last executing test programs: 3m3.774736058s ago: executing program 0 (id=8709): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x6, &(0x7f0000002000)={0x1, 0x0, 0x200, 0x2}) 3m3.586257597s ago: executing program 0 (id=8712): r0 = syz_open_dev$usbfs(&(0x7f0000000580), 0x76, 0x1701) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x44, &(0x7f0000000080)={0x2, 0x3, 0x17, 0xff81}, 0x8, 0x20, 0x4, 0x0, 0x4bf, 0x404, 0x0}) 3m3.213680397s ago: executing program 0 (id=8717): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000180)={0x3, 0xf00001, 0x3}) 3m3.010797968s ago: executing program 0 (id=8721): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x800c11, &(0x7f0000000080)={[{@barrier}, {@uid}, {@nodecompose}, {@type={'type', 0x3d, "25c3f159"}}, {@nls={'nls', 0x3d, 'iso8859-5'}}, {@nodecompose}]}, 0x1, 0x703, &(0x7f0000001240)="$eJzs3U1sHGcZAOB3Ztdrbyq52yppA0KK1YgIGkjsLCVBQiIghHyoIBKXXk3iNFbWbmS7yIkQcYHCEU4ohx6KkDn0hDggFXFAlDMSEvfcI3HgFnFg0czO2LNre20nXjuhzyPNzjfz/b3z7szsT2JtAJ9as2/F2HokMXv+zbVs++FGu/Nwo71YliNiPCLSiHpvFclSRPJJxNXoLfGZbGcxXLLbPG88+viDcw8+ave26sWSt0+H9StNxLAZ1oslpiKiVqwPqL7beNd3GO/+gYZONuPOEna2TBwct+426wMtxoZ13/O6BZ599yNqO13prYgTxctv9j4girtDesThHbrBuxwAAAA8h2p7NXjxcTyOtZg8mnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+TcREUnvNwOTYknL8lQkxe//fy+KfZlG43hD3sOX9qh//+YRBQIAAAAAAAAAB9DcX7OxreKZx/E41mKy3O4m+b/5v5ZvnMwfX4h3YyXmYzkuxFrMxWqsxnLMRIxNVsZsrM2tri7PbO/568h6drvd+0XPSxHR2tbz0tMcNwAAAAAAAAB86v0kZmPyuIMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICqJKLWW+XLybLcirQeERMR0cjarUf8uSw/z/5y3AEAAADA6DWL9WTy316hm+Sf+V/JP/dPxLuxFKuxEKvRifm4kX8X0PvUn/5jvd15uNFezJbtA3/zXweKIx8xImrx3i4zT+ctTm32mI3vxPfjfEzFtViOhfhhzMVqzMdUNLODiLlIotXsfXvRKuPsj7dWDHW1L5Rrg7GdGdg+nUfSjJuxkMd2Ia43ytHSvEUSpyuz/bERUc3QZMR7WXaSbxT2maMblefrV8X3MoXui/scYzRa+ZGPbWZkOst9kY2Xds596YDnyeBMM5Fufgd1cmuWbHNwpjLnPxjI+fiw+U4U6yzXP+/P+WE74Fdpg5m4FOlEWfdKf87vfP7By/2dv/jPv167lS7dvnVz5fwID2mkxsrCYCbakRbXYcSrw8++IhOdLBPr+8/E2OCOiac4jkPUKLLRu7Ht72757bw0F69VTsF34kbMx+WYjpm4EtPxtbgU7ewM28zrqb681tuL/TnJr7V0+/2tOST4s1+oNPrFHo2PVpaXlyp5rd7pWnldsefqL2O6kqWXh599T/IqUP9sUcjm+OnmK86zoC8Txb25jK58gdolE7/pZo8rnaXby7fm7lQqtl1pFeeKdXbZvt9/b/7toRzQE8vOl+yOW8+38pw0y/OlUbzfSLbqNvPVKP7Fpdcv3VZ3arOuFZOxEN/d9UptFO/hto/Uq3t1x7p2Xne6Utf3LifeiU7+LmTA1JEkFYD9O/H6iUbzUfPvzQ+bP2vear458a3xK+Ofa8TY3+p/qv0+/V369eT1+DB+nH0mBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAntbK3Xu35zqd+eURFhoHmCtrV+6JdM8pNl7YXxjRihjaJpKi0Bh1Np6Bwr8nhmajGSOa/Q+VJ3eHNo2nniIZ/fmcnaCHMmD5E1f5nm5tt8blb8xVquplr51HrsfKxG7P4PjWONG6Pdf5T7evTTPKxsN+gAv4/3BxdfHOxZW79768sDj39vzb80uXrly+crn91ZmvXLy50Jmf7j0ed5TAKKzcvVc77hgAAAAAAAAAAACAgyn+9/9q5S8E4kB//lHfo01jeWXnmc8c9aECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz6nZt2JsPZKYmb4wnW0/3Gh3sqUsb7WsR0QaEcmPIpJPIq5Gb4lWZbhkt3neePTxB+cefNTeGqtetk+H9duf9WKJqYioFeu9je8wzPbxrlfGW3+i8JLNI8wSdrZMHBy3/wUAAP//8oXtNQ==") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 3m2.625278008s ago: executing program 0 (id=8727): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x38, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x45844}, 0x4000080) 3m2.125026425s ago: executing program 0 (id=8735): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) fanotify_mark(0xffffffffffffffff, 0x1, 0xb, 0xffffffffffffffff, 0x0) 3m1.588771873s ago: executing program 32 (id=8735): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) fanotify_mark(0xffffffffffffffff, 0x1, 0xb, 0xffffffffffffffff, 0x0) 2.870846969s ago: executing program 5 (id=11412): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="f00100001000ffff28bd7000f8dbdf2500000000", @ANYRES32=0x0, @ANYBLOB="8144080009060000300012800b000100697036746e6c0000200002801400020000000000000000000000ffffe00000020500090004000000080004"], 0x1f0}}, 0x40014) 2.768967225s ago: executing program 4 (id=11413): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@ipv4_newroute={0x28, 0x18, 0x53a84ceaaa9cf00b, 0x70bd29, 0x25dfdbfc, {0x2, 0x20, 0x10, 0x0, 0x0, 0x3, 0xfe, 0x2, 0x1000}, [@RTA_MULTIPATH={0xc, 0x9, {0x80, 0x24, 0x7b}}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4044004) 2.571586144s ago: executing program 5 (id=11417): r0 = syz_open_procfs(0x0, &(0x7f0000000840)='net/icmp6\x00') lseek(r0, 0x5, 0x1) 2.571082795s ago: executing program 4 (id=11418): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x13c, 0x10, 0x713, 0x70bd26, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@dev={0xac, 0x14, 0x14, 0x13}, 0x4e22, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x32}, @in6=@local, {0x0, 0x0, 0x8, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x2, 0xfffffffffffffff8}, {0xc, 0x0, 0x2}, 0x70bd29, 0x0, 0x2, 0x1, 0x0, 0x28}, [@algo_aead={0x4c, 0x12, {{'rfc4543(gcm(aes))\x00'}, 0x0, 0x80}}]}, 0x13c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 2.315044478s ago: executing program 5 (id=11421): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000240)={'wlan1\x00', &(0x7f00000002c0)=@ethtool_stats}) 2.159048706s ago: executing program 5 (id=11425): r0 = syz_open_dev$usbmon(&(0x7f00000005c0), 0xffff, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xa, 0x12, r0, 0x3270d000) 2.033158313s ago: executing program 3 (id=11427): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/timers\x00', 0x41, 0x0) write$nbd(r0, 0x0, 0x0) 1.948727028s ago: executing program 5 (id=11429): write(0xffffffffffffffff, &(0x7f0000000040)="2700000014000707", 0x8) syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000402505a3a440000000010109023b000101010000090400001202eb0000052406000005240000000d240f010000000000001e00000905820200020000000905"], 0x0) 1.892690181s ago: executing program 3 (id=11431): syz_mount_image$udf(&(0x7f0000000000), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3000010, &(0x7f0000002380)=ANY=[@ANYBLOB='adinicb,uid=forget,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c766f6c756d653d30303030303030303030303030303030303030322c696f636861727365743d6d6163637972696c6c69632c6769643d666f726765742c6769643d69676e6f72652c7569643d666f726765742c6d6f64653d30303030303030303030303030303030303030303030312c00012ae8883ed452662bd1c68befc40552efd06140e15118a6d2d5bd572b95359ba66a7cdc47cc1b8e970e2195909623b131be2140bfc8bd6fe8c150e2578d71947ccf90e681fcbca785fed4142accbaf6542f32b5c74640aef0bff72a"], 0x1, 0xc59, &(0x7f0000001640)="$eJzs3U9sHNd9B/DfGy3FldJWTJwqThoHm7ZIZcVy9S+iYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFEjQw2iLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYs/hElfz429d2ZeW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr58+kzaYsOhR9AYAGBfXB396umzWz3/AYAn1rXt/v8fAAAAAAAAAAAAAAA4KFIU8VSkmL26msar5Y76lXbfnbtjQ8NbVzuSqpqHqvLlT/3M2XPnv3Rh8GI3r7Sn36f+bvtMvDp67XLjpZnbs3OT8/OTE42x6faNmYnJB97DTutvdrI6AY3br92ZuHlzvnH2+XMbNt8deK//Y8cHLg0+e+qZbtmxoeHh0fUi9d7ytYduSMd2IzwORxGnIsVz3/9pakVEETs/F/X9vfabHak6cbLqxNjQcNWRqXZreqHcONI9EUVEo6dSs3uOtr4WUevb1z5srxmxWDa/bPDJsnujs6251vWpycZIa26hvdCemR5JndaW/WlEERdTxFJErPTfv7u+KKIWKb5zbDVdz2/9qM7DF6uBwdu3o9jDPj6Asp2Nvoil4jG4ZgdYfxTxSqT42dsn4ka+z1T3mi9EvFLmDyLeLPPFiFR+Mc5HvLvF94jHUy2K+PPy+l9aTRPV/aB7X7nytcZXpm/O9JTt3lc+5PPhvjvFI3o+HNmU++OA35vqUUSruuOvpof/zQ4AAAAAAAAAAAAAAAAAu+1IFPHpSPHyv/1RNa44qnHpxy4N/v7AL/eOGX/6A/ZTln0+IhaLBxuTezgPDBxJIyk94rHEH2X1KOKP8/i/bz3qxgAAAAAAAAAAAAAAAAAAAHykFfGTSPHCOyfSUvTOKd6evtW41ro+1ZkVtjv3b3fO9LW1tbVGqjIG8vJ4Z3ltMedSzuWcKynPL9ytX3SymXM852LOpZzLOVdyxqFcP2cz53jOxZxLOZdzruSMWq6fs5lzPOdizqWcyzlXcsYBmbsXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUkQRv4gU3/7GaooUEc2I8ejkcv+jbh0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUOpPRfxDpGj8QfPeulpEpOrfjhPlL+ejebjMT0RzsMwXo3k5Z6vKWvNbj6D97ExfKuLHkaK//ta9C56vf19n6d7XIN785vrSZ2qdPNTdOPBe/8eOH7s0OPy5p7f7nLZqwMkr7ek7dxtjQ8PDoz2ra/non+hZN5CPW+xO14mI+dffeK01NTU59/Afyq/AQ1bvXskdHH0/P6TaLja1/+D3PWoHohmP7kPUDkQzHk3fN6jv942JfVE+/9+NFL/9zr93H/id5389fqmzdO8JHz//k/Xn/wubd/SAz//a5nr5+V8+CbZ6/j/Vs+6F/LuRvlpEfeH2bN/xiPr862+cat9u3Zq8NTl9/vTpLw8Ofvnc6b7DEfWb7anJnk+7croAAAAAAAAAAAAAAAAA9k8q4ncjRevHq6kREXer8VoDlwafPfXMoThUjbfaMG771dFrlxsvzdyenZucn5+caIxNt2/MTEw+6OHq1XCvsaHhPenMBzqyx+0/Un9pZvb1ufatP1zYcvvR+uXr8wtzrRtbb44jUUQ0e9ecrBo8NjRcNXqq3Zquqo5sOZj+w+tLRfxHpLhxvpE+n9fl8f+bR/hvGP+/uHlHuzj+/3NH18f/fbwTRfeYKRXx80jxW3/xdHy+aufRuO+c5XJ/EylOXvxsLheHy3LdNnTeK9AZGViW/Z9I8fe/2Fi2Ox7yqfWyZz70CT7gyut/LNIr3/uz78av53Ub3/+w9fU/unlHe/T+h0/2rDu64X0FO+46+fqfihQvPvVW/Ea15v/e9/0f3Tc2nOgUXn8/xx5d/1/tWTeQj/ubu9V5AAAAAAAAAACAx1hfKuJvI8UPh2vpQl73IH//b2Lzjvbo7399qmfdxO7MV/TB094AAAAAwBOiLxXxk0hxa+Gte2OoN47/7hn/+Tvr4z+H0qat1Z/z/Ur13oDd/PO/XgP5uOM77zYAAAAAAAAAAAAAAAAAAAAcKCkVcSHPpz5ejeef2HY+9eVI8fJ/PZfLpeNlue488APVr/Wra9OnLk9NzdRjoXV9arIxOtu6MVnW/WSkWP3rz+a6RTW/ene++c4c7+tzsc9FiuHvdct25mLvzk3emQ+8vrYWcaYs+/FI8Z9/t7Fsnpo6zx1d7fdsWfavIsXX/2nrssfXy54ry343Uvzo641u2aNl2Qv5ZaifWi/7/I2ZYm8uDAAAAAAAAAAAAAAAAAAAAB8pfamIP40U/3176d5Y/jz/f1/PYuXNb/bM97/J3Wqe/4Fq/v/tPj/M/P/VewUWtzsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8mVIU8UakmL26mpb7y+WO+pX29J27Y0PDW1c7kqqah6ry5U/9zNlz5790YfBiN9+//m77dLw6eu1y46WZ27Nzk/PzkxONsen2jZmJyQfew07rb3ayOgGN26/dmbh5c75x9vlzGzbfHXiv/2PHBy4NPnvqmW7ZsaHh4dGeMrW+hz76fdI26w9HEX8ZKZ77/k/TD/sjitj5ufiA785eO1J14mTVibGh4aojU+3W9EK5caR7IoqIRk+lZvcc7cO12JFmxGLZ/LLBJ8vujc625lrXpyYbI625hfZCe2Z6JHVaW/anEUVcTBFLEbHSf//u+qKI1yLFd46tpn/ujzjUPQ9fvDr61dNnt29HsYd9fABlOxt9EUvFY3DNDrD+KOIfI8XP3j4R/9IfUYvOT3wh4pUyfxDxZnSudyq/GOcj3t3ie8TjqRZF/G95/S+tprf7y/tB975y5WuNr0zfnOkp272vPPbPh/10wO9N9SjiR9UdfzX9q/+uAQAAAAAAAAAAAAAAAA6QIn4tUrzwzolUjQ++N6a4PX2rca11faozrK879q87ZnptbW2tkTrZzDmeczHnUs7lnCs5o8j1czbLrK+tjeflxZxLOZdzruSMQ7l+zmbO8ZyLOZdyLudcyRm1XD9nM+d4zsWcSzmXc67kjAMydg8AAAAAAAAAAAAAAAAAAHiyFNU/Kb79jdW01t+ZX3o8OrlsPtAn3v8HAAD//9/q7Wc=") symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.773078037s ago: executing program 2 (id=11433): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x13, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000fefbffff0000000003000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 1.593904227s ago: executing program 4 (id=11435): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xc, &(0x7f0000000080), &(0x7f0000000000)=0x4) 1.563734318s ago: executing program 3 (id=11436): r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000240)={0x56c, 0x3432564e, 0x1, @discrete={0x43}}) 1.477161132s ago: executing program 1 (id=11437): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000080)={0x0, 0x1, 0x6, @random}, 0x10) 1.400909576s ago: executing program 4 (id=11438): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@mpls_delroute={0x1b, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x7}}, 0x1c}}, 0x4) 1.374939548s ago: executing program 3 (id=11439): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448d2, &(0x7f0000000000)="0004") 1.34110773s ago: executing program 2 (id=11440): unshare(0x28000600) fcntl$setpipe(0xffffffffffffffff, 0x407, 0xffffffffffdffffd) 1.316506731s ago: executing program 1 (id=11441): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x50, 0x7fff0000}]}) eventfd(0xfffffff9) 1.241384825s ago: executing program 4 (id=11442): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000840)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@jmp={0x5, 0x1, 0x1, 0xa, 0xa, 0xfffffffffffffff5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x7, 0x100e, &(0x7f0000001a00)=""/4110, 0x41100, 0xc}, 0x94) 1.15694574s ago: executing program 3 (id=11443): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x5, &(0x7f0000000240)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xf34}, [@call={0x85, 0x0, 0x0, 0x9b}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff0882762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.105166882s ago: executing program 1 (id=11444): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file2\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYRES16=0x0, @ANYRES8, @ANYRES64, @ANYBLOB="b71fe84fda50cf6fbefac5a5891d03a05027c0e6658ea94f09636160112a47b688552b72051bf0111daffbe0adef82589ee2fac726c31d20f98aa1f9761873cd604dab0d22b4b321f4c20044c5a8e018b51e52342814e4c33a7f4807781862b524b303c604203d95ef2faa04cfd7ddc4f2edca0adeae0088a8e16969e9000a6a9d85bf9d4ee333cf03763ad6506f66797f154f0923a63f106d908d1cf2a884e57ab63950b9883c40449a94847df80ca39e9394f8de077bfd7f0c81e773158bd33c339a0f92997d172adcde0c53c97cce8a0f42c862a0c88c9a25ccf6799b85dadc245f608d6cb5ded47e4a20ad821132952cc1884e1473794144bbd01594b306a04fc39f13202b4447f8bbccc51a6c4b555b46a2df7f0fe979ef6c31ef8c81a81c26e71f96ea1d8ed245277259bdf970db1f41c75d8384b6b23cf44e9b04527874daf6c34e4deda0da670addd7c8f5eab4410908517c88940d", @ANYRES16], 0xfe, 0x1518, &(0x7f00000022c0)="$eJzs3AuYjtX6MPB1r7UehqS3SQ7Dutf98KbBMkmSQ0IOSZIkSU4JSZMkCYkhp6QhCTlOmhyGkBymMWmcz4eckyZbmiQJySlZ38Vub7uv/W/v/7f39/e/9ty/61rXrPt93nu99zP3XPOu55lr3u96jqrXon7tZkQk/iXw5y9JQogYIcQwIcR1QohACFEptlLspeP5FCT9ay/C/r0eTrvaFbCrifufu3H/czfuf+7G/c/duP+5G/c/d+P+527cf8Zys22zi13PI/cOvv+fm/H7/3+QnPKTv9pQ/sZe/40U7n/uxv3P3bj/uRv3P3fj/udu3P//fLX+4Bj3P3fj/jOWm/31XvAF7/3/gvvRPP5nx9X++WOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxljuc9VdoIcRf5le7LsYYY4wxxhhjjP37+LxXuwLGGGOMMcYYY4z9/wdCCiW0CEQekVfEiHwiv7hGFBDXioLiOhER14tYcYMoJG4UhUURUVQUE3GiuCghjEBhBYlQlBSlRFTcJEqLm0W8KCPKinLCifIiQdwiKohbRUVxm6gkbheVxR2iiqgqqonq4k5RQ9wlaopaora4W9QRdUU9UV/cIxqIe0VDcZ9oJO4XjcUDool4UDQVD4lm4mHRXDwiWohHRUvxmGglWos2oq1o9/+U/5LoK14W/UR/kSQGiIHiFTFIDBZDxFAxTLwqhovXxAjxukgWI8Uo8YYYLd4UY8RbYqwYJ8aLt8UEMVFMEpPFFDFVpIh3xDTxrkgV74npYoaYKWaJNDFbzBHvi7linpgvPhALxIdioVgkFoslIl18JDLEUpEpPhbLxCciSywXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU18KraLHWKn2CV2iz1ir/hM7BOfi/3iC5Etvvxv5p/5v/J7gQABEiRo0JAH8kAMxEB+yA8FoAAUhIIQgQjEQiwUgkJQGApDUSgKcRAHJaAEICAQEJSEkhCFKJSG0hAP8VAWyoIDBwmQABXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCiZAIXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB2SYSSMgjfgDXgTxsBpGAvjYDyMhxpyIkyCyUByKqRACkyDaZAKqTAdZsAMmAVpMBvmwByYC/NgHnwAC+BD+BAWwSJYAumQDhmwFDIhE5bBGciC5bACVsIqWA2rYC2sg7WwATbCBtgMm2ErbIVP4VPYATtgF+yCPbAHPoPP4HP4HJIhG7LhAByAg3AQDsEhyIEcOAyH4QgcgaNwFI7BMTgOJ+AknIBTcApOwxk4C2fhPJyHC/BC3DfN95RZnyzkJVpqmUfmkTEyRuaX+WUBWUAWlAVlREZkrIyVhWQhWVgWlkVlURkn42QJWUKiREkylCVlSRmVUVlalpbxMl6WlWWlk04myARZQVaQFWVFWUneLivLO2QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUT+aBsKgfAEHhYXupMCzkSWspR0Eq2lm1kW/kmPC7byzHQQXaUneSTchyMhS6yvUuUz8iuchJ0k8/JyfC87CGnQk/5ouwle8s+8iXZV3Zw/WR/OR0GyIFyFgySg+UQOVTOhbryUsfqyddlshwpR8k35BJ4U46Rb8mxcpwcL9+WE+REOUlOllPkVJki35HT5LsyVb4np8sZcqacJdPkbDlHvi/nynlyvvxALpAfyoVykVwsl8h0+ZHMkEtlpvxYLpOfyCy5XK6QK+UquVqukWvlOrlebpAb5Sa5WW6RW+U2+ancLnfInXKX3C33yL3yM7lPfi73yy9ktvxSHpB/kgflV/KQ/FrmyG/kYfmtPCK/k0fl9/KY/EEelyfkSfmjPCV/kqflGXlWnpPn5c/ygvxFXpReCgVKKqW0ClQelVfFqHwqv7pGFVDXqoLqOhVR16tYdYMqpG5UhVURVVQVU3GquCqhjEJlFalQlVSlVFTdpEqrm1W8KqPKqnLKqfIqQd2iKqhbVUV1m6qkbleV1R2qiqqqqqnq6k5VQ92laqpaqra6W9VRdVU9VV/doxqoe1VDdZ9qpO5XjdUDqol6UDVVD6lm6mHVXD2iWqhHVUv1mGqlWqs2qq1qpx5X7dUTqoPqqDqpJ1Vn9ZTqop5WieoZ1VU9q7qp51R39bzqoV5QPdWLqpfqrfqoX9RF5VU/1V8lqQFqoHpFDVKD1RA1VA1Tr6rh6jU1Qr2uktVINUq9oUarN9UY9ZYaq8ap8eptNUFNVJPUZDVFTVUp6h01Tb2rUtV7arqaoWaqWSpNzVZDfl1p/j+R/+7fyR9x+dW3qm3qU7Vd7VA71S61W+1Re9VetU/tU/vVfpWtstUBdUAdVAfVIXVI5agcdVgdVkfUEXVUHVXH1DF1XJ1Q59SP6pT6SZ1WZ9QZdU6dV+fVhV+/B0KDllpprQOdR+fVMTqfzq+v0QX0tbqgvk5H9PU6Vt+gC+kbdWFdRBfVxXScLq5LaKNRW0061CV1KR3VN+nS+mYdr8vosrqcdrq8TtC3/Mv5/6i+drqdbq/b6w66g+6kO+nOurPuorvoRJ2ou+quupvuprvr7rqH7qF76p66l+6l++g+uq/uq/vpfjpJJ+mB+hU9SA/WQ/RQPUy/qofr4XqEHqGTdbIepUfp0Xq0HqPH6LF6rB6vx+sJeoKepCfpKXqKTtEpepqeplN1qp6up+uZeqZO02l6jp6j5+q5er6erxfoBXqhXqgX68U6XafrDJ2hM3WmXqaX6Sy9XC/XK/VKvVqv1mv1Wr1er9cb9Ua9WW/WWXqb3qa36+16p96pd+vdeq/eq/fpfXq/3q+zdbY+oA/og/qgPqQP6Rydow/rw/qIPqKP6qP6mD6mj+vj+qQ+qU/pU/q0Pq3P6rP6vD6vL+gL+qK+eGnbF8hABjrQQZ4gTxATxAT5g/xBgaBAUDAoGESCSBAbxAaFghuDwkGRoGhQLIgLigclAhNgYAMKwqBkUCqIBjcFpYObg/igTFA2KBe4oHyQENwSVAhuDSoGtwWVgtuDysEdQZWgalAtqB7cGdQI7gpqBrWC2sHdQZ2g7l/+DhXcGzQM7gsaBfcHjYMHgibBg0HT4KGgWfBw0Dx4JGgRPBq0DB4LWgWtgzZB26DdP7t+UC+oH9wTNPjD9b0/XeQJ18/0N0lmgBloXjGDzGAzxAw1w8yrZrh5zYwwr5tkM9KMMm+Y0eZNM8a8ZcaacWa8edtMMBPNJDPZTDFTTYp5x0wz75pU856ZbmaYmWaWSTOzzRzzvplr5pn55gOzwHxoFppFZrFZYtLNRybDLDWZ5mOzzHxissxys8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMp2a72WF2ml1mt9lj9prPzD7zudlvvjDZ5ktzwPzJHDRfmUPma5NjvjGHzbfmiPnOHDXfm2PmB3PcnDAnzY/mlPnJnDZnzFlzzpw3P5sL5hdz0fhLm/tLb++oUWMezIMxGIP5MT8WwAJYEAtiBCMYi7FYCAthYSyMRbEoxmEclsASeAkhYUksiVGMYmksjfEYj2WxLDp0mIAJWAErYEWsiJWwElbGylgFq2A1rIZ34p14F96FtbAW3o13Y12si/WxPjbABtgQG2IjbISNsTE2wSbYFJtiM2yGzbE5tsAW2BJbYitshW2wDbbDdtge22MH7ICdsBN2xs7YBbtgIiZiV+yK3bAbdsfu2AN7YE/sib2wF/bBPtgX+2K/c/0wCZNwIA7EQTgIh+AQHIbDcDgOxxE4ApMxGUfhKByNo3EMjsGxOA7H49s4ASfiJJyMU3AqpmAKTsNpmIqpOB2n40yciWmYhnNwDs7FuTgf5+MCXIALcSEuxsWYjumYgRmYiZm4DJdhFmbhClyBq3AVrsE1uA7X4QbcgJtwE27BLbgNt+F23I47cSfuxt24F/fiPtyH+3E/ZmM2HsADeBAP4iE8hDmYg4fxMB7BI3gUj+IxPIbH8TiexJN4Ck/haTyNZ/Esnsef8QL+ghfRY4yVIr+9xhaw19qC9jobY/PZv42L2mI2zha3JayxhW2R38RorY23ZWxZW846W94m2Ft+F1exVW01W93eaWvYu2zN38UN7L22ob3PNrL32/r2nt/Eje0Dtol91Da1j9lmtrVtbtvaFvZR29I+ZlvZ1raNbWs726dsF/u0TbTP2K722d/FGXapXWfX2w12o91nP7dn7Tl7xH5nz9ufbT/b3w6zr9rh9jU7wr5ukxuN/G1sR9rx9m07wU60k+xkO8VO/V08086yaXa2nWPft3PtvN/F6fYju8Bm2oV2kV1sl1yOL9WUaT+2y+wnNssutyvsSrvKrrZr7Nq/1rrSbrZb7Fa7135mt9sddqfdZXfbPZfjS+ex335hs+2X9rD91h60X9lD9qjNsd9cji+d31H7vT1mf7DH7Ql70v5oT9mf7Gl75vL5Xzr3H+0v9qL1VhCQJEWaAspDeSmG8lF+uoYK0LVUkK6jCF1PsXQDFaIbqTAVoaJUjOKoOJUgQ0iWiEIqSaUoSjdRabqZ4qkMlaVy5Kg8JdAtVIFupYp0G1Wi26ky3UFVqCpVo+p0J9Wgu6gm1aLadDfVobpUj+rTPdSA7qWGdB81ovupMT1ATehBakoPUTN6mJrTI9SCHqWW9Bi1otbUhtpSO3qc2tMT1IE6Uid6kjrTU9SFnqZEeoa60rPUjZ6j7vQ89aAXqCe9SL2oN/Whl6gvvUz9qD8l0QAaSK/QIBpMQ2goDaNXaTi9RiPodUqmkTSK3qDR9CaNobdoLI2j8fQ2TaCJNIkm0xSaSin0Dk2jdymV3qPpNINm0ixKo9k0h96nuTSP5tMHtIA+pIW0iBbTEkqnjyiDllImfUzL6BPKouW0glbSKlpNa2gtraP1tIE20ibaTFtoK22jT2k77aCdtIt20x7aS5/RPvqc9tMXlE1f0gH6Ex2kr+gQfU059A0dpm/pCH1HR+l7OkY/0HE6QSfpRzpFP9FpOkNn6Rydp5/pAv1CF8mTCCGUoQp1GIR5wrxhTJgvzB9eExYIrw0LhteFkfD6MDa8ISwU3hgWDouERcNiYVxYPCwRmhBDG1IYhiXDUmE0vCksHd4cxodlwrJhudCF5cOE8JawQnhrWDG8LawU3h5WDu8Iq4RVw0fvrx7eGdYI7wprhrXC2uHdYZ2wblgvrB/eEzYI7w0bhveFjcL7w4rhA2GT8MGwafhQ2Cx8OGwePhK2CB8NW4aPha3C1mGbsG3YLnw8bB8+EXYIO4adwifDzuFTYZfw6TAxfCbsGj77D48nhQPCgeEr4Suh9/epxdEl0fToR9GM6NJoZvTj6LLoJ9Gs6PLoiujK6Kro6uia6Nrouuj66Iboxuim6ObolujWqPf18woHTjrltAtcHpfXxbh8Lr+7xhVw17qC7joXcde7WHeDK+RudIVdEVfUFXNxrrgr4YxDZx250JV0pVzU3eRKu5tdvCvjyrpyzrnyLsG1de1cO9fePeE6uI6uk3vSPemeck+5p93T7hnX1T3rurnnXHf3vOvhXnAvuBddL9fb9XEvub7uZdfP9XdJLskNdAPdIDfIDXFD8vy6B3Mj3AiX7JLdKDfKjXaj3Rg3xo11Y914N95NcBPcJDfJTXFTXIpLcdPcNJfqUt10N93NdDNdmktzc9wcN9fNdfPdfLcgfoFb6Ba6xW6xS3fpLsNluEyX6Za5ZS7LZbkVboVb5Va5NW6NW+fWuQ1ug9vkNrktbovb5ra57W672+l2ut1ut9vr9rp9bp/b7/a7bJftDrgD7qA76A65r12O+8Yddt+6I+47d9R97465H9xxd8KddD+6U+4nd9qdcWfdOXfe/ewuuF/cReddSuSdyLTIu5HUyHuR6ZEZkZmRWZG0yOzInMj7kbmReZH5kQ8iCyIfRhZGFkUWR5ZE0iMfRTIiSyOZkY8jyyKfRLIiyyMrIisjqyKrI94X3x76kr6Uj/qbfGl/s4/3ZXxZX847X94n+Ft8BX+rr+hv85X87b6yv8NX8VV9Nf+Yb+Vb+za+rW/nH/ft/RO+g+/oO/knfWf/lO/in/aJ/hnf1T/ru/nnfHf/vO/hX/A9/Yu+l+/t+/iXfF//su/n+/skP8AP9K/4QX6wH+KH+mH+VT/cv+ZH+Nd9sh/pR/k3/Gj/ph/j3/Jj/Tg/3r/tJ/iJfpKf7Kf4qT7Fv+On+Xd9qn/PT/cz/Ew/y6f52X6Of9/P9fP8fP+BX+A/9Av9Ir/YL/Hp/iOf4Zf6TP+xX+Y/8Vl+uV/hV/pVfrVf49f6dX693+A3+k1+s9/it/pt/lO/3e/wO/0uv9vv8Xv9Z36f/9zv91/4bP+lP+D/5A/6r/wh/7XP8d/4w/5bf8R/54/67/0x/4M/7k/4k/5Hf8r/5E/7M/6sP+fP+5/9Bf+Lv8j/s8YYY4wx9k9JPfTHxwf8ncfkr+OSgUKIa3cUy/nb41oIsanwn+eDZVzniBDimf49H/7LqFMnKSnp1+dmKRGUWiSEiFzJv3wZ8mu8XHQST4lE0VFU+Lv1DZa9z9MfrA/HvY/eLkT+v8mJEVfiK+vf+l+s//iT4zMqh2djf7v+hV/3m5fqjy4SIr7UlZx84kp8Zf2K/8X6Rdr/Uf1ZSuT7KkWIDn+TU0Bcia+snyCeEM+KxN88kzHGGGOMMcYY+7PBslr3f3D9efn6PE5fDi8/nFf8Nf6H1+eMMcYYY4wxxhi7+p7v3efpxxMTO3bnCU94wpO/Tq72bybGGGOMMcbYv9uVTf/VroQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/ic+TuxqnyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2fAAAA///9QkNA") truncate(&(0x7f0000000280)='./file0/file0\x00', 