last executing test programs: 2.99171614s ago: executing program 3 (id=4688): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x200, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xcb) 2.858379361s ago: executing program 3 (id=4690): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, 0x0, 0x0) 2.801040991s ago: executing program 3 (id=4691): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x20902, 0x0) write$sequencer(r0, &(0x7f0000000240)=[@t={0x81, 0x3, 0xe, 0x2}], 0x8) 2.635834313s ago: executing program 3 (id=4694): syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file2\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xbe, 0x1c2, &(0x7f0000001300)="$eJzs27uy0kAcx/FfbnA83m+NrYU2HhRt7OQBfAE7BiLDGNQRGxgbH8U34U18AZjRzso4WQImGGQBIQLfz8w5/Ifll90wWXZTRABO1g3z35GjwFRxHPvJ66uXkvxyxwZgt2L9jAGcKu9b2SMAUI5JwzP7gJEjff3+qTVO/wLL/cOk4U6LM0mZfMU2/9kxr/d8aZzJV9NDrty/fJnmHyifv7Rm/+cL+fMVOWeen57/w/v5/GVJVyRdlXRN0nVJyTd9U9Ktgv7bC/3ftRw/sI3k6rvYNr/FAZLZ87obhY+LGr3V+SDNPyluzvyEjAo/UEnzdcvxLss/3TBfTfMXrXdRu6Dd3fC4gA13n/O/4GL2pB/x4vx/Yd+/b+bP7/UYgL3+YPimGUXhh36y2Jpi/s6yIjBFNT3C3z6crI6Zd2TdBUWpxVlBU5C7WnZdVPZzpsmy8T984ZbFbNbusy8Ax6r2sfe+1h8MH3V7zU7YCd/Wnz2f3Xab+/La0rtzAAcuvzkHAAAAAAAAAAAAAACH6LakO+uG3PTBFwAAAAAH5d8+MxRI+rOp7HMEAAAAAAAAAAAAAAAAAAAAjsWvAAAA//8EyT0g") creat(&(0x7f0000000100)='./file3\x00', 0x0) 1.928196857s ago: executing program 3 (id=4703): syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB='utf8,iocharset=iso8859-6,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c646973636172642c6572726f72733d72656d6f756e742d726f2c6e616d65636173653d312c696f636861727365743d63703836342c646d61736b3d30303030303030303030303030303030303030303030312c74696d655f6f66667365743d3078303030303030303030303030303030362c757466382c00f655f33bca7c359a6e20db88c482abd4c03a772db26d915826d61d5e5d2eb6c301f2d8a46c071353cf921f058bb8a0e12aa07a89503e0ec0121d0ccc3754f1d489f96c05e5e11e4aff3ed0ee88e4014c42de9d46c0edd6ed23f4593ccf36c7e0828d1165032162586d433021f3508f056230cb8e510645ee1e018817a8784a295d0910e9fc0cb3334e9733"], 0x1, 0x152b, &(0x7f0000000a00)="$eJzs3AmYjtXbAPD7Puc8Y0zS2yTLcM65H95kOSZJsiTJkiRJkmRLSJrkLwmJIVvSkIRkGZJlCMkyMWns+74kJEmTJCHZkvNdir/66r8vvuub+3ddzzXnfs9zn+c87/0+8yyzfNN5SI1GNas2ICL4l+AvX5IBIBYABgDANQAQAEDZ+LLxF/pzSkz+1zbC/r0eSrvSM2BXEtc/e+P6Z29c/+yN65+9cf2zN65/9sb1z964/oxlZ5umFbiWl+y78PP/7IzP//+PZJUa88WaUtd3AYj5e1O4/tkb1///reDvWYnrn71x/bOr2Cs9AfZ/AB//2UGOv9jD9c/euP6MZWdX+vnzf36Rf7UfItnhPfgr+88YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjP0XnPaXKQC41L7S82KMMcYYY4wxxti/j89xpWfAGGOMMcYYY4yx/zwEARIUBBADOSAWckIcCAC4GnLDNRCBayEeroM8cD3khXyQHwpAAhSEQqDBgAWCEApDEYjCDVAUboRiUBxKQElwUAoS4SYoDTdDGbgFysKtUA5ug/JQASpCJbgdKsMdUAXuhKpwF1SD6lADasLdUAvugdpwL9SB+6Au3A/14AGoDw9CA3gIGsLD0AgegcbwKDSBptAMmkOLfyr/BegOL0IP6AnJ0At6w0vQB/pCP+gPA+BlGAivwCB4FVJgMAyB12AovA7D4A0YDiNgJLwJo+AtGA1jYCyMg1QYDxPgbZgI78AkmAxTYCqkwTSYDu/CDJgJs+A9mA3vwxyYC/NgPqTDB7AAFkIGfAiL4CPIhMWwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A474GPYCZ/ALtgNe/5cv38k/9Sv8j+FvdAFAQEFClSoMAZjMBZjMQ7jMBfmwtyYGyMYwXiMxzyYB/NiXsyP+TEBE7AQFkKDBgkJC2NhjGIUi2JRLIbFsASWQIcOEzERS+PNWAbLYFksi+WwHJbHClgBK2ElrIyVsQpWwapYFathNayBNfBuvBt7YW2sjXWwDtbFupceT2EDbIANsSE2wkbYGBtjE2yCzbAZtsAW2BJbYitshW2wDbbFttgO22ESJmF7bI8dsAN2xI7YCTthZ+yMXbArds16IQfgi/gi9sRqohf2xt7YB1Ny9MP+2B9fxoH4Cr6Cr2IKDsYh+Bq+hq/jMDyJw3EEjsSRWFm8haNxDJIYh6mYihNwAk7EiTgJJ+NknIppOA2n43ScgTNxJr6Hs/F9fB/n4lycj+mYjgtwIWZgBi7CU5iJi3EJLsVluByX4UpchStxDa7FNbge1+NG3IibcTNuxa24Hbfjx6gA8BPcjbsxBffiXtyH+3A/7scDeACzMAsP4kE8hIfwMB7GI3gEj+IxPI7H8ASewJN4Ck/jaTyLZ/EcPpfwVcOPi69OAXGBEkrEiBgRK2JFnIgTuUQukVvkFhEREfEiXuQReURekVfkF/lFgkgQhUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQTiSJRlBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sB8+JC5UppEYjI3FEGwimgp58QhoKYZhK9FatBFPiBE4HNuJli5JPC3ai9HYQfxJjMFnRScxDjuL50UX0VV0Ey+I7qKV6yF6iknYS/QWU7GP6Cv6if5iBlYX7+HsnDXEqyJFDBZDxGtiPr4uhok3xHAxQowUb4pR4i0xWowRY8U4kSrGiwnibTFRvCMmicliipgq0sQ0MV28K2aImWKWeE/MFu+LOWKumCfmi3TxgVggFooM8aFYJD4SmWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4WO8UnYpfYLfaIT8Ve8ZnYJz4X+8UX4oD4UmSJr8RB8bU4JL4Rh8W34oj4ThwVx8Rx8b04IX4QJ8UpcVqcEWfFj+Kc+EmcF16ARCmklEoGMkbmkLEyp4yTV8lcMrj47l4r4+V1Mo+8XuaV+WR+WUAmyIKykNTSSCtJhrKwLCKj8gZZVN4oi8nisoQsKZ0sJRPlTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiv2yjmqwua8ia8m6ZDPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JZPk07K99Bc/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VKXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpOpcrycIN+WE+U7cpKcLKfIqTJNTpP9Lo40S8q/mf/2r/MvnHrlNDno561vlJvkZrlFbpXb5Ha5Q34sd8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMktmyYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz118D0ChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiB0aVUCWVU6VUorrpH8lXRdWNqpgq/pv8S/NL/gvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeSlfpaoFaoDJUhlqkFqlMtVgtVkvVUrVcLVcr1Uq1Wq1Wa9VatV6tV5lqk9qktqgtapvapnaoHWqn2ql2qV1qj9qj9qq9ap/ap/ar/eqAOqCyVJY6qA6qQ+qQOqwOqyPqiDqqjqrj6rg6oU6ok+qkOq1Oq7PqrDqnzqnz6ryCQIAIRKACFcQEMUFsEBvEBXFBriBXkDvIHUSCSBAfxAd5guuDvEG+IH9QIEgICgaFAh2YwAbiYtGjwQ1B0eDGoFhQPCgRlAxcUCpIDG4KSgc3B2WCW4Kywa1BueC2oHxQIagYVApuDyoHdwRVgjuDqsFdQbWgelAjqBncHdQK7glqB/cGdYL7grrB/UG94IGgfvBg0CB4KGgYPBw0Ch4JGgePBk2CpkGzoHnQ4t86vvcn8z3ueuieOln30r31S7qP7qv76f56gH5ZD9Sv6EH6VZ2iB+sh+jU9VL+uh+k39HA9Qo/Ub+pR+i09Wo/RY/U4narH6wn6bT1Rv6Mn6cl6ip6q0/Q0PV2/q2fomXqWfk/P1u/rOXqunqfn63T9gV6gF+oM/aFepD/SmXqxXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoT/WO/UnepferffoT/Ve/Znepz/X+/UX+oD+Umfpr/RB/bU+pL/Rh/W3+oj+Th/Vx/Rx/b0+oX/QJ/UpfVqf0Wf1j/qc/kmf1/7Cxf2F07tRRpkYE2NiTayJM3Eml8llcpvcJmIiJt7Emzwmj8lr8pr8Jr9JMAmmkClkLiBDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWbkhQtV85YZbcaYsWacSTWpZoKZYCaaiWaSmWSmmCkmzaSZ6Wa6mWFmmFlmlpltZps5Zo6ZZ+aZdJNuFpgFJsNkmEVmkck0mWaJWWKWmWVmhVlhVplVZo1ZY9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNlssxBc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Lp4vvYm1OW2cvcrmslfb3PYa+7/j/LaATbAFbSGrbV6b7zexsdYWs8VtCVvSOlvKJtqbfheXtxVsRVvJ3m4r2ztsld/Ftew9tra919ax99ma9u7fxHXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/C5eYBfaVXa1XWPX2l12tz1tz9hD9ht71v5oe9iedoB92Q60r9hB9lWbYgf/Lh5p37Sj7Ft2tB1jx9pxv4un2Kk2zU6z0+27doad+bs43X5gZ9sMO8fOtfPs/J/jC3PKsB/aRfYjm2kDWGKX2mV2uV1hV/55rkvtervBbrQ77Sd2i91qt9ntdselC2G72+6xn9q99jN70H5t99sv7AF72GbZr36OL+zfYfutPWK/s0ftMXvcfm9P2B/UpewL+/69/cmet94CIQFJUhRQDOWgWMpJcXQV5aKrKTddQxG6luLpOspD11Neykf5qQAlUEEqRJoMWSIKqTAVoSjdQJemV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQn6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8pi76ig/Q1HaJv6DB963vSd3SUjtFx+p5O0A90kk7RaTpDZ+lHOkc/0XnyBCGGIpShCoMwJswRxoY5w7jwqjBXeHWYO7wmjITXhvHhdWGe8Powb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGwxvCouGNYbGweFgiLBm6sFSYGN4Ulg5vDsuEt4Rlw1vDcuFtYfmwQvjIfZXC28PK4R1hlfDOsGp4V1gtrB7WCGuGd4e1wnvC2uG9YZ3wvrBMeH9YL3wgrB8+GDYIHwobhg+HjcJHwsbho2GTsGnYLGwetggfC1uGj4etwtZhm/CJsG34ZNgufCpMCp8O24fP/Nx//8K/3J8c9gp7hy+FL4Xe3yvnRedH06MfRBdEF0Yzoh9GF0U/imZGF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGva+ZAxw64aRTLnAxLoeLdTldnLvK5XJXu9zuGhdx17p4d53L4653eV0+l98VcAmuoCvktDPOOnKhK+yKuKi7wRV1N7pirrgr4Uo650q5RNfctXAtXEv3uGvlWrs27gn3hHvSPemeck+5p11794zr4P7kOrpnXSf3nHvOPe+6uK6um3vBdXfjc/9yTCa73q636+P6uH6unxvgBriBbqAb5Aa5FJfihrghbqgb6oa5YW64G+5GupFulBvlRrvRbqwb61JdqpvgJriJbqKb5Ca5KW6KS3Npbrqb7ma4Ga7yzF+2MsfNcfPcPJfu0t0Cd+GaMcMtcotcpst0S9wSt8wtcyvcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXM73A630+10u/w1vwzq9rp9bp/b7/a7A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcaGR+ZEHk7MjHyTmRSZHJkSmRqJC0yLTI98m5kRmRmZFbkvcjsyPuROZG5kXmR+ZH0yAeRBZGFkYzIh5FFkY8imZHFkSWRpZFlkeUR7wtuCX1hX8RH/Q2+qL/RF/PFfQlf0jtfyif6m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W/+kb+ef8kn+ad/eP+M7+D/5jv5Z38k/5zv7530X39V38y/47v5F38P39Mm+l+/tX/J9fF/fz/f3A/zLfqB/xQ/yr/oUP9gP8a/5of51P8y/4Yf7EX5kzJt+1KVbZBjnU/14P8G/7Sf6d/wkP9lP8VN9mp/mp/t3/Qw/08/y7/nZ/n0/x8/18/x8n+4/8Av8Qp/hP/SL/Ec+0y++9FDSr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wH/ud/hO/y+/2e/ynfq//zO/zn/v9/gt/wH/ps/xX/qD/2h/y3/jD/lt/xH/nj/pj/rj/3p/wP/iT/pQ/7c/4s/5Hf87/5M/z36wxxhhjjP1dxl9uit/2/PI4v9cf5IhfrdwbAK7eWiDr1/0XrijX5f2l3VcktI0AwNM9Oz90aalWLTk5+eK6mRKCInMBLv0k6IIYuBwvhjbwJCRBayj9h/PvK7qepb8xfvRWgLhf5cTC5fjy+J8DYPIfjP/YEyMXlAtPx/+V8ecCFCtyOScnXI4XQ5ufn6+0hjJ/Yf75Wv6N+ef8IhWg1a9ycsHl+PL8E+FxeAaSfrMmY4wxxhhjjDH2i76iYsdL95+XfuPzj+7PE9TlnBxwOf5b9+eMMcYYY4wxxhi78p7t2u2px5KSWnf8xxtV/qmsv7vRGP5TI3PjDxveA1x6RQHAvzggwIWG/G/uxeb/yrZSLh46/7tr2RkfwP+NUv7zjbF/fuUKf2NijDHGGGOM/dtdvvr/7evqSk2IMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLhv4b/1fsSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9TwAAAP//HmP+kg==") mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='ubifs\x00', 