last executing test programs: 2.736085627s ago: executing program 4 (id=6071): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000000c0)={0xffffffff, 0x2, 0x7, "16d537d858baa39b0926000ca576fafa46d00d68d4d058fa8238d16523291ee4", 0x47524247}) 2.452253513s ago: executing program 4 (id=6075): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2a, 0x25dfdbff, {}, [@FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e25, 0x4e24}}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0) 2.157085628s ago: executing program 4 (id=6081): r0 = syz_open_dev$sndpcmp(&(0x7f0000000340), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r0, 0xc2604110, &(0x7f0000000380)={0x0, [[0x1fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0xfbf1a000], [0x8002]], '\x00', [{0x0, 0x9}, {0x0, 0xc}, {0x0, 0x1efb660a}], '\x00', 0x3f9, 0x0, 0x0, 0x0, 0x0, 0x2}) 1.937836272s ago: executing program 4 (id=6084): r0 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x8, @pix={0x6, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}) 1.726894247s ago: executing program 4 (id=6087): syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000900), 0x200008, &(0x7f0000000bc0)={[{@redirect_dir_nofollow}, {@metacopy_on}]}) 1.438984632s ago: executing program 4 (id=6091): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@barrier={'barrier', 0x3d, 0x7}}, {@heartbeat_none}, {@inode64}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000240)=@loop={'/dev/loop', 0x0}, 0xee00, &(0x7f0000000080)={0x3, 0x3, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x1}) 1.369266174s ago: executing program 0 (id=6092): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$VIDIOC_G_OUTPUT(r0, 0x8004562e, &(0x7f0000000200)) 1.305348915s ago: executing program 3 (id=6093): syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./file0\x00', 0x204818, &(0x7f00000000c0)={[{@overriderock}, {@nocompress}, {@hide}, {@map_off}, {@unhide}, {@iocharset={'iocharset', 0x3d, 'cp437'}}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {}]}, 0x1, 0x544, &(0x7f0000001000)="$eJzs3V9v01YfwPGfS/sQ5ZGqRw8TQlWBQ9mkIpXgJBAUceU5J+mBxI5sB7VXqKIpqkhhokxae8O4YZu0vQh2uRexd4T2EjbZTvqHJjHQv6u+nwjOiX3s8zup5Z/cxscCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADEcmu2XbSkabzOkhrNrQV+a/dtf+sDC+TWvmJMvyJW/E9yObmSLrry1e7qy/F/czKbvpuVXFzkZPu/l//34NLkxGD7MQF/lt+/cE+bW9vPV3q97qujCuQMunpx9LqG9kzom5bT0MqEvqpWKvadxXqo6qapw+Uw0i3lBtqJ/EDNu7dUsVotK11Y9jteo+Y09WDh/dsl266oh4W2doLQ9+48LITuomk2jddI2sSr4zb34wPxkYlUpJ2WUmvrvW45awBxo+KnNCplNSrZpVKxWCoVK/eq9+7b9uSBBfZH5ECLozto8e90hGdv4HAm+vlfmmLEk44siRr6cqUmgfjSGrG+b5D/v7mjx/a7N/8PsvyV3dUzkuT/a+m7a6Py/4hYTu61KVuyLc9lRXrSk668OvWITvbVEC2eGAnFFyMtcZIlqr9ESVUqUhFbnsii1CUUJXUx0hQtoSxLKJHo5IhyJRAtjkTiSyBK5sWVW6KkKFWpSlmUaCnIsvjSEU8aUhMn2cuarCefe1mUNSrGnUbFkcPID467rpTGjJb8j8M70vM3cBh/D/I/AAAAAAA4t6zkt+/x9f+UXE1qddPU9mmHBQAAAAAAjlDyl//ZuJiKa1fF4vofAAAAAIDzxkrusbNEJC/X09qaWMntUvwSAAAAAACAcyL5+/+1uEjmQLku1s50KVz/AwAAAABwTvycOcd+2L5o/fmXBMGU9ba99LW1kczN62xcSLe78PEeo/qMNd3fSVJU0mJy0tWzVi5ttDMJ5od+sZYVh7UbgLMTwI+fE8ClSflVbqRtbqym5epgTdpLvm6auuD6zQdFcZzpiUgvRd+/WP9BkuH/4rWmrZys97qFpy97q0ksb+O9vN3oT6B4YB7FMbG8TuZbSO65GDriqeRGjH6/eUvW1ntde+/4J9LNJ/b3+GZ6TJ/vZC5tNdef8Ta/f/y5uM9iYdTo+1EUDznyd3IzbXNz/mZaDImilBVFaW8Uwz+Lw0dRzoqifMgoAOC0rGVkIUsO5N0vOMt9WXaXz8zu72Q+bTM/k5xYJ2eGnNHtrDO6fcjs9seBZyCNyrFxv799lFXfxxu8H9lv2CxZ8Ud44fXGd3J5c2v79vrGyrPus+6LUqlcse/a9r2STCXD6BfkHgDAEHufsWMNzf+ZT+Gx7mZcVf9/5ysFBXkqL6Unq7KQ3G2QfONg6F7ze76GsJBx1ZpP0mT6hJeFMVd1/0nuchjstzS27f4YyifwkwAA4OTMZeThT8n/CxnX3ftz+fir4/yep7UBAIDjoYMPVj76yQoC035SrFaLTrSoVeC7j1Rgag2tjBfpwF10vIZW7cCPfNdvxpXHpqZDFXbabT+IVN0PVNsPzVIyfaDqP/o91C3Hi4wbtpvaCbVyfS9y3EjVTOiqdufbpgkXdZBsHLa1a+rGdSLjeyr0O4GrC0qFWu9paGrai0zdxFVPtQPTcoKceuw3Oy2tajp0A9OO/HSHg76MV/eDVrLbwml/2AAAnBGbW9vPV3q97qtjrAztOHfiQwUAAH0ZWRoAAAAAAAAAAAAAAAAAAAAAAJwBJ3H/H5VzXhlMBX1W4qFyBJXMU8ebYz85AThW/wQAAP//rVVPjw==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) 1.200765337s ago: executing program 0 (id=6096): unshare(0x22020600) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x3, 0x2) 1.085207279s ago: executing program 2 (id=6097): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002000000000000000000000604"], 0x0, 0x26}, 0x20) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340)=0xffffffffffffffff, 0x4) 1.00736208s ago: executing program 3 (id=6099): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0xfffffffffffffff4, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000040)={0x0, 0x8}) 939.416762ms ago: executing program 0 (id=6100): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000700000095000000000000006100000600000000bf91000000000000b7020000000000008500000000000000b700000000000000950000000000000060196912bf8bed129121bb22faf6c7f85805ed09fdb7048b325afa3086e6fea310568bd551217363fc977f29f449cf87d8ac8cdfcaf0c0e615e4c2706210cca97abea2d25edf6d0bf96ffe90149cd0f2a881b918efe1c88f1ed97cd9005d9f12b4449ad0"], &(0x7f0000000100)='GPL\x00', 0x4, 0x103, &(0x7f0000000140)=""/259}, 0x23) 878.285753ms ago: executing program 2 (id=6101): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000100)={0xb8, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x24, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6}]}]}]}, 0xb8}}, 0x0) 852.953184ms ago: executing program 1 (id=6102): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x4011}, 0x4000004) 738.514076ms ago: executing program 3 (id=6103): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0xfffe, 0xb007}, 0x4) 737.947026ms ago: executing program 0 (id=6104): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="11000000040000000400000002"], 0x48) bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000080)={r0, 0x58, &(0x7f00000003c0)}, 0x10) 635.398058ms ago: executing program 2 (id=6105): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d00010000000000000000000a00100011"], 0x1c}}, 0x0) 635.255658ms ago: executing program 1 (id=6106): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000010000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000100000180012800e000100776972656775617264"], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0) 576.223059ms ago: executing program 0 (id=6107): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f00000001c0)={0xc, 0x7, 0x6}) 512.82657ms ago: executing program 3 (id=6108): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, 0x0, &(0x7f0000000080)) 448.843712ms ago: executing program 1 (id=6109): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000006480)={0x28, 0x13, 0x1, 0x2, 0x25dfdbf6, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x13\x00\x00'}, @typed={0x8, 0x3fff, 0x0, 0x0, @fd}, @nested={0x8, 0x1a, 0x0, 0x1, [@nested={0x4}]}]}, 0x28}], 0x1}, 0x0) 381.304453ms ago: executing program 1 (id=6110): r0 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000200)='asymmetric\x00', 0x0) 336.823944ms ago: executing program 2 (id=6111): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000880)=@mangle={'mangle\x00', 0xc061, 0x6, 0x668, 0x3f8, 0x1f0, 0x4c8, 0x120, 0x0, 0x598, 0x598, 0x598, 0x598, 0x598, 0x6, 0x0, {[{{@ipv6={@mcast1, @private1, [], [], 'bond_slave_1\x00', 'veth1_vlan\x00'}, 0x0, 0xf8, 0x120, 0x0, {0x0, 0x3a010000}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @HL={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x1}}}, {{@ipv6={@mcast1, @private2, [], [], 'vlan0\x00', 'pimreg1\x00'}, 0x0, 0x1e0, 0x208, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @dev, @private2, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @loopback, @private1, @empty, @private1, @dev, @loopback]}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x0}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@loopback, @private2, [], [], 'batadv0\x00', 'virt_wifi0\x00'}, 0x0, 0xa8, 0xd0}, @inet=@TOS={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6c8) 316.594724ms ago: executing program 1 (id=6112): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@gettaction={0x30, 0x32, 0xe72c5f922f23cad9, 0x70bd27, 0x25dfdbfb, {}, [@action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0xfffffff9}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x40008c4}, 0x4000000) 277.683915ms ago: executing program 0 (id=6113): r0 = syz_open_dev$swradio(&(0x7f00000013c0), 0x1, 0x2) ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f0000001400)={0x0, 0x5, 0x9, 0x400, 0xd3c8, 0x9, 0x2}) 220.928806ms ago: executing program 3 (id=6114): r0 = socket$kcm(0x2b, 0x1, 0x0) setsockopt$sock_attach_bpf(r0, 0x11e, 0xd, 0x0, 0x0) 158.025417ms ago: executing program 2 (id=6115): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000a00)=@newsa={0x184, 0x10, 0x1, 0x0, 0x0, {{@in=@private=0xa010102, @in6=@private1, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@private0, 0x0, 0x6c}, @in6=@remote, {0x0, 0x40, 0x0, 0x0, 0x80000000, 0x1f6}, {}, {}, 0x0, 0x3505, 0xa, 0x1, 0x0, 0x41}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @algo_auth_trunc={0x4c, 0x14, {{'sha3-224-generic\x00'}, 0x0, 0x80}}]}, 0x184}}, 0x0) 87.398319ms ago: executing program 1 (id=6116): r0 = syz_open_dev$cec(&(0x7f0000000200), 0x0, 0x100) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000500)={"b0453822", 0x400, 0x6, 0x2, 0x0, 0x0, "3377f877c734c40400", '\x00', "ee8ccda7", "c77e072c", ["c3dad2b677ffffffffffec00", "51f3541a910080ffffcb3a10", "e100"]}) 84.055738ms ago: executing program 2 (id=6117): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f0000000280)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0x0, "e9796a", "db3c1b03d4bde4ff93051cddb8bf3b515102f2b3b744b7bd33883c1f9ee03e6d2f1f7b1a83f8e7748c3b5d478d47112931b3d962545f3bcd5c9f65dc7f94c6e84e92ddb24e71baecd9452bee60d9a7d01cbe16e9b2349daeb1c93035a8df7c79ca054f0ff61928fa7d92b4ccef5e5beffa0cf7f309a28d76b81279cca816978b18f3c02d80a9eea6b2d2fe463a3c5a273753363f31c5046de9b38b531693d1aed67524ab169ba5813bdb45734b7bd59716c47466c73391a10331e9e9c171416efec2334039470ae5f8306e24c29f76c28892384322bdcf4018dd154d575444d996c0a31f16bbe107c89a570467b6965995bbe04a2bc4283e2e3e56e92b9cb618"}}, 0x110) 0s ago: executing program 3 (id=6118): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0xcc, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0xff}}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x38, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}]}]}]}, 0xcc}}, 0x0) kernel console output (not intermixed with test programs): onstruction interval = 5 seconds, CP frequency < 30 seconds [ 316.640836][T16242] Bad inode number on dev loop3: 5 is out of range [ 316.645652][T16232] NILFS (loop2): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 316.715148][T16232] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=12) [ 316.795912][T16232] Remounting filesystem read-only [ 316.826345][T16232] NILFS (loop2): error -5 truncating bmap (ino=12) [ 317.032988][ T4266] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 317.059232][T16268] loop1: detected capacity change from 0 to 64 [ 317.082040][T16271] loop0: detected capacity change from 0 to 256 [ 317.102912][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.109328][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.171295][T16268] overlayfs: filesystem on './file0' not supported [ 317.237251][T16271] FAT-fs (loop0): Directory bread(block 64) failed [ 317.268918][T16271] FAT-fs (loop0): Directory bread(block 65) failed [ 317.295960][T16271] FAT-fs (loop0): Directory bread(block 66) failed [ 317.315852][T16271] FAT-fs (loop0): Directory bread(block 67) failed [ 317.364525][T16271] FAT-fs (loop0): Directory bread(block 68) failed [ 317.379972][T16271] FAT-fs (loop0): Directory bread(block 69) failed [ 317.398425][T16271] FAT-fs (loop0): Directory bread(block 70) failed [ 317.405014][T16271] FAT-fs (loop0): Directory bread(block 71) failed [ 317.449920][T16271] FAT-fs (loop0): Directory bread(block 72) failed [ 317.456598][T16271] FAT-fs (loop0): Directory bread(block 73) failed [ 317.701360][T16309] xt_CT: You must specify a L4 protocol and not use inversions on it [ 318.387605][T16357] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3945'. [ 318.402060][T16358] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 318.458519][T16357] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3945'. [ 318.495614][T16357] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3945'. [ 318.771572][T16378] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3951'. [ 319.024512][ T4268] Bluetooth: hci4: unexpected event 0x06 length: 4 > 3 [ 319.052941][T16395] loop3: detected capacity change from 0 to 16 [ 319.090317][T16395] erofs: (device loop3): mounted with root inode @ nid 36. [ 319.150738][T16395] erofs: (device loop3): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36 [ 319.192232][T16395] erofs: (device loop3): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36 [ 319.232540][T16395] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117] [ 319.236147][T16400] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 319.364166][T16353] loop0: detected capacity change from 0 to 40427 [ 319.427017][T16353] F2FS-fs (loop0): Wrong secs_per_zone / total_sections (76545, 24) [ 319.468960][T16353] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 319.538078][T16353] F2FS-fs (loop0): invalid crc value [ 319.617903][T16353] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 319.822764][T16353] F2FS-fs (loop0): recover fsync data on readonly fs [ 319.895587][T16353] F2FS-fs (loop0): Try to recover 2th superblock, ret: -30 [ 319.925623][T16353] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 320.269846][T16460] loop2: detected capacity change from 0 to 256 [ 320.398811][T16460] FAT-fs (loop2): Directory bread(block 64) failed [ 320.427181][T16460] FAT-fs (loop2): Directory bread(block 65) failed [ 320.448398][T16460] FAT-fs (loop2): Directory bread(block 66) failed [ 320.455773][T16460] FAT-fs (loop2): Directory bread(block 67) failed [ 320.484073][T16460] FAT-fs (loop2): Directory bread(block 68) failed [ 320.496930][T16468] loop1: detected capacity change from 0 to 4096 [ 320.523015][T16460] FAT-fs (loop2): Directory bread(block 69) failed [ 320.545792][T16460] FAT-fs (loop2): Directory bread(block 70) failed [ 320.564949][T16460] FAT-fs (loop2): Directory bread(block 71) failed [ 320.595419][T16460] FAT-fs (loop2): Directory bread(block 72) failed [ 320.625982][T16460] FAT-fs (loop2): Directory bread(block 73) failed [ 320.709536][T16483] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 320.748628][T16468] NILFS (loop1): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 320.798470][T16468] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=12) [ 320.848246][T16468] Remounting filesystem read-only [ 320.874100][T16468] NILFS (loop1): error -5 truncating bmap (ino=12) [ 320.887341][T16490] netlink: 'syz.3.3984': attribute type 5 has an invalid length. [ 320.920225][T16490] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3984'. [ 320.983596][ T4267] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 321.131640][T16505] loop2: detected capacity change from 0 to 128 [ 321.279037][T16505] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 321.322153][T16519] loop0: detected capacity change from 0 to 64 [ 321.440024][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 321.601819][T16529] loop3: detected capacity change from 0 to 4096 [ 321.697440][T16529] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 321.849002][T16554] loop4: detected capacity change from 0 to 16 [ 321.900668][T16554] erofs: (device loop4): mounted with root inode @ nid 36. [ 321.938739][T16554] erofs: (device loop4): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36 [ 321.969886][ T4272] EXT4-fs (loop3): unmounting filesystem. [ 322.022963][T16554] erofs: (device loop4): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36 [ 322.056122][T16554] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 322.138037][T16573] loop0: detected capacity change from 0 to 1024 [ 322.290282][T16573] hfsplus: bad catalog entry type [ 322.561493][T16594] netlink: 88 bytes leftover after parsing attributes in process `syz.4.4014'. [ 323.739658][T16668] xt_TPROXY: Can be used only with -p tcp or -p udp [ 323.922490][T16680] loop2: detected capacity change from 0 to 64 [ 324.916587][T16744] loop4: detected capacity change from 0 to 16 [ 324.962997][T16744] erofs: (device loop4): mounted with root inode @ nid 36. [ 325.045389][T16745] loop3: detected capacity change from 0 to 4096 [ 325.348051][ T4346] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 325.504873][T16760] loop4: detected capacity change from 0 to 512 [ 325.530647][T16765] overlayfs: conflicting options: nfs_export=on,index=off [ 325.561721][ T4346] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 325.577595][T16760] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.4063: iget: bad i_size value: 38620345925642 [ 325.599706][ T4346] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 325.619248][ T4346] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.630710][T16760] EXT4-fs (loop4): Remounting filesystem read-only [ 325.667503][T16760] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.4063: couldn't read orphan inode 15 (err -117) [ 325.693727][ T4346] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 325.748344][T16760] EXT4-fs (loop4): Remounting filesystem read-only [ 325.765157][T16760] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 325.859316][T16784] IPv6: NLM_F_REPLACE set, but no existing node found! [ 