0x2) 1.105026922s ago: executing program 2 (id=11445): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x40801, 0x0) ioctl$FS_IOC_GETFLAGS(r0, 0x5409, 0x0) 1.045083195s ago: executing program 4 (id=11446): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000000c0)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c6865617274626561743d6e6f6e652c67727071756f74612c696e6f646536342c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c6c6f63616c666c6f636b732c00a5ac95942a38e6bfeea96108fa50b58440ef6041bea5aa31e2dd2532458d802e41aa4599ba680aa7bd6d04004258b7a8902f078e686e0ad0017a9f40cab7e8ed9483c468cbe8b5111b52c62ae7bd99dde7768746459302ef1adff359935a901d9a93c2ee3190699fae61911c9956efa1b72ad683a0acc6d36539173f0f11dd2011263c662522d12cca07a4a3d593ee6ca5954cd0b5674f92faa9f828438f930b721d144e46001a56724219f14c2c58ef31aee3852b15bddc24bade32ed8f3cba254e2dbc6baf27"], 0x0, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") lsetxattr$security_ima(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f0000000500)=ANY=[], 0xe01, 0x1) 979.183829ms ago: executing program 3 (id=11447): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000110b0008850000000500000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0x14, 0x0, &(0x7f0000000080)="dc188619b95d02ff4284860188a86a4e0800b976", 0x0, 0x8001ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 745.073361ms ago: executing program 1 (id=11448): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x64, 0x10, 0x421, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x61}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x24, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x4}, @IFLA_GRE_OKEY={0x8, 0x5, 0xda4b}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e21}, @IFLA_GRE_ENCAP_DPORT={0x6}]}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x64}}, 0x0) 674.466435ms ago: executing program 2 (id=11449): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001f40)=ANY=[@ANYBLOB="080100001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000001400350062726964676530000000000000000000cc001680c80001800c0005001000000007000000a4000c80140001000f000000020f00000900000088a8000014000100000000003f07000000fcffffe6ff00001400010081000000160c00000000000088a8000014004100090000007f0300000500000088a800001400010006000000060a00001000080088a800001400010002000000f30d00000300000081000000140001008ee8ff4dd00900009b00000088a80000140001000400000096060000070000008100000014000a003a0000000000000034d50000000000000500110008"], 0x108}, 0x1, 0x0, 0x0, 0x4600}, 0x24044800) 596.929199ms ago: executing program 1 (id=11450): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x28, 0x10, 0x1, 0x0, 0x0, "", [@nested={0xffffffffffffff85, 0x0, 0x0, 0x0, [@typed={0x3e, 0x0, 0x0, 0x0, @u64}, @typed={0x8, 0x1c, 0x0, 0x0, @u32=0xc9}]}]}, 0x28}], 0x1, 0x0, 0x0, 0xb305e06d8ab48277}, 0x0) 387.65278ms ago: executing program 2 (id=11451): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file2\x00', 0x101c08a, &(0x7f0000000180)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d4e9f3570a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b", @ANYRES32], 0x1, 0x2d7, &(0x7f00000009c0)="$eJzs3U+LG2UcB/DfZLOTVMHswZMIDdiDp+L2Jl6ySAviniw5qIgutgXZBKGFgH9w3FOvXjx48BUIgi+kF9+B4FXw1gqFR2Yy00zWmGbBVLr7+Zx++8zvO/M8s0M2e8iTT16dHt8axp2Tr3+Lfj+LzihG8SiLvehE49tYMvouAIDn2aOU4s80d5ZcFhH97U0LANiizf7+dxflL89kWgDAFt18/4N3Dw4Pr7/Xj37ceOn+bFz+Zz+9PxvPjx/cic9iErfjjRjE44jqjcJuVO8WyvJGSqnoDkt7cWVazMZlcvrxg/r8B39EVPn9GMRexEf1KZ7k3zm8vj+ca+WLch4v1NcflflrMYiXn4SX8tdW5GOcx+uvteZ/NQbx66fxeUziVpTZOGny3+wPh2+n7x9+9WE54zKfFbNxr+pbSDvP/JcDAAAAAAAAAAAAAAAAAAAAAMC5dbXeO6cXw8txZVoOjaM3LWbjnceRlz8OG3vL+/PM81lzovb+QCmlIsWPrS0Fh6luXOS78Uq3vbEgAAAAAAAAAAAAAAAAAAAAXFz3vvjy+GgyuX13bXGp7n5ac7MbQDci/roZsdzzcKNrlcWoNXI51jf3IjrlNY8mk059+aWeB3l7JHaanuwpyykXscFU/4vi0uk5N8VPP5cLPMsJ+62RN1cvcLdaV0pbXFfzdB0fZavvYS+akX79kPyQRyx68tjwWvm/HUpx+vFbV+QrDw3OvPb8xaoo1vREtm5ib/0+v3P1SHZ6FXl1V1fGd+uiFT/1bGz0PEd/Hv/na0VW7dbR29prEQAAAAAAAAAAAAAAAAAAXHSLT/+uOHiyNtpJPgoMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDmx+P7/MxRFHd6gOY+79/7nJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAB/B0AAP//yZlXcw==") openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x0, 0x119) 103.749966ms ago: executing program 5 (id=11452): r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000280)="240000001a005f0014f9e407000904000a00000074000000000e000008001b0001000000", 0x24) 103.306586ms ago: executing program 2 (id=11453): mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9) 0s ago: executing program 1 (id=11454): r0 = socket$kcm(0x2, 0x1, 0x84) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x8919, &(0x7f0000000080)) kernel console output (not intermixed with test programs): initialize the device [ 931.160486][T15737] usb 5-1: ath9k_htc: USB layer deinitialized [ 931.232909][ T4277] XFS (loop2): Unmounting Filesystem [ 931.280462][ T4269] XFS (loop1): Unmounting Filesystem [ 932.000535][ T7399] usb 5-1: new high-speed USB device number 63 using dummy_hcd [ 932.094231][T30786] loop1: detected capacity change from 0 to 1024 [ 932.224987][ T7399] usb 5-1: Using ep0 maxpacket: 32 [ 932.248456][ T7399] usb 5-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b [ 932.260541][ T11] hfsplus: b-tree write err: -5, ino 25 [ 932.285111][ T7399] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 932.296026][ T11] hfsplus: b-tree write err: -5, ino 4 [ 932.317551][ T7399] usb 5-1: Product: syz [ 932.322672][ T11] hfsplus: b-tree write err: -5, ino 2 [ 932.328658][ T7399] usb 5-1: Manufacturer: syz [ 932.334964][ T7399] usb 5-1: SerialNumber: syz [ 932.571114][ T7399] visor 5-1:1.0: Handspring Visor / Palm OS converter detected [ 932.584458][ T7399] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 932.621892][ T7399] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 932.679000][T30825] netlink: 'syz.5.9438': attribute type 2 has an invalid length. [ 932.706113][T30825] netlink: 'syz.5.9438': attribute type 1 has an invalid length. [ 932.802427][ T7399] usb 5-1: USB disconnect, device number 63 [ 932.828783][ T7399] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 932.916132][ T7399] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 932.938498][ T7399] visor 5-1:1.0: device disconnected [ 933.409377][T30887] loop2: detected capacity change from 0 to 256 [ 933.686169][T30906] cgroup: none used incorrectly [ 933.766058][T30912] xt_bpf: check failed: parse error [ 934.442800][T30956] ubi5: attaching mtd0 [ 934.474611][T30956] ubi5: scanning is finished [ 934.479261][T30956] ubi5: empty MTD device detected [ 934.523647][T30956] ubi5 error: ubi_read_volume_table: LEB size too small for a volume record [ 934.739677][T30956] ubi5 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 935.231835][T30993] loop3: detected capacity change from 0 to 4096 [ 935.366385][T31007] loop2: detected capacity change from 0 to 512 [ 935.492907][T31007] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 935.590781][T31007] EXT4-fs (loop2): orphan cleanup on readonly fs [ 935.637255][T31007] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 935.645341][T31007] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 935.781550][T31007] EXT4-fs (loop2): 1 truncate cleaned up [ 935.792416][T31007] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 935.820495][T31007] EXT4-fs (loop2): unmounting filesystem. [ 936.091781][T31050] tmpfs: Bad value for 'mpol' [ 936.124847][T31053] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9497'. [ 936.333203][T31063] netlink: 'syz.1.9503': attribute type 21 has an invalid length. [ 936.644912][ T1191] usb 3-1: new high-speed USB device number 51 using dummy_hcd [ 936.856057][ T1191] usb 3-1: Using ep0 maxpacket: 32 [ 936.861811][T31107] netlink: 212 bytes leftover after parsing attributes in process `syz.1.9516'. [ 936.873362][ T1191] usb 3-1: unable to get BOS descriptor or descriptor too short [ 936.900268][ T1191] usb 3-1: config 1 has an invalid descriptor of length 175, skipping remainder of the config [ 936.935737][ T1191] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 936.943086][T31112] loop3: detected capacity change from 0 to 64 [ 936.963564][ T1191] usb 3-1: too many endpoints for config 1 interface 1 altsetting 141: 48, using maximum allowed: 30 [ 936.999019][ T1191] usb 3-1: config 1 interface 1 altsetting 141 has 0 endpoint descriptors, different from the interface descriptor's value: 48 [ 937.045613][ T1191] usb 3-1: config 1 interface 1 has no altsetting 0 [ 937.073373][ T1191] usb 3-1: string descriptor 0 read error: -22 [ 937.107732][ T1191] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000c, bcdDevice= 0.40 [ 937.153860][ T1191] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 937.225357][T31116] loop5: detected capacity change from 0 to 8192 [ 937.616841][ T1191] usb 3-1: 3:0: cannot get min/max values for control 2 (id 3) [ 937.657495][ T1191] usb 3-1: 3:0: cannot get min/max values for control 5 (id 3) [ 937.677507][ T1191] usb 3-1: 3:0: cannot get min/max values for control 8 (id 3) [ 937.718243][ T1191] usb 3-1: 3:0: failed to get current value for ch 0 (-71) [ 937.750751][ T1191] usb 3-1: 3:0: cannot get min/max values for control 5 (id 3) [ 937.826597][ T1191] usb 3-1: USB disconnect, device number 51 [ 938.106249][ T5478] udevd[5478]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 938.147201][T31182] loop3: detected capacity change from 0 to 8192 [ 938.190269][T31196] loop5: detected capacity change from 0 to 256 [ 939.015544][T31250] loop3: detected capacity change from 0 to 256 [ 939.055127][T31250] exfat: Deprecated parameter 'utf8' [ 939.067350][T31250] exfat: Deprecated parameter 'namecase' [ 939.073185][T31250] /dev/loop3: Can't open blockdev [ 939.343348][T31269] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9556'. [ 939.420493][T31269] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9556'. [ 939.462895][T31269] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9556'. [ 939.515481][T31278] loop5: detected capacity change from 0 to 1024 [ 940.390560][T31331] netlink: 'syz.5.9573': attribute type 1 has an invalid length. [ 940.859588][T31295] loop1: detected capacity change from 0 to 32768 [ 941.038452][T31295] XFS (loop1): Mounting V5 Filesystem [ 941.100660][T31329] loop4: detected capacity change from 0 to 32768 [ 941.122614][T31329] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 941.243899][T31295] XFS (loop1): Ending clean mount [ 941.253667][T31329] JBD2: Ignoring recovery information on journal [ 941.397234][ T4269] XFS (loop1): Unmounting Filesystem [ 941.438171][T31329] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 941.461593][T31377] xt_CT: No such helper "netbios-ns" [ 941.530826][T31329] ocfs2: Unmounting device (7,4) on (node local) [ 941.659878][T31390] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9584'. [ 941.673587][T31390] netlink: 580 bytes leftover after parsing attributes in process `syz.5.9584'. [ 941.945796][T31403] loop2: detected capacity change from 0 to 64 [ 942.001536][T31406] netlink: 'syz.5.9590': attribute type 1 has an invalid length. [ 942.029404][T31406] netlink: 'syz.5.9590': attribute type 1 has an invalid length. [ 942.093786][T31406] netlink: 180 bytes leftover after parsing attributes in process `syz.5.9590'. [ 942.102886][T31406] NCSI netlink: No device for ifindex 2151022881 [ 942.170305][T31416] netlink: 'syz.3.9592': attribute type 2 has an invalid length. [ 942.628540][T31441] ip6t_srh: unknown srh invflags 4000 [ 943.255681][T31490] netlink: 32 bytes leftover after parsing attributes in process `syz.4.9611'. [ 943.265037][ T1191] usb 2-1: new high-speed USB device number 53 using dummy_hcd [ 943.478729][ T1191] usb 2-1: Using ep0 maxpacket: 8 [ 943.503409][ T1191] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 943.528168][ T1191] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 943.583903][ T1191] usb 2-1: Product: syz [ 943.588138][ T1191] usb 2-1: Manufacturer: syz [ 943.643013][ T1191] usb 2-1: SerialNumber: syz [ 943.655759][ T1191] usb 2-1: config 0 descriptor?? [ 943.698208][ T1191] gspca_main: se401-2.14.0 probing 047d:5003 [ 944.098124][ T1191] gspca_se401: write req failed req 0x57 val 0x00 error -71 [ 944.114184][ T1191] se401: probe of 2-1:0.0 failed with error -71 [ 944.138176][T31537] tmpfs: Bad value for 'mpol' [ 944.147003][ T26] audit: type=1326 audit(1777400614.136:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31541 comm="syz.2.9627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 944.177487][ T1191] usb 2-1: USB disconnect, device number 53 [ 944.217603][ T26] audit: type=1326 audit(1777400614.136:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31541 comm="syz.2.9627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 944.316986][ T26] audit: type=1326 audit(1777400614.146:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31541 comm="syz.2.9627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 944.428742][T31565] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9631'. [ 944.436605][ T26] audit: type=1326 audit(1777400614.146:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31541 comm="syz.2.9627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 944.464520][T31565] device vlan0 entered promiscuous mode [ 944.480430][ T26] audit: type=1326 audit(1777400614.146:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31541 comm="syz.2.9627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 944.623698][T31576] QAT: failed to copy from user cfg_data. [ 945.067892][T31597] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9639'. [ 945.097091][T31597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9639'. [ 945.577341][T31573] loop2: detected capacity change from 0 to 32768 [ 945.620207][T31573] (syz.2.9633,31573,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 945.701632][T31573] (syz.2.9633,31573,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 945.801403][T31573] JBD2: Ignoring recovery information on journal [ 945.969124][T31573] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 946.209657][T31662] ip6t_srh: unknown srh invflags 4000 [ 946.546667][ T4277] ocfs2: Unmounting device (7,2) on (node local) [ 947.073238][T31706] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 947.146684][T31706] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 947.202729][T31717] xt_hashlimit: max too large, truncated to 1048576 [ 948.347311][T31792] MPI: mpi too large (107144 bits) [ 948.933421][T31834] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 948.968473][T31833] block nbd1: NBD_DISCONNECT [ 949.484695][ T7403] usb 2-1: new full-speed USB device number 54 using dummy_hcd [ 949.645729][T31881] loop5: detected capacity change from 0 to 1024 [ 949.697458][ T7403] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 949.711963][ T7403] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 949.760460][ T7403] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 949.784670][T31883] loop2: detected capacity change from 0 to 4096 [ 949.796960][ T7403] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 949.835161][ T7403] usb 2-1: config 1 has no interface number 0 [ 949.841319][ T7403] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 949.925459][T31881] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 949.952897][T31883] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 950.019225][ T7403] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 950.094935][T31881] EXT4-fs warning (device loop5): ext4_rmdir:3243: inode #11: comm syz.5.9720: empty directory 'file1' has too many links (111) [ 950.146654][ T7403] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 950.365148][ T7403] snd_usb_pod 2-1:1.1: endpoint not available, using fallback values [ 950.377056][T27540] EXT4-fs (loop5): unmounting filesystem. [ 950.378638][ T7403] snd_usb_pod 2-1:1.1: invalid control EP [ 950.444882][ T7403] snd_usb_pod 2-1:1.1: cannot start listening: -22 [ 950.500784][ T7403] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 950.550551][ T7403] snd_usb_pod: probe of 2-1:1.1 failed with error -22 [ 950.601900][ T7403] usb 2-1: USB disconnect, device number 54 [ 950.804094][T31951] program syz.5.9732 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 950.874965][T31955] netlink: 'syz.2.9734': attribute type 3 has an invalid length. [ 951.295577][T31981] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9741'. [ 951.422551][T31990] netlink: 'syz.4.9743': attribute type 5 has an invalid length. [ 951.705949][T32004] xt_recent: hitcount (134217728) is larger than allowed maximum (255) [ 951.709993][T32006] loop4: detected capacity change from 0 to 512 [ 951.728753][T32009] netlink: 'syz.2.9749': attribute type 1 has an invalid length. [ 951.825999][T32006] Quota error (device loop4): do_check_range: Getting dqdh_next_free 256 out of range 0-7 [ 951.881996][T32006] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 951.893000][T32006] EXT4-fs error (device loop4): ext4_acquire_dquot:6841: comm syz.4.9747: Failed to acquire dquot type 1 [ 951.916747][T32006] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.9747: bg 0: block 495: padding at end of block bitmap is not set [ 951.937430][T32006] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6180: Corrupt filesystem [ 951.962634][T32006] EXT4-fs (loop4): 1 truncate cleaned up [ 951.982232][T32006] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 952.011021][T32006] ext4 filesystem being mounted at /1931/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 952.102103][T32006] Quota error (device loop4): do_check_range: Getting dqdh_next_free 256 out of range 0-7 [ 952.155482][T32006] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 952.205325][T32006] EXT4-fs error (device loop4): ext4_acquire_dquot:6841: comm syz.4.9747: Failed to acquire dquot type 