0x8000, 0x0) 1.843506108s ago: executing program 1 (id=4704): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x3, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="18020000ecffffff0000000001000000850000005300000085000000a000000095"], &(0x7f0000000080)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.44066862s ago: executing program 3 (id=4707): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x441f, &(0x7f0000008940)="$eJzs3c9PHFUcAPA3A1qobYXaQ01M3MQmGjUEelJpIqW0FFqsqbYxXrYLbFt0YRtYjIce8NbEk4kH46HRxBunhoPX+id48VjPTfTgxcSkEbO7s8AMbFmRBdt8PkkZ5v1mvzNv3xymL05Ubs4s5GYWcoW5XHnq+sLJ3Gfl0uJsMcR7ZL/7pzXtiJPY759LZ859cPVkCD9N//JwdfVAeJyBDb//+cftqY3HhjhTp9ruYxv9zz4OIRzbNK6qjhDCRz+GEIUQTidpw8mxO4RwJNTzrt7+8lpul0Zz70HxVP7RxJ2VwRPjy3dXmv/tUQjfll5888bsb690DP76+i51DwAAAAAAAAAAAAAAAADAE2708qUr7/cPhPtR6FyONr+vO5ocm70fu7prXm7/HwsAAAAAAAAAAAAAAAAAAAD/U+vv/+eio1u8/z+SHIea1F99t/1jpH3G3rs0crZ/INn/PdqU/1aS9PvpjtC7xb7v2f3fT2fqb73/++Z+dqoxvka/PSGK+1LncdzXF8L3ycbvx6ODcam8UHnjenlxbnrXhvHESse/vnt/KjrJhv6txn8403779/9/YdPVVD2/tnuX2FMtHf+OpuV++CJqKf5nMvX2Iv7sXDr+nbW07o0FhuoTQDX+X3VuH/+RTPvtiv+REEIuqo41tz4DNC7fqPl6hbR0/J+ppUXr0/7aB9ns/v8rE/+zmfb3a/5fyn4RsaV0/J+tpXWlSqzf/73x9vf/uUz7+xH/6viXfP+3JB3/A/XEzlSR2ifZ6vw/mmm/XfG/EifjPBKlroDlqJ7e7P+rIy0d/65N+evPf3FL67/zmfp79fzX6Lfx/NeY/l+L6s9/bC0d/+6m5Vq9/8cy9do9/w/V1n/sVDr+B2tp6bVzT+1nq/Efz7TfrvjXViVdjfivzyd/H6inf2f915J0/J+rJ8YbSyzVftbWf9H26/8Lmfb3Y/1XHf9S3N5enxbp+B9qWq4a/59b+P6/mKnX/viH0G+tv2Pp+B9uWq52/3dtH/+JTL12x//VdjYOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8AQYTo49IYr7Uudx3NcXwpnk/Hg4GE0WpvOTpfLUpwshjCTpuXA0ulEqTxZK+Zm58nQxXyiVylMhnE3yj4WuaKFUruRnC7fOrbXVHd0sFuYrk8VCJYQwmqS/FA432pqcqcwWboUQzq/lPR+X52/dLMzlp2fm3+nv7+8PY2tj6I2Kn1eKc5V67/XcEMbX6vZEGwZXy76wNpZD0Sflxfm5QqmWfnFDnVJ5qlDaUGciyfs69EaV+cW5qUKlmC+VbzT6209DyXFk7PKHly8ObMq/FtWPw3s7LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+pfuDb38TQuisn8UhhFyU/BIl/1LuPSieyj+auLMyeGJ8+e7Kw63KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/sAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYVdOkaJGIjCAPxmRLT0GFYh6WwjimhhRPAEegwPo0fxEt7BwsLWYlnYTCAkG0izW31f80h+Zt6DeQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsN7dc/fyVDcRKc43ZxFfb98/4/yh1I/r/edPjjAjh3P/2N3c1k159zTLr8qv3zbv0v+/99fo62mMvgefkz2Z7lNv3mdqad+W5hv6XkTKVUS0Jb9MOVfVursAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC07cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZR9G0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwKwAA//8hvRzL") lchown(&(0x7f0000000000)='.\x00', 0xffffffffffffffff, 0xee01) 1.396361491s ago: executing program 2 (id=4715): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x44, &(0x7f0000000580)=[{&(0x7f0000000480)="d80000001c0081064e81f782db44b9040a1d08041000000000000aa1180015000600142603600e1208000f0000810401a8001600200001400300000007391bd06b3c70c3", 0x44}, {&(0x7f0000000840)="5c4875c6cad162c8a030dbf75c317dad4320e1bb556d3b3e131b77de8bd885166fc0c25d69226ae9915eccf9551f804eae36cf2327896a817179f04f35d9a7deed88adf4ca13a5a0c36a7496d22b9adf2c0fa13e1572ad237e2677a2797d5dd9307bff0bc01e4fd69c546e17a7118272ace242bc6025d0b60a12b3788fa6a7649045e4af16ba69df4bd43527a3d09bb308ac7073", 0x94}], 0x2, 0x0, 0x0, 0x7400}, 0x0) 1.277771181s ago: executing program 1 (id=4708): syz_mount_image$minix(&(0x7f0000000000), &(0x7f00000001c0)='./file1\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xbe, 0x1d3, &(0x7f00000006c0)="$eJzs282O0lAYxvGnlMI4jo6fG7cudCPo6MadcwHegLvJUAmxqBE3EDdeinfCnXgDkOjOlZh+QNpSyqHYAuH/S2bypqdP35ZwaM+iAnC07gT/LVlygsqJtr97K6me2tmq+OQAlGqmvzMAx8r+teszALAb00s7eA4YW9LP39+uJ9GfY/j8ML2shcWJpFi+YZr/Hi4qHtWlSSzfjA659vnlR5h/omT+xob9T1P50zU5a5EPr//p42T+pqQzSbck3ZZ0Lsn/pO9KupfRv5Pq/9Dw/IFt+N++1tJCf8N8q3h/f/a873nu86xBe33eifIvsodjPyHjzB0aUf7C8HxX5V8WzDejfOv6k9fJGK8VPC5gohbM/+K2nf+29GeWnv9vzPP1/PkPIMdgOPpw5Xnul4F/sw2KxZZVhRMUzegIeTv7d8fYFuW08BcjRt0pyi9OMoacxLel7KJRzZX6t699+MANi/msLb/XubeznyQAFWl/7X9uD4ajZ73+Vdftuh8vXr2eL7uDdXl75eocwIFLPpwDAAAAAAAAAAAAAIBDdF/SgyJB0xf8AAAAAOyN//vykCNpeSin/VmFlwoAAAAAAAAAAAAAAAAAAAAcvH8BAAD//62yPSo=") rmdir(&(0x7f0000000080)='./file0\x00') 1.158687962s ago: executing program 2 (id=4709): r0 = socket$pptp(0x18, 0x1, 0x2) getpeername(r0, 0x0, &(0x7f00000007c0)) 955.275873ms ago: executing program 1 (id=4711): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x388, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x2b8, 0xffffffff, 0xffffffff, 0x2b8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@local, @loopback, [0xff, 0xff, 0xff, 0xff], [0xff000000, 0xffffff00, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x3c, 0x3, 0x0, 0x60}, 0x0, 0xa8, 0xd0, 0x60030000, {0x0, 0xff000000}}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x3}}}, {{@ipv6={@remote, @mcast1, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], 'netpci0\x00', 'geneve1\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x1c8, 0x1e8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x1, 'syz0\x00'}}, @common=@inet=@set1={{0x28}, {{0x0, 0x5, 0x4}}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0x2b8}, {0x28}}}}, 0x3e8) 880.107774ms ago: executing program 2 (id=4712): r0 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0) read(r0, 0x0, 0x0) 708.774035ms ago: executing program 2 (id=4714): setresuid(0x0, 0xee00, 0xffffffffffffffff) socket(0x25, 0x1, 0x0) 691.325615ms ago: executing program 1 (id=4716): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a8, 0x0, 0x111, 0x4b4, 0x0, 0x700, 0x2d8, 0x278, 0x278, 0x2d8, 0x278, 0x3, 0x0, {[{{@ipv6={@mcast2, @empty, [], [], 'vlan0\x00', 'team_slave_0\x00', {}, {}, 0x88}, 0x0, 0x128, 0x190, 0x0, {}, [@common=@inet=@multiport={{0x50}}, @common=@unspec=@connmark={{0x30}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, [], [], 'geneve1\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408) 584.449246ms ago: executing program 0 (id=4717): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fcntl$notify(r0, 0x402, 0x0) 548.711616ms ago: executing program 2 (id=4718): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4, 0x30}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x40}}, 0x4) 476.198257ms ago: executing program 0 (id=4719): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000000)='cifs\x00', 0x0, &(0x7f00000001c0)='=\n\x9b\xa1Q\x83\xe9\n@\xf6\"2a\xd7\x1fch\x1a}#\xfa\xe4`\xdc[\x03\x97\xcd\xf1\xa6b\x9a\x1f,\xff\xffIT\xe4\x8c&\xac\xe6:\xc5\xe8\xd9\"\x82\xd5\xeb\x90\xef1:\xba\xc3\xc3\xd3\xad\'\xc44\x17,,\x8dZz\x04\x17-#F\xc7<\xe6\xf5]%gC\x9e\xca\nS\xc3\xc8\x98\xd8\xc8\x9eZ\xa76\x9f\xc2=\xaa\xcet7\xb9\xbd\xd47\xe3\xc8@$8\v\x9f\xfd\xe1!