325.923249][ T4277] EXT4-fs (loop4): unmounting filesystem. [ 326.017656][T16792] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4072'. [ 326.037098][T16792] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4072'. [ 326.197852][T16804] device vlan0 entered promiscuous mode [ 326.309041][T16813] netlink: 5 bytes leftover after parsing attributes in process `syz.0.4078'. [ 326.411064][T16819] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4080'. [ 326.427183][T16821] loop3: detected capacity change from 0 to 512 [ 326.434665][T16819] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4080'. [ 326.460501][T16821] EXT4-fs: inline encryption not supported [ 326.521949][T16821] EXT4-fs (loop3): 1 truncate cleaned up [ 326.548377][T16821] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 326.636225][ T4272] EXT4-fs (loop3): unmounting filesystem. [ 326.779311][ T4346] stv0680 3-1:4.0: STV(e): camera ping failed!! [ 326.857185][T16844] loop1: detected capacity change from 0 to 512 [ 326.960454][T16844] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 326.978202][T16844] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 326.980595][ T4346] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 326.988972][T16844] EXT4-fs (loop1): 1 truncate cleaned up [ 327.037796][T16844] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 327.041311][ T4346] stv0680 3-1:4.0: last error: 85, command = 0x7f [ 327.088690][ T4346] usb 3-1: USB disconnect, device number 16 [ 327.097906][T16844] EXT4-fs (loop1): unmounting filesystem. [ 327.618938][T16906] loop2: detected capacity change from 0 to 1024 [ 327.768434][ T4648] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 327.808324][ T4647] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 327.959880][ T4648] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 327.973738][ T4648] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 328.008339][ T4647] usb 4-1: Using ep0 maxpacket: 16 [ 328.017422][ T4647] usb 4-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4 [ 328.048290][ T4648] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 328.067270][ T4647] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.088198][ T4648] usb 2-1: config 220 has no interface number 2 [ 328.094586][ T4648] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 328.109765][ T4647] usb 4-1: Product: syz [ 328.113995][ T4647] usb 4-1: Manufacturer: syz [ 328.128255][ T4647] usb 4-1: SerialNumber: syz [ 328.136627][ T4647] usb 4-1: config 0 descriptor?? [ 328.154276][ T4648] usb 2-1: config 220 interface 0 has no altsetting 0 [ 328.178413][ T4647] usb_ehset_test: probe of 4-1:0.0 failed with error -32 [ 328.186253][ T4648] usb 2-1: config 220 interface 76 has no altsetting 0 [ 328.191411][T16938] ieee802154 phy0 wpan0: encryption failed: -22 [ 328.202156][ T4648] usb 2-1: config 220 interface 1 has no altsetting 0 [ 328.254875][ T4648] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 328.264325][ T4648] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.272829][ T4648] usb 2-1: Product: syz [ 328.277396][ T4648] usb 2-1: Manufacturer: syz [ 328.283497][ T4648] usb 2-1: SerialNumber: syz [ 328.385326][ T4650] usb 4-1: USB disconnect, device number 11 [ 328.510953][ T4648] usb 2-1: Found UVC 7.01 device syz (8086:0b07) [ 328.517365][ T4648] usb 2-1: No valid video chain found. [ 328.542202][ T4648] usb 2-1: selecting invalid altsetting 0 [ 328.609884][ T4648] usb 2-1: selecting invalid altsetting 0 [ 328.615678][ T4648] usbtest: probe of 2-1:220.1 failed with error -22 [ 328.624032][T16973] netlink: 'syz.2.4119': attribute type 1 has an invalid length. [ 328.631987][T16973] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4119'. [ 328.638088][ T4648] usb 2-1: USB disconnect, device number 10 [ 328.790441][T16987] loop0: detected capacity change from 0 to 1024 [ 328.848591][T16987] hfsplus: bad catalog entry type [ 328.952875][ T5554] hfsplus: b-tree write err: -5, ino 4 [ 329.060357][T17005] netlink: 272 bytes leftover after parsing attributes in process `syz.3.4125'. [ 329.419517][T17025] loop3: detected capacity change from 0 to 2048 [ 329.485303][T17034] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 329.682762][T17034] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 329.709070][T17034] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4) [ 329.804190][T17034] Remounting filesystem read-only [ 329.818837][ T4272] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 329.947195][T17061] loop4: detected capacity change from 0 to 256 [ 330.037705][T17061] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 330.196412][T17075] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4146'. [ 330.351432][T17084] loop4: detected capacity change from 0 to 512 [ 330.437402][T17097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4153'. [ 330.535257][T17103] xt_cgroup: xt_cgroup: no path or classid specified [ 330.535917][T17084] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 330.556461][T17084] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 330.566707][T17084] EXT4-fs error (device loop4): ext4_acquire_dquot:6816: comm syz.4.4149: Failed to acquire dquot type 1 [ 330.675665][T17084] EXT4-fs (loop4): 1 truncate cleaned up [ 330.695662][T17084] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 330.808764][T17084] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 330.834381][T17084] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 330.883078][T17084] EXT4-fs error (device loop4): ext4_acquire_dquot:6816: comm syz.4.4149: Failed to acquire dquot type 1 [ 330.898075][T17124] loop2: detected capacity change from 0 to 512 [ 330.952064][T17124] EXT4-fs: Ignoring removed nobh option [ 331.008384][T17124] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 331.078575][T17124] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802e02c, mo2=0002] [ 331.118396][T17124] EXT4-fs (loop2): orphan cleanup on readonly fs [ 331.127407][ T4277] EXT4-fs (loop4): unmounting filesystem. [ 331.170430][T17124] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #11: comm syz.2.4160: attempt to clear invalid blocks 1024 len 1 [ 331.268415][T17124] EXT4-fs (loop2): Remounting filesystem read-only [ 331.314329][T17124] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.4160: bg 0: block 361: padding at end of block bitmap is not set [ 331.386232][T17124] EXT4-fs (loop2): Remounting filesystem read-only [ 331.395826][T17153] loop4: detected capacity change from 0 to 2048 [ 331.427529][T17124] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 331.469166][T17159] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 331.493598][T17124] EXT4-fs (loop2): Remounting filesystem read-only [ 331.508993][T17165] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 331.520503][T17124] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.4160: invalid indirect mapped block 1811939328 (level 0) [ 331.544158][T17153] syz.4.4165: attempt to access beyond end of device [ 331.544158][T17153] loop4: rw=0, sector=281474976710722, nr_sectors = 2 limit=2048 [ 331.589254][T17124] EXT4-fs (loop2): Remounting filesystem read-only [ 331.595854][T17124] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.4160: invalid indirect mapped block 2185560079 (level 1) [ 331.613590][T17153] NILFS (loop4): I/O error reading b-tree node block (ino=16, blocknr=15) [ 331.640092][T17153] syz.4.4165: attempt to access beyond end of device [ 331.640092][T17153] loop4: rw=0, sector=281474976710722, nr_sectors = 2 limit=2048 [ 331.678827][T17124] EXT4-fs (loop2): Remounting filesystem read-only [ 331.686462][T17153] NILFS (loop4): I/O error reading b-tree node block (ino=16, blocknr=15) [ 331.705055][T17124] EXT4-fs (loop2): 1 truncate cleaned up [ 331.711060][T17153] NILFS (loop4): error -5 truncating bmap (ino=16) [ 331.716637][T17171] netlink: 666 bytes leftover after parsing attributes in process `syz.3.4172'. [ 331.728238][T17124] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 331.759570][T17174] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4173'. [ 331.914360][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 332.136025][T17198] loop1: detected capacity change from 0 to 512 [ 332.314288][T17198] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.4180: inode #1: comm syz.1.4180: iget: illegal inode # [ 332.427045][T17198] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.4180: error while reading EA inode 1 err=-117 [ 332.478994][T17198] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 332.551831][T17198] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.4180: inode #1: comm syz.1.4180: iget: illegal inode # [ 332.653708][T17198] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.4180: error while reading EA inode 1 err=-117 [ 332.714727][T17198] EXT4-fs (loop1): 1 orphan inode deleted [ 332.728250][T17198] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 332.933720][ T4267] EXT4-fs (loop1): unmounting filesystem. [ 333.212163][T17190] loop0: detected capacity change from 0 to 32768 [ 333.269460][T17190] XFS: ikeep mount option is deprecated. [ 333.311153][T17268] xt_recent: hitcount (4294967294) is larger than allowed maximum (255) [ 333.355600][T17190] XFS (loop0): Mounting V5 Filesystem [ 333.524858][T17190] XFS (loop0): Ending clean mount [ 333.559044][T17290] loop1: detected capacity change from 0 to 1024 [ 333.624878][T17190] XFS (loop0): Quotacheck needed: Please wait. [ 333.726453][T17190] XFS (loop0): Quotacheck: Done. [ 333.767404][T17305] loop3: detected capacity change from 0 to 64 [ 333.929431][ T4265] XFS (loop0): Unmounting Filesystem [ 334.520992][T17342] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4220'. [ 334.681557][T17346] netlink: 'syz.4.4221': attribute type 32 has an invalid length. [ 334.760157][T17354] loop0: detected capacity change from 0 to 24 [ 334.767222][T17354] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 334.879039][T17354] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 334.906016][T17302] loop1: detected capacity change from 0 to 32768 [ 335.095101][T17302] XFS (loop1): Mounting V5 Filesystem [ 335.240481][T17302] XFS (loop1): Ending clean mount [ 335.296952][T17302] XFS (loop1): syz.1.4208 should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported [ 335.317291][T17395] netlink: 'syz.2.4232': attribute type 10 has an invalid length. [ 335.379835][T17384] loop0: detected capacity change from 0 to 4096 [ 335.409977][T17384] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 335.451262][ T4267] XFS (loop1): Unmounting Filesystem [ 335.585144][T17384] ntfs3: loop0: failed to convert "c46c" to koi8-ru [ 335.842028][T17414] xt_CT: You must specify a L4 protocol and not use inversions on it [ 335.996226][T17426] loop4: detected capacity change from 0 to 1024 [ 336.642447][T17471] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4254'. [ 336.746747][T17476] loop3: detected capacity change from 0 to 256 [ 337.166343][T17504] netlink: 'syz.2.4264': attribute type 32 has an invalid length. [ 337.779606][T17550] netlink: 'syz.2.4278': attribute type 21 has an invalid length. [ 337.815772][T17539] loop1: detected capacity change from 0 to 4096 [ 337.846816][T17539] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 337.906106][T17539] ntfs3: loop1: ino=0, attr_set_size [ 337.928563][ T4648] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 338.056358][T17567] loop4: detected capacity change from 0 to 128 [ 338.120020][ T4648] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 338.120522][T17571] (unnamed net_device) (uninitialized): up delay (7) is not a multiple of miimon (3), value rounded to 6 ms [ 338.139093][ T4648] usb 1-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 338.214711][ T4648] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.237517][T17571] (unnamed net_device) (uninitialized): down delay (7) is not a multiple of miimon (3), value rounded to 6 ms [ 338.269443][ T4648] usb 1-1: config 0 descriptor?? [ 338.355889][T17571] 8021q: adding VLAN 0 to HW filter on device bond2 [ 338.653871][T17638] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4291'. [ 338.707702][T17638] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4291'. [ 338.744502][T17643] xt_TCPMSS: Only works on TCP SYN packets [ 338.750926][ T5049] usb 1-1: USB disconnect, device number 12 [ 339.297964][T17686] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4304'. [ 339.320977][T17686] unsupported nlmsg_type 40 [ 339.375480][T17689] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4305'. [ 339.566043][ T26] audit: type=1326 audit(339.517:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17697 comm="syz.2.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 339.668229][ T26] audit: type=1326 audit(339.517:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17697 comm="syz.2.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 339.706642][T17678] loop4: detected capacity change from 0 to 32768 [ 339.723510][ T26] audit: type=1326 audit(339.567:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17697 comm="syz.2.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 339.791741][T17709] loop2: detected capacity change from 0 to 8 [ 339.838525][ T26] audit: type=1326 audit(339.567:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17697 comm="syz.2.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 339.870484][ T26] audit: type=1326 audit(339.567:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17697 comm="syz.2.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 339.893315][ T26] audit: type=1326 audit(339.567:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17697 comm="syz.2.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 339.917815][T17709] SQUASHFS error: zlib decompression failed, data probably corrupt [ 339.957964][T17709] SQUASHFS error: Failed to read block 0x9b: -5 [ 339.978520][T17709] SQUASHFS error: Unable to read metadata cache entry [99] [ 339.996107][ T26] audit: type=1326 audit(339.567:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17697 comm="syz.2.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 340.028425][T17709] SQUASHFS error: Unable to read inode 0x127 [ 340.078239][ T26] audit: type=1326 audit(339.567:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17697 comm="syz.2.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 340.190408][ T26] audit: type=1326 audit(339.567:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17697 comm="syz.2.4308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 340.523490][T17747] loop2: detected capacity change from 0 to 64 [ 340.596105][T17751] ipt_CLUSTERIP: bad local_nodes[0] 0 [ 340.831458][T17769] xt_CT: You must specify a L4 protocol and not use inversions on it [ 341.007185][T17782] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.4332'. [ 341.098093][T17778] loop2: detected capacity change from 0 to 4096 [ 341.135105][T17788] loop4: detected capacity change from 0 to 1024 [ 341.187661][T17788] hfsplus: failed to load root directory [ 341.249520][T17794] loop1: detected capacity change from 0 to 256 [ 341.585197][T17810] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4338'. [ 341.610958][T17812] loop1: detected capacity change from 0 to 512 [ 341.700553][T17818] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4342'. [ 341.799956][T17823] loop0: detected capacity change from 0 to 256 [ 341.809760][T17812] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 341.840959][T17823] FAT-fs (loop0): Directory bread(block 64) failed [ 341.869742][T17829] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4344'. [ 341.898511][T17823] FAT-fs (loop0): Directory bread(block 65) failed [ 341.920026][ T4267] EXT4-fs (loop1): unmounting filesystem. [ 341.929253][T17823] FAT-fs (loop0): Directory bread(block 66) failed [ 341.935882][T17823] FAT-fs (loop0): Directory bread(block 67) failed [ 341.946559][T17823] FAT-fs (loop0): Directory bread(block 68) failed [ 341.953327][T17823] FAT-fs (loop0): Directory bread(block 69) failed [ 341.968779][T17823] FAT-fs (loop0): Directory bread(block 70) failed [ 342.029101][T17823] FAT-fs (loop0): Directory bread(block 71) failed [ 342.035987][T17823] FAT-fs (loop0): Directory bread(block 72) failed [ 342.073132][T17823] FAT-fs (loop0): Directory bread(block 73) failed [ 342.496803][T17861] loop0: detected capacity change from 0 to 4096 [ 342.544037][T17866] loop2: detected capacity change from 0 to 512 [ 342.601531][T17861] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 342.635747][T17877] xt_TPROXY: Can be used only with -p tcp or -p udp [ 342.659460][T17866] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 342.678428][T17866] EXT4-fs error (device loop2): ext4_acquire_dquot:6816: comm syz.2.4354: Failed to acquire dquot type 1 [ 342.750842][T17866] EXT4-fs (loop2): 1 truncate cleaned up [ 342.756614][T17866] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 342.817879][T17887] netlink: 88 bytes leftover after parsing attributes in process `syz.3.4358'. [ 342.933978][T17866] EXT4-fs error (device loop2): ext4_acquire_dquot:6816: comm syz.2.4354: Failed to acquire dquot type 1 [ 342.984246][ T4265] EXT4-fs (loop0): unmounting filesystem. [ 343.063012][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 343.288512][T17908] loop2: detected capacity change from 0 to 128 [ 343.339377][T17911] device vlan0 entered