1 [ 952.419943][ T4272] EXT4-fs (loop4): unmounting filesystem. [ 952.445689][T32054] loop5: detected capacity change from 0 to 4096 [ 952.469456][T32058] program syz.2.9755 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 952.563383][T31991] Process accounting paused [ 953.375168][T32123] netlink: 'syz.1.9771': attribute type 1 has an invalid length. [ 953.407506][T32123] netlink: 216 bytes leftover after parsing attributes in process `syz.1.9771'. [ 953.452346][T32123] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9771'. [ 953.781445][T32147] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9777'. [ 953.818730][T32147] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9777'. [ 954.380150][T32188] netlink: 'syz.5.9789': attribute type 8 has an invalid length. [ 954.569314][T32198] netlink: 'syz.3.9791': attribute type 2 has an invalid length. [ 954.577098][T32198] netlink: 'syz.3.9791': attribute type 1 has an invalid length. [ 954.622800][T32198] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.9791'. [ 954.760054][T32208] program syz.5.9793 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 955.254516][T32179] loop2: detected capacity change from 0 to 32768 [ 955.322561][T32179] ERROR: (device loop2): diAllocAG: error reading iag [ 955.322561][T32179] [ 955.379339][T32179] ialloc: diAlloc returned -5! [ 955.486530][T32190] loop1: detected capacity change from 0 to 32768 [ 955.559700][T32247] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 955.583158][T32190] ERROR: (device loop1): dtSearch: DT_GETPAGE: dtree page corrupt [ 955.583158][T32190] [ 955.653462][T32190] ERROR: (device loop1): remounting filesystem as read-only [ 955.681554][ T1191] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 955.738844][T32190] jfs_lookup: dtSearch returned -5 [ 955.888627][ T1191] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 955.919690][ T1191] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 955.971976][ T1191] usb 4-1: Product: syz [ 955.979307][ T1191] usb 4-1: Manufacturer: syz [ 956.009493][ T1191] usb 4-1: SerialNumber: syz [ 956.074160][ T1191] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 956.094361][T32282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9808'. [ 956.156768][ T1191] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 956.527272][ T7399] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 956.569337][ T7399] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 956.577951][ T7403] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 956.646890][ T4314] usb 4-1: USB disconnect, device number 45 [ 956.848809][T32318] device ip6tnl1 entered promiscuous mode [ 957.291458][T32299] loop2: detected capacity change from 0 to 32768 [ 957.295798][ T7403] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 957.298180][ T1191] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 957.318516][ T1191] ath9k_htc: Failed to initialize the device [ 957.337600][T32299] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.9815 (32299) [ 957.349004][ T7399] usb 5-1: new full-speed USB device number 64 using dummy_hcd [ 957.359381][ T4314] usb 4-1: ath9k_htc: USB layer deinitialized [ 957.433749][T32299] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 957.467052][ T7401] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 957.475437][T32299] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 957.507692][T32299] BTRFS info (device loop2): using free space tree [ 957.556527][T32373] loop5: detected capacity change from 0 to 8 [ 957.558720][ T7399] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 957.617864][T32373] SQUASHFS error: Unable to read directory block [26067d:ffff] [ 957.625565][ T7399] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 957.656276][ T7399] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 957.677845][ T7399] usb 5-1: config 1 has no interface number 0 [ 957.684115][ T7399] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 957.694355][ T7399] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 957.707473][ T7399] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 957.717339][ T7399] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 957.742974][ T7399] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 957.876747][T32299] BTRFS info (device loop2): enabling ssd optimizations [ 957.949869][ T7399] snd_usb_pod 5-1:1.1: endpoint not available, using fallback values [ 957.958200][ T7399] snd_usb_pod 5-1:1.1: invalid control EP [ 957.976695][ T7399] snd_usb_pod 5-1:1.1: cannot start listening: -22 [ 958.000343][ T7399] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 958.034248][ T7399] snd_usb_pod: probe of 5-1:1.1 failed with error -22 [ 958.061012][T32299] BTRFS warning (device loop2): get dev_stats failed, device not found [ 958.225950][ T4277] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 958.246068][ T7401] usb 5-1: USB disconnect, device number 64 [ 958.561627][T32441] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9837'. [ 958.578470][T32441] netlink: 40 bytes leftover after parsing attributes in process `syz.5.9837'. [ 959.072421][T32467] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 959.639294][T32508] loop3: detected capacity change from 0 to 512 [ 959.684788][T32508] /dev/loop3: Can't open blockdev [ 959.861637][ T7399] usb 2-1: new full-speed USB device number 55 using dummy_hcd [ 959.980714][ T26] audit: type=1326 audit(1777400628.953:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32523 comm="syz.5.9858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 960.022246][ T26] audit: type=1326 audit(1777400628.971:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32523 comm="syz.5.9858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 960.069944][T32525] bridge0: port 3(batadv0) entered disabled state [ 960.099300][ T7399] usb 2-1: unable to get BOS descriptor or descriptor too short [ 960.105063][ T26] audit: type=1326 audit(1777400628.971:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32523 comm="syz.5.9858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 960.118552][ T7399] usb 2-1: not running at top speed; connect to a high speed hub [ 960.140929][T32525] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 960.157979][ T7399] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 37, changing to 4 [ 960.172597][T32533] netlink: 'syz.5.9860': attribute type 1 has an invalid length. [ 960.202014][ T7399] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 116, changing to 4 [ 960.231891][T32482] loop4: detected capacity change from 0 to 32768 [ 960.238552][T32533] netlink: 56 bytes leftover after parsing attributes in process `syz.5.9860'. [ 960.250777][ T7399] usb 2-1: string descriptor 0 read error: -22 [ 960.268983][ T7399] usb 2-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice= 0.40 [ 960.286916][T32482] (syz.4.9846,32482,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 960.300782][ T7399] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 960.353424][T32482] (syz.4.9846,32482,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 960.496308][T32482] JBD2: Ignoring recovery information on journal [ 960.587032][T32545] loop3: detected capacity change from 0 to 4096 [ 960.668958][T32482] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 960.681735][T32545] /dev/loop3: Can't open blockdev [ 960.716782][ C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 960.791652][ T4350] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 960.802680][ T1191] usb 2-1: USB disconnect, device number 55 [ 961.102587][ T4272] ocfs2: Unmounting device (7,4) on (node local) [ 961.336197][T32600] cifs: Unknown parameter 'no9 PG!8E8- ŖEeլ' [ 961.599145][T32615] netlink: 'syz.3.9873': attribute type 2 has an invalid length. [ 961.663315][T32447] usb 3-1: new full-speed USB device number 52 using dummy_hcd [ 961.834233][T32628] loop3: detected capacity change from 0 to 64 [ 961.884048][T32447] usb 3-1: unable to get BOS descriptor or descriptor too short [ 961.923761][T32447] usb 3-1: not running at top speed; connect to a high speed hub [ 961.947872][T32447] usb 3-1: config 5 has an invalid interface number: 246 but max is 0 [ 962.010261][T32447] usb 3-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config [ 962.020403][T32447] usb 3-1: config 5 has no interface number 0 [ 962.069769][T32580] loop5: detected capacity change from 0 to 32768 [ 962.093605][T32447] usb 3-1: config 5 interface 246 altsetting 4 endpoint 0x3 has an invalid bInterval 0, changing to 4 [ 962.133332][T32447] usb 3-1: config 5 interface 246 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 962.162812][T32642] device veth3 entered promiscuous mode [ 962.188102][T32580] ERROR: (device loop5): dbAllocAG: unable to allocate blocks [ 962.188102][T32580] [ 962.210022][T32447] usb 3-1: config 5 interface 246 has no altsetting 0 [ 962.242220][T32580] ERROR: (device loop5): remounting filesystem as read-only [ 962.243458][T32447] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=f5.e4 [ 962.272126][T32447] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 962.295452][T32447] usb 3-1: Product: syz [ 962.300391][T32447] usb 3-1: Manufacturer: syz [ 962.305022][T32447] usb 3-1: SerialNumber: syz [ 962.576157][T32447] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 962.602318][ T4334] usb 3-1: Failed to submit usb control message: -71 [ 962.712710][T32447] usb 3-1: USB disconnect, device number 52 [ 962.776301][ T4334] usb 3-1: unable to send the bmi data to the device: -71 [ 962.801950][T32686] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9886'. [ 962.832566][ T4334] usb 3-1: unable to get target info from device [ 962.854530][ T4334] usb 3-1: could not get target info (-71) [ 962.897885][ T4334] usb 3-1: could not probe fw (-71) [ 963.668757][T32737] netlink: 136 bytes leftover after parsing attributes in process `syz.4.9899'. [ 964.172108][ T301] netlink: 'syz.2.9908': attribute type 33 has an invalid length. [ 964.179994][ T301] netlink: 152 bytes leftover after parsing attributes in process `syz.2.9908'. [ 964.210091][ T2935] bridge0: port 3(dummy0) entered disabled state [ 964.336057][ T313] netlink: 272 bytes leftover after parsing attributes in process `syz.5.9912'. [ 964.522855][ T323] netlink: 168 bytes leftover after parsing attributes in process `syz.1.9915'. [ 964.724198][ T340] loop1: detected capacity change from 0 to 164 [ 965.429866][ T26] audit: type=1326 audit(1777400634.041:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=389 comm="syz.5.9933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 965.489149][ T26] audit: type=1326 audit(1777400634.041:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=389 comm="syz.5.9933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 965.489187][ T26] audit: type=1326 audit(1777400634.050:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=389 comm="syz.5.9933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 965.489217][ T26] audit: type=1326 audit(1777400634.050:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=389 comm="syz.5.9933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 965.489246][ T26] audit: type=1326 audit(1777400634.050:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=389 comm="syz.5.9933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 965.489274][ T26] audit: type=1326 audit(1777400634.050:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=389 comm="syz.5.9933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 965.489303][ T26] audit: type=1326 audit(1777400634.050:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=389 comm="syz.5.9933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 965.489331][ T26] audit: type=1326 audit(1777400634.050:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=389 comm="syz.5.9933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 965.489360][ T26] audit: type=1326 audit(1777400634.050:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=389 comm="syz.5.9933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 965.549160][T32447] usb 2-1: new high-speed USB device number 56 using dummy_hcd [ 965.591910][T15737] usb 4-1: new full-speed USB device number 46 using dummy_hcd [ 965.635707][ C0] vkms_vblank_simulate: vblank timer overrun [ 965.724783][ C0] vkms_vblank_simulate: vblank timer overrun [ 965.964902][T32447] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 965.982263][T32447] usb 2-1: config 1 has no interface number 0 [ 965.993219][ T419] loop5: detected capacity change from 0 to 47 [ 966.003536][T32447] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 966.012740][T32447] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 37, changing to 7 [ 966.036300][ T419] MINIX-fs: bad superblock [ 966.044277][T32447] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 116, changing to 7 [ 966.061837][T15737] usb 4-1: config 2 has an invalid interface number: 211 but max is 0 [ 966.061997][T32447] usb 2-1: New USB device found, idVendor=0582, idProduct=0145, bcdDevice= 0.40 [ 966.082745][T15737] usb 4-1: config 2 has no interface number 0 [ 966.089381][T32447] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 966.110798][T15737] usb 4-1: config 2 interface 211 altsetting 0 endpoint 0x4 has invalid maxpacket 512, setting to 64 [ 966.115726][T32447] usb 2-1: Product: syz [ 966.125929][T32447] usb 2-1: Manufacturer: syz [ 966.143506][ T1191] usb 5-1: new low-speed USB device number 65 using dummy_hcd [ 966.153763][T15737] usb 4-1: config 2 interface 211 altsetting 0 endpoint 0x82 has an invalid bInterval 97, changing to 4 [ 966.181020][T32447] usb 2-1: SerialNumber: syz [ 966.182960][T15737] usb 4-1: config 2 interface 211 altsetting 0 endpoint 0x82 has invalid maxpacket 24929, setting to 1023 [ 966.208369][T15737] usb 4-1: New USB device found, idVendor=2040, idProduct=8268, bcdDevice=27.95 [ 966.232798][T15737] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 966.254551][T15737] usb 4-1: Product: syz [ 966.258873][T15737] usb 4-1: Manufacturer: syz [ 966.263570][T15737] usb 4-1: SerialNumber: syz [ 966.295908][ T378] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 966.306593][T15737] em28xx 4-1:2.211: New device syz syz @ 12 Mbps (2040:8268, interface 211, class 211) [ 966.327397][T15737] em28xx 4-1:2.211: Device initialization failed. [ 966.335522][T15737] em28xx 4-1:2.211: Device must be connected to a high-speed USB 2.0 port. [ 966.363938][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 966.370317][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 966.386130][ T1191] usb 5-1: config index 0 descriptor too short (expected 6427, got 27) [ 966.401908][ T1191] usb 5-1: config 0 has an invalid interface number: 21 but max is 0 [ 966.427721][T32447] usb 2-1: 1:0 : does not exist [ 966.438333][T32447] usb 2-1: BAAD SPEAKER p_chmask mismatch [ 966.438532][ T1191] usb 5-1: config 0 has no interface number 0 [ 966.466027][ T1191] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 966.479748][T32447] snd-usb-audio: probe of 2-1:1.1 failed with error -22 [ 966.495374][ T1191] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 966.544514][T32447] usb 2-1: USB disconnect, device number 56 [ 966.549563][ T1191] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 966.551761][ T5478] udevd[5478]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 966.562767][ T1191] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 966.604966][ T1191] usb 5-1: config 0 descriptor?? [ 966.641736][ T7397] usb 4-1: USB disconnect, device number 46 [ 966.891043][ T480] loop2: detected capacity change from 0 to 136 [ 966.903225][ T480] Attempt to read inode for relocated directory [ 966.923549][ T480] syz.2.9951: attempt to access beyond end of device [ 966.923549][ T480] loop2: rw=524288, sector=335544428, nr_sectors = 4 limit=136 [ 966.940247][ T480] syz.2.9951: attempt to access beyond end of device [ 966.940247][ T480] loop2: rw=0, sector=335544428, nr_sectors = 4 limit=136 [ 966.959569][ T26] audit: type=1800 audit(1777400635.472:404): pid=480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.9951" name="file1" dev="loop2" ino=1487 res=0 errno=0 [ 967.092193][ T1191] usb 5-1: USB disconnect, device number 65 [ 967.341037][ T507] ipt_rpfilter: unknown options [ 968.071734][ T551] loop5: detected capacity change from 0 to 164 [ 968.460472][ T579] kAFS: unable to lookup cell '@mTsyz0' [ 969.016881][ T612] loop4: detected capacity change from 0 to 2048 [ 969.089947][ T612] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 969.100366][ C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 969.121648][ T612] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 969.141045][ T621] netlink: 'syz.1.9991': attribute type 2 has an invalid length. [ 969.155395][ T623] loop5: detected capacity change from 0 to 128 [ 969.172556][ T621] netlink: 'syz.1.9991': attribute type 8 has an invalid length. [ 969.216166][ T621] netlink: 132 bytes leftover after parsing attributes in process `syz.1.9991'. [ 969.799070][ T657] loop1: detected capacity change from 0 to 1024 [ 969.869966][ T657] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 970.059309][ T657] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 970.279511][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 970.370456][ T695] program syz.5.10008 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 970.757857][ T7397] usb 4-1: new full-speed USB device number 47 using dummy_hcd [ 970.949949][ T736] loop1: detected capacity change from 0 to 16 [ 970.960519][ T7397] usb 4-1: config 0 has an invalid interface number: 176 but max is 2 [ 970.990357][ T7397] usb 4-1: config 0 has no interface number 1 [ 971.006123][ T7397] usb 4-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac [ 971.012610][ T736] erofs: (device loop1): mounted with root inode @ nid 36. [ 971.044123][ T7397] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 971.079618][ T736] syz.1.10019: attempt to access beyond end of device [ 971.079618][ T736] loop1: rw=0, sector=48, nr_sectors = 16 limit=16 [ 971.095160][ T7397] usb 4-1: config 0 descriptor?? [ 971.331111][ T7397] qcserial 4-1:0.2: Qualcomm USB modem converter detected [ 971.607374][ T1191] usb 4-1: USB disconnect, device number 47 [ 971.614903][ T1191] qcserial 4-1:0.2: device disconnected [ 971.940092][ T728] loop5: detected capacity change from 0 to 32768 [ 972.074195][ T809] netlink: 'syz.1.10032': attribute type 8 has an invalid length. [ 972.105981][ T728] XFS (loop5): Mounting V5 Filesystem [ 972.425123][ T728] XFS (loop5): Ending clean mount [ 972.730925][ T7397] XFS (loop5): Metadata CRC error detected at xfs_rmapbt_read_verify+0x3a/0xd0, xfs_rmapbt block 0x14 [ 972.765373][ T7397] XFS (loop5): Unmount and run xfs_repair [ 972.771152][ T7397] XFS (loop5): First 128 bytes of corrupted metadata buffer: [ 972.814315][ T7397] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 972.849771][ T7397] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80 ..P............. [ 972.891572][ T7397] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 972.907107][ T7397] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 972.959321][ T7397] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 972.968245][ T7397] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 972.980979][ T858] loop4: detected capacity change from 0 to 8 [ 973.042061][ T7397] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 973.058980][ T7397] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 973.123235][ T728] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x14 len 4 error 74 [ 973.178596][ T728] XFS (loop5): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1798/0x1e60 (fs/xfs/libxfs/xfs_defer.c:580). Shutting down filesystem. [ 973.251670][ T728] XFS (loop5): Please unmount the filesystem and rectify the problem(s) [ 973.376953][ T921] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10046'. [ 973.396953][T27540] XFS (loop5): Unmounting Filesystem [ 973.690211][ T1191] usb 4-1: new full-speed USB device number 48 using dummy_hcd [ 973.899982][ T1191] usb 4-1: not running at top speed; connect to a high speed hub [ 973.921367][ T1191] usb 4-1: config 95 has an invalid interface number: 1 but max is 0 [ 973.952199][ T1191] usb 4-1: config 95 has no interface number 0 [ 973.958461][ T1191] usb 4-1: config 95 interface 1 has no altsetting 0 [ 974.015200][ T1191] usb 4-1: New USB device found, idVendor=0763, idProduct=2031, bcdDevice=ad.3f [ 974.035636][ T1191] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 974.054211][ T1191] usb 4-1: Product: syz [ 974.062002][ T1191] usb 4-1: Manufacturer: syz [ 974.087433][ T1191] usb 4-1: SerialNumber: syz [ 974.297705][T23120] usb 2-1: new full-speed USB device number 57 using dummy_hcd [ 974.379180][ T1191] usb 4-1: USB disconnect, device number 48 [ 974.512478][T23120] usb 2-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 974.546582][T23120] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 974.576699][T23120] usb 2-1: Product: syz [ 974.580973][T23120] usb 2-1: Manufacturer: syz [ 974.614694][T23120] usb 2-1: SerialNumber: syz [ 974.779085][ T5478] udevd[5478]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:95.