\x11\x19Y\x06J\x8f\x80\xef9Tw8\x1b\xe2\xf3\x85\xd5}\xa5\xb7\xd5|') 429.945657ms ago: executing program 1 (id=4720): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$rose(r0, 0x104, 0x2, &(0x7f0000001bc0)=0xfffffffd, 0x4) 330.720968ms ago: executing program 2 (id=4721): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x8, &(0x7f0000000100)=@framed={{0x18, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {0x5}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x90) 292.571818ms ago: executing program 0 (id=4722): r0 = semget$private(0x0, 0x3, 0x200) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f00000012c0)={{0x2, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x108, 0x8}, 0xff, 0x4, 0x6}) 196.406298ms ago: executing program 0 (id=4723): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="640000000206010200000000000000000000000005000100070000000900020073797a310000000014000780050015000800000008001240000000000500050002000000050004000000000016000300686173683a6e65742c706f7274"], 0x64}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 189.306529ms ago: executing program 1 (id=4724): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f00000002c0)={0x4, @pix={0x7287, 0x2, 0x43564548, 0x0, 0x0, 0x4, 0xa, 0x80000001, 0x1, 0x6, 0x0, 0x1}}) 147.832899ms ago: executing program 0 (id=4725): r0 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r0, 0x84, 0x19, 0x0, &(0x7f0000000000)) 0s ago: executing program 0 (id=4726): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$VIDIOC_STREAMOFF(r0, 0x40045613, &(0x7f0000000300)=0x7) kernel console output (not intermixed with test programs): e_block: flc_count > flc_size [ 284.556527][ T5778] sysv_free_block: flc_count > flc_size [ 284.562155][ T27] usb 3-1: too many endpoints for config 0 interface 66 altsetting 107: 137, using maximum allowed: 30 [ 284.562205][ T27] usb 3-1: config 0 interface 66 altsetting 107 has 0 endpoint descriptors, different from the interface descriptor's value: 137 [ 284.562231][ T27] usb 3-1: config 0 interface 0 has no altsetting 0 [ 284.562247][ T27] usb 3-1: config 0 interface 66 has no altsetting 0 [ 284.563797][ T27] usb 3-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice= 0.00 [ 284.584038][ T5778] sysv_free_block: flc_count > flc_size [ 284.592127][T12731] loop3: detected capacity change from 0 to 256 [ 284.595025][ T5778] sysv_free_block: flc_count > flc_size [ 284.617887][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 284.626933][ T5778] sysv_free_block: flc_count > flc_size [ 284.636578][ T27] usb 3-1: SerialNumber: syz [ 284.645477][ T5778] sysv_free_block: flc_count > flc_size [ 284.651741][ T27] usb 3-1: config 0 descriptor?? [ 284.660525][ T27] usb-storage 3-1:0.0: USB Mass Storage device detected [ 284.672900][ T5778] sysv_free_block: flc_count > flc_size [ 284.684360][ T5778] sysv_free_block: flc_count > flc_size [ 284.691306][ T27] usb-storage 3-1:0.0: Quirks match for vid 152d pid 0539: 4000000 [ 284.707938][ T5778] sysv_free_block: flc_count > flc_size [ 284.713564][ T5778] sysv_free_block: flc_count > flc_size [ 284.735670][ T5778] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 284.867868][ T27] usb-storage 3-1:0.66: USB Mass Storage device detected [ 284.910488][ T27] usb-storage 3-1:0.66: Quirks match for vid 152d pid 0539: 4000000 [ 284.988850][ T27] usb 3-1: USB disconnect, device number 10 [ 285.340466][T12751] loop0: detected capacity change from 0 to 8 [ 285.341772][T12738] loop3: detected capacity change from 0 to 32768 [ 285.363621][T12738] (syz.3.3049,12738,1):ocfs2_find_slot:468 ERROR: no free slots available! [ 285.382246][T12738] (syz.3.3049,12738,1):ocfs2_mount_volume:1807 ERROR: status = -22 [ 285.420847][T12738] (syz.3.3049,12738,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 285.510431][T12738] NILFS (loop3): couldn't find nilfs on the device [ 285.574895][T12756] loop2: detected capacity change from 0 to 512 [ 285.680883][T12756] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated! [ 285.701553][T12763] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3057'. [ 285.734002][T12756] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota [ 285.744610][T12756] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3056: Failed to acquire dquot type 0 [ 285.777681][T12756] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.3056: bg 0: block 64: padding at end of block bitmap is not set [ 285.834340][T12756] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 285.867114][T12756] EXT4-fs (loop2): 1 truncate cleaned up [ 285.918980][T12756] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.953693][T12756] ext4 filesystem being mounted at /765/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 285.988467][T12770] netlink: 'syz.0.3060': attribute type 29 has an invalid length. [ 286.016906][T12773] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3061'. [ 286.057265][T12770] netlink: 'syz.0.3060': attribute type 29 has an invalid length. [ 286.132737][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.563515][ T28] audit: type=1326 audit(1762095593.596:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12790 comm="syz.3.3071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34418efc9 code=0x7ffc0000 [ 286.603969][ T28] audit: type=1326 audit(1762095593.596:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12790 comm="syz.3.3071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34418efc9 code=0x7ffc0000 [ 286.657843][T12793] netlink: 'syz.2.3073': attribute type 2 has an invalid length. [ 286.666066][T12793] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 286.676741][ T28] audit: type=1326 audit(1762095593.646:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12790 comm="syz.3.3071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fe34418efc9 code=0x7ffc0000 [ 286.752852][T12799] netlink: 'syz.1.3075': attribute type 29 has an invalid length. [ 286.771123][ T28] audit: type=1326 audit(1762095593.646:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12790 comm="syz.3.3071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34418efc9 code=0x7ffc0000 [ 286.803773][T12799] netlink: 'syz.1.3075': attribute type 29 has an invalid length. [ 286.828594][ T28] audit: type=1326 audit(1762095593.646:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12790 comm="syz.3.3071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34418efc9 code=0x7ffc0000 [ 287.183912][T12817] netlink: 'syz.3.3085': attribute type 1 has an invalid length. [ 287.302737][T12822] ALSA: mixer_oss: invalid OSS volume '' [ 287.581946][T12835] netlink: 'syz.0.3094': attribute type 1 has an invalid length. [ 287.606388][T12835] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.3094'. [ 287.633265][T12835] netlink: 'syz.0.3094': attribute type 1 has an invalid length. [ 287.652716][T12837] loop3: detected capacity change from 0 to 128 [ 287.677836][T12837] VFS: Found a Xenix FS (block size = 1024) on device loop3 [ 287.722287][T12840] loop1: detected capacity change from 0 to 256 [ 287.817183][T12840] FAT-fs (loop1): Directory bread(block 64) failed [ 287.847766][T12840] FAT-fs (loop1): Directory bread(block 65) failed [ 287.854569][T12840] FAT-fs (loop1): Directory bread(block 66) failed [ 287.877883][T12840] FAT-fs (loop1): Directory bread(block 67) failed [ 287.902989][T12840] FAT-fs (loop1): Directory bread(block 68) failed [ 287.923868][T12840] FAT-fs (loop1): Directory bread(block 69) failed [ 287.943372][T12840] FAT-fs (loop1): Directory bread(block 70) failed [ 287.954629][T12840] FAT-fs (loop1): Directory bread(block 71) failed [ 287.990269][T12840] FAT-fs (loop1): Directory bread(block 72) failed [ 288.008645][T12840] FAT-fs (loop1): Directory bread(block 73) failed [ 288.134258][T12853] netlink: 220 bytes leftover after parsing attributes in process `syz.0.3102'. [ 288.206970][ T5780] sysv_free_block: flc_count > flc_size [ 288.228835][ T5780] sysv_free_block: flc_count > flc_size [ 288.234437][ T5780] sysv_free_block: flc_count > flc_size [ 288.256231][ T5780] sysv_free_block: flc_count > flc_size [ 288.263138][ T5780] sysv_free_block: flc_count > flc_size [ 288.298005][ T5780] sysv_free_block: flc_count > flc_size [ 288.303631][ T5780] sysv_free_block: flc_count > flc_size [ 288.315744][ T5780] sysv_free_block: flc_count > flc_size [ 288.327650][ T5780] sysv_free_block: flc_count > flc_size [ 288.334637][ T5780] sysv_free_block: flc_count > flc_size [ 288.356627][T12857] loop0: detected capacity change from 0 to 256 [ 288.363938][ T5780] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 288.526716][T12863] loop3: detected capacity change from 0 to 8 [ 288.630669][T12866] loop1: detected capacity change from 0 to 512 [ 288.632209][T12867] loop2: detected capacity change from 0 to 1024 [ 288.800934][T12866] Quota error (device loop1): dq_insert_tree: Quota tree root isn't allocated! [ 288.858818][T12866] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 288.914381][T12866] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.3109: Failed to acquire dquot type 0 [ 288.950086][T12866] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.3109: bg 0: block 64: padding at end of block bitmap is not set [ 288.968854][T12866] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 288.975455][T12877] SET target dimension over the limit! [ 288.979682][T12866] EXT4-fs (loop1): 1 truncate cleaned up [ 288.991447][T12866] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.004714][T12866] ext4 filesystem being mounted at /778/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.147067][T12879] netlink: 'syz.2.3115': attribute type 10 has an invalid length. [ 289.195865][T12879] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 289.250845][T12883] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3117'. [ 289.260037][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.411648][T12869] loop0: detected capacity change from 0 to 32768 [ 289.434886][T12869] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop0 scanned by syz.0.3111 (12869) [ 289.486340][T12889] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3128'. [ 289.526426][T12869] BTRFS info (device loop0): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 289.588323][T12869] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 289.603741][T12869] BTRFS info (device loop0): turning on flush-on-commit [ 289.633273][T12869] BTRFS info (device loop0): turning off barriers [ 289.674980][T12869] BTRFS info (device loop0): turning on sync discard [ 289.683713][T12894] ALSA: mixer_oss: invalid OSS volume '' [ 289.687743][T12869] BTRFS info (device loop0): using free space tree [ 289.887814][T12915] netlink: 'syz.2.3122': attribute type 1 has an invalid length. [ 289.948991][ T5778] BTRFS info (device loop0): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 290.055357][T12919] loop3: detected capacity change from 0 to 512 [ 290.196131][T12919] Quota error (device loop3): dq_insert_tree: Quota tree root isn't allocated! [ 290.247030][T12921] loop2: detected capacity change from 0 to 4096 [ 290.247757][T12919] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3125: Failed to acquire dquot type 0 [ 290.275625][ T5794] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop0 scanned by udevd (5794) [ 290.330530][T12919] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.3125: bg 0: block 64: padding at end of block bitmap is not set [ 290.335142][T12921] ntfs: volume version 3.1. [ 290.377473][T12919] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 290.401532][T12919] EXT4-fs (loop3): 1 truncate cleaned up [ 290.419606][T12919] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 290.477806][T12919] ext4 filesystem being mounted at /789/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.798663][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.878524][T12937] ALSA: mixer_oss: invalid OSS volume '' [ 291.515555][T12965] netlink: set zone limit has 8 unknown bytes [ 291.620625][T12971] loop3: detected capacity change from 0 to 512 [ 291.640369][T12971] EXT4-fs: Ignoring removed orlov option [ 291.663138][T12971] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 291.672425][ T27] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 291.700026][T12971] EXT4-fs (loop3): orphan cleanup on readonly fs [ 291.726292][T12971] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.3152: bg 0: block 248: padding at end of block bitmap is not set [ 291.777134][T12971] EXT4-fs (loop3): Remounting filesystem read-only [ 291.802100][T12971] __quota_error: 17 callbacks suppressed [ 291.802127][T12971] Quota error (device loop3): write_blk: dquota write failed [ 291.821741][T12971] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 291.855999][T12971] EXT4-fs (loop3): 1 truncate cleaned up [ 291.867727][ T27] usb 1-1: Using ep0 maxpacket: 32 [ 291.871409][T12971] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 291.874883][ T27] usb 1-1: config 0 has an invalid interface number: 66 but max is 1 [ 291.898498][ T27] usb 1-1: config 0 has no interface number 1 [ 291.904642][ T27] usb 1-1: too many endpoints for config 0 interface 0 altsetting 5: 69, using maximum allowed: 30 [ 291.942603][T12971] EXT4-fs: Ignoring removed orlov option [ 291.947804][ T27] usb 1-1: config 0 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 69 [ 291.970784][T12971] EXT4-fs: Cannot specify journal on remount [ 291.975743][ T27] usb 1-1: too many endpoints for config 0 interface 66 altsetting 107: 137, using maximum allowed: 30 [ 292.007885][ T27] usb 1-1: config 0 interface 66 altsetting 107 has 0 endpoint descriptors, different from the interface descriptor's value: 137 [ 292.055336][T12984] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3157'. [ 292.085932][ T27] usb 1-1: config 0 interface 0 has no altsetting 0 [ 292.102579][T12984] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 292.132482][ T27] usb 1-1: config 0 interface 66 has no altsetting 0 [ 292.147258][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.158757][ T27] usb 1-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice= 0.00 [ 292.172383][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 292.206224][ T27] usb 1-1: SerialNumber: syz [ 292.229086][ T27] usb 1-1: config 0 descriptor?? [ 292.270000][ T27] usb-storage 1-1:0.0: USB Mass Storage device detected [ 292.304827][ T27] usb-storage 1-1:0.0: Quirks match for vid 152d pid 0539: 4000000 [ 292.467908][ T27] usb-storage 1-1:0.66: USB Mass Storage device detected [ 292.490732][ T27] usb-storage 1-1:0.66: Quirks match for vid 152d pid 0539: 4000000 [ 292.515034][T13004] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3164'. [ 292.579025][ T27] usb 1-1: USB disconnect, device number 19 [ 293.120966][T13010] loop0: detected capacity change from 0 to 512 [ 293.170778][T13010] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated! [ 293.207766][T13010] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota [ 293.217809][T13010] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3167: Failed to acquire dquot type 0 [ 293.256682][T13010] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.3167: bg 0: block 64: padding at end of block bitmap is not set [ 293.317779][T13010] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 293.360570][T13010] EXT4-fs (loop0): 1 truncate cleaned up [ 293.387972][T13010] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 293.419294][T13010] ext4 filesystem being mounted at /774/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 293.637470][ T5778] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.202067][T13050] loop2: detected capacity change from 0 to 512 [ 294.251968][T13050] EXT4-fs: Ignoring removed orlov option [ 294.293945][T13050] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 