promiscuous mode [ 343.581476][T17930] loop0: detected capacity change from 0 to 8 [ 344.151873][T17961] loop0: detected capacity change from 0 to 512 [ 344.235361][T17961] EXT4-fs error (device loop0): ext4_acquire_dquot:6816: comm syz.0.4381: Failed to acquire dquot type 1 [ 344.257338][T17961] EXT4-fs (loop0): 1 truncate cleaned up [ 344.313750][T17915] loop3: detected capacity change from 0 to 40427 [ 344.322522][T17915] F2FS-fs (loop3): Wrong secs_per_zone / total_sections (76545, 24) [ 344.331207][T17915] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 344.341098][T17961] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 344.362251][T17961] EXT4-fs error (device loop0): ext4_acquire_dquot:6816: comm syz.0.4381: Failed to acquire dquot type 1 [ 344.392544][T17915] F2FS-fs (loop3): invalid crc value [ 344.416172][T17915] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 344.461859][T17975] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4383'. [ 344.472722][ T4265] EXT4-fs (loop0): unmounting filesystem. [ 344.494165][T17975] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4383'. [ 344.631114][T17915] F2FS-fs (loop3): recover fsync data on readonly fs [ 344.675882][T17915] F2FS-fs (loop3): Try to recover 2th superblock, ret: -30 [ 344.705477][T17915] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 344.924543][T18002] loop2: detected capacity change from 0 to 1024 [ 344.980680][T18005] loop1: detected capacity change from 0 to 512 [ 345.036155][T18005] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 345.124838][T18005] EXT4-fs (loop1): 1 truncate cleaned up [ 345.145466][T18005] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 345.217229][T18005] EXT4-fs error (device loop1): ext4_get_verity_descriptor_location:300: inode #15: comm syz.1.4393: verity file has no extents [ 345.231157][T18005] fs-verity (loop1, inode 15): Error -117 getting verity descriptor size [ 345.372727][ T4267] EXT4-fs (loop1): unmounting filesystem. [ 345.532680][T18034] loop1: detected capacity change from 0 to 512 [ 345.634820][T18034] __quota_error: 7 callbacks suppressed [ 345.634837][T18034] Quota error (device loop1): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 345.683129][T18034] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 345.693616][T18034] EXT4-fs error (device loop1): ext4_acquire_dquot:6816: comm syz.1.4396: Failed to acquire dquot type 1 [ 345.739653][T18034] EXT4-fs (loop1): 1 truncate cleaned up [ 345.745367][T18034] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 345.763868][T18034] Quota error (device loop1): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 345.776392][T18034] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 345.787050][T18034] EXT4-fs error (device loop1): ext4_acquire_dquot:6816: comm syz.1.4396: Failed to acquire dquot type 1 [ 345.960368][ T4267] EXT4-fs (loop1): unmounting filesystem. [ 346.262005][T18085] (unnamed net_device) (uninitialized): up delay (7) is not a multiple of miimon (3), value rounded to 6 ms [ 346.290005][T18085] (unnamed net_device) (uninitialized): down delay (7) is not a multiple of miimon (3), value rounded to 6 ms [ 346.359812][T18085] 8021q: adding VLAN 0 to HW filter on device bond2 [ 346.627103][T18138] loop4: detected capacity change from 0 to 64 [ 346.653801][T18140] overlayfs: workdir and upperdir must be separate subtrees [ 346.816789][T18150] loop2: detected capacity change from 0 to 764 [ 346.870035][T18150] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 347.268444][T18179] (unnamed net_device) (uninitialized): up delay (7) is not a multiple of miimon (3), value rounded to 6 ms [ 347.312028][T18179] (unnamed net_device) (uninitialized): down delay (7) is not a multiple of miimon (3), value rounded to 6 ms [ 347.323670][T18184] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4435'. [ 347.396206][T18179] 8021q: adding VLAN 0 to HW filter on device bond1 [ 347.525391][T18230] loop4: detected capacity change from 0 to 256 [ 347.552671][T18230] FAT-fs (loop4): Directory bread(block 64) failed [ 347.565500][T18230] FAT-fs (loop4): Directory bread(block 65) failed [ 347.605509][T18230] FAT-fs (loop4): Directory bread(block 66) failed [ 347.621257][T18230] FAT-fs (loop4): Directory bread(block 67) failed [ 347.627909][T18230] FAT-fs (loop4): Directory bread(block 68) failed [ 347.696308][T18230] FAT-fs (loop4): Directory bread(block 69) failed [ 347.754255][T18230] FAT-fs (loop4): Directory bread(block 70) failed [ 347.798319][T18230] FAT-fs (loop4): Directory bread(block 71) failed [ 347.815209][T18230] FAT-fs (loop4): Directory bread(block 72) failed [ 347.843671][T18230] FAT-fs (loop4): Directory bread(block 73) failed [ 348.193905][T18251] loop3: detected capacity change from 0 to 4096 [ 348.234287][T18251] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 348.355225][T18251] ntfs3: loop3: failed to convert "c46c" to cp852 [ 348.442942][T18225] loop2: detected capacity change from 0 to 32768 [ 348.498380][ T4647] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 348.528376][ T4346] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 348.528810][T18238] loop1: detected capacity change from 0 to 32768 [ 348.555523][T18225] XFS (loop2): Mounting V5 Filesystem [ 348.590437][T18238] JBD2: Ignoring recovery information on journal [ 348.639626][T18238] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 348.682936][T18238] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #1792 has bad signature [ 348.708499][ T4647] usb 1-1: Using ep0 maxpacket: 16 [ 348.719053][ T4647] usb 1-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4 [ 348.726186][T18238] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 348.738765][ T4346] usb 5-1: Using ep0 maxpacket: 16 [ 348.745695][ T4346] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 348.754897][ T4647] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.776452][ T4346] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 348.783688][ T4647] usb 1-1: Product: syz [ 348.790430][T18238] OCFS2: File system is now read-only. [ 348.790450][T18238] (syz.1.4441,18238,1):ocfs2_search_chain:1785 ERROR: status = -30 [ 348.823841][ T4346] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 348.835402][ T4647] usb 1-1: Manufacturer: syz [ 348.845556][ T4647] usb 1-1: SerialNumber: syz [ 348.848248][T18238] (syz.1.4441,18238,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 348.861384][ T4346] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 348.866212][ T4647] usb 1-1: config 0 descriptor?? [ 348.872498][T18289] loop3: detected capacity change from 0 to 4096 [ 348.885842][T18238] (syz.1.4441,18238,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 348.895941][ T4346] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 348.902324][ T4647] usb_ehset_test: probe of 1-1:0.0 failed with error -32 [ 348.912642][T18238] (syz.1.4441,18238,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 348.933697][T18289] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 348.947457][ T4346] usb 5-1: config 1 interface 0 has no altsetting 0 [ 348.955415][ T4346] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 348.967752][T18289] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 348.976115][T18238] (syz.1.4441,18238,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 348.987492][ T4346] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 348.995873][T18238] (syz.1.4441,18238,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 349.004428][T18289] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 349.013812][T18238] (syz.1.4441,18238,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 349.015223][T18225] XFS (loop2): Ending clean mount [ 349.030952][ T4346] ums-sddr09 5-1:1.0: USB Mass Storage device detected [ 349.046463][T18289] ntfs3: loop3: try to read out of volume at offset 0x3fffffc0c00 [ 349.066614][T18238] (syz.1.4441,18238,1):ocfs2_mknod:385 ERROR: status = -30 [ 349.074238][T18289] ntfs3: loop3: try to read out of volume at offset 0x3fffffc1c00 [ 349.083861][T18238] (syz.1.4441,18238,1):ocfs2_mknod:502 ERROR: status = -30 [ 349.091246][T18289] ntfs3: loop3: try to read out of volume at offset 0x3fffffc2c00 [ 349.099642][T18238] (syz.1.4441,18238,1):ocfs2_create:676 ERROR: status = -30 [ 349.108253][T18289] ntfs3: loop3: try to read out of volume at offset 0x3fffffc4c00 [ 349.150146][T18289] ntfs3: loop3: try to read out of volume at offset 0x3fffffc8c00 [ 349.208273][T18289] ntfs3: loop3: try to read out of volume at offset 0x3fffffd0c00 [ 349.209215][ T4650] usb 1-1: USB disconnect, device number 13 [ 349.216632][T18289] ntfs3: loop3: try to read out of volume at offset 0x3fffffe0c00 [ 349.265756][ T4267] ocfs2: Unmounting device (7,1) on (node local) [ 349.292859][ T4266] XFS (loop2): Unmounting Filesystem [ 349.322603][ T4346] ums-sddr09: probe of 5-1:1.0 failed with error -22 [ 349.353002][ T4346] usb 5-1: USB disconnect, device number 15 [ 350.100430][T18350] loop1: detected capacity change from 0 to 8 [ 350.160864][T18350] SQUASHFS error: zlib decompression failed, data probably corrupt [ 350.160937][T18350] SQUASHFS error: Failed to read block 0x9b: -5 [ 350.160952][T18350] SQUASHFS error: Unable to read metadata cache entry [99] [ 350.160964][T18350] SQUASHFS error: Unable to read inode 0x127 [ 350.224185][ T4259] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 350.465372][T18374] ptrace attach of "./syz-executor exec"[4267] was attempted by "./syz-executor exec"[18374] [ 350.600617][T18381] loop0: detected capacity change from 0 to 64 [ 350.964686][T18405] loop4: detected capacity change from 0 to 1024 [ 351.459408][ T26] audit: type=1326 audit(351.417:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18444 comm="syz.2.4488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 351.481173][ C1] vkms_vblank_simulate: vblank timer overrun [ 351.557399][ T26] audit: type=1326 audit(351.457:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18444 comm="syz.2.4488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 351.686963][ T26] audit: type=1326 audit(351.637:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18444 comm="syz.2.4488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 351.714470][ T4346] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 351.932078][ T4346] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 351.966893][ T4346] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 352.007242][ T4346] usb 2-1: Product: syz [ 352.011775][ T4346] usb 2-1: Manufacturer: syz [ 352.016431][ T4346] usb 2-1: SerialNumber: syz [ 352.060682][ T4346] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 352.134357][ T4346] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 352.196709][T18495] netlink: 'syz.4.4499': attribute type 15 has an invalid length. [ 352.265407][T18495] netlink: 666 bytes leftover after parsing attributes in process `syz.4.4499'. [ 352.566410][ T4650] usb 2-1: USB disconnect, device number 11 [ 352.908574][T18543] CIFS: VFS: Malformed UNC in devname [ 353.258720][ T4346] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 353.266032][ T4346] ath9k_htc: Failed to initialize the device [ 353.297259][ T4650] usb 2-1: ath9k_htc: USB layer deinitialized [ 353.446005][T18578] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4526'. [ 353.509402][T18578] netlink: 'syz.2.4526': attribute type 1 has an invalid length. [ 353.549465][T18578] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4526'. [ 353.837833][T18601] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 354.055955][T18605] loop2: detected capacity change from 0 to 8192 [ 354.068967][T18619] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4540'. [ 354.097142][T18619] netlink: 'syz.3.4540': attribute type 1 has an invalid length. [ 354.107086][T18605] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 354.172385][T18605] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 1046) [ 354.209245][T18605] FAT-fs (loop2): Filesystem has been set read-only [ 354.369582][ T4266] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 1046) [ 354.548410][ T5049] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 354.717479][T18615] loop4: detected capacity change from 0 to 32768 [ 354.727307][T18615] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.4539 (18615) [ 354.738253][ T5049] usb 4-1: Using ep0 maxpacket: 16 [ 354.750479][ T5049] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 354.761216][ T5050] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 354.793684][ T5049] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 354.829263][ T5049] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 354.843675][ T5049] usb 4-1: config 0 interface 0 has no altsetting 0 [ 354.853750][T18615] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 354.857456][T18666] loop1: detected capacity change from 0 to 256 [ 354.884982][T18615] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 354.885061][T18615] BTRFS info (device loop4): force clearing of disk cache [ 354.885087][T18615] BTRFS info (device loop4): enabling auto defrag [ 354.885127][T18615] BTRFS info (device loop4): max_inline at 0 [ 354.885147][T18615] BTRFS info (device loop4): enabling disk space caching [ 354.885162][T18615] BTRFS info (device loop4): disk space caching is enabled [ 354.954801][ T5049] usb 4-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 354.965558][ T5049] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 354.973684][ T5049] usb 4-1: Product: syz [ 354.977877][ T5049] usb 4-1: Manufacturer: syz [ 354.998171][ T5049] usb 4-1: SerialNumber: syz [ 355.009031][ T5049] usb 4-1: config 0 descriptor?? [ 355.048299][ T5050] usb 1-1: Using ep0 maxpacket: 16 [ 355.055831][ T5050] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 355.074807][ T5050] usb 1-1: config 0 descriptor has 1 excess byte, ignoring [ 355.095085][ T5050] usb 1-1: config 0 has no interface number 0 [ 355.104896][T18615] BTRFS info (device loop4): enabling ssd optimizations [ 355.106836][ T5050] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 355.117307][T18615] BTRFS info (device loop4): rebuilding free space tree [ 355.138847][T18615] BTRFS info (device loop4): disabling free space tree [ 355.146350][T18615] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 355.222994][T18615] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 355.245866][ T5050] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.274051][ T5050] usb 1-1: Product: syz [ 355.293427][ T5050] usb 1-1: Manufacturer: syz [ 355.318349][ T5050] usb 1-1: SerialNumber: syz [ 355.343057][ T5050] usb 1-1: config 0 descriptor?? [ 355.406161][T18703] xt_hashlimit: size too large, truncated to 1048576 [ 355.417155][T18703] xt_hashlimit: Unknown mode mask 80FF, kernel too old? [ 355.425589][ T4277] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 355.438696][ T5049] usb 4-1: USB disconnect, device number 12 [ 355.597024][ T5050] usb 1-1: Found UVC 0.00 device syz (046d:08f3) [ 355.613884][ T5050] usb 1-1: No valid video chain found. [ 355.653284][ T5050] usb 1-1: USB disconnect, device number 14 [ 356.238840][ T26] audit: type=1326 audit(356.197:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb32658ebe9 code=0x7ffc0000 [ 356.338267][ T26] audit: type=1326 audit(356.227:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb32658ebe9 code=0x7ffc0000 [ 356.342679][T18760] loop1: detected capacity change from 0 to 2048 [ 356.444761][ T26] audit: type=1326 audit(356.237:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb32658ec23 code=0x7ffc0000 [ 356.468565][T18760] Alternate GPT is invalid, using primary GPT. [ 356.476125][T18760] loop1: p2 p3 p7 [ 356.584336][ T26] audit: type=1326 audit(356.247:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb32658d69f code=0x7ffc0000 [ 356.775669][ T26] audit: type=1326 audit(356.297:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb32658ec77 code=0x7ffc0000 [ 356.797380][ C1] vkms_vblank_simulate: vblank timer overrun [ 356.889537][ T26] audit: type=1326 audit(356.297:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb32658d550 code=0x7ffc0000 [ 356.964085][T18801] loop1: detected capacity change from 0 to 2048 [ 356.979483][ T26] audit: type=1326 audit(356.297:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb32658e7eb code=0x7ffc0000 [ 357.001585][T18809] tipc: Trying to set illegal importance in message [ 357.038396][T18801] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 357.108291][ T26] audit: type=1326 audit(356.367:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb32658d84a code=0x7ffc0000 [ 357.129886][ C1] vkms_vblank_simulate: vblank timer overrun [ 357.212521][ T26] audit: type=1326 audit(356.367:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb32658e7eb code=0x7ffc0000 [ 357.253754][ T4418] udevd[4418]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 357.265722][T12852] udevd[12852]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 357.281852][ T4259] udevd[4259]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 357.346280][ T26] audit: type=1326 audit(356.367:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb32658e7eb code=0x7ffc0000 [ 357.448521][ T26] audit: type=1326 audit(356.507:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fb32658d3fa code=0x7ffc0000 [ 357.565293][ T26] audit: type=1326 audit(356.507:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fb32658d3fa