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 974.910462][T23120] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 57 if 0 alt 0 proto 1 vid 0x04B8 pid 0x0202 [ 974.960269][ T1052] loop2: detected capacity change from 0 to 64 [ 974.971083][T23120] usb 2-1: USB disconnect, device number 57 [ 975.031700][ T1052] syz.2.10071: attempt to access beyond end of device [ 975.031700][ T1052] loop2: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 975.034048][T23120] usblp0: removed [ 975.096410][ T1052] Buffer I/O error on dev loop2, logical block 134217734, async page read [ 975.121489][ T1052] syz.2.10071: attempt to access beyond end of device [ 975.121489][ T1052] loop2: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 975.165735][ T1052] Buffer I/O error on dev loop2, logical block 134217734, async page read [ 975.183829][ T1065] loop3: detected capacity change from 0 to 512 [ 975.194075][ T1065] /dev/loop3: Can't open blockdev [ 975.251350][ T5478] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 975.434913][ T1090] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10080'. [ 975.598579][T32447] usb 5-1: new high-speed USB device number 66 using dummy_hcd [ 975.662794][ T1102] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10083'. [ 975.698393][ T1102] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10083'. [ 975.722655][ T1102] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10083'. [ 975.736020][ T1097] loop2: detected capacity change from 0 to 4096 [ 975.742813][ T1106] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615) [ 975.769177][ T1106] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 975.792856][T32447] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 975.807934][T32447] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 975.886603][T32447] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 975.932423][T32447] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 975.988984][T32447] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 976.015527][T32447] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 976.034432][T32447] usb 5-1: Product: syz [ 976.049480][ T52] block nbd1: Attempted send on invalid socket [ 976.055712][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 976.065961][T32447] usb 5-1: Manufacturer: syz [ 976.084395][T32447] usb 5-1: SerialNumber: syz [ 976.085726][ T1121] F2FS-fs (nbd1): Unable to read 1th superblock [ 976.091063][T32447] usb 5-1: config 0 descriptor?? [ 976.127697][ T1043] block nbd1: Attempted send on invalid socket [ 976.134078][ T1043] I/O error, dev nbd1, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 976.143602][ T1121] F2FS-fs (nbd1): Unable to read 2th superblock [ 976.329520][T32447] adutux 5-1:0.0: ADU208 now attached to /dev/usb/adutux0 [ 976.376369][T32447] usb 5-1: USB disconnect, device number 66 [ 976.491555][ T1146] loop2: detected capacity change from 0 to 2048 [ 976.560895][ T1146] GPT:first_usable_lbas don't match. [ 976.569729][ T1146] GPT:34 != 290 [ 976.587373][ T1146] GPT: Use GNU Parted to correct GPT errors. [ 976.614270][ T1146] loop2: p1 p2 p3 [ 976.848782][ T1176] binder: 1175:1176 ioctl 400c620e 0 returned -14 [ 976.956311][T23120] usb 3-1: new full-speed USB device number 53 using dummy_hcd [ 977.054679][ T1181] loop1: detected capacity change from 0 to 4096 [ 977.171774][T23120] usb 3-1: config 1 has an invalid descriptor of length 93, skipping remainder of the config [ 977.195885][T23120] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 977.205009][ T1192] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 977.205600][ T1181] NILFS error (device loop1): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 977.229186][T23120] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 977.272651][T23120] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 977.288893][ T1181] NILFS (loop1): mounting fs with errors [ 977.292578][T23120] usb 3-1: Product: syz [ 977.299569][ T1154] loop3: detected capacity change from 0 to 32768 [ 977.355471][ T1204] loop5: detected capacity change from 0 to 1024 [ 977.363926][ T1204] EXT4-fs: Ignoring removed nomblk_io_submit option [ 977.370623][ T1204] EXT4-fs: Ignoring removed nomblk_io_submit option [ 977.379245][ T1204] EXT4-fs: Ignoring removed i_version option [ 977.394198][ T1204] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 977.405388][T23120] usb 3-1: Manufacturer: syz [ 977.410306][T23120] usb 3-1: SerialNumber: syz [ 977.461458][ T1154] XFS (loop3): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent. [ 977.478789][ T1181] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: disallowed inode number - offset=32, inode=9, rec_len=24, name_len=6 [ 977.518568][ T1204] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 977.608110][T27540] EXT4-fs (loop5): unmounting filesystem. [ 977.691557][T23120] usb 3-1: 0:2 : does not exist [ 977.699776][T23120] usb 3-1: unit 9 not found! [ 977.758119][T23120] usb 3-1: 4:0: cannot get min/max values for control 1 (id 4) [ 977.785811][ T4271] XFS (loop3): Unmounting Filesystem [ 977.800259][T23120] usb 3-1: USB disconnect, device number 53 [ 978.122413][ T5478] udevd[5478]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 978.467309][ T1282] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 978.506655][ T1282] overlayfs: missing 'lowerdir' [ 978.741722][T32447] usb 5-1: new full-speed USB device number 67 using dummy_hcd [ 978.946537][ T1315] loop3: detected capacity change from 0 to 2048 [ 978.983593][T32447] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 978.998969][T32447] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 979.024480][ T1326] loop5: detected capacity change from 0 to 1024 [ 979.046266][T32447] usb 5-1: config 0 descriptor?? [ 979.076485][T32447] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 979.495552][T32447] gp8psk: usb in 128 operation failed. [ 979.508191][T32447] gp8psk: usb in 137 operation failed. [ 979.522686][T32447] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 979.534256][ T1347] loop2: detected capacity change from 0 to 1764 [ 979.558569][T32447] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 979.618689][T32447] usb 5-1: USB disconnect, device number 67 [ 979.654699][ T1364] xt_cgroup: path and classid specified [ 979.734674][ T4277] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 979.765286][ T4277] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 979.988449][ T1388] misc userio: The device must be registered before sending interrupts [ 979.995418][ T1385] loop1: detected capacity change from 0 to 1764 [ 980.064775][ T1385] syz.1.10143: attempt to access beyond end of device [ 980.064775][ T1385] loop1: rw=0, sector=7180648572, nr_sectors = 4 limit=1764 [ 980.131206][ T1385] Buffer I/O error on dev loop1, logical block 1795162143, async page read [ 980.160328][ T1385] syz.1.10143: attempt to access beyond end of device [ 980.160328][ T1385] loop1: rw=0, sector=7180648572, nr_sectors = 4 limit=1764 [ 980.201689][ T1385] Buffer I/O error on dev loop1, logical block 1795162143, async page read [ 980.250291][ T26] audit: type=1800 audit(1777400647.903:405): pid=1385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.10143" name="file0" dev="loop1" ino=1923 res=0 errno=0 [ 980.465179][ T1418] loop4: detected capacity change from 0 to 64 [ 980.724359][ T1437] netlink: 'syz.1.10158': attribute type 2 has an invalid length. [ 981.232113][ T26] audit: type=1326 audit(1777400648.820:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1471 comm="syz.5.10170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 981.313955][ T26] audit: type=1326 audit(1777400648.839:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1471 comm="syz.5.10170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 981.398088][ T26] audit: type=1326 audit(1777400648.839:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1471 comm="syz.5.10170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 981.420447][ C0] vkms_vblank_simulate: vblank timer overrun [ 981.450564][ T1483] loop4: detected capacity change from 0 to 256 [ 981.452272][ T26] audit: type=1326 audit(1777400648.839:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1471 comm="syz.5.10170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 981.549117][ T1483] FAT-fs (loop4): Directory bread(block 64) failed [ 981.580318][ T1483] FAT-fs (loop4): Directory bread(block 65) failed [ 981.642310][ T1483] FAT-fs (loop4): Directory bread(block 66) failed [ 981.648923][ T1483] FAT-fs (loop4): Directory bread(block 67) failed [ 981.677523][ T1483] FAT-fs (loop4): Directory bread(block 68) failed [ 981.697030][ T1483] FAT-fs (loop4): Directory bread(block 69) failed [ 981.756658][ T1483] FAT-fs (loop4): Directory bread(block 70) failed [ 981.763255][ T1483] FAT-fs (loop4): Directory bread(block 71) failed [ 981.799573][ T1505] erofs: (device loop1): mounted with root inode @ nid 36. [ 981.810992][ T1483] FAT-fs (loop4): Directory bread(block 72) failed [ 981.817547][ T1483] FAT-fs (loop4): Directory bread(block 73) failed [ 981.877927][ T1501] set_capacity_and_notify: 1 callbacks suppressed [ 981.877943][ T1501] loop5: detected capacity change from 0 to 4096 [ 981.967847][ T1515] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 981.983426][ T1501] NILFS error (device loop5): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 982.050143][ T1501] NILFS (loop5): mounting fs with errors [ 982.168669][ T1501] NILFS error (device loop5): nilfs_check_page: bad entry in directory #2: disallowed inode number - offset=32, inode=9, rec_len=24, name_len=6 [ 982.325199][ T1532] loop4: detected capacity change from 0 to 2048 [ 982.351875][ T1532] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 982.449385][ T1541] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 982.488602][ T1532] NILFS error (device loop4): __nilfs_read_inode: invalid file type bits in mode 0177777 for inode 12 [ 982.572693][ T1532] Remounting filesystem read-only [ 983.250280][ T1595] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10202'. [ 983.256952][ T1593] loop5: detected capacity change from 0 to 2048 [ 983.326242][ T26] audit: type=1326 audit(1777400650.784:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1599 comm="syz.2.10203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 983.348677][ C0] vkms_vblank_simulate: vblank timer overrun [ 983.362064][ T1593] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 983.397365][ T1591] loop1: detected capacity change from 0 to 4096 [ 983.472250][ T26] audit: type=1326 audit(1777400650.831:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1599 comm="syz.2.10203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 983.488553][ T1591] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 983.542455][ T1537] loop3: detected capacity change from 0 to 32768 [ 983.614814][ T26] audit: type=1326 audit(1777400650.831:412): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=1599 comm="syz.2.10203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 983.675618][ T1591] ntfs3: loop1: Failed to load $Extend. [ 983.699887][ T26] audit: type=1326 audit(1777400650.831:413): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=1599 comm="syz.2.10203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 983.722577][ C0] vkms_vblank_simulate: vblank timer overrun [ 984.264837][ T1647] loop2: detected capacity change from 0 to 1024 [ 984.391060][ T1655] netlink: 'syz.3.10215': attribute type 2 has an invalid length. [ 984.418662][T32447] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 984.621731][T32447] usb 6-1: Using ep0 maxpacket: 32 [ 984.629076][T32447] usb 6-1: config 2 has an invalid interface number: 1 but max is 0 [ 984.670022][T32447] usb 6-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 984.715249][T32447] usb 6-1: config 2 has no interface number 0 [ 984.731202][T32447] usb 6-1: New USB device found, idVendor=22b8, idProduct=2d97, bcdDevice=51.64 [ 984.742946][ T1662] Process accounting resumed [ 984.784085][T32447] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 984.805780][T32447] usb 6-1: Product: syz [ 984.809996][T32447] usb 6-1: Manufacturer: syz [ 984.838050][T32447] usb 6-1: SerialNumber: syz [ 985.074718][ T1686] loop3: detected capacity change from 0 to 64 [ 985.109062][T32446] usb 6-1: USB disconnect, device number 6 [ 985.236459][ T1641] loop4: detected capacity change from 0 to 32768 [ 985.409437][ T1641] XFS (loop4): Mounting V5 Filesystem [ 985.519745][ C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 985.561101][ T1641] XFS (loop4): Ending clean mount [ 985.601053][ T1723] loop3: detected capacity change from 0 to 8 [ 985.625655][ T1723] /dev/loop3: Can't open blockdev [ 985.629804][ T1641] XFS (loop4): Metadata CRC error detected at xfs_rmapbt_read_verify+0x3a/0xd0, xfs_rmapbt block 0x14 [ 985.642152][T32447] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 985.659270][ T1641] XFS (loop4): Unmount and run xfs_repair [ 985.665557][ T1641] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 985.728189][ T1641] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 985.776243][ T1641] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80 ..P............. [ 985.850031][ T1641] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 985.859472][T32447] usb 3-1: Using ep0 maxpacket: 32 [ 985.870973][T32447] usb 3-1: unable to get BOS descriptor or descriptor too short [ 985.889656][ T1735] loop3: detected capacity change from 0 to 256 [ 985.902210][T32447] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 985.940351][T32447] usb 3-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice= 0.40 [ 985.973662][ T1641] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 985.990389][T32447] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 985.997486][ T1641] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 985.998468][T32447] usb 3-1: Product: syz [ 986.012057][T32447] usb 3-1: Manufacturer: syz [ 986.016672][T32447] usb 3-1: SerialNumber: syz [ 986.075559][ T1641] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 986.128858][ T1641] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 986.151911][ T1679] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 986.161216][ T1641] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 986.170140][ T1641] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x14 len 4 error 74 [ 986.207739][ T1679] XFS (loop1): Mounting V5 Filesystem [ 986.271508][ T1641] XFS (loop4): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1798/0x1e60 (fs/xfs/libxfs/xfs_defer.c:580). Shutting down filesystem. [ 986.293540][T32447] usb 3-1: USB disconnect, device number 54 [ 986.297839][ T1641] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 986.442904][ T4272] XFS (loop4): Unmounting Filesystem [ 986.535891][ T4379] udevd[4379]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 986.581849][ T1679] XFS (loop1): Ending clean mount [ 986.654578][ T1679] XFS (loop1): Quotacheck needed: Please wait. [ 986.740790][ T1679] XFS (loop1): Quotacheck: Done. [ 986.952011][ T4269] XFS (loop1): Unmounting Filesystem [ 987.023222][ T1816] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10238'. [ 987.025777][ T1814] xt_hashlimit: size too large, truncated to 1048576 [ 987.033133][ T1816] netlink: 56 bytes leftover after parsing attributes in process `syz.5.10238'. [ 987.446701][ T1834] netlink: 'syz.4.10243': attribute type 1 has an invalid length. [ 987.512041][ T1834] netlink: 908 bytes leftover after parsing attributes in process `syz.4.10243'. [ 987.542815][ T1834] nbd: must specify at least one socket [ 987.853534][ T1859] set_capacity_and_notify: 1 callbacks suppressed [ 987.853552][ T1859] loop1: detected capacity change from 0 to 512 [ 987.911535][ T1866] comedi comedi0: s526: I/O port conflict (0x8,64) [ 987.935460][ T1859] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 987.961426][ T1868] netlink: 140 bytes leftover after parsing attributes in process `syz.2.10251'. [ 988.021104][ T1859] EXT4-fs