294.354441][T13050] EXT4-fs (loop2): orphan cleanup on readonly fs [ 294.378684][T13050] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.3186: bg 0: block 248: padding at end of block bitmap is not set [ 294.404166][T13050] EXT4-fs (loop2): Remounting filesystem read-only [ 294.422751][T13050] Quota error (device loop2): write_blk: dquota write failed [ 294.440738][T13050] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 294.482887][T13050] EXT4-fs (loop2): 1 truncate cleaned up [ 294.502924][T13050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 294.617403][T13059] xt_CT: You must specify a L4 protocol and not use inversions on it [ 294.646810][T13050] EXT4-fs: Ignoring removed orlov option [ 294.663441][T13050] EXT4-fs: Cannot specify journal on remount [ 294.773954][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.817800][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 295.944103][T13085] loop3: detected capacity change from 0 to 32768 [ 296.026858][T13085] ERROR: (device loop3): diAllocBit: iag inconsistent [ 296.026858][T13085] [ 296.046001][T13085] ialloc: diAlloc returned -5! [ 296.539806][T13114] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 296.850944][T13128] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 296.908244][ T27] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 296.961331][T13130] unsupported nlmsg_type 40 [ 296.981824][T13131] [U] [ 297.107818][ T27] usb 4-1: Using ep0 maxpacket: 8 [ 297.117464][T13136] ip6tnl1: entered promiscuous mode [ 297.138407][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 297.170018][ T27] usb 4-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e [ 297.198369][ T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.206422][ T27] usb 4-1: Product: syz [ 297.236126][ T27] usb 4-1: Manufacturer: syz [ 297.247751][ T27] usb 4-1: SerialNumber: syz [ 297.265552][ T27] usb 4-1: config 0 descriptor?? [ 297.286426][ T27] streamzap 4-1:0.0: streamzap_probe: endpoint doesn't match input device 0203 [ 297.503083][T13127] loop2: detected capacity change from 0 to 32768 [ 297.511610][ T5789] usb 4-1: USB disconnect, device number 11 [ 297.564777][T13127] BTRFS info (device loop2): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 297.595323][T13127] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 297.610064][T13127] BTRFS info (device loop2): turning on flush-on-commit [ 297.617942][T13127] BTRFS info (device loop2): turning off barriers [ 297.624415][T13127] BTRFS info (device loop2): turning on sync discard [ 297.632656][T13127] BTRFS info (device loop2): using free space tree [ 297.951632][ T5779] BTRFS info (device loop2): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 298.756469][T13202] QAT: Invalid ioctl 1076910120 [ 298.774156][T13206] ieee802154 phy0 wpan0: encryption failed: -22 [ 299.106892][T13212] loop2: detected capacity change from 0 to 4096 [ 299.246643][T13212] ntfs: (device loop2): parse_options(): NLS character set is not found. Using previous one default. [ 299.308136][T13212] ntfs: (device loop2): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1. [ 299.433769][T13212] ntfs: volume version 3.1. [ 299.958455][T13246] ip6tnl1: entered promiscuous mode [ 300.045666][T13220] loop1: detected capacity change from 0 to 32768 [ 300.123747][T13220] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 300.255042][T13220] (syz.1.3257,13220,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=8 [ 300.272290][T13220] (syz.1.3257,13220,1):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 300.281934][T13220] (syz.1.3257,13220,1):ocfs2_mknod:298 ERROR: status = -2 [ 300.293934][T13220] (syz.1.3257,13220,1):ocfs2_mknod:502 ERROR: status = -2 [ 300.319665][T13220] (syz.1.3257,13220,1):ocfs2_create:676 ERROR: status = -2 [ 300.327077][T13260] ieee802154 phy0 wpan0: encryption failed: -22 [ 300.416503][ T5787] ocfs2: Unmounting device (7,1) on (node local) [ 301.061556][T13289] netlink: 'syz.1.3288': attribute type 1 has an invalid length. [ 301.094096][T13289] netlink: 216 bytes leftover after parsing attributes in process `syz.1.3288'. [ 301.123236][T13289] NCSI netlink: No device for ifindex 0 [ 301.487922][ T27] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 301.677885][ T27] usb 1-1: Using ep0 maxpacket: 16 [ 301.699730][ T27] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 301.719186][ T27] usb 1-1: config 0 descriptor has 1 excess byte, ignoring [ 301.726455][ T27] usb 1-1: config 0 has no interface number 0 [ 301.745291][ T27] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 301.765530][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.775232][ T27] usb 1-1: Product: syz [ 301.804213][ T27] usb 1-1: Manufacturer: syz [ 301.813178][ T27] usb 1-1: SerialNumber: syz [ 301.825825][ T27] usb 1-1: config 0 descriptor?? [ 301.842812][ T27] usb 1-1: Found UVC 0.00 device syz (046d:08f3) [ 301.849859][ T27] usb 1-1: No valid video chain found. [ 302.045653][ T27] usb 1-1: USB disconnect, device number 20 [ 302.714231][T13331] loop2: detected capacity change from 0 to 32768 [ 302.781448][T13331] XFS (loop2): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 302.863544][T13331] XFS (loop2): null uuid in log - IRIX style log [ 302.876607][T13361] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3321'. [ 302.892294][T13331] XFS (loop2): Torn write (CRC failure) detected at log block 0x40. Truncating head block from 0x41. [ 302.918891][T13331] XFS (loop2): failed to locate log tail [ 302.924655][T13331] XFS (loop2): log mount/recovery failed: error -5 [ 303.007818][T13331] XFS (loop2): log mount failed [ 303.280327][T13371] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3326'. [ 303.360026][T13347] loop1: detected capacity change from 0 to 32768 [ 303.395280][T13373] overlayfs: failed to resolve './file1': -2 [ 303.412167][T13347] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.3318 (13347) [ 303.506423][T13376] loop2: detected capacity change from 0 to 1024 [ 303.510060][T13347] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 303.540308][T13347] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 303.590029][T13347] BTRFS info (device loop1): using free space tree [ 303.639444][T13376] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 303.709686][T13376] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 303.782450][T13347] BTRFS info (device loop1): enabling ssd optimizations [ 303.841362][T13347] BTRFS info (device loop1): auto enabling async discard [ 303.899487][ T11] hfsplus: b-tree write err: -5, ino 4 [ 304.073637][ T5787] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 304.446986][T13414] loop3: detected capacity change from 0 to 736 [ 304.687976][ T27] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 304.878646][ T27] usb 2-1: Using ep0 maxpacket: 8 [ 304.890081][ T27] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 304.919706][ T27] usb 2-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e [ 304.937752][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 304.976364][ T27] usb 2-1: Product: syz [ 304.989763][ T27] usb 2-1: Manufacturer: syz [ 305.002185][ T27] usb 2-1: SerialNumber: syz [ 305.036571][ T27] usb 2-1: config 0 descriptor?? [ 305.051040][ T27] streamzap 2-1:0.0: streamzap_probe: endpoint doesn't match input device 0203 [ 305.086038][T13430] loop3: detected capacity change from 0 to 1024 [ 305.167454][T13430] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 305.238405][T13430] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 305.304071][ T27] usb 2-1: USB disconnect, device number 13 [ 305.318432][ T3485] hfsplus: b-tree write err: -5, ino 4 [ 305.427413][T13441] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3352'. [ 