code=0x7ffc0000 [ 357.648644][ T26] audit: type=1326 audit(356.507:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18758 comm="syz.1.4570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7fb32658e167 code=0x7ffc0000 [ 357.907237][T18867] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4597'. [ 358.065509][T18879] loop3: detected capacity change from 0 to 64 [ 358.099328][T18879] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 358.386906][T18897] 9pnet_fd: p9_fd_create_tcp (18897): problem binding to privport [ 358.785434][T18920] loop1: detected capacity change from 0 to 256 [ 358.855469][T18925] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4615'. [ 358.861703][T18920] FAT-fs (loop1): Directory bread(block 64) failed [ 358.883066][T18920] FAT-fs (loop1): Directory bread(block 65) failed [ 358.918898][T18920] FAT-fs (loop1): Directory bread(block 66) failed [ 358.931828][T18931] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4617'. [ 358.940105][T18920] FAT-fs (loop1): Directory bread(block 67) failed [ 358.963179][T18920] FAT-fs (loop1): Directory bread(block 68) failed [ 358.981970][T18920] FAT-fs (loop1): Directory bread(block 69) failed [ 358.990841][T18920] FAT-fs (loop1): Directory bread(block 70) failed [ 359.018363][T18920] FAT-fs (loop1): Directory bread(block 71) failed [ 359.025041][T18920] FAT-fs (loop1): Directory bread(block 72) failed [ 359.063749][T18920] FAT-fs (loop1): Directory bread(block 73) failed [ 359.105584][T18935] netlink: 'syz.0.4618': attribute type 3 has an invalid length. [ 359.158231][T18935] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.4618'. [ 359.471518][T18963] xt_hashlimit: max too large, truncated to 1048576 [ 359.630030][T18970] fuse: Bad value for 'rootmode' [ 359.841652][T18983] loop1: detected capacity change from 0 to 256 [ 360.050603][T18999] No such timeout policy "syz0" [ 360.388344][T19023] netlink: 288 bytes leftover after parsing attributes in process `syz.4.4645'. [ 360.453847][T19031] netlink: 1392 bytes leftover after parsing attributes in process `syz.0.4646'. [ 360.531852][T19035] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 360.691012][T19044] netlink: 'syz.0.4652': attribute type 10 has an invalid length. [ 360.847627][T19051] loop2: detected capacity change from 0 to 512 [ 361.031387][T19063] loop3: detected capacity change from 0 to 1024 [ 361.262826][T19051] EXT4-fs (loop2): Test dummy encryption mode enabled [ 361.357852][T19051] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 361.411320][T19051] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.4654: attempt to clear invalid blocks 2 len 1 [ 361.471700][T19051] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 361.564186][T19051] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.4654: invalid indirect mapped block 1819239214 (level 0) [ 361.604875][T19051] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.4654: invalid indirect mapped block 1819239214 (level 1) [ 361.629450][T19051] EXT4-fs (loop2): 1 truncate cleaned up [ 361.635165][T19051] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 361.640022][T19102] loop1: detected capacity change from 0 to 512 [ 361.700199][T19051] EXT4-fs (loop2): unmounting filesystem. [ 361.824350][T19102] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 361.864953][T19102] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 361.912859][T19102] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 361.921286][T19102] System zones: 0-2, 18-18, 34-35 [ 361.927928][T19102] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 361.951128][T19102] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 362.052821][T19102] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 362.133024][T19102] EXT4-fs (loop1): re-mounted. Quota mode: none. [ 362.283374][ T4267] EXT4-fs (loop1): unmounting filesystem. [ 362.477436][T19157] loop1: detected capacity change from 0 to 128 [ 362.545229][T19157] VFS: Found a Xenix FS (block size = 1024) on device loop1 [ 362.656306][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 362.656320][ T26] audit: type=1326 audit(362.607:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19163 comm="syz.0.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234418ebe9 code=0x7ffc0000 [ 362.665443][T19157] syz.1.4681: attempt to access beyond end of device [ 362.665443][T19157] loop1: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 362.776547][ T26] audit: type=1326 audit(362.647:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19163 comm="syz.0.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f234418ebe9 code=0x7ffc0000 [ 362.813618][T19157] Buffer I/O error on dev loop1, logical block 3245768, async page read [ 362.826678][ T26] audit: type=1326 audit(362.647:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19163 comm="syz.0.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234418ebe9 code=0x7ffc0000 [ 362.852030][ T26] audit: type=1326 audit(362.647:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19163 comm="syz.0.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234418ebe9 code=0x7ffc0000 [ 363.026236][ T4267] sysv_free_block: flc_count > flc_size [ 363.052795][ T4267] sysv_free_block: flc_count > flc_size [ 363.072308][T19176] loop0: detected capacity change from 0 to 1024 [ 363.076159][ T4267] sysv_free_block: flc_count > flc_size [ 363.094789][ T4267] sysv_free_block: flc_count > flc_size [ 363.100798][ T4267] sysv_free_block: flc_count > flc_size [ 363.116679][ T4267] sysv_free_block: flc_count > flc_size [ 363.122719][ T4267] sysv_free_block: flc_count > flc_size [ 363.137311][ T4267] sysv_free_block: flc_count > flc_size [ 363.144092][T19176] EXT4-fs: Ignoring removed orlov option [ 363.153477][T19176] EXT4-fs: Ignoring removed nomblk_io_submit option [ 363.168548][ T4267] sysv_free_block: flc_count > flc_size [ 363.174336][ T4267] sysv_free_block: flc_count > flc_size [ 363.187540][ T4267] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 363.250466][T19176] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 363.476895][ T4265] EXT4-fs (loop0): unmounting filesystem. [ 363.498373][T19152] loop3: detected capacity change from 0 to 32768 [ 364.251029][T19192] loop1: detected capacity change from 0 to 32768 [ 364.294801][T19192] ea_get: invalid extended attribute [ 364.778718][T18743] usb 2-1: new full-speed USB device number 12 using dummy_hcd [ 364.797443][T19200] loop4: detected capacity change from 0 to 40427 [ 364.825976][T19222] loop3: detected capacity change from 0 to 32768 [ 364.845323][T19200] F2FS-fs (loop4): invalid crc value [ 364.893997][T19200] F2FS-fs (loop4): Found nat_bits in checkpoint [ 364.936139][T19222] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 364.950031][T19200] F2FS-fs (loop4): Cannot turn on quotas: -2 on 1 [ 364.971847][T18743] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 364.982472][T18743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.991134][T19200] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 365.006588][T18743] usb 2-1: config 0 descriptor?? [ 365.021118][T19222] (syz.3.4702,19222,1):ocfs2_find_entry:1086 ERROR: status = -117 [ 365.033431][T19200] F2FS-fs (loop4): switch extent_cache option is not allowed [ 365.042233][T19222] (syz.3.4702,19222,0):ocfs2_find_entry:1086 ERROR: status = -117 [ 365.042606][T18743] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 365.080753][T19222] (syz.3.4702,19222,0):ocfs2_mknod:502 ERROR: status = -117 [ 365.148244][T19222] (syz.3.4702,19222,0):ocfs2_mkdir:659 ERROR: status = -117 [ 365.280706][ T4272] (syz-executor,4272,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 76 [ 365.309834][ T4272] ocfs2: Unmounting device (7,3) on (node local) [ 365.423902][T18743] gp8psk: usb in 137 operation failed. [ 365.446376][T18743] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 365.465056][T18743] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 365.520574][T18743] usb 2-1: USB disconnect, device number 12 [ 365.543194][T19291] loop0: detected capacity change from 0 to 64 [ 366.137650][T19317] loop3: detected capacity change from 0 to 4096 [ 366.164284][T19317] ntfs3: loop3: ino=3, Correct links count -> 2. [ 366.184611][T19317] ntfs3: loop3: Failed to load $Volume. [ 366.500322][T19342] loop2: detected capacity change from 0 to 256 [ 366.580215][T19342] FAT-fs (loop2): Directory bread(block 64) failed [ 366.609812][T19342] FAT-fs (loop2): Directory bread(block 65) failed [ 366.616620][T19342] FAT-fs (loop2): Directory bread(block 66) failed [ 366.689487][T19342] FAT-fs (loop2): Directory bread(block 67) failed [ 366.718491][T19342] FAT-fs (loop2): Directory bread(block 68) failed [ 366.756636][T19342] FAT-fs (loop2): Directory bread(block 69) failed [ 366.798595][T19342] FAT-fs (loop2): Directory bread(block 70) failed [ 366.818609][T19342] FAT-fs (loop2): Directory bread(block 71) failed [ 366.838764][T19342] FAT-fs (loop2): Directory bread(block 72) failed [ 366.847672][T19342] FAT-fs (loop2): Directory bread(block 73) failed [ 366.995711][T19342] syz.2.4733: attempt to access beyond end of device [ 366.995711][T19342] loop2: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 367.065434][T19342] syz.2.4733: attempt to access beyond end of device [ 367.065434][T19342] loop2: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 367.122521][ T26] audit: type=1800 audit(367.077:131): pid=19342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4733" name="file0" dev="loop2" ino=1048687 res=0 errno=0 [ 367.153150][T19371] loop4: detected capacity change from 0 to 512 [ 367.305566][T19326] loop1: detected capacity change from 0 to 40427 [ 367.341929][T19371] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.4740: bg 0: block 248: padding at end of block bitmap is not set [ 367.408302][T19326] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 367.416084][T19326] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 367.471528][T19371] Quota error (device loop4): write_blk: dquota write failed [ 367.505779][T19326] F2FS-fs (loop1): invalid crc_offset: 33558524 [ 367.553671][T19371] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 367.553722][T19326] F2FS-fs (loop1): Found nat_bits in checkpoint [ 367.630241][T19371] EXT4-fs error (device loop4): ext4_acquire_dquot:6816: comm syz.4.4740: Failed to acquire dquot type 1 [ 367.696821][T19371] EXT4-fs (loop4): 1 truncate cleaned up [ 367.703866][T19371] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 367.727491][T19326] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 367.745014][T19326] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 367.839247][T19371] EXT4-fs error (device loop4): ext4_lookup:1862: inode #2: comm syz.4.4740: deleted inode referenced: 12 [ 367.848464][ T4346] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 367.954461][ T4277] EXT4-fs (loop4): unmounting filesystem. [ 368.051900][ T4346] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 368.106123][ T4346] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 368.146783][ T4346] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 368.187312][ T4346] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 368.219730][T19395] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 368.460952][T19388] loop3: detected capacity change from 0 to 32768 [ 368.491695][T19388] ERROR: (device loop3): dbAllocNext: Corrupt dmap page [ 368.491695][T19388] [ 368.558998][T19388] ERROR: (device loop3): remounting filesystem as read-only [ 368.568949][T19388] ialloc: diAlloc returned -5! [ 368.627885][ T4650] usb 3-1: USB disconnect, device number 17 [ 369.201871][T19466] netlink: 'syz.1.4754': attribute type 1 has an invalid length. [ 369.678836][T19494] netlink: 'syz.0.4763': attribute type 3 has an invalid length. [ 369.730804][T19494] netlink: 766 bytes leftover after parsing attributes in process `syz.0.4763'. [ 369.961390][T19513] loop1: detected capacity change from 0 to 64 [ 370.034161][T19519] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4769'. [ 370.101206][T19519] netlink: 'syz.3.4769': attribute type 1 has an invalid length. [ 370.128044][T19473] loop2: detected capacity change from 0 to 32768 [ 370.229044][ T4346] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 370.280155][T19473] XFS (loop2): Mounting V5 Filesystem [ 370.418463][ T4346] usb 5-1: Using ep0 maxpacket: 32 [ 370.425984][ T4346] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 370.427728][T19473] XFS (loop2): Ending clean mount [ 370.444815][ T4346] usb 5-1: config 0 has no interface number 0 [ 370.460625][ T4346] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 370.478984][ T4346] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 370.497113][T19473] XFS (loop2): Quotacheck needed: Please wait. [ 370.503768][ T4346] usb 5-1: Product: syz [ 370.518551][ T4346] usb 5-1: Manufacturer: syz [ 370.533225][ T4346] usb 5-1: SerialNumber: syz [ 370.554661][ T4346] usb 5-1: config 0 descriptor?? [ 370.574142][ T4346] smsc95xx v2.0.0 [ 370.602746][ T4346] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 370.632285][ T4346] smsc95xx: probe of 5-1:0.67 failed with error -22 [ 370.726347][T19473] XFS (loop2): Quotacheck: Done. [ 370.961297][ T4266] XFS (loop2): Unmounting Filesystem [ 371.387763][ T4274] usb 5-1: USB disconnect, device number 16 [ 371.970308][T19638] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4801'. [ 372.692684][T19689] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4818'. [ 372.843402][T19695] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 372.860084][T19696] loop4: detected capacity change from 0 to 256 [ 372.892761][T19696] exfat: Deprecated parameter 'utf8' [ 372.930008][T19696] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x9ae00b1e, utbl_chksum : 0xe619d30d) [ 372.985732][T19708] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4824'. [ 373.347991][T19733] loop1: detected capacity change from 0 to 64 [ 373.397167][T19733] hfs: unable to locate alternate MDB [ 373.428280][T19733] hfs: continuing without an alternate MDB [ 373.460073][T19733] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 373.768317][T19761] netlink: 'syz.1.4839': attribute type 26 has an invalid length. [ 373.935655][T19771] loop2: detected capacity change from 0 to 1764 [ 374.284761][T19796] loop4: detected capacity change from 0 to 64 [ 374.344697][T19801] Unsupported ieee802154 address type: 0 [ 374.632152][T19821] loop4: detected capacity change from 0 to 256 [ 374.684579][T19821] exfat: Bad value for 'uid' [ 375.599624][T19821] loop4: detected capacity change from 0 to 32768 [ 375.638475][T19821] JFS: Invalid value of umask [ 375.668341][T18743] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 375.841007][T19876] loop1: detected capacity change from 0 to 4096 [ 375.858192][T18743] usb 4-1: Using ep0 maxpacket: 16 [ 375.865023][T18743] usb 4-1: config 0 has an invalid interface number: 214 but max is 0 [ 375.896703][T19876] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 375.906705][T19850] loop2: detected capacity change from 0 to 32768 [ 375.910393][T18743] usb 4-1: config 0 has no interface number 0 [ 375.968905][T18743] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64 [ 375.986635][T19850] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 376.003691][T18743] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 376.013762][T18743] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 376.022795][T18743] usb 4-1: Product: syz [ 376.027059][T18743] usb 4-1: Manufacturer: syz [ 376.032132][T18743] usb 4-1: SerialNumber: syz [ 376.038068][T19876] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 376.058959][T18743] usb 4-1: config 0 descriptor?? [ 376.122366][T19850] OCFS2: ERROR (device loop2): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has bit count 2048 but claims that 39166 are free [ 376.187828][T19850] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 376.217076][T19850] OCFS2: File system is now read-only. [ 376.227914][T19850] (syz.2.4866,19850,1):ocfs2_search_chain:1761 ERROR: status = -30 [ 376.245898][T19850] (syz.2.4866,19850,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 376.280019][T19850] (syz.2.4866,19850,0):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 376.337960][T19850] (syz.2.4866,19850,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 376.388408][T19850] (syz.2.4866,19850,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 376.396814][T19850] (syz.2.4866,19850,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 376.432171][T19902] loop1: detected capacity change from 0 to 764 [ 376.490694][T19850] (syz.2.4866,19850,1):ocfs2_mknod_locked:639 ERROR: status = -30 [ 376.500503][T18743] usbtouchscreen: probe of 4-1:0.214 failed with error -71 [ 376.543169][T18743] usb 4-1: USB disconnect, device number 13 [ 376.558577][T19850] (syz.2.4866,19850,1):ocfs2_mknod:385 ERROR: status = -30 [ 376.593129][T19850] (syz.2.4866,19850,1):ocfs2_mknod:502 ERROR: status = -30 [ 376.636760][T19850] (syz.2.4866,19850,1):ocfs2_create:676 ERROR: status = -30 [ 376.788901][ T4266] ocfs2: Unmounting device (7,2) on (node local) [ 377.089194][T19942] netlink: 'syz.0.4888': attribute type 1 has an invalid length. [ 377.138253][T19942] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4888'. [ 377.287674][T19954] loop3: detected capacity change from 0 to 1024 [ 377.290340][T19956] netlink: 