error (device loop1): ext4_orphan_get:1405: inode #15: comm syz.1.10250: iget: bogus i_mode (2) [ 988.119933][ T1859] EXT4-fs error (device loop1): ext4_orphan_get:1410: comm syz.1.10250: couldn't read orphan inode 15 (err -117) [ 988.176082][ T1859] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 988.283462][ T1859] EXT4-fs error (device loop1): ext4_empty_dir:3145: inode #12: block 13: comm syz.1.10250: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=12, rec_len=0, size=4096 fake=1 [ 988.382200][ T1893] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10259'. [ 988.412512][ T1887] xt_CT: No such helper "netbios-ns" [ 988.422915][ T1859] EXT4-fs warning (device loop1): ext4_empty_dir:3147: inode #12: comm syz.1.10250: directory missing '.' [ 988.628416][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 988.894253][ T1869] loop3: detected capacity change from 0 to 32768 [ 988.999700][ T5478] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 989.590787][ T1951] loop4: detected capacity change from 0 to 4096 [ 989.858779][ T1969] block device autoloading is deprecated and will be removed. [ 989.868924][ T1978] netlink: 52 bytes leftover after parsing attributes in process `syz.3.10283'. [ 989.946035][ T1980] netlink: 20 bytes leftover after parsing attributes in process `syz.5.10284'. [ 990.058931][ T1987] CIFS mount error: No usable UNC path provided in device string! [ 990.058931][ T1987] [ 990.123253][ T1987] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 990.150614][ T1995] cgroup: noprefix used incorrectly [ 990.790324][ T2038] netlink: 'syz.4.10301': attribute type 13 has an invalid length. [ 990.798425][ T2038] netlink: 'syz.4.10301': attribute type 12 has an invalid length. [ 991.613766][ T2086] loop2: detected capacity change from 0 to 64 [ 991.744546][ T2040] loop1: detected capacity change from 0 to 32768 [ 991.826192][ T2040] ERROR: (device loop1): xtTruncate_pmap: XT_GETPAGE: xtree page corrupt [ 991.826192][ T2040] [ 991.900700][ T2040] ERROR: (device loop1): remounting filesystem as read-only [ 991.931037][ T2040] ERROR: (device loop1): jfs_rename: [ 991.931037][ T2040] [ 992.027041][ T4269] ERROR: (device loop1): xtTruncate: XT_GETPAGE: xtree page corrupt [ 992.027041][ T4269] [ 992.224719][ T2119] loop2: detected capacity change from 0 to 128 [ 992.300249][ T2119] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 992.360749][ T2119] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 992.544862][ T2136] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10332'. [ 992.574459][ T2136] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10332'. [ 992.625779][ T2136] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10332'. [ 992.685239][ T2141] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 992.830406][ T26] audit: type=1326 audit(1777400659.670:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2151 comm="syz.4.10338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 992.958977][ T26] audit: type=1326 audit(1777400659.670:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2151 comm="syz.4.10338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 993.041119][ T26] audit: type=1326 audit(1777400659.708:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2151 comm="syz.4.10338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 993.079619][ T26] audit: type=1326 audit(1777400659.708:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2151 comm="syz.4.10338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 993.101966][ C1] vkms_vblank_simulate: vblank timer overrun [ 993.164239][ T26] audit: type=1326 audit(1777400659.717:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2151 comm="syz.4.10338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 993.249281][ T26] audit: type=1326 audit(1777400659.717:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2151 comm="syz.4.10338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 993.387408][ T26] audit: type=1326 audit(1777400659.717:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2151 comm="syz.4.10338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 993.440949][ T26] audit: type=1326 audit(1777400659.717:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2151 comm="syz.4.10338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 993.485088][ T2183] libceph: resolve '.RHe'ˠ/1C~1WexEAeSb{~R' (ret=-3): failed [ 993.527099][ T26] audit: type=1326 audit(1777400659.717:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2151 comm="syz.4.10338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 993.549453][ C1] vkms_vblank_simulate: vblank timer overrun [ 993.634930][ T26] audit: type=1326 audit(1777400659.960:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2166 comm="syz.4.10343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 993.732700][ T2194] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10351'. [ 993.940984][ T2164] loop3: detected capacity change from 0 to 32768 [ 994.016582][ T5478] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 994.102687][ T2211] loop4: detected capacity change from 0 to 512 [ 994.761211][ T2250] bond0: option arp_validate: invalid value (18446744073491447809) [ 994.827740][ T2258] netlink: 'syz.2.10369': attribute type 49 has an invalid length. [ 994.842243][T27552] Bluetooth: hci0: command 0x0c20 tx timeout [ 994.852852][ T2258] netlink: 'syz.2.10369': attribute type 49 has an invalid length. [ 995.592527][T32447] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 995.805822][T32447] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7 [ 995.836760][T32447] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 250, changing to 7 [ 995.864995][T32447] usb 3-1: New USB device found, idVendor=041e, idProduct=3020, bcdDevice= 0.40 [ 995.896671][ T2285] loop3: detected capacity change from 0 to 32768 [ 995.904240][T32447] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 995.954361][T32447] usb 3-1: Product: syz [ 995.961892][T32447] usb 3-1: Manufacturer: syz [ 995.986457][T32447] usb 3-1: SerialNumber: syz [ 996.231070][T32447] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 996.249203][T32447] usb 3-1: unit 6 not found! [ 996.264088][T32447] usb 3-1: unit 4 not found! [ 996.382814][T32447] usb 3-1: USB disconnect, device number 55 [ 996.479682][ T4350] udevd[4350]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 996.807035][ T2318] loop1: detected capacity change from 0 to 32768 [ 996.860629][ T2318] ea_get: invalid extended attribute [ 997.493555][ T7397] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 997.609230][ T2454] netlink: 'syz.4.10418': attribute type 4 has an invalid length. [ 997.707390][ T7397] usb 6-1: Using ep0 maxpacket: 32 [ 997.715125][ T7397] usb 6-1: unable to get BOS descriptor or descriptor too short [ 997.739864][T15737] usb 3-1: new high-speed USB device number 56 using dummy_hcd [ 997.764411][ T7397] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 997.779028][ T7397] usb 6-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 997.792786][ T7397] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 997.809310][ T7397] usb 6-1: Product: syz [ 997.817587][ T7397] usb 6-1: Manufacturer: syz [ 997.822224][ T7397] usb 6-1: SerialNumber: syz [ 997.983323][T15737] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 998.011909][T15737] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 998.035950][T15737] usb 3-1: Product: syz [ 998.057705][T15737] usb 3-1: Manufacturer: syz [ 998.069260][T15737] usb 3-1: SerialNumber: syz [ 998.078583][ T7397] usb 6-1: Invalid number of CPorts: 0 [ 998.079982][T15737] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 998.084321][ T7397] es2_ap_driver: probe of 6-1:7.0 failed with error -22 [ 998.140733][ T2494] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10426'. [ 998.167423][ T2494] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 998.182437][T15737] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 998.256288][ T2493] loop1: detected capacity change from 0 to 4096 [ 998.288238][ T2493] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 998.354079][ T2493] ntfs3: loop1: Failed to load $Extend. [ 998.384590][T23120] usb 6-1: USB disconnect, device number 7 [ 998.667232][ T7397] usb 3-1: USB disconnect, device number 56 [ 998.717571][ T2510] infiniband syz0: set down [ 998.722289][ T2510] infiniband syz0: added ipvlan0 [ 998.779757][ T2510] RDS/IB: syz0: added [ 998.783961][ T2510] smc: adding ib device syz0 with port count 1 [ 998.791191][ T2510] smc: ib device syz0 port 1 has pnetid [ 998.794350][ T2533] xt_nfacct: accounting object `syz0' does not exist [ 999.289750][T15737] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 999.296798][T15737] ath9k_htc: Failed to initialize the device [ 999.312054][ T7397] usb 3-1: ath9k_htc: USB layer deinitialized [ 1000.302166][ T2636] syz.2.10458 uses old SIOCAX25GETINFO [ 1000.671995][ T2612] loop1: detected capacity change from 0 to 32768 [ 1000.754773][ T2612] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1000.863046][ T2612] (syz.1.10452,2612,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=16, inode=65, rec_len=16, name_len=64 [ 1000.966790][ T2612] (syz.1.10452,2612,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2 [ 1000.999204][ T2612] (syz.1.10452,2612,0):ocfs2_mknod:298 ERROR: status = -2 [ 1001.031602][ T2612] (syz.1.10452,2612,0):ocfs2_mknod:502 ERROR: status = -2 [ 1001.041859][ T2612] (syz.1.10452,2612,1):ocfs2_mkdir:659 ERROR: status = -2 [ 1001.222721][ T4269] ocfs2: Unmounting device (7,1) on (node local) [ 1001.305250][ T2701] netlink: 'syz.2.10477': attribute type 10 has an invalid length. [ 1001.321253][ T2701] device netdevsim0 entered promiscuous mode [ 1001.598257][ T2716] loop4: detected capacity change from 0 to 2048 [ 1001.663705][ T2716] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1001.738249][ T2732] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1001.788873][ T5478] udevd[5478]: incorrect nilfs2 checksum on /dev/loop4 [ 1001.859985][ T2737] tmpfs: Bad value for 'mpol' [ 1002.321463][ T2781] netlink: 'syz.5.10497': attribute type 4 has an invalid length. [ 1002.339899][ T2781] netlink: 152 bytes leftover after parsing attributes in process `syz.5.10497'. [ 1002.386021][ T2781] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 1002.593017][T23120] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 1002.783841][ T2815] loop4: detected capacity change from 0 to 1024 [ 1002.806730][T23120] usb 4-1: Using ep0 maxpacket: 32 [ 1002.813872][T23120] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 162 [ 1002.862697][T23120] usb 4-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 1002.904868][T23120] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1002.934625][T23120] usb 4-1: Product: syz [ 1002.956213][T23120] usb 4-1: Manufacturer: syz [ 1002.971581][T23120] usb 4-1: SerialNumber: syz [ 1003.001116][ T11] hfsplus: b-tree write err: -5, ino 8 [ 1003.008604][T23120] usb 4-1: config 0 descriptor?? [ 1003.046897][ T2771] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1003.064335][T23120] hub 4-1:0.0: bad descriptor, ignoring hub [ 1003.070334][T23120] hub: probe of 4-1:0.0 failed with error -5 [ 1003.080273][ T2837] netlink: 60 bytes leftover after parsing attributes in process `syz.1.10510'. [ 1003.129762][T23120] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input58 [ 1003.283290][ T2854] netlink: 'syz.1.10514': attribute type 3 has an invalid length. [ 1003.337825][ T2854] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10514'. [ 1003.410439][ T4314] usb 4-1: USB disconnect, device number 49 [ 1003.416452][ C0] usbtouchscreen 4-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 1003.560928][ T2876] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10519'. [ 1003.726348][ T2887] loop4: detected capacity change from 0 to 1024 [ 1003.769924][ T2887] hfsplus: invalid length 256 has been corrected to 255 [ 1003.896216][ T57] hfsplus: b-tree write err: -5, ino 25 [ 1003.936652][ T57] hfsplus: b-tree write err: -5, ino 4 [ 1003.943087][ T57] hfsplus: b-tree write err: -5, ino 2 [ 1004.065182][ T2904] loop4: detected capacity change from 0 to 764 [ 1004.129129][ T2904] Symlink component flag not implemented [ 1004.162770][ T2904] Symlink component flag not implemented [ 1004.642686][ T2890] loop5: detected capacity change from 0 to 32768 [ 1004.743627][ T2890] XFS (loop5): Mounting V5 Filesystem [ 1004.838024][ T4314] usb 3-1: new low-speed USB device number 57 using dummy_hcd [ 1004.904922][ T2890] XFS (loop5): Ending clean mount [ 1004.990067][T27540] XFS (loop5): Unmounting Filesystem [ 1005.055514][ T4314] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 1005.090676][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1005.106597][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1005.120949][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1005.135207][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1005.156840][ T4314] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 1005.181030][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1005.200226][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1005.210504][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1005.249550][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1005.280850][ T4314] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 1005.301327][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 1005.319841][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1005.340556][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 1005.351227][ T7397] usb 2-1: new high-speed USB device number 58 using dummy_hcd [ 1005.372570][ T4314] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1005.413468][ T4314] usb 3-1: string descriptor 0 read error: -22 [ 1005.420120][ T4314] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1005.437292][ T4314] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1005.465491][ T2988] netlink: 'syz.3.10548': attribute type 1 has an invalid length. [ 1005.477455][ T4314] adutux 3-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1005.479728][ T2988] netlink: 116376 bytes leftover after parsing attributes in process `syz.3.10548'. [ 1005.565258][ T7399] usb 5-1: new high-speed USB device number 68 using dummy_hcd [ 1005.572405][ T26] kauditd_printk_skb: 20 callbacks suppressed [ 1005.572420][ T26] audit: type=1326 audit(1777400671.587:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2996 comm="syz.5.10554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 1005.598844][ T7397] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1005.626571][ T7397] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1005.639298][ T7397] usb 2-1: config 0 descriptor?? [ 1005.656469][ T7397] cp210x 2-1:0.0: cp210x converter detected [ 1005.672219][ T26] audit: type=1326 audit(1777400671.643:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2996 comm="syz.5.10554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 1005.759221][ T4314] usb 3-1: USB disconnect, device number 57 [ 1005.773283][ T7399] usb 5-1: Using ep0 maxpacket: 16 [ 1005.783955][ T26] audit: type=1326 audit(1777400671.643:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2996 comm="syz.5.10554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1df99cdd9 code=0x7ffc0000 [ 1005.786360][ T7399] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1005.815214][ T3011] loop5: detected capacity change from 0 to 128 [ 1005.866467][ T3018] Cannot find add_set index 3 as target [ 1005.880021][ T7397] usb 2-1: cp210x converter now attached to ttyUSB0 [ 1005.931444][ T7399] usb 5-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00 [ 1005.957924][ T7399] usb 5-1: New USB device strings: Mfr=0, Product=7, SerialNumber=0 [ 1005.963183][ T3027] rdma_rxe: rxe_register_device failed with error -23 [ 1005.979554][ T3027] rdma_rxe: failed to add ipvlan0 [ 1005.996351][ T7399] usb 5-1: Product: syz [ 1006.008821][ T7399] usb 5-1: config 0 descriptor?? [ 1006.022324][ T7399] gspca_main: spca501-2.14.0 probing 0000:0000 [ 1006.096614][ T7397] usb 2-1: USB disconnect, device number 58 [ 1006.121769][ T7397] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1006.148147][ T7397] cp210x 2-1:0.0: device disconnected [ 1006.455533][ T7399] gspca_spca501: reg write: error -71 [ 1006.461133][ T7399] spca501 5-1:0.0: Reg write failed for 0x02,0xa048,0x00 [ 1006.490420][ T7399] spca501: probe of 5-1:0.0 failed with error -22 [ 1006.517187][ T3032] loop3: detected capacity change from 0 to 32768 [ 1006.525311][ T7399] usb 5-1: USB disconnect, device number 68 [ 1006.551706][ T3032] /dev/loop3: Can't open blockdev [ 1006.675625][ T3067] netlink: 'syz.5.10560': attribute type 3 has an invalid length. [ 1006.813722][ T3074] CIFS mount error: No usable UNC path provided in device string! [ 1006.813722][ T3074] [ 1006.857685][ T3074] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1007.189549][ T3098] loop4: detected capacity change from 0 to 16 [ 1007.265553][ T3098] erofs: (device loop4): mounted with root inode @ nid 36. [ 1007.344168][ T3098] erofs: (device loop4): z_erofs_readahead: readahead error at page 3 @ nid 89 [ 1007.364880][ T3104] loop3: detected capacity change from 0 to 2048 [ 1007.371438][ T3098] erofs: (device loop4): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 1007.399414][ T3104] /dev/loop3: Can't open blockdev [ 1007.417024][ T3098] erofs: (device loop4): z_erofs_readahead: readahead error at page 1 @ nid 89 [ 1007.438583][ T3098] erofs: (device loop4): z_erofs_readahead: readahead error at page 0 @ nid 89 [ 1007.486139][ T3098] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-22] [ 1007.543398][ T26] audit: type=1800 audit(1777400673.439:447): pid=3098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.10570" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 1007.836345][ T3138] loop4: detected capacity change from 0 to 2048 [ 1007.874644][ T3143] netlink: 'syz.1.10582': attribute type 16 has an invalid length. [ 1007.904504][ T3138] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1007.933778][ T3143] netlink: 156 bytes leftover after parsing attributes in process `syz.1.10582'. [ 1008.562232][ T3179] netlink: 2 bytes leftover after parsing attributes in process `syz.4.10593'. [ 1008.998249][ T3200] loop4: detected capacity change from 0 to 256 [ 1009.572457][ T3147] loop3: detected capacity change from 0 to 65536 [ 1009.592729][ T3147] /dev/loop3: Can't open blockdev [ 1009.596283][ T3191] loop5: detected capacity change from 0 to 32768 [ 1009.691848][ T1191] usb 5-1: new high-speed USB