305.548823][T13448] loop2: detected capacity change from 0 to 164 [ 305.753874][T13454] loop2: detected capacity change from 0 to 64 [ 305.951717][T13458] loop0: detected capacity change from 0 to 1024 [ 306.073736][T13458] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 306.115480][T13458] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 306.196205][T13464] loop3: detected capacity change from 0 to 2048 [ 306.219168][ T49] hfsplus: b-tree write err: -5, ino 4 [ 306.261494][T13464] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 306.288005][T13464] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 306.667944][ T27] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 306.732154][T13466] loop1: detected capacity change from 0 to 32768 [ 306.797250][T13466] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 306.867911][ T27] usb 1-1: Using ep0 maxpacket: 32 [ 306.879335][T13466] OCFS2: ERROR (device loop1): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad chain 1280 [ 306.899367][T13466] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 306.909824][ T27] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 306.926661][ T27] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 306.940577][T13466] OCFS2: File system is now read-only. [ 306.949867][T13466] (syz.1.3364,13466,1):ocfs2_search_chain:1761 ERROR: status = -30 [ 306.968140][T13466] (syz.1.3364,13466,1):ocfs2_search_chain:1871 ERROR: status = -30 [ 306.982774][ T27] usb 1-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0 [ 306.992292][T13466] (syz.1.3364,13466,1):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30 [ 307.006999][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.027291][ T27] usb 1-1: Product: syz [ 307.031849][T13466] (syz.1.3364,13466,1):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30 [ 307.040579][ T27] usb 1-1: Manufacturer: syz [ 307.045246][ T27] usb 1-1: SerialNumber: syz [ 307.057767][T13466] (syz.1.3364,13466,1):ocfs2_claim_new_inode:2216 ERROR: status = -30 [ 307.065995][T13466] (syz.1.3364,13466,1):ocfs2_claim_new_inode:2231 ERROR: status = -30 [ 307.082200][ T27] usb 1-1: config 0 descriptor?? [ 307.100993][ T27] qmi_wwan 1-1:0.0: bogus CDC Union: master=101, slave=0 [ 307.111147][T13466] (syz.1.3364,13466,0):ocfs2_mknod_locked:639 ERROR: status = -30 [ 307.125889][T13466] (syz.1.3364,13466,0):ocfs2_mknod:385 ERROR: status = -30 [ 307.128453][ T27] qmi_wwan: probe of 1-1:0.0 failed with error -22 [ 307.134924][T13466] (syz.1.3364,13466,0):ocfs2_mknod:502 ERROR: status = -30 [ 307.159139][T13466] (syz.1.3364,13466,0):ocfs2_create:676 ERROR: status = -30 [ 307.175957][T13484] loop2: detected capacity change from 0 to 736 [ 307.250450][ T5787] ocfs2: Unmounting device (7,1) on (node local) [ 307.306368][ T27] usb 1-1: USB disconnect, device number 21 [ 308.014128][T13508] loop3: detected capacity change from 0 to 1024 [ 308.030439][T13508] EXT4-fs: Ignoring removed nobh option [ 308.036101][T13508] EXT4-fs: Ignoring removed bh option [ 308.048212][T13510] loop0: detected capacity change from 0 to 736 [ 308.103854][T13508] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.3385: bad orphan inode 32767 [ 308.238185][T13508] EXT4-fs (loop3): Remounting filesystem read-only [ 308.246071][T13508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.399891][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.446963][T13502] loop2: detected capacity change from 0 to 32768 [ 308.567793][T13502] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 308.718188][T13536] loop0: detected capacity change from 0 to 512 [ 308.725997][T13536] EXT4-fs: Ignoring removed nomblk_io_submit option [ 308.745876][T13537] loop3: detected capacity change from 0 to 512 [ 308.753310][T13502] XFS (loop2): Ending clean mount [ 308.812410][T13502] XFS (loop2): Quotacheck needed: Please wait. [ 308.830486][T13536] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2822: inode #11: comm syz.0.3393: corrupted xattr block 95: invalid header [ 308.883662][T13537] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.897959][T13536] EXT4-fs (loop0): Remounting filesystem read-only [ 308.907821][T13536] EXT4-fs warning (device loop0): ext4_evict_inode:255: couldn't mark inode dirty (err -5) [ 308.931406][T13536] EXT4-fs (loop0): 1 orphan inode deleted [ 308.939760][T13536] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 308.943775][T13537] ext4 filesystem being mounted at /863/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 308.989424][T13502] XFS (loop2): Quotacheck: Done. [ 309.034933][ T5778] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.076156][T13537] fs-verity (loop3, inode 15): Unrecognized descriptor size: 0 bytes [ 309.138667][ T5846] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 309.166344][ T5779] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 309.208731][T13544] loop0: detected capacity change from 0 to 164 [ 309.233841][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.357696][ T5846] usb 2-1: Using ep0 maxpacket: 16 [ 309.398182][ T5846] usb 2-1: config 0 has an invalid interface number: 105 but max is 0 [ 309.433044][ T5846] usb 2-1: config 0 descriptor has 1 excess byte, ignoring [ 309.477752][ T5846] usb 2-1: config 0 has no interface number 0 [ 309.508124][ T5846] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 309.521183][ T5846] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.543239][ T5846] usb 2-1: Product: syz [ 309.547465][ T5846] usb 2-1: Manufacturer: syz [ 309.568477][ T5846] usb 2-1: SerialNumber: syz [ 309.588748][ T5846] usb 2-1: config 0 descriptor?? [ 309.612055][ T5846] usb 2-1: Found UVC 0.00 device syz (046d:08f3) [ 309.628538][ T5846] usb 2-1: No valid video chain found. [ 309.864429][ T5846] usb 2-1: USB disconnect, device number 14 [ 309.992604][T13546] loop0: detected capacity change from 0 to 32768 [ 310.036151][T13546] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 310.284886][T13570] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3409'. [ 310.297004][ T5778] ocfs2: Unmounting device (7,0) on (node local) [ 310.500168][T13574] bridge5: entered promiscuous mode [ 310.505466][T13574] bridge5: entered allmulticast mode [ 310.936814][T13591] netlink: 209820 bytes leftover after parsing attributes in process `syz.2.3418'. [ 311.400763][T13607] futex_wake_op: syz.2.3426 tries to shift op by -1; fix this program [ 311.619994][T13617] loop0: detected capacity change from 0 to 64 [ 311.690016][T13617] syz.0.3430: attempt to access beyond end of device [ 311.690016][T13617] loop0: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 311.716350][T13617] Buffer I/O error on dev loop0, logical block 32767, async page read [ 311.743579][T13617] syz.0.3430: attempt to access beyond end of device [ 311.743579][T13617] loop0: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 311.801924][T13617] Buffer I/O error on dev loop0, logical block 32767, async page read [ 311.804217][T13625] loop2: detected capacity change from 0 to 1024 [ 311.829345][T13625] EXT4-fs: Ignoring removed nobh option [ 311.841243][T13625] EXT4-fs: Ignoring removed bh option [ 311.937801][T13625] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.3434: bad orphan inode 32767 [ 312.001427][T13625] EXT4-fs (loop2): Remounting filesystem read-only [ 312.056893][T13625] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 312.287877][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.654948][T13656] loop2: detected capacity change from 0 to 512 [ 312.663738][T13656] EXT4-fs: Ignoring removed nomblk_io_submit option [ 312.691299][T13656] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2822: inode #11: comm syz.2.3449: corrupted xattr block 