'syz.1.4892': attribute type 7 has an invalid length. [ 377.426342][T19954] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 377.466632][T19954] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.3.4891: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1 [ 377.538710][T19954] EXT4-fs error (device loop3) in ext4_delete_entry:2800: Corrupt filesystem [ 377.666260][ T4272] EXT4-fs (loop3): unmounting filesystem. [ 377.765964][T19987] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4901'. [ 377.949488][T19996] IPv6: Can't replace route, no match found [ 378.163726][T20002] loop3: detected capacity change from 0 to 4096 [ 378.172625][T20011] netlink: 1033 bytes leftover after parsing attributes in process `syz.0.4907'. [ 378.197968][T20002] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 378.273500][T20002] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 378.293537][T20015] x_tables: unsorted underflow at hook 4 [ 378.364819][ T4650] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 378.539941][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.546279][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.581207][ T4650] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 378.613371][ T4650] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 378.621882][T20029] xt_hashlimit: max too large, truncated to 1048576 [ 378.623864][ T4650] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 378.640371][ T4650] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 378.670595][T20003] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 378.910739][T20052] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 378.952119][T20052] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 378.973900][T20052] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 378.996058][T20052] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 379.027433][ T4650] usb 2-1: USB disconnect, device number 13 [ 379.052226][T20052] device geneve4 entered promiscuous mode [ 379.074095][T20052] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 379.083892][T20052] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 379.093249][T20052] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 379.102896][T20052] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 379.182254][ T26] audit: type=1107 audit(379.137:132): pid=20078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 379.490210][T20028] loop3: detected capacity change from 0 to 32768 [ 379.538561][T20028] jfs: Unrecognized mount option "ÿ00000000000000000000ÿÿÿÿ18446744073709551615ÿÿÿÿ" or missing value [ 379.978972][ T4650] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 380.120864][T20135] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4936'. [ 380.218697][ T4650] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 380.246296][ T4650] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 380.294818][ T4650] usb 3-1: config 1 interface 1 has no altsetting 0 [ 380.329369][ T4650] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 380.354650][ T4650] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 380.398297][ T4650] usb 3-1: Product: syz [ 380.402524][ T4650] usb 3-1: Manufacturer: syz [ 380.435988][ T4650] usb 3-1: SerialNumber: syz [ 380.467161][ T4650] usb 3-1: selecting invalid altsetting 1 [ 380.483601][ T4650] usb 3-1: selecting invalid altsetting 0 [ 380.500859][ T4650] usb 3-1: selecting invalid altsetting 0 [ 380.508506][ T4650] cdc_ncm 3-1:1.0: bind() failure [ 380.527810][ T4650] usb 3-1: selecting invalid altsetting 0 [ 380.541225][ T4650] usbtest: probe of 3-1:1.1 failed with error -22 [ 380.693426][ T4650] usb 3-1: USB disconnect, device number 18 [ 380.953068][T20197] netlink: 'syz.0.4953': attribute type 1 has an invalid length. [ 380.961699][T20197] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4953'. [ 381.072462][ T26] audit: type=1326 audit(381.027:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20202 comm="syz.3.4956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f760a38ebe9 code=0x7ffc0000 [ 381.145492][ T26] audit: type=1326 audit(381.027:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20202 comm="syz.3.4956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f760a38ebe9 code=0x7ffc0000 [ 381.168397][T20209] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4957'. [ 381.236700][ T26] audit: type=1326 audit(381.027:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20202 comm="syz.3.4956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f760a38ebe9 code=0x7ffc0000 [ 381.367088][ T26] audit: type=1326 audit(381.027:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20202 comm="syz.3.4956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f760a38ebe9 code=0x7ffc0000 [ 381.395224][T20221] xt_TPROXY: Can be used only with -p tcp or -p udp [ 381.619410][T20237] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4965'. [ 382.378036][T20291] loop1: detected capacity change from 0 to 1024 [ 382.534320][T20291] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 382.548313][ T4346] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 382.575888][T20291] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #11: comm syz.1.4983: directory missing '..' [ 382.739961][ T4346] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 382.742960][ T4267] EXT4-fs (loop1): unmounting filesystem. [ 382.758375][ T4346] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 382.788277][ T4346] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 382.807242][ T4346] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.848193][T20285] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 383.068067][T20300] loop3: detected capacity change from 0 to 32768 [ 383.110296][T20334] loop1: detected capacity change from 0 to 4096 [ 383.124068][T20334] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 383.219580][T20300] XFS (loop3): Mounting V5 Filesystem [ 383.247696][ T4650] usb 1-1: USB disconnect, device number 15 [ 383.277943][T20334] ntfs3: loop1: failed to convert "c46c" to cp861 [ 383.373125][T20300] XFS (loop3): Ending clean mount [ 383.412151][T20300] XFS (loop3): Quotacheck needed: Please wait. [ 383.511226][T20300] XFS (loop3): Quotacheck: Done. [ 383.562875][T20382] loop4: detected capacity change from 0 to 8 [ 383.637750][T20382] SQUASHFS error: Failed to read block 0x1ec: -5 [ 383.689149][T20382] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 383.749342][ T4272] XFS (loop3): Unmounting Filesystem [ 384.064415][T20395] loop2: detected capacity change from 0 to 4096 [ 384.101988][T20395] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 384.111745][T20410] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5006'. [ 384.143384][T20410] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5006'. [ 384.215825][T20395] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 384.910987][T20451] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5018'. [ 384.991016][T20455] overlayfs: missing 'lowerdir' [ 385.211207][T20465] cgroup: none used incorrectly [ 385.457044][T20476] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5026'. [ 385.737835][T20491] netlink: 'syz.4.5030': attribute type 3 has an invalid length. [ 385.757007][T20491] netlink: 132 bytes leftover after parsing attributes in process `syz.4.5030'. [ 385.913275][T20499] netlink: 'syz.3.5001': attribute type 2 has an invalid length. [ 386.026684][T20453] loop1: detected capacity change from 0 to 32768 [ 386.177728][T20453] XFS (loop1): Mounting V5 Filesystem [ 386.458511][T20453] XFS (loop1): Ending clean mount [ 386.541178][T20544] netlink: 176 bytes leftover after parsing attributes in process `syz.4.5044'. [ 386.741374][ T4267] XFS (loop1): Unmounting Filesystem [ 386.761770][T20559] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5049'. [ 386.808283][T20559] netlink: 9 bytes leftover after parsing attributes in process `syz.3.5049'. [ 386.829925][T20559] device batadv0 left promiscuous mode [ 386.854284][T20559] netlink: 9 bytes leftover after parsing attributes in process `syz.3.5049'. [ 386.908517][T20559] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 386.949391][T20556] xt_CT: No such helper "pptp" [ 388.253170][T20699] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 388.298242][T20699] overlayfs: missing 'lowerdir' [ 389.086409][T20772] loop1: detected capacity change from 0 to 16 [ 389.132058][T20772] erofs: (device loop1): mounted with root inode @ nid 36. [ 389.201369][T20772] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 389.248563][T20772] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 389.738467][T20821] netlink: 288 bytes leftover after parsing attributes in process `syz.1.5110'. [ 389.951663][T20838] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (2) [ 390.096573][T20831] loop2: detected capacity change from 0 to 4096 [ 390.138404][T20846] netlink: 'syz.4.5118': attribute type 5 has an invalid length. [ 390.157982][T20831] ntfs3: loop2: ino=3, Correct links count -> 2. [ 390.279962][T20831] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 390.411977][T20866] loop4: detected capacity change from 0 to 64 [ 390.621988][T20874] ipt_CLUSTERIP: Please specify destination IP [ 390.927472][T20899] netlink: 'syz.0.5132': attribute type 9 has an invalid length. [ 390.941140][T20899] netlink: 'syz.0.5132': attribute type 7 has an invalid length. [ 390.975194][T20899] netlink: 'syz.0.5132': attribute type 8 has an invalid length. [ 390.992593][T20899] netlink: 'syz.0.5132': attribute type 13 has an invalid length. [ 391.078364][ T4346] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 391.224023][T20906] loop4: detected capacity change from 0 to 8192 [ 391.268457][ T4346] usb 2-1: Using ep0 maxpacket: 32 [ 391.276112][ T4346] usb 2-1: config 0 has an invalid interface number: 114 but max is 0 [ 391.300657][T20922] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5140'. [ 391.305363][ T4346] usb 2-1: config 0 has an invalid descriptor of length 78, skipping remainder of the config [ 391.348283][ T4346] usb 2-1: config 0 has no interface number 0 [ 391.365303][ T4346] usb 2-1: config 0 interface 114 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 391.421718][ T4346] usb 2-1: New USB device found, idVendor=19d2, idProduct=ff03, bcdDevice=43.ff [ 391.461896][ T4346] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.489453][ T4346] usb 2-1: Product: syz [ 391.508251][ T4346] usb 2-1: Manufacturer: syz [ 391.512896][ T4346] usb 2-1: SerialNumber: syz [ 391.559910][ T4346] usb 2-1: config 0 descriptor?? [ 391.580516][ T4346] cdc_ether 2-1:0.114: invalid descriptor buffer length [ 391.593764][ T4346] usb 2-1: bad CDC descriptors [ 391.841983][ T4346] usb 2-1: USB disconnect, device number 14 [ 392.171249][T20987] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5154'. [ 392.206690][T20987] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5154'. [ 392.540823][T21014] netlink: 'syz.1.5162': attribute type 39 has an invalid length. [ 392.599031][T21014] device veth0_macvtap left promiscuous mode [ 392.762710][T21028] __vm_enough_memory: pid: 21028, comm: syz.2.5167, no enough memory for the allocation [ 392.774415][T21030] loop4: detected capacity change from 0 to 512 [ 392.892279][T21030] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 392.964718][T21030] EXT4-fs error (device loop4): ext4_empty_dir:3136: inode #12: comm syz.4.5168: invalid size [ 393.016075][T21030] EXT4-fs (loop4): Remounting filesystem read-only [ 393.163134][ T4277] EXT4-fs (loop4): unmounting filesystem. [ 393.181255][T21058] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5175'. [ 393.695240][T21093] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 394.208670][T21125] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5196'. [ 394.350444][T21137] loop3: detected capacity change from 0 to 16 [ 394.408443][T21137] erofs: (device loop3): mounted with root inode @ nid 36. [ 394.426819][T21141] ieee802154 phy0 wpan0: encryption failed: -22 [ 394.449552][T21137] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 394.508242][T21137] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[64, 4032] out[1851] [ 394.558261][T21137] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117] [ 394.671452][T21156] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5205'. [ 394.799224][T21156] netlink: set zone limit has 4 unknown bytes [ 394.833229][T21167] netlink: 'syz.3.5209': attribute type 1 has an invalid length. [ 394.853421][T21167] netlink: 'syz.3.5209': attribute type 2 has an invalid length. [ 395.245494][T21198] loop4: detected capacity change from 0 to 256 [ 395.347276][T21198] FAT-fs (loop4): Directory bread(block 64) failed [ 395.399469][T21198] FAT-fs (loop4): Directory bread(block 65) failed [ 395.418489][T21198] FAT-fs (loop4): Directory bread(block 66) failed [ 395.425072][T21198] FAT-fs (loop4): Directory bread(block 67) failed [ 395.462086][T21198] FAT-fs (loop4): Directory bread(block 68) failed [ 395.509306][T21198] FAT-fs (loop4): Directory bread(block 69) failed [ 395.515968][T21198] FAT-fs (loop4): Directory bread(block 70) failed [ 395.531880][T21198] FAT-fs (loop4): Directory bread(block 71) failed [ 395.568339][T21198] FAT-fs (loop4): Directory bread(block 72) failed [ 395.574973][T21198] FAT-fs (loop4): Directory bread(block 73) failed [ 395.835165][T21215] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5224'. [ 396.203269][T21187] loop3: detected capacity change from 0 to 32768 [ 396.217652][T21202] loop1: detected capacity change from 0 to 40427 [ 396.233029][T21187] XFS: noikeep mount option is deprecated. [ 396.302420][T21245] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5232'. [ 396.314155][T21202] F2FS-fs (loop1): invalid crc value [ 396.358002][T21187] XFS (loop3): Mounting V5 Filesystem [ 396.413823][T21202] F2FS-fs (loop1): Found nat_bits in checkpoint [ 396.494344][T21202] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 396.521414][T21187] XFS (loop3): Ending clean mount [ 396.530660][T21187] XFS (loop3): Quotacheck needed: Please wait. [ 396.581350][T21187] XFS (loop3): Quotacheck: Done. [ 396.776369][ T4272] XFS (loop3): Unmounting Filesystem [ 396.860359][T21274] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1, syncid = 3, id = 0 [ 397.331491][T21292] x_tables: arp_tables: .0 target: invalid size 8 (kernel) != (user) 0 [ 397.551769][T21306] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5249'. [ 397.609021][T21306] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5249'. [ 397.755182][T21311] loop3: detected capacity change from 0 to 4096 [ 397.810500][T21311] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 397.887722][T21311] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 397.941344][T21311] ntfs3: loop3: mft corrupted [ 398.000468][T21311] ntfs3: loop3: Failed to load $Extend. [ 398.061723][T21336] netlink: 'syz.2.5256': attribute type 15 has an invalid length. [ 398.460641][T21359] netlink: 'syz.4.5263': attribute type 3 has an invalid length. [ 398.496516][T21359] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.5263'. [ 398.899261][T21379] netlink: 'syz.4.5269': attribute type 10 has an invalid length. [ 398.907150][T21379] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 398.958528][T21379] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 399.106974][T21386] loop2: detected capacity change from 0 to 4096 [ 399.126009][T21386] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 399.203767][T21347] loop3: detected capacity change from 0 to 32768 [ 399.256125][T21386] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 399.301792][T21347] ERROR: (device loop3): dbAllocNext: Corrupt dmap page [ 399.301792][T21347] [ 399.366164][T21386] ntfs3: loop2: ino=5, "/" directory corrupted [ 399.709452][T21418] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5281'. [ 399.757113][T21418] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5281'. [ 399.767897][T21421] AppArmor: change_hat: Invalid input '0' [ 399.795937][T21418] netlink: 'syz.3.5281': attribute type 6 has an invalid length. [ 399.943087][T21433] netlink: 43 bytes leftover after parsing attributes in process `syz.0.5285'. [ 399.976934][T21433] netlink: 43 bytes leftover after parsing attributes in process `syz.0.5285'. [ 400.108277][ T4650] usb 2-1: new low-speed USB device number 15 using dummy_hcd [ 400.166216][T21441] loop2: detected capacity change from 0 to 2048 [ 400.214973][T21441] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 400.239250][ T26] audit: type=1400 audit(400.197:137): apparmor="DENIED" operation="stack" info="label not found" error=-2 profile="unconfined" name=26260A3A0CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A2F2C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=21450 comm="syz.0.5291" [ 400.318228][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 400.332487][ T4650] usb 2-1: config 1 has an invalid interface descriptor of length 6, skipping [ 400.348466][T21441] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 400.367577][ T4650] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 400.395884][ T4650] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 400.437754][T21441] UDF-fs: error (device loop2): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned lenght of impUse field [ 400.438815][ T4650] usb 2-1: config 1 has no interface number 1 [ 