device number 69 using dummy_hcd [ 1009.702472][T23120] usb 3-1: new full-speed USB device number 58 using dummy_hcd [ 1009.728417][ T3191] XFS (loop5): Mounting V5 Filesystem [ 1009.744893][ T3236] sctp: [Deprecated]: syz.1.10609 (pid 3236) Use of int in max_burst socket option. [ 1009.744893][ T3236] Use struct sctp_assoc_value instead [ 1009.789018][ T3191] XFS (loop5): Ending clean mount [ 1009.800831][ T3191] XFS (loop5): Quotacheck needed: Please wait. [ 1009.922340][T23120] usb 3-1: config 128 interface 0 has no altsetting 0 [ 1009.930704][ T1191] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1009.943012][T23120] usb 3-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31 [ 1009.958500][ T1191] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1009.968847][T23120] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1009.977540][ T1191] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1010.049357][ T1191] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1010.061755][ T1191] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1010.089026][ T3191] XFS (loop5): Quotacheck: Done. [ 1010.105603][ T1191] usb 5-1: config 0 descriptor?? [ 1010.143188][ T1191] hub 5-1:0.0: USB hub found [ 1010.232025][T27540] XFS (loop5): Unmounting Filesystem [ 1010.237458][T23120] comedi comedi5: could not set alternate setting 3 in high speed [ 1010.237481][T23120] usbduxsigma 3-1:128.0: driver 'usbduxsigma' failed to auto-configure device. [ 1010.255532][T23120] usbduxsigma: probe of 3-1:128.0 failed with error -71 [ 1010.284985][T23120] usb 3-1: USB disconnect, device number 58 [ 1010.362022][ T1191] hub 5-1:0.0: 14 ports detected [ 1010.371614][ T1191] hub 5-1:0.0: insufficient power available to use all downstream ports [ 1010.582529][ T1191] hub 5-1:0.0: hub_hub_status failed (err = -71) [ 1010.592894][ T1191] hub 5-1:0.0: config failed, can't get hub status (err -71) [ 1010.607408][ T3286] IPVS: length: 193 != 8 [ 1010.633407][ T1191] usb 5-1: USB disconnect, device number 69 [ 1010.723652][ T3295] loop1: detected capacity change from 0 to 256 [ 1010.780871][ T3295] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 1011.196248][ T3322] netlink: 'syz.1.10630': attribute type 12 has an invalid length. [ 1011.301280][ T3323] loop3: detected capacity change from 0 to 4096 [ 1011.335602][ T3323] /dev/loop3: Can't open blockdev [ 1011.544354][ T3335] loop4: detected capacity change from 0 to 1764 [ 1011.742979][ T3354] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 1011.808828][ T3354] bond0: (slave lo): Error: Device can not be enslaved while up [ 1011.816710][ T3359] netlink: 36 bytes leftover after parsing attributes in process `syz.2.10639'. [ 1013.499857][ T3467] loop1: detected capacity change from 0 to 64 [ 1013.511266][ T3473] netlink: 256 bytes leftover after parsing attributes in process `syz.3.10676'. [ 1013.918430][ T3498] loop5: detected capacity change from 0 to 512 [ 1013.932714][ T3498] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 1013.974519][ T3498] EXT4-fs error (device loop5): mb_free_blocks:1839: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 1013.994630][ T3498] EXT4-fs error (device loop5): ext4_do_update_inode:5279: inode #11: comm syz.5.10684: corrupted inode contents [ 1014.021450][ T3498] EXT4-fs error (device loop5): ext4_dirty_inode:6156: inode #11: comm syz.5.10684: mark_inode_dirty error [ 1014.047877][ T3498] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.10684: invalid indirect mapped block 1 (level 1) [ 1014.064688][ T3498] EXT4-fs error (device loop5): ext4_do_update_inode:5279: inode #11: comm syz.5.10684: corrupted inode contents [ 1014.160082][ T3498] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem [ 1014.203616][ T3498] EXT4-fs error (device loop5): ext4_do_update_inode:5279: inode #11: comm syz.5.10684: corrupted inode contents [ 1014.225608][ T3498] EXT4-fs error (device loop5): ext4_truncate:4325: inode #11: comm syz.5.10684: mark_inode_dirty error [ 1014.278444][ T3498] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem [ 1014.291147][ T3498] EXT4-fs (loop5): 1 truncate cleaned up [ 1014.296936][ T3498] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1014.377767][ T3498] EXT4-fs error (device loop5): ext4_find_dest_de:2115: inode #2: block 13: comm syz.5.10684: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0 [ 1014.559640][T27540] EXT4-fs (loop5): unmounting filesystem. [ 1014.711039][ T3489] loop1: detected capacity change from 0 to 32768 [ 1015.195552][ T3557] usb usb9: usbfs: interface 0 claimed by hub while 'syz.2.10701' sets config #-2 [ 1015.702453][ T3540] loop3: detected capacity change from 0 to 32768 [ 1016.289437][ T3623] comedi comedi0: pcmda12: I/O port conflict (0x3,16) [ 1016.362356][ T3630] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 1016.592778][ T3643] loop1: detected capacity change from 0 to 512 [ 1016.609679][ T3645] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10725'. [ 1016.631214][ T3645] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10725'. [ 1016.716327][ T3643] EXT4-fs error (device loop1): ext4_do_update_inode:5279: inode #15: comm syz.1.10726: corrupted inode contents [ 1016.738829][ T3643] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 1016.804977][ T3643] EXT4-fs error (device loop1): ext4_do_update_inode:5279: inode #15: comm syz.1.10726: corrupted inode contents [ 1016.837739][ T3647] Process accounting paused [ 1016.867887][ T3643] EXT4-fs error (device loop1): ext4_evict_inode:329: inode #15: comm syz.1.10726: mark_inode_dirty error [ 1016.922786][ T3643] EXT4-fs (loop1): 1 orphan inode deleted [ 1016.928603][ T3643] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1017.099530][ T3675] Cannot find del_set index 1536 as target [ 1017.169882][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 1017.677717][ C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 1017.827186][ T3669] loop5: detected capacity change from 0 to 32768 [ 1017.878031][ T3669] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.10732 (3669) [ 1017.963542][ T3669] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1017.993935][ T3669] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 1018.003596][ T3729] loop1: detected capacity change from 0 to 1024 [ 1018.038572][ T3669] BTRFS info (device loop5): using free space tree [ 1018.061356][ T3729] EXT4-fs: Ignoring removed mblk_io_submit option [ 1018.207033][ T3729] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1018.241897][ T3729] ext4 filesystem being mounted at /2187/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1018.269759][ T3752] loop4: detected capacity change from 0 to 2048 [ 1018.315919][ T3669] BTRFS info (device loop5): enabling ssd optimizations [ 1018.377433][ T3729] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.10753: bg 0: block 112: padding at end of block bitmap is not set [ 1018.429563][ T3752] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1018.479153][ T3762] loop3: detected capacity change from 0 to 4096 [ 1018.501790][ T3762] /dev/loop3: Can't open blockdev [ 1018.526189][ T3752] ext4 filesystem being mounted at /2133/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1018.542518][ T3752] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #16: comm syz.4.10755: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 1018.562069][ T3752] EXT4-fs (loop4): Remounting filesystem read-only [ 1018.655743][ T4272] EXT4-fs (loop4): unmounting filesystem. [ 1018.683841][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 1018.760243][T27540] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1018.821778][ T3773] netlink: 'syz.3.10761': attribute type 7 has an invalid length. [ 1018.904230][ T3780] vim2m vim2m.0: Fourcc format (0x31384142) invalid. [ 1019.463034][ T3817] PM: Enabling pm_trace changes system date and time during resume. [ 1019.463034][ T3817] PM: Correct system time has to be restored manually after resume. [ 1019.495130][ T7396] usb 2-1: new full-speed USB device number 59 using dummy_hcd [ 1019.709967][ T7396] usb 2-1: not running at top speed; connect to a high speed hub [ 1019.742190][ T7396] usb 2-1: config 11 has an invalid interface number: 95 but max is 0 [ 1019.750419][ T7396] usb 2-1: config 11 has an invalid descriptor of length 0, skipping remainder of the config [ 1019.812376][ T7396] usb 2-1: config 11 has no interface number 0 [ 1019.848039][ T7396] usb 2-1: config 11 interface 95 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1019.887765][ T7396] usb 2-1: config 11 interface 95 altsetting 64 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1019.919179][ T7396] usb 2-1: config 11 interface 95 altsetting 64 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1019.970138][ T7396] usb 2-1: config 11 interface 95 has no altsetting 0 [ 1020.006744][ T7396] usb 2-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=b1.4d [ 1020.035219][ T7396] usb 2-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 1020.051286][ T7396] usb 2-1: Manufacturer: syz [ 1020.206910][ T3859] loop5: detected capacity change from 0 to 256 [ 1020.241544][ T3859] exfat: Deprecated parameter 'namecase' [ 1020.274496][ T3859] exfat: Deprecated parameter 'utf8' [ 1020.290570][ T3859] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 1020.300029][ T7396] usb 2-1: USB disconnect, device number 59 [ 1020.339962][ T3859] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5f1fc80d, utbl_chksum : 0xe619d30d) [ 1020.493853][ T3876] netlink: 'syz.3.10789': attribute type 21 has an invalid length. [ 1020.548716][ T3876] netlink: 132 bytes leftover after parsing attributes in process `syz.3.10789'. [ 1020.783856][ T3845] loop4: detected capacity change from 0 to 32768 [ 1020.902242][ T3845] XFS (loop4): Mounting V5 Filesystem [ 1021.138984][ T3845] XFS (loop4): Ending clean mount [ 1021.155833][ T3845] XFS (loop4): Quotacheck needed: Please wait. [ 1021.252713][ T3845] XFS (loop4): Quotacheck: Done. [ 1021.322025][ T3922] loop1: detected capacity change from 0 to 16 [ 1021.354644][ T3922] erofs: Unknown parameter '5ser_xattr' [ 1021.375569][ T3922] cifs: Unknown parameter '5ser_xattr' [ 1021.436319][ T4272] XFS (loop4): Unmounting Filesystem [ 1021.442052][ T1191] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 1021.605485][ T3932] loop1: detected capacity change from 0 to 512 [ 1021.657507][ T1191] usb 6-1: Using ep0 maxpacket: 32 [ 1021.679823][ T1191] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1021.705323][ T1191] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1021.726256][ T3932] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 1021.741325][ T1191] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1021.750414][ T1191] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1021.752188][ T3932] EXT4-fs (loop1): orphan cleanup on readonly fs [ 1021.792944][ T3932] Quota error (device loop1): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6). [ 1021.805838][ T1191] usb 6-1: config 0 descriptor?? [ 1021.817518][ T1191] hub 6-1:0.0: USB hub found [ 1021.856269][ T3932] EXT4-fs warning (device loop1): ext4_enable_quotas:7093: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 1021.900777][ T3932] EXT4-fs (loop1): Cannot turn on quotas: error -117 [ 1021.954347][ T3932] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.10802: bg 0: block 15: invalid block bitmap [ 1022.007981][ T3932] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6180: Corrupt filesystem [ 1022.032566][ T1191] hub 6-1:0.0: config failed, hub has too many ports! (err -19) [ 1022.043725][ T3932] EXT4-fs (loop1): 1 truncate cleaned up [ 1022.049424][ T3932] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1022.264752][ T1191] usbhid 6-1:0.0: can't add hid device: -71 [ 1022.270783][ T1191] usbhid: probe of 6-1:0.0 failed with error -71 [ 1022.297656][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 1022.324511][ T26] audit: type=1800 audit(1777400687.264:448): pid=3949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.2.10803" name="/" dev="sockfs" ino=105265 res=0 errno=0 [ 1022.350879][ T1191] usb 6-1: USB disconnect, device number 8 [ 1022.743010][ T4002] rdma_rxe: rxe_register_device failed with error -23 [ 1022.766602][ T4002] rdma_rxe: failed to add bridge0 [ 1023.445280][ T3996] loop1: detected capacity change from 0 to 32768 [ 1023.494973][ T3996] (syz.1.10814,3996,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1023.526860][ T4001] loop4: detected capacity change from 0 to 32768 [ 1023.589205][ T3996] (syz.1.10814,3996,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1023.647174][ T3996] JBD2: Ignoring recovery information on journal [ 1023.767375][ T3996] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1024.116991][ T4045] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10829'. [ 1024.138720][ T4269] ocfs2: Unmounting device (7,1) on (node local) [ 1024.210838][ T26] audit: type=1326 audit(1777400689.032:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4053 comm="syz.4.10827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 1024.311293][ T26] audit: type=1326 audit(1777400689.032:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4053 comm="syz.4.10827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 1024.444293][ T26] audit: type=1326 audit(1777400689.032:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4053 comm="syz.4.10827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 1024.543198][ T26] audit: type=1326 audit(1777400689.032:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4053 comm="syz.4.10827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x7ffc0000 [ 1024.875465][ T4086] lo speed is unknown, defaulting to 1000 [ 1025.617639][ T4096] loop4: detected capacity change from 0 to 32768 [ 1025.652650][ T4096] (syz.4.10841,4096,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1025.694814][ T4096] (syz.4.10841,4096,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1025.766171][ T4096] JBD2: Ignoring recovery information on journal [ 1025.907982][ T4096] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1026.148087][ T4164] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 1026.168962][ T4272] ocfs2: Unmounting device (7,4) on (node local) [ 1026.999547][ T4207] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10871'. [ 1027.014545][ T4206] loop1: detected capacity change from 0 to 128 [ 1027.161979][ T4209] loop3: detected capacity change from 0 to 4096 [ 1027.212481][ T4209] /dev/loop3: Can't open blockdev [ 1027.750216][ T4198] loop5: detected capacity change from 0 to 32768 [ 1027.782596][ T4198] (syz.5.10868,4198,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1027.827858][ T4198] (syz.5.10868,4198,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1027.890814][ T4198] JBD2: Ignoring recovery information on journal [ 1027.990526][ T4198] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1028.111984][ T3600] usb 5-1: new high-speed USB device number 70 using dummy_hcd [ 1028.147588][T27540] ocfs2: Unmounting device (7,5) on (node local) [ 1028.315029][ T3600] usb 5-1: Using ep0 maxpacket: 16 [ 1028.327905][ T3600] usb 5-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4 [ 1028.363004][ T4293] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10894'. [ 1028.364830][ T3600] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1028.423317][ T3600] usb 5-1: Product: syz [ 1028.435821][ T3600] usb 5-1: Manufacturer: syz [ 1028.451690][ T3600] usb 5-1: SerialNumber: syz [ 1028.458360][ T3600] usb 5-1: config 0 descriptor?? [ 1028.478120][ T3600] gspca_main: spca508-2.14.0 probing 041e:4018 [ 1028.912386][ T3600] gspca_spca508: reg_read err -71 [ 1028.925313][ T3600] gspca_spca508: reg_read err -71 [ 1028.932506][ T3600] gspca_spca508: reg_read err -71 [ 1028.947975][ T4340] loop1: detected capacity change from 0 to 2048 [ 1028.954704][ T3600] gspca_spca508: reg_read err -71 [ 1028.961743][ T3600] gspca_spca508: reg write: error -71 [ 1028.977412][ T4340] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=66359, location=66359 [ 1029.001163][ T3600] spca508: probe of 5-1:0.0 failed with error -71 [ 1029.002390][ T4352] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10903'. [ 1029.042379][ T3600] usb 5-1: USB disconnect, device number 70 [ 1029.062122][ T4340] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1029.090569][ T4354] loop5: detected capacity change from 0 to 4096 [ 1029.156280][ T4354] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 1029.217404][ T4354] ntfs3: loop5: ntfs_evict_inode r=6 failed, -22. [ 1029.235456][ T4354] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1029.516504][ T4337] loop3: detected capacity change from 0 to 32768 [ 1030.393313][ T4425] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10926'. [ 1030.421015][ T4425] netlink: 44 bytes leftover after parsing attributes in process `syz.3.10926'. [ 1030.670764][ T4436] loop1: detected capacity change from 0 to 1764 [ 1030.726556][ T4446] device bridge_slave_1 left promiscuous mode [ 1030.736388][ T4446] bridge0: port 2(bridge_slave_1) entered disabled state [ 1030.756943][ T4436] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1030.792183][ T4446] netlink: 'syz.2.10931': attribute type 3 has an invalid length. [ 1030.816632][ T4446] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 1031.508282][ T4441] loop3: detected capacity change from 0 to 32768 [ 1031.985207][ T4519] netlink: 'syz.3.10955': attribute type 1 has an invalid length. [ 1032.007243][ T4519] netlink: 'syz.3.10955': attribute type 1 has an invalid length. [ 1032.048734][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 1032.055105][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 1032.080238][ T1278] aoe: packet could not be sent on ipvlan0. consider increasing tx_queue_len [ 1032.238849][ T4533] netlink: 76 bytes leftover after parsing attributes in process `syz.3.10961'. [ 1032.391378][ T4544] nft_compat: unsupported protocol 1 [ 1032.658401][ T4562] loop1: detected capacity change from 0 to 128 [ 1032.678507][ T4564] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 1032.695059][ T4562] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 1032.767613][ T4562] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1033.821747][ T4637] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10996'. [ 1034.110876][ T4657] loop4: detected capacity change from 0 to 64 [ 1034.161538][ T4659] loop5: detected capacity change from 0 to 128 [ 1034.185863][ T4657] syz.4.11003: attempt to access beyond end of device [ 1034.185863][ T4657] loop4: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 