95: invalid header [ 312.715623][T13656] EXT4-fs (loop2): Remounting filesystem read-only [ 312.727706][T13656] EXT4-fs warning (device loop2): ext4_evict_inode:255: couldn't mark inode dirty (err -5) [ 312.738704][T13656] EXT4-fs (loop2): 1 orphan inode deleted [ 312.745693][T13656] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 312.807945][ T5791] usb 4-1: new full-speed USB device number 12 using dummy_hcd [ 312.842084][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.881805][T13661] loop0: detected capacity change from 0 to 512 [ 312.956605][T13648] loop1: detected capacity change from 0 to 32768 [ 313.007420][T13661] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 313.031270][ T5791] usb 4-1: config 0 has an invalid interface number: 20 but max is 0 [ 313.041987][ T5791] usb 4-1: config 0 has no interface number 0 [ 313.052031][T13648] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 313.059129][T13661] ext4 filesystem being mounted at /840/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 313.061251][ T5791] usb 4-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 313.087504][ T5791] usb 4-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 313.099754][ T5791] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 313.138161][ T5791] usb 4-1: Product: syz [ 313.167966][ T5791] usb 4-1: Manufacturer: syz [ 313.172620][ T5791] usb 4-1: SerialNumber: syz [ 313.184667][T13648] XFS (loop1): Ending clean mount [ 313.218857][ T5791] usb 4-1: config 0 descriptor?? [ 313.225394][T13648] XFS (loop1): Quotacheck needed: Please wait. [ 313.237919][T13661] fs-verity (loop0, inode 15): Unrecognized descriptor size: 0 bytes [ 313.268142][T13654] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 313.277095][ T5791] usb-storage 4-1:0.20: USB Mass Storage device detected [ 313.326690][ T5791] usb-storage 4-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 313.366450][T13648] XFS (loop1): Quotacheck: Done. [ 313.430396][ T5778] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.544623][T13670] loop2: detected capacity change from 0 to 32768 [ 313.551345][ T5791] scsi host1: usb-storage 4-1:0.20 [ 313.599597][ T5787] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 313.603154][T13670] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 313.668949][T13670] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 313.709350][ T2875] (kworker/u4:6,2875,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214 [ 313.770109][T13670] (syz.2.3452,13670,1):ocfs2_read_blocks:239 ERROR: status = -12 [ 313.779857][T13670] (syz.2.3452,13670,1):ocfs2_xattr_block_find:2831 ERROR: status = -12 [ 313.904579][ T5845] usb 4-1: USB disconnect, device number 12 [ 313.951479][ T5779] ocfs2: Unmounting device (7,2) on (node local) [ 314.177110][T13688] loop1: detected capacity change from 0 to 512 [ 314.213529][T13688] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 314.243091][T13688] ext4 filesystem being mounted at /857/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 314.303350][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.536013][T13702] netlink: 'syz.0.3462': attribute type 29 has an invalid length. [ 314.656177][T13708] futex_wake_op: syz.0.3466 tries to shift op by -1; fix this program [ 314.697747][ T23] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 314.888327][ T23] usb 3-1: Using ep0 maxpacket: 32 [ 314.902547][ T23] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 314.921087][ T23] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 314.965464][ T23] usb 3-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=a7.c0 [ 314.975369][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 314.992703][ T23] usb 3-1: Product: syz [ 314.997041][ T23] usb 3-1: Manufacturer: syz [ 315.003934][ T23] usb 3-1: SerialNumber: syz [ 315.015287][ T23] usb 3-1: config 0 descriptor?? [ 315.060134][ T23] qmi_wwan 3-1:0.0: bogus CDC Union: master=101, slave=0 [ 315.088352][ T23] qmi_wwan: probe of 3-1:0.0 failed with error -22 [ 315.192122][T13704] loop3: detected capacity change from 0 to 32768 [ 315.266966][T13704] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 315.295628][ T23] usb 3-1: USB disconnect, device number 11 [ 315.349829][T13704] XFS (loop3): Ending clean mount [ 315.391183][T13704] XFS (loop3): Quotacheck needed: Please wait. [ 315.495322][T13704] XFS (loop3): Quotacheck: Done. [ 315.507732][ T8] usb 1-1: new full-speed USB device number 22 using dummy_hcd [ 315.622911][ T5780] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 315.705990][T13736] loop1: detected capacity change from 0 to 32768 [ 315.709788][ T8] usb 1-1: config 0 has an invalid interface number: 20 but max is 0 [ 315.739069][T13736] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 315.745599][ T8] usb 1-1: config 0 has no interface number 0 [ 315.760270][ T8] usb 1-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 315.785856][ T8] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 315.811602][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.833327][ T8] usb 1-1: Product: syz [ 315.838062][ T8] usb 1-1: Manufacturer: syz [ 315.840902][ T5787] ocfs2: Unmounting device (7,1) on (node local) [ 315.857657][ T8] usb 1-1: SerialNumber: syz [ 315.870816][ T8] usb 1-1: config 0 descriptor?? [ 315.898042][T13728] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 315.906903][ T8] usb-storage 1-1:0.20: USB Mass Storage device detected [ 315.939994][ T8] usb-storage 1-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 316.083751][T13746] loop1: detected capacity change from 0 to 128 [ 316.130100][ T8] scsi host1: usb-storage 1-1:0.20 [ 316.383540][ T5845] usb 1-1: USB disconnect, device number 22 [ 316.515840][T13761] netlink: 'syz.2.3485': attribute type 29 has an invalid length. [ 316.626263][T13765] Illegal XDP return value 1032320051 on prog (id 171) dev N/A, expect packet loss! [ 317.064768][T13763] loop2: detected capacity change from 0 to 32768 [ 317.176433][T13775] loop3: detected capacity change from 0 to 1024 [ 317.225384][T13775] EXT4-fs: Ignoring removed nomblk_io_submit option [ 317.243460][T13763] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 317.254209][T13780] loop0: detected capacity change from 0 to 512 [ 317.291066][T13775] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 317.311466][T13780] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 317.352271][T13780] ext4 filesystem being mounted at /853/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 317.462828][ T5778] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.491508][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.567305][ T5779] ocfs2: Unmounting device (7,2) on (node local) [ 317.598228][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.605090][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.690377][T13794] libceph: resolve '0' (ret=-3): failed [ 318.318234][ T27] usb 4-1: new full-speed USB device number 13 using dummy_hcd [ 318.406968][T13823] syz.2.3513 uses old SIOCAX25GETINFO [ 318.528013][ T27] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 318.547518][ T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.571400][ T27] usb 4-1: config 0 descriptor?? [ 318.585794][ T27] cp210x 4-1:0.0: cp210x converter detected [ 318.795033][ T27] usb 4-1: cp210x converter now attached to ttyUSB0 [ 318.908959][T13841] loop0: detected capacity change from 0 to 128 [ 318.989279][ T27] usb 4-1: USB disconnect, device number 13 [ 319.019313][ T27] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 319.040353][ T27] cp210x 4-1:0.0: device disconnected [ 319.271522][T13856] libceph: resolve '0' (ret=-3): failed [ 319.582636][T13868] netlink: 'syz.2.3537': attribute type 6 has an