400.477157][T21460] autofs4:pid:21460:autofs_fill_super: called with bogus options [ 400.508167][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 400.516901][ T4650] usb 2-1: string descriptor 0 read error: -22 [ 400.531584][ T4650] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 400.573956][ T4650] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 400.650499][ T4650] usb 2-1: MIDIStreaming interface descriptor not found [ 400.707969][ T4650] snd-usb-audio: probe of 2-1:1.2 failed with error -16 [ 400.813113][T18743] usb 2-1: USB disconnect, device number 15 [ 401.025433][T21501] netlink: 6 bytes leftover after parsing attributes in process `syz.2.5301'. [ 401.172013][T21515] netlink: 188 bytes leftover after parsing attributes in process `syz.0.5303'. [ 401.200884][T21499] 9pnet: Could not find request transport: 0xffffffffffffffff [ 401.342993][T21523] netlink: 45 bytes leftover after parsing attributes in process `syz.4.5306'. [ 401.498299][ T4268] Bluetooth: hci4: command 0x0405 tx timeout [ 401.872058][T21559] SET target dimension over the limit! [ 401.937206][T21561] loop1: detected capacity change from 0 to 1764 [ 402.418442][ T4268] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 402.473365][ T4268] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 402.538427][ T4274] usb 5-1: new full-speed USB device number 17 using dummy_hcd [ 402.720324][ T4274] usb 5-1: config 1 has an invalid interface number: 105 but max is 0 [ 402.749540][ T4274] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 402.788167][ T4274] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 1 [ 402.807797][ T4274] usb 5-1: config 1 has no interface number 1 [ 402.824450][ T4274] usb 5-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 402.875663][ T4274] usb 5-1: config 1 interface 105 has no altsetting 0 [ 402.921082][ T4274] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 402.937865][T21634] A link change request failed with some changes committed already. Interface veth1_to_team may have been left with an inconsistent configuration, please check. [ 402.958744][ T4274] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 402.990855][ T4274] usb 5-1: Product: syz [ 402.995068][ T4274] usb 5-1: Manufacturer: syz [ 403.008307][ T4274] usb 5-1: SerialNumber: syz [ 403.157705][T21645] binder: Bad value for 'stats' [ 403.221582][T21649] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5344'. [ 403.236250][ T4274] aqc111: probe of 5-1:1.105 failed with error -22 [ 403.248403][T21649] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5344'. [ 403.428867][T21667] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5349'. [ 403.463096][ T4650] usb 5-1: USB disconnect, device number 17 [ 404.378295][T21734] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5368'. [ 404.387306][T21734] netlink: 'syz.3.5368': attribute type 3 has an invalid length. [ 404.416996][T21734] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5368'. [ 404.433855][T21734] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5368'. [ 404.455275][T21738] device bridge_slave_1 left promiscuous mode [ 404.472912][T21738] bridge0: port 2(bridge_slave_1) entered disabled state [ 404.504279][T21738] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 404.920144][T21765] loop2: detected capacity change from 0 to 512 [ 405.066577][T21765] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 405.163042][T21765] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 405.216352][T21765] System zones: 0-1, 15-15, 18-18, 34-34 [ 405.243948][T21765] EXT4-fs (loop2): orphan cleanup on readonly fs [ 405.268289][T21765] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 405.307781][T21765] EXT4-fs warning (device loop2): ext4_enable_quotas:7068: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 405.349060][T21765] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 405.359381][T21765] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.5379: bg 0: block 40: padding at end of block bitmap is not set [ 405.423525][T21765] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 405.444331][T21762] loop3: detected capacity change from 0 to 40427 [ 405.467372][T21765] EXT4-fs (loop2): 1 truncate cleaned up [ 405.478046][T21765] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 405.494190][T21762] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 405.528199][T21762] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 405.556172][T21765] EXT4-fs error (device loop2): ext4_encrypted_get_link:46: inode #16: comm syz.2.5379: bad symlink. [ 405.667938][T21762] F2FS-fs (loop3): Found nat_bits in checkpoint [ 405.787217][T21762] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 405.805542][T21762] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 405.828268][T21808] netlink: 'syz.1.5390': attribute type 2 has an invalid length. [ 405.836081][T21808] netlink: 'syz.1.5390': attribute type 8 has an invalid length. [ 405.888190][T21808] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5390'. [ 405.914074][T21762] fscrypt (loop3, inode 3): Error -61 getting encryption context [ 406.293807][T21823] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5397'. [ 406.345253][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 406.566595][T21834] loop4: detected capacity change from 0 to 128 [ 406.742285][T21842] binder: BC_ATTEMPT_ACQUIRE not supported [ 406.777615][T21842] binder: 21841:21842 ioctl c0306201 2000000003c0 returned -22 [ 407.179825][T21866] loop2: detected capacity change from 0 to 128 [ 407.251644][T21866] autofs4:pid:21866:autofs_fill_super: called with bogus options [ 407.258401][ T4259] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 407.484131][T21884] team0 speed is unknown, defaulting to 1000 [ 407.522241][T21892] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5413'. [ 407.553992][T21884] team0 speed is unknown, defaulting to 1000 [ 407.624633][T21884] team0 speed is unknown, defaulting to 1000 [ 407.724472][T21884] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 407.739737][T21904] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 407.807099][T21884] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 407.891136][T21912] loop2: detected capacity change from 0 to 64 [ 407.900531][T21884] team0 speed is unknown, defaulting to 1000 [ 407.927045][T21884] team0 speed is unknown, defaulting to 1000 [ 407.959452][T21884] team0 speed is unknown, defaulting to 1000 [ 408.019545][T21884] team0 speed is unknown, defaulting to 1000 [ 408.071634][T21884] team0 speed is unknown, defaulting to 1000 [ 408.138899][T21930] device ipvlan1 entered promiscuous mode [ 408.327906][T21944] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 408.365471][T21945] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5428'. [ 408.819791][T21976] loop1: detected capacity change from 0 to 8 [ 408.918617][T21976] SQUASHFS error: Unable to read inode 0xe3 [ 408.961022][T21978] [U] ^C [ 409.265110][T22002] loop4: detected capacity change from 0 to 2048 [ 409.295338][T22002] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 409.315306][T22010] ubi0: attaching mtd0 [ 409.339064][T22010] ubi0 error: ubi_attach_mtd_dev: bad VID header (37978) or data offsets (38042) [ 409.795518][T22039] loop3: detected capacity change from 0 to 512 [ 409.865694][T22039] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 410.034558][T22039] EXT4-fs (loop3): 1 truncate cleaned up [ 410.058599][T22039] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 410.148834][T22039] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #2: block 13: comm syz.3.5459: bad entry in directory: '.' directory cannot be the last in data block - offset=0, inode=2, rec_len=1024, size=1024 fake=1 [ 410.333467][ T4272] EXT4-fs (loop3): unmounting filesystem. [ 410.400821][T22069] loop2: detected capacity change from 0 to 4096 [ 410.442375][T22069] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512) [ 410.542219][T22069] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 410.599831][T22069] ntfs3: loop2: Failed to load $Extend. [ 410.723739][T22089] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5472'. [ 410.726276][T22090] siw: device registration error -23 [ 410.761772][T22089] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5472'. [ 411.301576][T22124] 9pnet_fd: p9_fd_create_tcp (22124): problem connecting socket to 127.0.0.1 [ 411.419977][T22129] loop1: detected capacity change from 0 to 1024 [ 411.513044][T22129] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 411.542331][T22139] loop2: detected capacity change from 0 to 1024 [ 411.601645][T22129] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 411.626560][T22139] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 411.638806][T22129] System zones: 0-1, 3-36 [ 411.706913][T22139] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 411.715664][T22129] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 411.716200][T22139] EXT4-fs (loop2): orphan cleanup on readonly fs [ 411.735511][T22154] Cannot find del_set index 286 as target [ 411.749261][T22139] EXT4-fs error (device loop2): ext4_map_blocks:745: inode #3: block 3: comm syz.2.5491: lblock 3 mapped to illegal pblock 3 (length 1) [ 411.786923][T22139] Quota error (device loop2): write_blk: dquota write failed [ 411.808215][T22139] Quota error (device loop2): find_free_dqentry: Can't write quota data block 3 [ 411.848018][T22139] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 411.887803][T22139] EXT4-fs error (device loop2): ext4_acquire_dquot:6816: comm syz.2.5491: Failed to acquire dquot type 0 [ 411.918713][T22139] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 3: comm syz.2.5491: lblock 3 mapped to illegal pblock 3 (length 1) [ 411.991908][ T4267] EXT4-fs (loop1): unmounting filesystem. [ 412.030042][T22139] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 412.051022][T22139] EXT4-fs error (device loop2): ext4_acquire_dquot:6816: comm syz.2.5491: Failed to acquire dquot type 0 [ 412.088829][T22139] EXT4-fs error (device loop2): ext4_free_blocks:6205: comm syz.2.5491: Freeing blocks not in datazone - block = 0, count = 4096 [ 412.195282][T22139] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 3: comm syz.2.5491: lblock 3 mapped to illegal pblock 3 (length 1) [ 412.268565][T22139] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 412.316182][T22139] EXT4-fs error (device loop2): ext4_acquire_dquot:6816: comm syz.2.5491: Failed to acquire dquot type 0 [ 412.376242][T22139] EXT4-fs (loop2): 1 orphan inode deleted [ 412.414283][T22139] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 412.464680][T22139] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.5491: iget: bad extended attribute block 6 [ 412.593838][T22200] netlink: 'syz.0.5508': attribute type 21 has an invalid length. [ 412.654658][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 412.860700][ T26] audit: type=1326 audit(412.817:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22215 comm="syz.2.5512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 412.924461][ T26] audit: type=1326 audit(412.847:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22215 comm="syz.2.5512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 412.993573][ T26] audit: type=1326 audit(412.857:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22215 comm="syz.2.5512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 413.065610][ T26] audit: type=1326 audit(412.857:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22215 comm="syz.2.5512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 413.131812][T22234] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5519'. [ 413.180188][T22240] comedi comedi0: Minor 7 could not be opened [ 413.188205][ T26] audit: type=1326 audit(412.857:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22215 comm="syz.2.5512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d1038ebe9 code=0x7ffc0000 [ 413.565978][T22267] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5529'. [ 413.642012][T22274] loop2: detected capacity change from 0 to 512 [ 413.674338][T22274] EXT4-fs (loop2): Test dummy encryption mode enabled [ 413.704477][T22274] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 413.728481][ T4346] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 413.787749][T22274] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.5531: bad orphan inode 131083 [ 413.852236][T22274] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 413.917731][T22274] EXT4-fs error (device loop2): ext4_lookup:1850: inode #2: comm syz.2.5531: bad inode number: 12 [ 413.929109][ T4346] usb 4-1: Using ep0 maxpacket: 16 [ 413.936890][ T4346] usb 4-1: config 0 has no interfaces? [ 413.950751][ T4346] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 413.985270][ T4346] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 414.006485][ T4346] usb 4-1: Product: syz [ 414.026922][ T4346] usb 4-1: Manufacturer: syz [ 414.051101][ T4346] usb 4-1: SerialNumber: syz [ 414.077730][ T4346] r8152-cfgselector 4-1: config 0 descriptor?? [ 414.106193][ T4266] EXT4-fs (loop2): unmounting filesystem. [ 414.315774][ T4346] usbip-host 4-1: 4-1 is not in match_busid table... skip! [ 414.520416][ T4648] usb 4-1: USB disconnect, device number 14 [ 415.058299][ T4274] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 415.208401][ T4346] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 415.238182][ T4274] usb 3-1: Using ep0 maxpacket: 8 [ 415.247050][ T4274] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 415.299885][ T4274] usb 3-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 415.310095][ T4274] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 415.318522][ T4274] usb 3-1: Product: syz [ 415.323262][ T4274] usb 3-1: Manufacturer: syz [ 415.327975][ T4274] usb 3-1: SerialNumber: syz [ 415.350045][ T4274] usb 3-1: config 0 descriptor?? [ 415.375455][ T4274] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 415.392311][ T4346] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 415.417223][ T4346] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 415.425973][ T4274] usb 3-1: selecting invalid altsetting 1 [ 415.442084][ T4346] usb 5-1: Product: syz [ 415.446346][ T4346] usb 5-1: Manufacturer: syz [ 415.462482][ T4346] usb 5-1: SerialNumber: syz [ 415.474832][ T4346] usb 5-1: config 0 descriptor?? [ 415.563920][ T4274] gspca_stk014: init reg: 0x00 [ 415.569194][ T4274] stk014: probe of 3-1:0.0 failed with error -5 [ 415.723272][ T4346] hso 5-1:0.0: Failed to find INT IN ep [ 415.729715][ T4346] usb-storage 5-1:0.0: USB Mass Storage device detected [ 415.787279][ T4274] usb 3-1: USB disconnect, device number 19 [ 415.938280][ T4346] usb 5-1: USB disconnect, device number 18 [ 416.173535][T22435] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 416.272327][T22435] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 416.491038][T22431] loop1: detected capacity change from 0 to 32768 [ 416.604379][T22431] (syz.1.5571,22431,0):ocfs2_init_local_system_inodes:492 ERROR: status=-22, sysfile=7, slot=0 [ 416.630017][T22431] (syz.1.5571,22431,1):ocfs2_init_local_system_inodes:501 ERROR: status = -22 [ 416.694127][T22431] (syz.1.5571,22431,1):ocfs2_mount_volume:1815 ERROR: status = -22 [ 416.727536][T22431] (syz.1.5571,22431,1):ocfs2_fill_super:1176 ERROR: status = -22 [ 416.889946][T22494] loop2: detected capacity change from 0 to 2048 [ 417.328521][ T4274] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 417.363277][T22528] loop4: detected capacity change from 0 to 2048 [ 417.395621][T22532] loop3: detected capacity change from 0 to 1764 [ 417.412667][T22528] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 417.506067][T22532] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 417.506897][T22539] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 417.538255][ T4274] usb 3-1: Using ep0 maxpacket: 16 [ 417.549879][ T4274] usb 3-1: config 0 has an invalid interface number: 2 but max is 0 [ 417.557958][ T4274] usb 3-1: config 0 has no interface number 0 [ 417.588415][ T4274] usb 3-1: config 0 interface 2 altsetting 0 endpoint 0xC has invalid maxpacket 37835, setting to 1024 [ 417.667804][ T4274] usb 3-1: config 0 interface 2 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1024 [ 417.709718][ T4274] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 417.741024][ T4274] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 417.804468][ T4274] usb 3-1: Product: syz [ 417.825522][ T4274] usb 3-1: SerialNumber: syz [ 417.850245][ T4274] usb 3-1: config 0 descriptor?? [ 417.855776][T22494] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 418.085615][ T4274] usb 3-1: invalid MIDI in EP 0 [ 418.211269][T22581] netlink: 'syz.4.5596': attribute type 11 has an invalid length. [ 418.229839][ T4274] snd-usb-audio: probe of 3-1:0.2 failed with error -22 [ 418.239739][T22581] netlink: 216 bytes leftover after parsing attributes in process `syz.4.5596'. [ 418.266536][ T4595] udevd[4595]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 418.283242][ T4274] usb 3-1: USB disconnect, device number 20 [ 418.302844][T22594] loop3: detected capacity change from 0 to 1024 [ 418.334074][T22602] loop1: detected capacity change from 0 to 164 [ 418.391704][T22602] rock: directory entry would overflow storage [ 418.397954][T22602] rock: sig=0x4543, size=28, remaining=18 [ 418.498325][T22594] hfsplus: inconsistency in B*Tree (0,1,255,1,0) [ 418.538477][T22594] hfsplus: xattr searching failed [ 419.098570][ T4648] usb 3-1: new full-speed USB device number 21 using dummy_hcd [ 419.300176][ T4648] usb 3-1: config 0 has an invalid interface number: 152 but max is 0 [ 419.338667][ T4648] usb 3-1: config 0 has no interface number 0 [ 419.348523][ T4648] usb 3-1: config 0 interface 152 altsetting 7 endpoint 0xA has invalid maxpacket 1024, setting to 64 [ 419.381809][ T4648] usb 3-1: config 0 interface 152 has no altsetting 0 [ 419.415531][ T4648] usb 3-1: New USB device found, idVendor=0e7e, idProduct=1001, bcdDevice=a3.17 [ 419.459825][ T4648] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 419.486546][ T4648] usb 3-1: Product: syz [ 419.518891][ T4648] usb 3-1: Manufacturer: syz [ 419.544002][ T4648] usb 3-1: SerialNumber: syz [ 419.576191][ T4648] usb 3-1: config 0 descriptor?? [ 419.595211][T22629] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 419.619926][ T4648] hub 3-1:0.152: bad descriptor, ignoring hub [ 419.626159][ T4648] hub: probe of 3-1:0.152 failed with error -5 [ 419.655029][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 419.655041][ T26] audit: type=1326 audit(419.607:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22686 comm="syz.3.5615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f760a38ebe9 code=0x7ffc0000 [ 419.758524][ T26] audit: type=1326 audit(419.657:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22686 comm="syz.3.5615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f760a38ebe9 code=0x7ffc0000 [ 419.840675][T22629] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 419.886205][ T4648] cdc_subset 3-1:0.152 usb0: register 'cdc_subset' at usb-dummy_hcd.2-1, Yopy, c6:fc:f2:92:7b:bc [ 419.898274][ T26] audit: type=1326 audit(419.667:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22686 comm="syz.3.5615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f760a38ebe9 code=0x7ffc0000 [ 419.975912][ T26] audit: type=1326 audit(419.667:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22686 comm="syz.3.5615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f760a38ebe9 code=0x7ffc0000 [ 420.028180][ T26] audit: type=1326 audit(419.667:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22686 comm="syz.3.5615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f760a38ebe9 code=0x7ffc0000 [ 420.218252][ T4650] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 420.239674][ T4346] usb 3-1: USB disconnect, device number 21 [ 420.256834][ T4346] cdc_subset 3-1:0.152 usb0: unregister 'cdc_subset' usb-dummy_hcd.2-1, Yopy [ 420.420465][ T4650] usb 5-1: config 0 has an invalid interface number: 120 but max is 0 [ 420.439116][ T4650] usb 5-1: config 0 has no interface number 0 [ 420.468170][ T4650] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 420.499869][ T4650] usb 5-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 420.532881][ T4650] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 420.584524][ T4650] usb 5-1: config 0 descriptor?? [ 420.611116][ T4650] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.120/input/input13 [ 420.704676][T22680] loop1: detected capacity change from 0 to 32768 [ 420.815871][T22748] process 'syz.0.5626' launched './file2' with NULL argv: empty string added [ 420.840209][T22680] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 420.908545][ T4346] usb 5-1: USB disconnect, device number 19 [ 420.967607][T22680] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 421.143668][T22680] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 421.268428][T22680] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 422.447310][T22854] loop1: detected capacity change from 0 to 128 [ 422.467817][T22854] EXT4-fs: Ignoring removed nomblk_io_submit option [ 422.504920][T22854] EXT4-fs: Ignoring removed bh option [ 422.527941][T22854] EXT4-fs (loop1): Test dummy encryption mode enabled [ 422.547649][T22795] loop2: detected capacity change from 0 to 32768 [ 422.589249][T22854] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 422.613502][T22795] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.5635 (22795) [ 422.635323][T22795] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 422.710886][T22795] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 422.718505][T22854] EXT4-fs: Ignoring removed nomblk_io_submit option [ 422.726233][T22854] EXT4-fs: Ignoring removed bh option [ 422.767229][T22854] EXT4-fs error (device loop1): __ext4_remount:6625: comm syz.1.5648: Abort forced by user [ 422.769914][T22795] BTRFS info (device loop2): using free space tree [ 422.814937][T22854] EXT4-fs (loop1): re-mounted. Quota mode: none. [ 422.869684][T22809] loop3: detected capacity change from 0 to 32768 [ 422.977927][ T4267] EXT4-fs (loop1): unmounting filesystem. [ 423.307635][T22795] BTRFS info (device loop2): enabling ssd optimizations [ 423.703307][ T4266] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 424.598862][T22981] sctp: [Deprecated]: syz.3.5674 (pid 22981) Use of int in maxseg socket option. [ 424.598862][T22981] Use struct sctp_assoc_value instead [ 424.987500][T22990] loop1: detected capacity change from 0 to 8192 [ 425.455595][T23034] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5690'. [ 425.529407][T23034] netlink: 332 bytes leftover after parsing attributes in process `syz.2.5690'. [ 425.594510][T23042] loop1: detected capacity change from 0 to 16 [ 425.630654][T23042] erofs: (device loop1): mounted with root inode @ nid 36. [ 425.635985][T23045] netlink: 'syz.3.5693': attribute type 11 has an invalid length. [ 425.646644][T23045] netlink: 216 bytes leftover after parsing attributes in process `syz.3.5693'. [ 427.462869][T23096] loop4: detected capacity change from 0 to 32768 [ 427.558812][T23170] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5723'. [ 427.618266][T23170] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5723'. [ 429.040821][T23244] loop3: detected capacity change from 0 to 4096 [ 429.041750][T23250] loop2: detected capacity change from 0 to 2048 [ 429.082397][T23244] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 429.160077][T23250] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 429.252846][T23250] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 429.288593][T23250] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 429.322569][T23250] UDF-fs: Scanning with blocksize 512 failed [ 429.362632][T23250] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 429.653668][T23278] loop1: detected capacity change from 0 to 764 [ 429.703341][T23278] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 429.803452][T23285] netlink: 'syz.0.5752': attribute type 11 has an invalid length. [ 429.852848][T23285] netlink: 216 bytes leftover after parsing attributes in process `syz.0.5752'. [ 430.220500][T23324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5759'. [ 430.294675][ T4646] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 430.498288][ T4646] usb 5-1: Using ep0 maxpacket: 16 [ 430.502383][ T4646] usb 5-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 430.502413][ T4646] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 430.502431][ T4646] usb 5-1: Product: syz [ 430.502444][ T4646] usb 5-1: Manufacturer: syz [ 430.502457][ T4646] usb 5-1: SerialNumber: syz [ 430.504196][ T4646] usb 5-1: config 0 descriptor?? [ 430.609336][ T4646] ssu100 5-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 430.828272][T23350] loop1: detected capacity change from 0 to 2048 [ 430.851179][T23358] loop2: detected capacity change from 0 to 2048 [ 430.898323][T23350] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 430.918931][T23358] NILFS (loop2): invalid segment: Magic number mismatch [ 430.942694][T23358] NILFS (loop2): trying rollback from an earlier position [ 430.991270][T23350] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 431.007896][T23358] NILFS (loop2): recovery complete [ 431.016568][ T4646] ssu100: probe of 5-1:0.0 failed with error -71 [ 431.047047][T23350] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 431.057919][ T4646] usb 5-1: USB disconnect, device number 20 [ 431.074451][T23374] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 431.111214][T23350] UDF-fs: Scanning with blocksize 512 failed [ 431.136205][T23358] NILFS (loop2): unrecognized mount option "01777777777777777777777ÿÿÿñ¼ÊíXc¥vÌ:ýQºòœÞ" [ 431.153029][T23350] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 431.411450][T23391] netlink: 'syz.2.5772': attribute type 11 has an invalid length. [ 431.439140][T23391] netlink: 216 bytes leftover after parsing attributes in process `syz.2.5772'. [ 431.989653][T23432] SET target dimension over the limit! [ 432.059150][T23426] loop3: detected capacity change from 0 to 4096 [ 432.262309][T23445] loop4: detected capacity change from 0 to 1024 [ 432.308646][T23445] EXT4-fs (loop4): bad geometry: first data block 0 is beyond end of filesystem (0) [ 432.919599][T23487] loop1: detected capacity change from 0 to 256 [ 432.933546][ T26] audit: type=1400 audit(432.887:152): apparmor="DENIED" operation="change_hat" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=23483 comm="syz.4.5794" [ 432.985446][T23487] UBIFS error (pid: 23487): cannot open "ubifs", error -22 [ 433.684693][T23538] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5805'. [ 433.738739][T23538] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5805'. [ 433.973548][T23547] bridge0: port 1(bridge_slave_0) entered disabled state [ 434.019424][T23547] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5807'. [ 434.048261][T23547] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 434.174759][T23553] loop3: detected capacity change from 0 to 4096 [ 434.310936][T23553] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 434.356115][T23553] ntfs3: loop3: Failed to load $Extend. [ 434.569424][T23583] kAFS: unable to lookup cell '/' [ 435.251864][T23627] loop3: detected capacity change from 0 to 64 [ 435.406324][T23627] Trying to free block not in datazone [ 436.828364][T23731] netlink: 'syz.0.5860': attribute type 27 has an invalid length. [ 436.874114][T23731] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 436.982785][T23741] loop4: detected capacity change from 0 to 136 [ 437.045621][T23741] Attempt to read inode for relocated directory [ 437.075478][T23746] loop1: detected capacity change from 0 to 16 [ 437.159709][T23746] erofs: (device loop1): mounted with root inode @ nid 36. [ 437.268616][T23746] erofs: (device loop1): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 437.288851][ T4268] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192] [ 437.311363][T23746] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192] [ 437.337065][ T26] audit: type=1800 audit(437.287:153): pid=23746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5865" name="file2" dev="loop1" ino=89 res=0 errno=0 [ 437.384841][T23769] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5871'. [ 437.613394][T23783] loop3: detected capacity change from 0 to 1764 [ 437.931898][T23810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5882'. [ 438.049698][T23825] netlink: 'syz.4.5886': attribute type 21 has an invalid length. [ 438.113982][T23825] netlink: 164 bytes leftover after parsing attributes in process `syz.4.5886'. [ 438.321073][T23841] xt_l2tp: v2 tid > 0xffff: 134217728 [ 438.333986][T23832] loop3: detected capacity change from 0 to 4096 [ 438.358776][T23832] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 438.430660][T23832] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 438.483759][T23832] ntfs3: loop3: mft corrupted [ 438.508388][T23832] ntfs3: loop3: Failed to load $Extend. [ 438.747399][T23861] loop1: detected capacity change from 0 to 1024 [ 439.054565][T23876] xt_bpf: check failed: parse error [ 439.403180][T23843] loop4: detected capacity change from 0 to 32768 [ 439.980603][ T1274] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.987077][ T1274] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.631566][T23917] loop1: detected capacity change from 0 to 32768 [ 440.721898][T23917] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 440.853262][T23917] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has an invalid fs_generation of #0 [ 440.888305][T23917] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 440.932003][T23917] OCFS2: File system is now read-only. [ 440.937570][T23917] (syz.1.5914,23917,0):ocfs2_search_chain:1761 ERROR: status = -30 [ 441.016256][T23917] (syz.1.5914,23917,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 441.058201][T23917] (syz.1.5914,23917,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 441.108459][T23917] (syz.1.5914,23917,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 441.214981][T23917] (syz.1.5914,23917,0):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 441.238414][T23917] (syz.1.5914,23917,0):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 441.258273][T23917] (syz.1.5914,23917,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 441.289202][T23917] (syz.1.5914,23917,0):ocfs2_mknod:385 ERROR: status = -30 [ 441.321759][T23917] (syz.1.5914,23917,0):ocfs2_mknod:502 ERROR: status = -30 [ 441.344409][T24006] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 441.379869][T23917] (syz.1.5914,23917,0):ocfs2_mkdir:659 ERROR: status = -30 [ 441.499462][T24012] loop4: detected capacity change from 0 to 256 [ 441.618313][T24012] FAT-fs (loop4): Directory bread(block 64) failed [ 441.630683][T24022] xt_CONNSECMARK: invalid mode: 0 [ 441.646532][ T4267] ocfs2: Unmounting device (7,1) on (node local) [ 441.665887][T24012] FAT-fs (loop4): Directory bread(block 65) failed [ 441.745116][T24012] FAT-fs (loop4): Directory bread(block 66) failed [ 441.780808][T24012] FAT-fs (loop4): Directory bread(block 67) failed [ 441.787741][T24012] FAT-fs (loop4): Directory bread(block 68) failed [ 441.838650][T24012] FAT-fs (loop4): Directory bread(block 69) failed [ 441.845326][T24012] FAT-fs (loop4): Directory bread(block 70) failed [ 441.903719][T24012] FAT-fs (loop4): Directory bread(block 71) failed [ 441.918231][T24012] FAT-fs (loop4): Directory bread(block 72) failed [ 441.924896][T24012] FAT-fs (loop4): Directory bread(block 73) failed [ 441.998412][ T26] audit: type=1326 audit(441.957:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24038 comm="syz.0.5953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234418ebe9 code=0x7ffc0000 [ 442.095260][ T26] audit: type=1326 audit(441.957:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24038 comm="syz.0.5953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f234418ebe9 code=0x7ffc0000 [ 442.199902][ T26] audit: type=1326 audit(441.957:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24038 comm="syz.0.5953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234418ebe9 code=0x7ffc0000 [ 442.231252][ T26] audit: type=1326 audit(441.957:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24038 comm="syz.0.5953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f234418ebe9 code=0x7ffc0000 [ 442.409939][T24060] loop1: detected capacity change from 0 to 64 [ 442.817876][T24093] netlink: 256 bytes leftover after parsing attributes in process `syz.3.5968'. [ 443.114175][T24114] netlink: 'syz.3.5973': attribute type 4 has an invalid length. [ 443.353533][T24130] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5980'. [ 444.022732][T24172] capability: warning: `syz.4.5993' uses 32-bit capabilities (legacy support in use) [ 444.235691][T24184] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5997'. [ 444.766701][T24215] trusted_key: encrypted_key: keyword 'ryptfs' not recognized [ 445.566952][T24296] loop1: detected capacity change from 0 to 256 [ 445.906377][T24308] comedi comedi0: adq12b: I/O port conflict (0x5,16) [ 446.026262][T24235] loop4: detected capacity change from 0 to 32768 [ 446.103576][T24235] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop4 scanned by syz.4.6014 (24235) [ 446.206057][T24235] BTRFS info (device loop4): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 446.255906][T24235] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 446.305344][T24235] BTRFS info (device loop4): turning on flush-on-commit [ 446.334348][T24329] tc_dump_action: action bad kind [ 446.342387][T24282] loop3: detected capacity change from 0 to 32768 [ 446.366086][T24235] BTRFS info (device loop4): turning off barriers [ 446.397183][T24235] BTRFS info (device loop4): turning on sync discard [ 446.439466][T24282] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 446.448522][T24235] BTRFS info (device loop4): using free space tree [ 446.561359][T24282] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 446.883174][ T4272] ocfs2: Unmounting device (7,3) on (node local) [ 446.933986][T24373] loop1: detected capacity change from 0 to 64 [ 447.132429][ T4277] BTRFS info (device loop4): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 447.394996][T12852] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop4 scanned by udevd (12852) [ 447.409767][T24395] xt_socket: unknown flags 0x50 [ 447.860228][T24415] loop3: detected capacity change from 0 to 1024 [ 447.868742][T24416] Unknown options in mask 5 [ 448.408815][T24390] loop2: detected capacity change from 0 to 32768 [ 448.440301][T24390] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.6045 (24390) [ 