1034.217697][ T4657] Buffer I/O error on dev loop4, logical block 512, async page read [ 1034.245847][ T4657] syz.4.11003: attempt to access beyond end of device [ 1034.245847][ T4657] loop4: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 1034.312784][ T4657] Buffer I/O error on dev loop4, logical block 56576, async page read [ 1034.331983][ T4659] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1034.400907][ T4659] ext4 filesystem being mounted at /432/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1034.432153][ T4675] x_tables: duplicate underflow at hook 3 [ 1034.537597][ T4659] EXT4-fs error (device loop5): ext4_validate_inode_bitmap:106: comm syz.5.11004: Corrupt inode bitmap - block_group = 0, inode_bitmap = 19 [ 1034.693593][T27540] EXT4-fs (loop5): unmounting filesystem. [ 1034.896309][ T4701] netlink: 'syz.5.11013': attribute type 1 has an invalid length. [ 1034.942368][ T4701] netlink: 'syz.5.11013': attribute type 1 has an invalid length. [ 1035.084325][ T4709] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11017'. [ 1035.249856][ T4717] loop3: detected capacity change from 0 to 2048 [ 1035.355230][ T5478] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1035.884026][ T7397] usb 2-1: new high-speed USB device number 60 using dummy_hcd [ 1036.094624][ T7397] usb 2-1: Using ep0 maxpacket: 8 [ 1036.110074][ T7397] usb 2-1: config 127 has an invalid interface number: 171 but max is 1 [ 1036.130295][ T7397] usb 2-1: config 127 has an invalid descriptor of length 0, skipping remainder of the config [ 1036.152420][ T7397] usb 2-1: config 127 has no interface number 1 [ 1036.176268][ T7397] usb 2-1: config 127 interface 171 has no altsetting 0 [ 1036.227858][ T7397] usb 2-1: New USB device found, idVendor=04e2, idProduct=1414, bcdDevice=c5.b9 [ 1036.253248][ T7397] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1036.281745][ T7397] usb 2-1: Product: syz [ 1036.285992][ T7397] usb 2-1: Manufacturer: syz [ 1036.305576][ T7397] usb 2-1: SerialNumber: syz [ 1036.553524][ T7397] xr_serial 2-1:127.171: xr_serial converter detected [ 1036.573106][ T7397] xr_serial ttyUSB0: Failed to set reg 0x1a: -71 [ 1036.593423][ T7397] xr_serial: probe of ttyUSB0 failed with error -71 [ 1036.643929][ T7397] usb 2-1: USB disconnect, device number 60 [ 1036.650990][ T7397] xr_serial 2-1:127.171: device disconnected [ 1036.692134][ T4819] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11047'. [ 1036.731548][ T4828] SET target dimension over the limit! [ 1037.202842][ T4849] loop4: detected capacity change from 0 to 4096 [ 1037.383673][ T4849] ntfs: volume version 3.1. [ 1038.238321][ T26] audit: type=1326 audit(1777400702.146:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.1.11074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe001f9cdd9 code=0x7ffc0000 [ 1038.331416][ T26] audit: type=1326 audit(1777400702.174:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.1.11074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7fe001f9cdd9 code=0x7ffc0000 [ 1038.437270][ T26] audit: type=1326 audit(1777400702.174:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.1.11074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe001f9cdd9 code=0x7ffc0000 [ 1038.562959][ T26] audit: type=1326 audit(1777400702.174:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.1.11074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe001f9cdd9 code=0x7ffc0000 [ 1038.888938][ T4950] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0) [ 1038.937711][ T4955] netlink: 129384 bytes leftover after parsing attributes in process `syz.1.11086'. [ 1038.982730][ T4957] CIFS mount error: No usable UNC path provided in device string! [ 1038.982730][ T4957] [ 1039.070380][ T4957] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1039.262560][ T4970] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11091'. [ 1039.508709][ T4979] delete_channel: no stack [ 1039.583249][ T4990] netlink: 268 bytes leftover after parsing attributes in process `syz.2.11096'. [ 1039.842198][ T5008] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 1039.867179][ T5010] loop5: detected capacity change from 0 to 64 [ 1040.737118][ T5066] loop4: detected capacity change from 0 to 512 [ 1040.794053][ T26] audit: type=1326 audit(1777400704.541:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5071 comm="syz.2.11121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1040.848171][ T5076] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=none,decodes=io+mem:owns=io+mem [ 1040.861167][ T26] audit: type=1326 audit(1777400704.578:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5071 comm="syz.2.11121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1040.960486][ T5066] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1041.015040][ T5066] ext4 filesystem being mounted at /2199/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1041.038074][ T26] audit: type=1326 audit(1777400704.578:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5071 comm="syz.2.11121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1041.153320][ T5066] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1126: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 1041.206069][ T26] audit: type=1326 audit(1777400704.578:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5071 comm="syz.2.11121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1041.228562][ C1] vkms_vblank_simulate: vblank timer overrun [ 1041.450954][ T4272] EXT4-fs (loop4): unmounting filesystem. [ 1041.646361][T23120] usb 3-1: new high-speed USB device number 59 using dummy_hcd [ 1041.732370][ T5117] loop1: detected capacity change from 0 to 4096 [ 1041.834178][ T5128] loop4: detected capacity change from 0 to 64 [ 1041.871166][T23120] usb 3-1: Using ep0 maxpacket: 32 [ 1041.899896][T23120] usb 3-1: config 0 has an invalid interface number: 89 but max is 0 [ 1041.945882][T23120] usb 3-1: config 0 has no interface number 0 [ 1041.970770][T23120] usb 3-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid maxpacket 39163, setting to 1024 [ 1042.021839][T23120] usb 3-1: config 0 interface 89 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 1024 [ 1042.045060][T23120] usb 3-1: config 0 interface 89 has no altsetting 0 [ 1042.107071][T23120] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a [ 1042.128765][T23120] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1042.147728][T23120] usb 3-1: Product: syz [ 1042.173880][T23120] usb 3-1: Manufacturer: syz [ 1042.178541][T23120] usb 3-1: SerialNumber: syz [ 1042.235450][T23120] usb 3-1: config 0 descriptor?? [ 1042.245979][ T5098] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1042.265631][T23120] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89) [ 1042.316784][T23120] em28xx 3-1:0.89: Video interface 89 found: bulk [ 1042.566522][T23120] em28xx 3-1:0.89: unknown em28xx chip ID (0) [ 1042.668280][T23120] em28xx 3-1:0.89: reading from i2c device at 0xa0 failed (error=-5) [ 1042.711431][T23120] em28xx 3-1:0.89: board has no eeprom [ 1042.833349][T23120] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67) [ 1042.840657][T23120] em28xx 3-1:0.89: analog set to bulk mode. [ 1042.859141][ T1191] em28xx 3-1:0.89: Registering V4L2 extension [ 1042.875808][T23120] usb 3-1: USB disconnect, device number 59 [ 1042.940512][T23120] em28xx 3-1:0.89: Disconnecting em28xx [ 1043.105014][ T1191] em28xx 3-1:0.89: Config register raw data: 0xffffffed [ 1043.112624][ T1191] em28xx 3-1:0.89: AC97 chip type couldn't be determined [ 1043.119675][ T1191] em28xx 3-1:0.89: No AC97 audio processor [ 1043.185188][ T1191] usb 3-1: Decoder not found [ 1043.209790][ T5214] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11159'. [ 1043.219121][ T1191] em28xx 3-1:0.89: failed to create media graph [ 1043.225422][ T1191] em28xx 3-1:0.89: V4L2 device video103 deregistered [ 1043.255451][ T5214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11159'. [ 1043.292918][ T5214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11159'. [ 1043.297655][ T1191] em28xx 3-1:0.89: Registering snapshot button... [ 1043.362860][ T1191] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input60 [ 1043.439164][ T1191] em28xx 3-1:0.89: Remote control support is not available for this card. [ 1043.504862][T23120] em28xx 3-1:0.89: Closing input extension [ 1043.511258][T23120] em28xx 3-1:0.89: Deregistering snapshot button [ 1043.609356][T23120] em28xx 3-1:0.89: Freeing device [ 1043.621193][ T5244] IPv6: Can't replace route, no match found [ 1043.802976][ T5257] netlink: 'syz.1.11168': attribute type 30 has an invalid length. [ 1043.833225][ T1191] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 1044.041076][ T1191] usb 6-1: Using ep0 maxpacket: 16 [ 1044.048029][ T1191] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1044.108668][ T1191] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1044.139973][ T1191] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1044.158729][ T1191] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1044.169347][ T1191] usb 6-1: Product: syz [ 1044.173679][ T1191] usb 6-1: Manufacturer: syz [ 1044.178678][ T1191] usb 6-1: SerialNumber: syz [ 1044.328001][ T5292] loop4: detected capacity change from 0 to 64 [ 1044.419258][ T1191] usb 6-1: 0:2 : does not exist [ 1044.421977][ T5292] Trying to free block not in datazone [ 1044.433873][ T1191] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 1044.474090][ T5292] Trying to free block not in datazone [ 1044.490769][ T1191] usb 6-1: USB disconnect, device number 9 [ 1044.501327][ T5292] Trying to free block not in datazone [ 1044.770023][ T5478] udevd[5478]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1044.824773][ T5333] netlink: 'syz.2.11186': attribute type 1 has an invalid length. [ 1044.838856][ T5333] netlink: 224 bytes leftover after parsing attributes in process `syz.2.11186'. [ 1044.864219][ T4314] usb 2-1: new high-speed USB device number 61 using dummy_hcd [ 1044.975482][ T26] audit: type=1326 audit(1777400708.451:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.11189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1045.063620][ T26] audit: type=1326 audit(1777400708.451:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.11189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1045.120811][ T26] audit: type=1326 audit(1777400708.488:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.11189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1045.134270][ T4314] usb 2-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice= 9.00 [ 1045.162563][ T5312] loop3: detected capacity change from 0 to 32768 [ 1045.172739][ T4314] usb 2-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0 [ 1045.183998][ T26] audit: type=1326 audit(1777400708.488:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.11189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1045.202607][ T4314] usb 2-1: Product: syz [ 1045.222484][ T26] audit: type=1326 audit(1777400708.488:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5337 comm="syz.2.11189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1045.246093][ T4314] usb 2-1: config 0 descriptor?? [ 1045.262235][ T4314] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 1045.300007][ T4314] usb 2-1: Detected FT232H [ 1045.332296][ T5478] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1045.465003][ T5364] device gre0 entered promiscuous mode [ 1045.699766][ T4314] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 1045.710069][ T4314] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71 [ 1045.722628][ T5373] loop5: detected capacity change from 0 to 512 [ 1045.739863][ T4314] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1045.792375][ T4314] usb 2-1: USB disconnect, device number 61 [ 1045.824837][ T5373] EXT4-fs error (device loop5): ext4_orphan_get:1405: inode #15: comm syz.5.11198: inode has both inline data and extents flags [ 1045.827254][ T4314] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1045.883904][ T4314] ftdi_sio 2-1:0.0: device disconnected [ 1045.896801][ T5388] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1045.923408][ T5373] EXT4-fs error (device loop5): ext4_orphan_get:1410: comm syz.5.11198: couldn't read orphan inode 15 (err -117) [ 1045.957033][ T5373] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1046.074417][T27540] EXT4-fs (loop5): unmounting filesystem. [ 1046.156794][ T5407] netlink: 44 bytes leftover after parsing attributes in process `syz.4.11204'. [ 1046.199914][ T5407] netlink: 43 bytes leftover after parsing attributes in process `syz.4.11204'. [ 1046.209602][ T5407] netlink: 'syz.4.11204': attribute type 6 has an invalid length. [ 1046.243459][ T5407] netlink: 'syz.4.11204': attribute type 5 has an invalid length. [ 1046.256653][ T5414] netlink: 'syz.2.11207': attribute type 3 has an invalid length. [ 1046.265904][ T5407] netlink: 43 bytes leftover after parsing attributes in process `syz.4.11204'. [ 1046.526134][ T5427] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11211'. [ 1046.550982][ T5427] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11211'. [ 1046.588309][ T5432] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11212'. [ 1046.641586][ T5436] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11215'. [ 1046.765641][ T5444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11217'. [ 1046.775115][ T5445] loop5: detected capacity change from 0 to 256 [ 1046.976861][ T5453] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2 [ 1047.034711][ T5453] netdevsim netdevsim2: Falling back to sysfs fallback for: ./file0 [ 1047.390949][ T5477] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11228'. [ 1047.661691][ T5485] loop1: detected capacity change from 0 to 4096 [ 1047.705137][ T5485] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1047.776503][ T5485] ntfs3: loop1: Failed to load $MFT. [ 1047.836566][ T5501] netlink: 'syz.3.11234': attribute type 10 has an invalid length. [ 1047.883477][ T5501] team0: Device hsr_slave_0 failed to register rx_handler [ 1048.160153][ T5518] loop4: detected capacity change from 0 to 2048 [ 1048.236874][ T5518] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1048.247527][ T5524] loop3: detected capacity change from 0 to 256 [ 1048.305163][ T5524] exfat: Deprecated parameter 'utf8' [ 1048.338105][ T5524] /dev/loop3: Can't open blockdev [ 1048.625731][ T5538] loop5: detected capacity change from 0 to 4096 [ 1048.709492][ T5538] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 1048.761424][ T26] audit: type=1326 audit(1777400711.986:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5557 comm="syz.2.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1048.783868][ C1] vkms_vblank_simulate: vblank timer overrun [ 1048.916414][ T5538] ntfs3: loop5: failed to convert "c46c" to cp857 [ 1048.923533][ T26] audit: type=1326 audit(1777400712.033:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5557 comm="syz.2.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1048.996484][ T26] audit: type=1326 audit(1777400712.033:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5557 comm="syz.2.11249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e4479cdd9 code=0x7ffc0000 [ 1049.195301][ T5570] loop3: detected capacity change from 0 to 4096 [ 1049.236966][ T5570] /dev/loop3: Can't open blockdev [ 1049.371097][ T5570] Process accounting resumed [ 1049.797367][ T5620] program syz.4.11266 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1049.800031][ T5619] loop3: detected capacity change from 0 to 512 [ 1049.834375][ T5619] EXT4-fs: Ignoring removed nobh option [ 1049.853195][ T5619] EXT4-fs (loop3): write access unavailable, skipping orphan cleanup [ 1049.867520][ T5619] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1049.912535][ T5627] loop1: detected capacity change from 0 to 64 [ 1049.931472][ T4271] EXT4-fs (loop3): unmounting filesystem. [ 1050.029111][ T26] audit: type=1800 audit(1777400713.184:469): pid=5627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.11271" name="file1" dev="loop1" ino=18 res=0 errno=0 [ 1050.404580][ T5659] IPv6: sit1: Disabled Multicast RS [ 1050.739033][ T5682] __nla_validate_parse: 2 callbacks suppressed [ 1050.739052][ T5682] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11284'. [ 1050.776501][ T5682] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11284'. [ 1052.384518][ T5737] loop4: detected capacity change from 0 to 32768 [ 1052.422696][ T5737] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.11301 (5737) [ 1052.500166][ T5737] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1052.540506][ T5737] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 1052.566749][ T5736] loop1: detected capacity change from 0 to 32768 [ 1052.573618][ T5737] BTRFS info (device loop4): using free space tree [ 1053.085912][ T5737] BTRFS info (device loop4): enabling ssd optimizations [ 1053.207708][ T4272] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1053.310858][ T1191] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 1053.534394][ T1191] usb 6-1: Using ep0 maxpacket: 16 [ 1053.541804][ T1191] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1053.576299][ T1191] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 1053.622367][ T1191] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1053.646811][ T5478] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop4 scanned by udevd (5478) [ 1053.661113][ T1191] usb 6-1: Product: syz [ 1053.671297][ T1191] usb 6-1: Manufacturer: syz [ 1053.680515][ T5845] loop3: detected capacity change from 0 to 2048 [ 1053.689555][ T1191] usb 6-1: SerialNumber: syz [ 1053.728526][ T1191] usb 6-1: config 0 descriptor?? [ 1053.740393][ T1191] asix: probe of 6-1:0.0 failed with error -22 [ 1053.978821][ T1191] usb 6-1: USB disconnect, device number 10 [ 1054.678542][ T1191] usb 3-1: new high-speed USB device number 60 using dummy_hcd [ 1054.724666][ T5915] libceph: resolve '0' (ret=-3): failed [ 1054.736319][ T5919] netlink: 'syz.4.11345': attribute type 10 has an invalid length. [ 1054.794109][ T5919] team0: Device hsr_slave_0 failed to register rx_handler [ 1054.869713][ T5923] netlink: 'syz.5.11349': attribute type 1 has an invalid length. [ 1054.892222][ T1191] usb 3-1: Using ep0 maxpacket: 16 [ 1054.902193][ T1191] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1054.920922][ T1191] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1054.930018][ T5923] netlink: 224 bytes leftover after parsing attributes in process `syz.5.11349'. [ 1054.944298][ T1191] usb 3-1: Product: syz [ 1054.952108][ T1191] usb 3-1: Manufacturer: syz [ 1054.957594][ T1191] usb 3-1: SerialNumber: syz [ 1054.973380][ T1191] r8152-cfgselector 3-1: config 0 descriptor?? [ 1055.207338][ T5944] netlink: 'syz.5.11355': attribute type 7 has an invalid length. [ 1055.221948][ T5944] netlink: 'syz.5.11355': attribute type 8 has an invalid length. [ 1055.252001][ T5946] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1055.428014][ T1191] r8152-cfgselector 3-1: Unknown version 0x0000 [ 1055.439634][ T1191] r8152-cfgselector 3-1: USB disconnect, device number 60 [ 1055.563861][ T5966] loop3: detected capacity change from 0 to 16 [ 1055.600789][ T5966] /dev/loop3: Can't open blockdev [ 1055.660337][ T5970] netlink: 20 bytes leftover after parsing attributes in process `syz.5.11361'. [ 1055.903569][ T5937] loop4: detected capacity change from 0 to 32768 [ 1055.958602][ T5937] (syz.4.11352,5937,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1056.020457][ T5937] (syz.4.11352,5937,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1056.118241][ T5937] JBD2: Ignoring recovery information on journal [ 1056.267264][ T5937] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1056.535095][ T4272] ocfs2: Unmounting device (7,4) on (node local) [ 1056.955553][ T7400] usb 2-1: new high-speed USB device number 62 using dummy_hcd [ 1057.036530][ T6044] netlink: 28 bytes leftover after parsing attributes in process `syz.3.11380'. [ 1057.139492][ T6003] loop5: detected capacity change from 0 to 32768 [ 1057.158642][ T7400] usb 2-1: Using ep0 maxpacket: 32 [ 1057.172381][ T6003] [ 1057.172381][ T6003] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1057.172381][ T6003] [ 1057.177380][ T7400] usb 2-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 1057.226489][ T6003] ialloc: diAlloc returned -5! [ 1057.252158][ T7400] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1057.304370][ T7400] usb 2-1: config 0 descriptor?? [ 1057.380261][ T7400] as10x_usb: device has been detected [ 1057.394360][T27540] [ 1057.394360][T27540] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1057.394360][T27540] [ 1057.415402][ T7400] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 1057.452532][T27540] [ 1057.452532][T27540] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1057.452532][T27540] [ 1057.510987][ T7400] usb 2-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 1057.655413][ T7400] as10x_usb: error during firmware upload part1 [ 1057.675879][ T7400] Registered device nBox DVB-T Dongle [ 1057.718029][ T7400] usb 2-1: USB disconnect, device number 62 [ 1057.721682][ T6027] loop4: detected capacity change from 0 to 32768 [ 1057.795886][ T7400] Unregistered device nBox DVB-T Dongle [ 1057.840659][ T7400] as10x_usb: device has been disconnected [ 1057.879151][ T6085] netlink: 'syz.3.11385': attribute type 46 has an invalid length. [ 1057.897185][ T6085] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11385'. [ 1057.916347][ T6027] XFS (loop4): Mounting V5 Filesystem [ 1058.066227][ T6102] loop3: detected capacity change from 0 to 512 [ 1058.098715][ T6027] XFS (loop4): Ending clean mount [ 1058.102725][ T6102] /dev/loop3: Can't open blockdev [ 1058.344272][ T4272] XFS (loop4): Unmounting Filesystem [ 1058.360049][ T6111] loop5: detected capacity change from 0 to 256 [ 1058.469991][ T6111] FAT-fs (loop5): Directory bread(block 64) failed [ 1058.505732][ T6111] FAT-fs (loop5): Directory bread(block 65) failed [ 1058.538779][ T6111] FAT-fs (loop5): Directory bread(block 66) failed [ 1058.556246][ T6111] FAT-fs (loop5): Directory bread(block 67) failed [ 1058.568764][ T6111] FAT-fs (loop5): Directory bread(block 68) failed [ 1058.611936][ T6111] FAT-fs (loop5): Directory bread(block 69) failed [ 1058.650737][ T6111] FAT-fs (loop5): Directory bread(block 70) failed [ 1058.669448][ T6111] FAT-fs (loop5): Directory bread(block 71) failed [ 1058.676120][ T6111] FAT-fs (loop5): Directory bread(block 72) failed [ 1058.709433][ T6127] loop3: detected capacity change from 0 to 8 [ 1058.733032][ T6127] /dev/loop3: Can't open blockdev [ 1058.739467][ T6111] FAT-fs (loop5): Directory bread(block 73) failed [ 1058.939774][ T6138] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11397'. [ 1058.959943][ T6138] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11397'. [ 1059.066786][ T6144] loop1: detected capacity change from 0 to 512 [ 1059.147427][ T6144] EXT4-fs (loop1): filesystem is read-only [ 1059.197283][ T6144] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 1059.284126][ T6144] EXT4-fs (loop1): filesystem is read-only [ 1059.382234][ T6144] EXT4-fs (loop1): orphan cleanup on readonly fs [ 1059.382256][ T6165] loop5: detected capacity change from 0 to 4096 [ 1059.401619][ T6165] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 1059.431258][ T6144] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.11400: bg 0: block 64: padding at end of block bitmap is not set [ 1059.469049][ T6144] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6180: Corrupt filesystem [ 1059.478938][ T6144] EXT4-fs (loop1): 1 orphan inode deleted [ 1059.485090][ T6144] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1059.626741][ T6165] ntfs3: loop5: failed to convert "c46c" to maciceland [ 1059.627594][ T4269] EXT4-fs (loop1): unmounting filesystem. [ 1059.787137][ T26] audit: type=1326 audit(1777400722.304:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6179 comm="syz.4.11409" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ad6d9cdd9 code=0x0 [ 1059.956014][ T6192] netlink: 408 bytes leftover after parsing attributes in process `syz.5.11412'. [ 1060.068230][ T6206] loop3: detected capacity change from 0 to 64 [ 1060.933359][ T6265] loop3: detected capacity change from 0 to 2048 [ 1061.103499][ T5858] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 1061.318996][ T5858] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 0, changing to 7 [ 1061.351335][ T5858] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1061.400671][ T5858] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1061.446876][ T5858] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40 [ 1061.456023][ T5858] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1061.506996][ T5858] usb 6-1: SerialNumber: syz [ 1061.620305][ T6307] loop1: detected capacity change from 0 to 256 [ 1061.674889][ T6307] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 1061.748820][ T5858] usbtest 6-1:1.0: couldn't get endpoints, -22 [ 1061.754541][ T6307] exFAT-fs (loop1): error, invalid size(size(2) > aligned(9223372036854777344) [ 1061.754541][ T6307] [ 1061.756458][ T5858] usbtest: probe of 6-1:1.0 failed with error -22 [ 1061.780346][ T6307] exFAT-fs (loop1): Filesystem has been set read-only [ 1061.799903][ T5858] usb 6-1: USB disconnect, device number 11 [ 1062.086049][ T6331] bridge0: port 1(bridge_slave_0) entered disabled state [ 1062.138532][ T6331] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 1062.310540][ T6313] loop4: detected capacity change from 0 to 32768 [ 1062.342290][ T6313] (syz.4.11446,6313,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1062.385709][ T6313] (syz.4.11446,6313,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1062.486613][ T6313] JBD2: Ignoring recovery information on journal [ 1062.704194][ T6313] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1062.730658][ T6348] netlink: 'syz.5.11452': attribute type 27 has an invalid length. [ 1062.773566][ T6313] [ 1062.775953][ T6313] ====================================================== [ 1062.782977][ T6313] WARNING: possible circular locking dependency detected [ 1062.790018][ T6313] syzkaller #0 Not tainted [ 1062.794439][ T6313] ------------------------------------------------------ [ 1062.801453][ T6313] syz.4.11446/6313 is trying to acquire lock: [ 1062.807522][ T6313] ffff88804e0b9808 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16d/0x4810 [ 1062.820803][ T6313] [ 1062.820803][ T6313] but task is already holding lock: [ 1062.828173][ T6313] ffff88804e1a3ff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x472/0x13e0 [ 1062.837693][ T6313] [ 1062.837693][ T6313] which lock already depends on the new lock. [ 1062.837693][ T6313] [ 1062.848104][ T6313] [ 1062.848104][ T6313] the existing dependency chain (in reverse order) is: [ 1062.857123][ T6313] [ 1062.857123][ T6313] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}: [ 1062.864967][ T6313] down_read+0x42/0x2d0 [ 1062.869678][ T6313] ocfs2_init_acl+0x307/0x770 [ 1062.874923][ T6313] ocfs2_mknod+0x15e8/0x25b0 [ 1062.880057][ T6313] ocfs2_create+0x1b6/0x4b0 [ 1062.885101][ T6313] path_openat+0x1181/0x2ee0 [ 1062.890231][ T6313] do_filp_open+0x1f1/0x430 [ 1062.895271][ T6313] do_sys_openat2+0x150/0x4b0 [ 1062.900493][ T6313] __x64_sys_openat+0x135/0x160 [ 1062.905892][ T6313] do_syscall_64+0x4c/0xa0 [ 1062.910853][ T6313] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1062.917288][ T6313] [ 1062.917288][ T6313] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 1062.925836][ T6313] down_read+0x42/0x2d0 [ 1062.930547][ T6313] ocfs2_start_trans+0x3a4/0x6f0 [ 1062.936026][ T6313] ocfs2_modify_bh+0xe0/0x4c0 [ 1062.941286][ T6313] ocfs2_local_read_info+0x13c8/0x1750 [ 1062.947285][ T6313] dquot_load_quota_sb+0x756/0xac0 [ 1062.952936][ T6313] dquot_load_quota_inode+0x2d8/0x5d0 [ 1062.958848][ T6313] ocfs2_enable_quotas+0x1c5/0x490 [ 1062.964594][ T6313] ocfs2_fill_super+0x43b5/0x5090 [ 1062.970156][ T6313] mount_bdev+0x287/0x3c0 [ 1062.975026][ T6313] legacy_get_tree+0xe6/0x180 [ 1062.980250][ T6313] vfs_get_tree+0x88/0x270 [ 1062.985208][ T6313] do_new_mount+0x24a/0xa40 [ 1062.990251][ T6313] __se_sys_mount+0x2e3/0x3d0 [ 1062.995477][ T6313] do_syscall_64+0x4c/0xa0 [ 1063.000446][ T6313] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1063.006896][ T6313] [ 1063.006896][ T6313] -> #2 (sb_internal#3){.+.+}-{0:0}: [ 1063.014395][ T6313] ocfs2_start_trans+0x2a5/0x6f0 [ 1063.019876][ T6313] ocfs2_mknod+0xf77/0x25b0 [ 1063.024916][ T6313] ocfs2_create+0x1b6/0x4b0 [ 1063.029963][ T6313] vfs_create+0x2db/0x460 [ 1063.034829][ T6313] do_mknodat+0x3a1/0x4d0 [ 1063.039718][ T6313] __x64_sys_mknod+0x8a/0xa0 [ 1063.044856][ T6313] do_syscall_64+0x4c/0xa0 [ 1063.049822][ T6313] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1063.056257][ T6313] [ 1063.056257][ T6313] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}: [ 1063.066799][ T6313] down_write+0x36/0x60 [ 1063.071501][ T6313] ocfs2_reserve_local_alloc_bits+0x11e/0x2700 [ 1063.078212][ T6313] ocfs2_reserve_clusters_with_limit+0x1b6/0xc10 [ 1063.085081][ T6313] ocfs2_mknod+0xf15/0x25b0 [ 1063.090129][ T6313] ocfs2_create+0x1b6/0x4b0 [ 1063.095173][ T6313] vfs_create+0x2db/0x460 [ 1063.100040][ T6313] do_mknodat+0x3a1/0x4d0 [ 1063.104910][ T6313] __x64_sys_mknod+0x8a/0xa0 [ 1063.110033][ T6313] do_syscall_64+0x4c/0xa0 [ 1063.114989][ T6313] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1063.121431][ T6313] [ 1063.121431][ T6313] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}: [ 1063.131978][ T6313] __lock_acquire+0x2d07/0x7d10 [ 1063.137378][ T6313] lock_acquire+0x1bb/0x4a0 [ 1063.142431][ T6313] down_write+0x36/0x60 [ 1063.147134][ T6313] ocfs2_reserve_suballoc_bits+0x16d/0x4810 [ 1063.153566][ T6313] ocfs2_reserve_new_metadata_blocks+0x412/0x9a0 [ 1063.160433][ T6313] ocfs2_init_xattr_set_ctxt+0x314/0x7b0 [ 1063.166609][ T6313] ocfs2_xattr_set+0xc3b/0x13e0 [ 1063.172007][ T6313] __vfs_setxattr+0x3e0/0x420 [ 1063.177228][ T6313] __vfs_setxattr_noperm+0x129/0x5e0 [ 1063.183066][ T6313] vfs_setxattr+0x167/0x2e0 [ 1063.188112][ T6313] setxattr+0x346/0x360 [ 1063.192818][ T6313] path_setxattr+0x147/0x290 [ 1063.197949][ T6313] __x64_sys_lsetxattr+0xb4/0xd0 [ 1063.203428][ T6313] do_syscall_64+0x4c/0xa0 [ 1063.208383][ T6313] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1063.214817][ T6313] [ 1063.214817][ T6313] other info that might help us debug this: [ 1063.214817][ T6313] [ 1063.225055][ T6313] Chain exists of: [ 1063.225055][ T6313] &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5 --> &journal->j_trans_barrier --> &oi->ip_xattr_sem [ 1063.225055][ T6313] [ 1063.242031][ T6313] Possible unsafe locking scenario: [ 1063.242031][ T6313] [ 1063.249488][ T6313] CPU0 CPU1 [ 1063.254865][ T6313] ---- ---- [ 1063.260275][ T6313] lock(&oi->ip_xattr_sem); [ 1063.264882][ T6313] lock(&journal->j_trans_barrier); [ 1063.272710][ T6313] lock(&oi->ip_xattr_sem); [ 1063.279839][ T6313] lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5); [ 1063.287146][ T6313] [ 1063.287146][ T6313] *** DEADLOCK *** [ 1063.287146][ T6313] [ 1063.295310][ T6313] 3 locks held by syz.4.11446/6313: [ 1063.300532][ T6313] #0: ffff888028680460 (sb_writers#30){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 1063.309810][ T6313] #1: ffff88804e1a42c8 (&type->i_mutex_dir_key#29){+.+.}-{3:3}, at: vfs_setxattr+0x140/0x2e0 [ 1063.320130][ T6313] #2: ffff88804e1a3ff8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x472/0x13e0 [ 1063.330097][ T6313] [ 1063.330097][ T6313] stack backtrace: [ 1063.335995][ T6313] CPU: 1 PID: 6313 Comm: syz.4.11446 Not tainted syzkaller #0 [ 1063.343465][ T6313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1063.353542][ T6313] Call Trace: [ 1063.356831][ T6313] [ 1063.359770][ T6313] dump_stack_lvl+0x188/0x24e [ 1063.364480][ T6313] ? load_image+0x400/0x400 [ 1063.369009][ T6313] ? show_regs_print_info+0x12/0x12 [ 1063.374240][ T6313] ? print_circular_bug+0x12b/0x1a0 [ 1063.379474][ T6313] check_noncircular+0x296/0x330 [ 1063.384450][ T6313] ? look_up_lock_class+0x75/0x140 [ 1063.389586][ T6313] ? add_chain_block+0x940/0x940 [ 1063.391869][ T3935] device veth0_macvtap left promiscuous mode [ 1063.394528][ T6313] ? lockdep_lock+0xf1/0x1f0 [ 1063.405115][ T6313] ? _find_first_zero_bit+0xcf/0x100 [ 1063.410419][ T6313] __lock_acquire+0x2d07/0x7d10 [ 1063.415308][ T6313] ? verify_lock_unused+0x140/0x140 [ 1063.420535][ T6313] ? __mutex_unlock_slowpath+0x1b0/0x6c0 [ 1063.426195][ T6313] ? do_raw_spin_lock+0x128/0x2f0 [ 1063.431251][ T6313] ? mutex_unlock+0x10/0x10 [ 1063.431401][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1063.435758][ T6313] ? __rwlock_init+0x140/0x140 [ 1063.435780][ T6313] ? do_raw_spin_unlock+0x11d/0x230 [ 1063.435799][ T6313] lock_acquire+0x1bb/0x4a0 [ 1063.458143][ T6313] ? ocfs2_reserve_suballoc_bits+0x16d/0x4810 [ 1063.464245][ T6313] ? __might_sleep+0xd0/0xd0 [ 1063.468862][ T6313] ? check_noncircular+0x189/0x330 [ 1063.474096][ T6313] ? read_lock_is_recursive+0x10/0x10 [ 1063.479504][ T6313] down_write+0x36/0x60 [ 1063.483693][ T6313] ? ocfs2_reserve_suballoc_bits+0x16d/0x4810 [ 1063.489786][ T6313] ocfs2_reserve_suballoc_bits+0x16d/0x4810 [ 1063.495715][ T6313] ? mark_lock+0x94/0x320 [ 1063.500085][ T6313] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1063.506095][ T6313] ? _raw_spin_unlock_irqrestore+0x82/0x120 [ 1063.512006][ T6313] ? lockdep_hardirqs_on+0x94/0x140 [ 1063.517242][ T6313] ? ocfs2_block_group_search+0x4f0/0x4f0 [ 1063.522984][ T6313] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 1063.528905][ T6313] ? _raw_spin_unlock+0x40/0x40 [ 1063.533784][ T6313] ? stack_trace_save+0xa6/0xf0 [ 1063.538662][ T6313] ? __stack_depot_save+0x421/0x460 [ 1063.543904][ T6313] ? kasan_set_track+0x60/0x70 [ 1063.548693][ T6313] ? kasan_set_track+0x4b/0x70 [ 1063.553481][ T6313] ? __kasan_kmalloc+0x8e/0xa0 [ 1063.558273][ T6313] ? ocfs2_reserve_new_metadata_blocks+0x109/0x9a0 [ 1063.564794][ T6313] ? ocfs2_init_xattr_set_ctxt+0x314/0x7b0 [ 1063.570630][ T6313] ? ocfs2_xattr_set+0xc3b/0x13e0 [ 1063.575684][ T6313] ? __vfs_setxattr+0x3e0/0x420 [ 1063.580566][ T6313] ? __vfs_setxattr_noperm+0x129/0x5e0 [ 1063.586052][ T6313] ? vfs_setxattr+0x167/0x2e0 [ 1063.590756][ T6313] ? setxattr+0x346/0x360 [ 1063.595115][ T6313] ? path_setxattr+0x147/0x290 [ 1063.599910][ T6313] ? __x64_sys_lsetxattr+0xb4/0xd0 [ 1063.605045][ T6313] ? do_syscall_64+0x4c/0xa0 [ 1063.609667][ T6313] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1063.615776][ T6313] ocfs2_reserve_new_metadata_blocks+0x412/0x9a0 [ 1063.622128][ T6313] ? ocfs2_init_steal_slots+0x150/0x150 [ 1063.627707][ T6313] ? ocfs2_xattr_block_set+0x3090/0x3090 [ 1063.633365][ T6313] ? do_raw_spin_lock+0x128/0x2f0 [ 1063.638415][ T6313] ocfs2_init_xattr_set_ctxt+0x314/0x7b0 [ 1063.644076][ T6313] ? _raw_spin_unlock+0x24/0x40 [ 1063.648957][ T6313] ? ocfs2_prepare_refcount_xattr+0xff0/0xff0 [ 1063.655052][ T6313] ? ocfs2_truncate_log_needs_flush+0x12c/0x300 [ 1063.661421][ T6313] ? ocfs2_remove_btree_range+0x15e0/0x15e0 [ 1063.667352][ T6313] ? up_write+0x1bb/0x420 [ 1063.671722][ T6313] ocfs2_xattr_set+0xc3b/0x13e0 [ 1063.676613][ T6313] ? __ocfs2_xattr_set_handle+0xf30/0xf30 [ 1063.682496][ T6313] ? aa_get_newest_label+0xf9/0x5b0 [ 1063.687723][ T6313] ? end_current_label_crit_section+0x170/0x170 [ 1063.693986][ T6313] ? __up_read+0x2b2/0x6b0 [ 1063.698431][ T6313] ? evm_protected_xattr_common+0x170/0x190 [ 1063.704353][ T6313] ? evm_protect_xattr+0x7e9/0x9d0 [ 1063.709501][ T6313] ? ocfs2_xattr_security_get+0x40/0x40 [ 1063.715068][ T6313] __vfs_setxattr+0x3e0/0x420 [ 1063.719784][ T6313] __vfs_setxattr_noperm+0x129/0x5e0 [ 1063.725102][ T6313] vfs_setxattr+0x167/0x2e0 [ 1063.729640][ T6313] ? xattr_permission+0x500/0x500 [ 1063.734690][ T6313] ? _copy_from_user+0x10b/0x170 [ 1063.739657][ T6313] ? setxattr+0x2ce/0x360 [ 1063.744011][ T6313] setxattr+0x346/0x360 [ 1063.748203][ T6313] ? path_setxattr+0x290/0x290 [ 1063.753011][ T6313] ? __mnt_want_write+0x21f/0x2a0 [ 1063.758069][ T6313] path_setxattr+0x147/0x290 [ 1063.762693][ T6313] ? simple_xattr_list_add+0xf0/0xf0 [ 1063.768096][ T6313] ? lock_chain_count+0x20/0x20 [ 1063.772976][ T6313] __x64_sys_lsetxattr+0xb4/0xd0 [ 1063.777943][ T6313] do_syscall_64+0x4c/0xa0 [ 1063.782395][ T6313] ? clear_bhb_loop+0x60/0xb0 [ 1063.787100][ T6313] ? clear_bhb_loop+0x60/0xb0 [ 1063.791799][ T6313] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1063.797715][ T6313] RIP: 0033:0x7f7ad6d9cdd9 [ 1063.802145][ T6313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1063.821774][ T6313] RSP: 002b:00007f7ad7cd8028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 1063.830303][ T6313] RAX: ffffffffffffffda RBX: 00007f7ad7015fa0 RCX: 00007f7ad6d9cdd9 [ 1063.838304][ T6313] RDX: 0000200000000500 RSI: 0000200000000080 RDI: 0000200000000040 [ 1063.846300][ T6313] RBP: 00007f7ad6e32d69 R08: 0000000000000001 R09: 0000000000000000 [ 1063.854294][ T6313] R10: 0000000000000e01 R11: 0000000000000246 R12: 0000000000000000 [ 1063.862285][ T6313] R13: 00007f7ad7016038 R14: 00007f7ad7015fa0 R15: 00007ffc4198fa58 [ 1063.870281][ T6313] [ 1063.909255][ T4272] ocfs2: Unmounting device (7,4) on (node local)