0x126/0x24b0 [ 161.770479][ T8295] ocfs2_reserve_clusters_with_limit+0x1bf/0xba0 [ 161.777431][ T8295] ocfs2_mknod+0xdee/0x20f0 [ 161.782473][ T8295] ocfs2_create+0x196/0x410 [ 161.787512][ T8295] path_openat+0x1277/0x3190 [ 161.792637][ T8295] do_filp_open+0x1c5/0x3d0 [ 161.797772][ T8295] do_sys_openat2+0x12c/0x1c0 [ 161.802974][ T8295] __x64_sys_openat+0x139/0x160 [ 161.808377][ T8295] do_syscall_64+0x55/0xb0 [ 161.813317][ T8295] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 161.819741][ T8295] [ 161.819741][ T8295] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}: [ 161.830247][ T8295] down_write+0x97/0x1f0 [ 161.835024][ T8295] ocfs2_reserve_suballoc_bits+0x165/0x4360 [ 161.841454][ T8295] ocfs2_reserve_new_metadata_blocks+0x404/0x940 [ 161.848372][ T8295] ocfs2_init_xattr_set_ctxt+0x2f8/0x6e0 [ 161.854553][ T8295] ocfs2_xattr_set+0xb6d/0x11f0 [ 161.860006][ T8295] __vfs_setxattr+0x431/0x470 [ 161.865203][ T8295] __vfs_setxattr_noperm+0x12d/0x5e0 [ 161.871215][ T8295] vfs_setxattr+0x16c/0x2f0 [ 161.876362][ T8295] path_setxattr+0x362/0x550 [ 161.881494][ T8295] __x64_sys_setxattr+0xbb/0xd0 [ 161.886883][ T8295] do_syscall_64+0x55/0xb0 [ 161.891837][ T8295] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 161.898252][ T8295] [ 161.898252][ T8295] -> #0 (&oi->ip_xattr_sem){++++}-{3:3}: [ 161.906175][ T8295] __lock_acquire+0x2ddb/0x7c80 [ 161.911544][ T8295] lock_acquire+0x197/0x410 [ 161.916557][ T8295] down_read+0x46/0x2e0 [ 161.921228][ T8295] ocfs2_init_acl+0x2fa/0x720 [ 161.926429][ T8295] ocfs2_mknod+0x12e5/0x20f0 [ 161.931530][ T8295] ocfs2_create+0x196/0x410 [ 161.936541][ T8295] path_openat+0x1277/0x3190 [ 161.941655][ T8295] do_filp_open+0x1c5/0x3d0 [ 161.946770][ T8295] do_sys_openat2+0x12c/0x1c0 [ 161.951958][ T8295] __x64_sys_openat+0x139/0x160 [ 161.957316][ T8295] do_syscall_64+0x55/0xb0 [ 161.962243][ T8295] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 161.968673][ T8295] [ 161.968673][ T8295] other info that might help us debug this: [ 161.968673][ T8295] [ 161.976384][ T5914] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 161.978886][ T8295] Chain exists of: [ 161.978886][ T8295] &oi->ip_xattr_sem --> &journal->j_trans_barrier --> jbd2_handle [ 161.978886][ T8295] [ 161.978921][ T8295] Possible unsafe locking scenario: [ 161.978921][ T8295] [ 161.978925][ T8295] CPU0 CPU1 [ 161.987856][ T5914] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 162.001473][ T8295] ---- ---- [ 162.001482][ T8295] rlock(jbd2_handle); [ 162.001495][ T8295] lock(&journal->j_trans_barrier); [ 162.001512][ T8295] lock(jbd2_handle); [ 162.001522][ T8295] rlock(&oi->ip_xattr_sem); [ 162.001532][ T8295] [ 162.001532][ T8295] *** DEADLOCK *** [ 162.001532][ T8295] [ 162.001536][ T8295] 8 locks held by syz.3.877/8295: [ 162.001547][ T8295] #0: ffff88801f7d4418 ( [ 162.011942][ T5914] usb 1-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c [ 162.014354][ T8295] sb_writers#13){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 162.014402][ T8295] #1: ffff88805ee49818 (&type->i_mutex_dir_key#8 [ 162.025174][ T5914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 162.030266][ T8295] ){++++}-{3:3}, at: path_openat+0x7c6/0x3190 [ 162.030312][ T8295] #2: ffff88805ef389d8 ( [ 162.034620][ T5914] usb 1-1: Product: syz [ 162.042281][ T8295] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x165/0x4360 [ 162.042334][ T8295] #3: ffff88805ef3b498 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3 [ 162.050418][ T5914] usb 1-1: Manufacturer: syz [ 162.053580][ T8295] ){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x165/0x4360 [ 162.062079][ T5914] usb 1-1: SerialNumber: syz [ 162.066895][ T8295] #4: ffff88805ef3d118 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}, at: ocfs2_reserve_local_alloc_bits+0x126/0x24b0 [ 162.073116][ T5914] usb 1-1: config 0 descriptor?? [ 162.080271][ T8295] #5: ffff88801f7d4608 (sb_internal#2){.+.+}-{0:0}, at: ocfs2_mknod+0xe47/0x20f0 [ 162.080325][ T8295] #6: ffff88807d658ce8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x36a/0x6c0 [ 162.080366][ T8295] #7: ffff88807c04c990 (jbd2_handle [ 162.090295][ T5914] ims_pcu 1-1:0.0: Missing CDC union descriptor [ 162.093975][ T8295] ){++++}-{0:0}, at: start_this_handle+0x1e7d/0x20c0 [ 162.094011][ T8295] [ 162.094011][ T8295] stack backtrace: [ 162.094029][ T8295] CPU: 0 PID: 8295 Comm: syz.3.877 Not tainted 6.6.102-syzkaller #0 [ 162.094044][ T8295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 162.094056][ T8295] Call Trace: [ 162.102270][ T5914] ims_pcu: probe of 1-1:0.0 failed with error -22 [ 162.108117][ T8295] [ 162.108141][ T8295] dump_stack_lvl+0x16c/0x230 [ 162.108166][ T8295] ? load_image+0x3b0/0x3b0 [ 162.256164][ T8295] ? show_regs_print_info+0x20/0x20 [ 162.261373][ T8295] ? print_circular_bug+0x12b/0x1a0 [ 162.266599][ T8295] check_noncircular+0x2bd/0x3c0 [ 162.271539][ T8295] ? print_deadlock_bug+0x5d0/0x5d0 [ 162.276728][ T8295] ? lockdep_lock+0xe0/0x220 [ 162.281335][ T8295] ? _find_first_zero_bit+0xd3/0x100 [ 162.286614][ T8295] __lock_acquire+0x2ddb/0x7c80 [ 162.291566][ T8295] ? verify_lock_unused+0x140/0x140 [ 162.296788][ T8295] ? __ocfs2_mknod_locked+0xbd2/0x1440 [ 162.302269][ T8295] ? __lock_acquire+0x7c80/0x7c80 [ 162.307321][ T8295] ? do_raw_spin_lock+0x121/0x2c0 [ 162.312547][ T8295] ? __rwlock_init+0x150/0x150 [ 162.317338][ T8295] lock_acquire+0x197/0x410 [ 162.321874][ T8295] ? ocfs2_init_acl+0x2fa/0x720 [ 162.326914][ T8295] ? __might_sleep+0xe0/0xe0 [ 162.331778][ T8295] ? read_lock_is_recursive+0x20/0x20 [ 162.337251][ T8295] ? trace_ocfs2_claim_new_inode_at_loc+0x1c0/0x1c0 [ 162.343864][ T8295] ? mark_lock+0x94/0x320 [ 162.348239][ T8295] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 162.354245][ T8295] down_read+0x46/0x2e0 [ 162.358414][ T8295] ? ocfs2_init_acl+0x2fa/0x720 [ 162.363410][ T8295] ocfs2_init_acl+0x2fa/0x720 [ 162.368122][ T8295] ? ocfs2_mknod_locked+0x149/0x250 [ 162.373330][ T8295] ? ocfs2_acl_chmod+0x320/0x320 [ 162.378288][ T8295] ? dquot_alloc_inode+0x211/0xa40 [ 162.383405][ T8295] ? ocfs2_block_signals+0x95/0xd0 [ 162.388511][ T8295] ? ocfs2_free_mem_caches+0x50/0x50 [ 162.393811][ T8295] ? ocfs2_init_security_get+0x139/0x1a0 [ 162.399461][ T8295] ocfs2_mknod+0x12e5/0x20f0 [ 162.404097][ T8295] ? ocfs2_mkdir+0x410/0x410 [ 162.408706][ T8295] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 162.414612][ T8295] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 162.420517][ T8295] ? ocfs2_inode_unlock+0xa5/0x140 [ 162.425635][ T8295] ? __lock_acquire+0x7c80/0x7c80 [ 162.430662][ T8295] ? __rwlock_init+0x150/0x150 [ 162.435423][ T8295] ? do_raw_spin_unlock+0x121/0x230 [ 162.440642][ T8295] ? rcu_is_watching+0x15/0xb0 [ 162.445414][ T8295] ? ocfs2_lookup+0x495/0x940 [ 162.450101][ T8295] ocfs2_create+0x196/0x410 [ 162.454613][ T8295] ? ocfs2_update_inode_fsync_trans+0x240/0x240 [ 162.460857][ T8295] ? from_kgid+0x15d/0x680 [ 162.465309][ T8295] ? ocfs2_lookup+0x940/0x940 [ 162.470003][ T8295] ? HAS_UNMAPPED_ID+0x11a/0x180 [ 162.475019][ T8295] ? inode_permission+0xf3/0x480 [ 162.479978][ T8295] ? bpf_lsm_inode_create+0x9/0x10 [ 162.485084][ T8295] ? security_inode_create+0xb7/0x100 [ 162.490454][ T8295] ? ocfs2_lookup+0x940/0x940 [ 162.495159][ T8295] path_openat+0x1277/0x3190 [ 162.499803][ T8295] ? do_filp_open+0x3d0/0x3d0 [ 162.504665][ T8295] do_filp_open+0x1c5/0x3d0 [ 162.509175][ T8295] ? vfs_tmpfile+0x490/0x490 [ 162.513763][ T8295] ? _raw_spin_unlock+0x28/0x40 [ 162.518634][ T8295] ? alloc_fd+0x58f/0x630 [ 162.523078][ T8295] do_sys_openat2+0x12c/0x1c0 [ 162.527847][ T8295] ? do_sys_open+0xe0/0xe0 [ 162.532261][ T8295] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 162.538348][ T8295] ? lock_chain_count+0x20/0x20 [ 162.543200][ T8295] __x64_sys_openat+0x139/0x160 [ 162.548051][ T8295] do_syscall_64+0x55/0xb0 [ 162.552499][ T8295] ? clear_bhb_loop+0x40/0x90 [ 162.557189][ T8295] ? clear_bhb_loop+0x40/0x90 [ 162.561888][ T8295] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 162.567829][ T8295] RIP: 0033:0x7f49a738ebe9 [ 162.572257][ T8295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.591855][ T8295] RSP: 002b:00007f49a812a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 162.600261][ T8295] RAX: ffffffffffffffda RBX: 00007f49a75b5fa0 RCX: 00007f49a738ebe9 [ 162.608273][ T8295] RDX: 0000000000101042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 162.616341][ T8295] RBP: 00007f49a7411e19 R08: 0000000000000000 R09: 0000000000000000 [ 162.624304][ T8295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 162.632275][ T8295] R13: 00007f49a75b6038 R14: 00007f49a75b5fa0 R15: 00007ffd0dce2228 [ 162.640693][ T8295] [ 162.667311][ T5783] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 162.684074][ T5822] usb 1-1: USB disconnect, device number 12 [ 162.709845][ T5784] ocfs2: Unmounting device (7,3) on (node local)