448.477976][T24390] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 448.536622][T24390] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 448.594057][T24390] BTRFS info (device loop2): force zlib compression, level 3 [ 448.628205][T24447] loop1: detected capacity change from 0 to 4096 [ 448.633248][T24390] BTRFS info (device loop2): force clearing of disk cache [ 448.681407][T24447] ntfs3: loop1: ino=3, Correct links count -> 2. [ 448.700186][T24460] loop3: detected capacity change from 0 to 64 [ 448.718526][T24390] BTRFS info (device loop2): setting nodatasum [ 448.755313][T24390] BTRFS info (device loop2): allowing degraded mounts [ 448.776474][T24460] Trying to free block not in datazone [ 448.782881][T24390] BTRFS info (device loop2): enabling disk space caching [ 448.806338][T24390] BTRFS info (device loop2): disk space caching is enabled [ 448.815027][T24460] Trying to free block not in datazone [ 448.849245][T24460] Trying to free block not in datazone [ 448.886940][T24460] Trying to free block not in datazone [ 448.901790][T24460] minix_free_block (loop3:6): bit already cleared [ 448.930529][T24460] Trying to free block not in datazone [ 449.014330][T24460] Trying to free block not in datazone [ 449.080128][T24390] BTRFS info (device loop2): rebuilding free space tree [ 449.214679][T24390] BTRFS info (device loop2): disabling free space tree [ 449.252842][T24390] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 449.337850][T24390] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 449.785889][ T4266] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 449.890220][T24533] loop1: detected capacity change from 0 to 1764 [ 450.272244][T24553] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 450.461489][T24565] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6080'. [ 450.495576][T24568] xt_TCPMSS: Only works on TCP SYN packets [ 450.678340][T24578] loop3: detected capacity change from 0 to 164 [ 450.764453][T24578] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 451.307244][T24617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6106'. [ 451.335095][T24570] loop4: detected capacity change from 0 to 32768 [ 451.357309][T24617] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6106'. [ 451.395374][T24570] (syz.4.6091,24570,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 451.515380][T24570] (syz.4.6091,24570,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 451.651850][T24570] JBD2: Ignoring recovery information on journal [ 451.826532][T24570] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 451.931207][T24570] [ 451.933701][T24570] ====================================================== [ 451.940946][T24570] WARNING: possible circular locking dependency detected [ 451.947993][T24570] syzkaller #0 Not tainted [ 451.952408][T24570] ------------------------------------------------------ [ 451.959437][T24570] syz.4.6091/24570 is trying to acquire lock: [ 451.965524][T24570] ffff88804d453488 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: ocfs2_reserve_local_alloc_bits+0x122/0x2670 [ 451.979124][T24570] [ 451.979124][T24570] but task is already holding lock: [ 451.986509][T24570] ffff888055253120 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_lock_global_qf+0x1e5/0x270 [ 451.997412][T24570] [ 451.997412][T24570] which lock already depends on the new lock. [ 451.997412][T24570] [ 452.007829][T24570] [ 452.007829][T24570] the existing dependency chain (in reverse order) is: [ 452.016858][T24570] [ 452.016858][T24570] -> #7 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}: [ 452.025743][T24570] down_write+0x36/0x60 [ 452.030442][T24570] ocfs2_lock_global_qf+0x1e5/0x270 [ 452.036182][T24570] ocfs2_acquire_dquot+0x2a0/0xb10 [ 452.041839][T24570] dqget+0x778/0xeb0 [ 452.046273][T24570] dquot_set_dqblk+0x27/0xf90 [ 452.051496][T24570] quota_setquota+0x4ac/0x530 [ 452.056760][T24570] __se_sys_quotactl+0x295/0x6b0 [ 452.062328][T24570] do_syscall_64+0x4c/0xa0 [ 452.067284][T24570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 452.073726][T24570] [ 452.073726][T24570] -> #6 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7){+.+.}-{3:3}: [ 452.084263][T24570] down_write+0x36/0x60 [ 452.088963][T24570] ocfs2_lock_global_qf+0x1c7/0x270 [ 452.094700][T24570] ocfs2_acquire_dquot+0x2a0/0xb10 [ 452.100351][T24570] dqget+0x778/0xeb0 [ 452.104780][T24570] dquot_set_dqblk+0x27/0xf90 [ 452.109993][T24570] quota_setquota+0x4ac/0x530 [ 452.115208][T24570] __se_sys_quotactl+0x295/0x6b0 [ 452.120687][T24570] do_syscall_64+0x4c/0xa0 [ 452.125646][T24570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 452.132080][T24570] [ 452.132080][T24570] -> #5 (&dquot->dq_lock){+.+.}-{3:3}: [ 452.139745][T24570] __mutex_lock+0x120/0xaf0 [ 452.144872][T24570] dquot_commit+0x5a/0x410 [ 452.149831][T24570] ext4_write_dquot+0x1f0/0x360 [ 452.155310][T24570] mark_all_dquot_dirty+0xf9/0x400 [ 452.160952][T24570] __dquot_alloc_space+0x5fc/0xe60 [ 452.166680][T24570] ext4_mb_new_blocks+0xf74/0x4720 [ 452.172329][T24570] ext4_ext_map_blocks+0x143c/0x66d0 [ 452.178154][T24570] ext4_map_blocks+0x9d1/0x1b60 [ 452.183544][T24570] ext4_getblk+0x1ab/0x6d0 [ 452.188509][T24570] ext4_bread+0x26/0x170 [ 452.193293][T24570] ext4_symlink+0x537/0x9c0 [ 452.198336][T24570] vfs_symlink+0x247/0x3d0 [ 452.203291][T24570] do_symlinkat+0x1ae/0x3f0 [ 452.208418][T24570] __x64_sys_symlinkat+0x95/0xa0 [ 452.213900][T24570] do_syscall_64+0x4c/0xa0 [ 452.218853][T24570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 452.225288][T24570] [ 452.225288][T24570] -> #4 (&ei->i_data_sem){++++}-{3:3}: [ 452.232949][T24570] down_write+0x36/0x60 [ 452.237640][T24570] ext4_truncate+0x987/0x1230 [ 452.242869][T24570] ext4_setattr+0x10cb/0x19f0 [ 452.248319][T24570] notify_change+0xc74/0xf40 [ 452.253441][T24570] do_truncate+0x197/0x220 [ 452.258397][T24570] do_sys_ftruncate+0x312/0x3c0 [ 452.263786][T24570] do_syscall_64+0x4c/0xa0 [ 452.268745][T24570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 452.275183][T24570] [ 452.275183][T24570] -> #3 (jbd2_handle){++++}-{0:0}: [ 452.282500][T24570] start_this_handle+0x1f49/0x2150 [ 452.288151][T24570] jbd2__journal_start+0x2b7/0x5a0 [ 452.293805][T24570] jbd2_journal_start+0x26/0x30 [ 452.299241][T24570] ocfs2_start_trans+0x372/0x6c0 [ 452.304720][T24570] ocfs2_modify_bh+0xe5/0x460 [ 452.309954][T24570] ocfs2_local_read_info+0x13b1/0x16e0 [ 452.315959][T24570] dquot_load_quota_sb+0x756/0xac0 [ 452.321695][T24570] dquot_load_quota_inode+0x2d8/0x5d0 [ 452.327781][T24570] ocfs2_enable_quotas+0x1c3/0x440 [ 452.333444][T24570] ocfs2_fill_super+0x409f/0x4d00 [ 452.339107][T24570] mount_bdev+0x287/0x3c0 [ 452.344247][T24570] legacy_get_tree+0xe6/0x180 [ 452.349549][T24570] vfs_get_tree+0x88/0x270 [ 452.354500][T24570] do_new_mount+0x24a/0xa40 [ 452.359542][T24570] __se_sys_mount+0x2d6/0x3c0 [ 452.364933][T24570] do_syscall_64+0x4c/0xa0 [ 452.369882][T24570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 452.374157][T24663] loop3: detected capacity change from 0 to 8192 [ 452.376301][T24570] [ 452.376301][T24570] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 452.391145][T24570] down_read+0x42/0x2d0 [ 452.395845][T24570] ocfs2_start_trans+0x366/0x6c0 [ 452.401325][T24570] ocfs2_modify_bh+0xe5/0x460 [ 452.406548][T24570] ocfs2_local_read_info+0x13b1/0x16e0 [ 452.412627][T24570] dquot_load_quota_sb+0x756/0xac0 [ 452.418281][T24570] dquot_load_quota_inode+0x2d8/0x5d0 [ 452.424193][T24570] ocfs2_enable_quotas+0x1c3/0x440 [ 452.429930][T24570] ocfs2_fill_super+0x409f/0x4d00 [ 452.435489][T24570] mount_bdev+0x287/0x3c0 [ 452.440335][T24570] legacy_get_tree+0xe6/0x180 [ 452.445544][T24570] vfs_get_tree+0x88/0x270 [ 452.450487][T24570] do_new_mount+0x24a/0xa40 [ 452.455588][T24570] __se_sys_mount+0x2d6/0x3c0 [ 452.460783][T24570] do_syscall_64+0x4c/0xa0 [ 452.465732][T24570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 452.472186][T24570] [ 452.472186][T24570] -> #1 (sb_internal#4){.+.+}-{0:0}: [ 452.479747][T24570] ocfs2_start_trans+0x267/0x6c0 [ 452.485288][T24570] ocfs2_mknod+0xe6a/0x2350 [ 452.490300][T24570] ocfs2_create+0x1b6/0x4a0 [ 452.495394][T24570] path_openat+0x1187/0x2e70 [ 452.500585][T24570] do_filp_open+0x1c1/0x3c0 [ 452.505594][T24570] do_sys_openat2+0x142/0x490 [ 452.510780][T24570] __x64_sys_openat+0x135/0x160 [ 452.516226][T24570] do_syscall_64+0x4c/0xa0 [ 452.521144][T24570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 452.527558][T24570] [ 452.527558][T24570] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}: [ 452.538061][T24570] __lock_acquire+0x2cf8/0x7c50 [ 452.543440][T24570] lock_acquire+0x1b4/0x490 [ 452.548460][T24570] down_write+0x36/0x60 [ 452.553130][T24570] ocfs2_reserve_local_alloc_bits+0x122/0x2670 [ 452.560000][T24570] ocfs2_reserve_clusters_with_limit+0x1bb/0xba0 [ 452.567025][T24570] ocfs2_lock_allocators+0x2f7/0x5b0 [ 452.572913][T24570] ocfs2_extend_allocation+0x394/0x1840 [ 452.578997][T24570] ocfs2_extend_no_holes+0x20b/0x490 [ 452.584789][T24570] ocfs2_acquire_dquot+0x5e8/0xb10 [ 452.590413][T24570] dqget+0x778/0xeb0 [ 452.595083][T24570] dquot_set_dqblk+0x27/0xf90 [ 452.600359][T24570] quota_setquota+0x4ac/0x530 [ 452.605543][T24570] __se_sys_quotactl+0x295/0x6b0 [ 452.611053][T24570] do_syscall_64+0x4c/0xa0 [ 452.616008][T24570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 452.622423][T24570] [ 452.622423][T24570] other info that might help us debug this: [ 452.622423][T24570] [ 452.632817][T24570] Chain exists of: [ 452.632817][T24570] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6 --> &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7 --> &ocfs2_quota_ip_alloc_sem_key [ 452.632817][T24570] [ 452.653058][T24570] Possible unsafe locking scenario: [ 452.653058][T24570] [ 452.660492][T24570] CPU0 CPU1 [ 452.665837][T24570] ---- ---- [ 452.671196][T24570] lock(&ocfs2_quota_ip_alloc_sem_key); [ 452.677072][T24570] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7); [ 452.686872][T24570] lock(&ocfs2_quota_ip_alloc_sem_key); [ 452.695123][T24570] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6); [ 452.702612][T24570] [ 452.702612][T24570] *** DEADLOCK *** [ 452.702612][T24570] [ 452.711011][T24570] 4 locks held by syz.4.6091/24570: [ 452.716281][T24570] #0: ffff88807cdea0e0 (&type->s_umount_key#73){++++}-{3:3}, at: user_get_super+0x118/0x240 [ 452.726448][T24570] #1: ffff8880552a60a8 (&dquot->dq_lock){+.+.}-{3:3}, at: ocfs2_acquire_dquot+0x293/0xb10 [ 452.736449][T24570] #2: ffff888055253488 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#7){+.+.}-{3:3}, at: ocfs2_lock_global_qf+0x1c7/0x270 [ 452.749428][T24570] #3: ffff888055253120 (&ocfs2_quota_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_lock_global_qf+0x1e5/0x270 [ 452.760751][T24570] [ 452.760751][T24570] stack backtrace: [ 452.766822][T24570] CPU: 0 PID: 24570 Comm: syz.4.6091 Not tainted syzkaller #0 [ 452.774366][T24570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 452.784611][T24570] Call Trace: [ 452.787880][T24570] [ 452.790799][T24570] dump_stack_lvl+0x168/0x22e [ 452.795481][T24570] ? load_image+0x3b0/0x3b0 [ 452.800260][T24570] ? show_regs_print_info+0x12/0x12 [ 452.805461][T24570] ? print_circular_bug+0x12b/0x1a0 [ 452.810861][T24570] check_noncircular+0x274/0x310 [ 452.816252][T24570] ? add_chain_block+0x940/0x940 [ 452.821727][T24570] ? lockdep_lock+0xdc/0x1e0 [ 452.826781][T24570] ? verify_lock_unused+0x140/0x140 [ 452.831977][T24570] ? _find_first_zero_bit+0xcf/0x100 [ 452.837367][T24570] __lock_acquire+0x2cf8/0x7c50 [ 452.842214][T24570] ? verify_lock_unused+0x140/0x140 [ 452.847415][T24570] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 452.853035][T24570] ? do_raw_spin_lock+0x11d/0x280 [ 452.858074][T24570] ? mutex_unlock+0x10/0x10 [ 452.862566][T24570] ? __rwlock_init+0x140/0x140 [ 452.867322][T24570] ? __rwlock_init+0x140/0x140 [ 452.872093][T24570] ? do_raw_spin_unlock+0x11d/0x230 [ 452.877302][T24570] lock_acquire+0x1b4/0x490 [ 452.881822][T24570] ? ocfs2_reserve_local_alloc_bits+0x122/0x2670 [ 452.888142][T24570] ? __might_sleep+0xd0/0xd0 [ 452.892717][T24570] ? mark_lock+0x94/0x320 [ 452.897033][T24570] ? read_lock_is_recursive+0x10/0x10 [ 452.902392][T24570] ? mark_lock+0x94/0x320 [ 452.906729][T24570] ? __lock_acquire+0x13c0/0x7c50 [ 452.911755][T24570] ? lock_chain_count+0x20/0x20 [ 452.916600][T24570] down_write+0x36/0x60 [ 452.920750][T24570] ? ocfs2_reserve_local_alloc_bits+0x122/0x2670 [ 452.927067][T24570] ocfs2_reserve_local_alloc_bits+0x122/0x2670 [ 452.933209][T24570] ? _raw_spin_unlock+0x40/0x40 [ 452.938053][T24570] ? stack_trace_save+0x98/0xe0 [ 452.942950][T24570] ? verify_lock_unused+0x140/0x140 [ 452.948174][T24570] ? ocfs2_complete_local_alloc_recovery+0x540/0x540 [ 452.954835][T24570] ? kasan_set_track+0x60/0x70 [ 452.959588][T24570] ? kasan_set_track+0x4b/0x70 [ 452.964445][T24570] ? __kasan_kmalloc+0x8e/0xa0 [ 452.969196][T24570] ? ocfs2_reserve_clusters_with_limit+0xe7/0xba0 [ 452.975625][T24570] ? ocfs2_lock_allocators+0x2f7/0x5b0 [ 452.981080][T24570] ? ocfs2_extend_allocation+0x394/0x1840 [ 452.986786][T24570] ? ocfs2_extend_no_holes+0x20b/0x490 [ 452.992319][T24570] ? ocfs2_acquire_dquot+0x5e8/0xb10 [ 452.997957][T24570] ? dqget+0x778/0xeb0 [ 453.002013][T24570] ? dquot_set_dqblk+0x27/0xf90 [ 453.006868][T24570] ? quota_setquota+0x4ac/0x530 [ 453.011729][T24570] ? __se_sys_quotactl+0x295/0x6b0 [ 453.016851][T24570] ? do_syscall_64+0x4c/0xa0 [ 453.021531][T24570] ? ocfs2_alloc_should_use_local+0x16b/0x370 [ 453.027592][T24570] ? __lock_acquire+0x7c50/0x7c50 [ 453.032609][T24570] ? do_raw_spin_lock+0x11d/0x280 [ 453.037635][T24570] ? __rwlock_init+0x140/0x140 [ 453.042386][T24570] ? do_raw_spin_unlock+0x11d/0x230 [ 453.047671][T24570] ? ocfs2_alloc_should_use_local+0x16b/0x370 [ 453.053724][T24570] ocfs2_reserve_clusters_with_limit+0x1bb/0xba0 [ 453.060070][T24570] ? ocfs2_reserve_clusters+0x30/0x30 [ 453.065448][T24570] ? lock_chain_count+0x20/0x20 [ 453.070289][T24570] ? rcu_is_watching+0x11/0xa0 [ 453.075041][T24570] ? ocfs2_num_free_extents+0x2fa/0x620 [ 453.080577][T24570] ? ocfs2_validate_extent_block+0x5e0/0x5e0 [ 453.086545][T24570] ? ocfs2_read_blocks_sync+0xc50/0xc50 [ 453.092097][T24570] ? stack_trace_save+0x98/0xe0 [ 453.097050][T24570] ocfs2_lock_allocators+0x2f7/0x5b0 [ 453.102446][T24570] ? _ocfs2_clear_bit+0x30/0x30 [ 453.107295][T24570] ? ocfs2_read_inode_block+0x11a/0x180 [ 453.112835][T24570] ? ocfs2_read_inode_block_full+0x1a0/0x1a0 [ 453.118803][T24570] ? ocfs2_acquire_dquot+0x2e8/0xb10 [ 453.124074][T24570] ? dquot_set_dqblk+0x27/0xf90 [ 453.128925][T24570] ? quota_setquota+0x4ac/0x530 [ 453.133801][T24570] ? __se_sys_quotactl+0x295/0x6b0 [ 453.138899][T24570] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 453.144975][T24570] ocfs2_extend_allocation+0x394/0x1840 [ 453.150521][T24570] ? __lock_acquire+0x13c0/0x7c50 [ 453.155536][T24570] ? ocfs2_extend_no_holes+0x490/0x490 [ 453.160983][T24570] ? kasan_quarantine_put+0xd4/0x220 [ 453.166257][T24570] ? lockdep_hardirqs_on+0x94/0x140 [ 453.171541][T24570] ? slab_free_freelist_hook+0x131/0x1a0 [ 453.177160][T24570] ? ocfs2_allocate_extend_trans+0x640/0x640 [ 453.183148][T24570] ? find_tree_dqentry+0xbb1/0xf30 [ 453.188256][T24570] ? ocfs2_qinfo_unlock+0xa4/0x140 [ 453.193357][T24570] ocfs2_extend_no_holes+0x20b/0x490 [ 453.198629][T24570] ? ocfs2_zero_extend+0x2950/0x2950 [ 453.203955][T24570] ? do_raw_spin_unlock+0x11d/0x230 [ 453.209228][T24570] ? _raw_spin_unlock+0x24/0x40 [ 453.214066][T24570] ? ocfs2_qinfo_unlock+0x11a/0x140 [ 453.219251][T24570] ocfs2_acquire_dquot+0x5e8/0xb10 [ 453.224355][T24570] ? ocfs2_destroy_dquot+0x40/0x40 [ 453.229461][T24570] dqget+0x778/0xeb0 [ 453.233360][T24570] dquot_set_dqblk+0x27/0xf90 [ 453.238020][T24570] quota_setquota+0x4ac/0x530 [ 453.242770][T24570] ? quota_getnextquota+0x450/0x450 [ 453.247963][T24570] ? bpf_lsm_capable+0x5/0x10 [ 453.252639][T24570] ? do_quotactl+0x4f3/0x710 [ 453.257220][T24570] __se_sys_quotactl+0x295/0x6b0 [ 453.262262][T24570] ? __x64_sys_quotactl+0xa0/0xa0 [ 453.267272][T24570] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 453.273247][T24570] ? lock_chain_count+0x20/0x20 [ 453.278111][T24570] ? lockdep_hardirqs_on+0x94/0x140 [ 453.283315][T24570] do_syscall_64+0x4c/0xa0 [ 453.287723][T24570] ? clear_bhb_loop+0x60/0xb0 [ 453.292475][T24570] ? clear_bhb_loop+0x60/0xb0 [ 453.297137][T24570] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 453.303031][T24570] RIP: 0033:0x7f9214f8ebe9 [ 453.307465][T24570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 453.327252][T24570] RSP: 002b:00007f9215dad038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 453.335655][T24570] RAX: ffffffffffffffda RBX: 00007f92151c5fa0 RCX: 00007f9214f8ebe9 [ 453.343629][T24570] RDX: 000000000000ee00 RSI: 0000200000000240 RDI: ffffffff80000800 [ 453.351585][T24570] RBP: 00007f9215011e19 R08: 0000000000000000 R09: 0000000000000000 [ 453.359546][T24570] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000 [ 453.367506][T24570] R13: 00007f92151c6038 R14: 00007f92151c5fa0 R15: 00007ffcdc684ba8 [ 453.375479][T24570] [ 453.388945][T24663] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 453.457493][T24663] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001) [ 453.465923][T24663] FAT-fs (loop3): Filesystem has been set read-only [ 453.488036][ T4272] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001) [ 453.514169][ T4277] ocfs2: Unmounting device (7,4) on (node local)