invalid length. [ 319.596197][T13868] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.3537'. [ 320.683949][T13915] loop3: detected capacity change from 0 to 4096 [ 320.711397][T13915] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 320.876557][T13915] ntfs3: loop3: failed to convert "c46c" to iso8859-14 [ 321.053823][T13925] loop0: detected capacity change from 0 to 2048 [ 321.102244][T13925] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 322.011172][T13968] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3592'. [ 322.196828][T13977] netdevsim netdevsim0: Direct firmware load for .. failed with error -2 [ 322.207444][T13977] netdevsim netdevsim0: Falling back to sysfs fallback for: .. [ 322.615983][T13997] loop1: detected capacity change from 0 to 8 [ 322.634119][T13997] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 322.654336][ T5794] udevd[5794]: incorrect cramfs checksum on /dev/loop1 [ 322.661993][T13991] loop2: detected capacity change from 0 to 4096 [ 322.692497][T13991] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 322.895827][T13991] ntfs3: loop2: failed to convert "c46c" to iso8859-14 [ 323.268457][T14010] netlink: 4268 bytes leftover after parsing attributes in process `syz.3.3605'. [ 323.930992][T14033] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3617'. [ 324.058000][T14039] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3620'. [ 324.119049][T14042] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3621'. [ 324.183348][T14047] program syz.1.3623 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 324.463445][T14058] netlink: 'syz.0.3629': attribute type 10 has an invalid length. [ 324.528988][T14058] dummy0: entered promiscuous mode [ 324.555832][T14058] team0: Port device dummy0 added [ 324.798465][ T27] usb 3-1: new full-speed USB device number 12 using dummy_hcd [ 324.962671][T14078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3639'. [ 325.017807][ T23] usb 4-1: new low-speed USB device number 14 using dummy_hcd [ 325.028637][ T27] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 325.028668][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.032425][ T27] usb 3-1: config 0 descriptor?? [ 325.034986][ T27] cp210x 3-1:0.0: cp210x converter detected [ 325.095995][T14083] JFS: discard option not supported on device [ 325.106338][T14083] Mount JFS Failure: -22 [ 325.110995][T14083] jfs_mount failed w/return code = -22 [ 325.209872][ T23] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 325.219479][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 325.247037][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 325.262122][ T27] usb 3-1: cp210x converter now attached to ttyUSB0 [ 325.277827][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 325.290292][T14087] nvme_fabrics: missing parameter 'transport=%s' [ 325.297346][T14087] nvme_fabrics: missing parameter 'nqn=%s' [ 325.304258][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 325.324949][ T23] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 325.332820][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 325.343682][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 325.371808][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 325.383457][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 325.397690][ T23] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 325.407439][T14091] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3644'. [ 325.408739][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 325.441002][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 325.457843][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 325.493296][ T27] usb 3-1: USB disconnect, device number 12 [ 325.501394][ T23] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 325.515284][ T27] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 325.535840][ T27] cp210x 3-1:0.0: device disconnected [ 325.558382][ T23] usb 4-1: string descriptor 0 read error: -22 [ 325.566357][ T23] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 325.585073][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.604630][ T23] adutux 4-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 325.737416][T14100] loop1: detected capacity change from 0 to 2048 [ 325.761264][T14102] netlink: 4268 bytes leftover after parsing attributes in process `syz.0.3649'. [ 325.787790][T14100] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 325.849761][ T27] usb 4-1: USB disconnect, device number 14 [ 325.964871][T14106] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3651'. [ 326.119188][T14112] loop0: detected capacity change from 0 to 8 [ 326.126447][T14112] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 326.176874][ T5794] udevd[5794]: incorrect cramfs checksum on /dev/loop0 [ 326.234125][ T5794] udevd[5794]: incorrect cramfs checksum on /dev/loop0 [ 326.466942][T14125] JFS: discard option not supported on device [ 326.499815][T14125] Mount JFS Failure: -22 [ 326.514640][T14125] jfs_mount failed w/return code = -22 [ 326.704276][T14132] program syz.3.3665 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 327.016000][T14148] netlink: 'syz.1.3672': attribute type 10 has an invalid length. [ 327.092592][T14148] dummy0: entered promiscuous mode [ 327.102281][T14148] team0: Port device dummy0 added [ 327.111663][T14152] netlink: 'syz.2.3675': attribute type 5 has an invalid length. [ 327.136942][T14152] ip6erspan0: entered allmulticast mode [ 327.158108][ T28] audit: type=1326 audit(1762095634.196:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14153 comm="syz.0.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 327.187822][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured! [ 327.237738][ T28] audit: type=1326 audit(1762095634.196:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14153 comm="syz.0.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 327.327868][ T28] audit: type=1326 audit(1762095634.246:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14153 comm="syz.0.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 327.350315][ C1] vkms_vblank_simulate: vblank timer overrun [ 327.402906][ T28] audit: type=1326 audit(1762095634.246:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14153 comm="syz.0.3676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 327.421159][T14164] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3681'. [ 327.791920][T14178] dvmrp0: entered allmulticast mode [ 327.947885][ T5791] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 328.017116][T14182] loop2: detected capacity change from 0 to 4096 [ 328.030754][T14188] kcapi: manufacturer command 52776558133248 unknown. [ 328.091140][T14182] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 328.118947][T14182] ntfs3: loop2: Failed to load $Extend (-22). [ 328.135710][T14182] ntfs3: loop2: Failed to initialize $Extend. [ 328.147545][ T5791] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 328.167483][ T5791] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.176079][T14192] loop3: detected capacity change from 0 to 256 [ 328.209291][ T5791] usb 1-1: config 0 descriptor?? [ 328.227242][ T28] audit: type=1800 audit(1762095635.266:197): pid=14182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3691" name="file1" dev="loop2" ino=30 res=0 errno=0 [ 328.247843][ C1] vkms_vblank_simulate: vblank timer overrun [ 328.249619][T14182] ntfs3: loop2: ino=1e, "file1" attr_set_size [ 328.346705][T14192] FAT-fs (loop3): Directory bread(block 64) failed [ 328.384148][T14192] FAT-fs (loop3): Directory bread(block 65) failed [ 328.405046][T14192] FAT-fs (loop3): Directory bread(block 66) failed [ 328.414589][T14192] FAT-fs (loop3): Directory bread(block 67) failed [ 328.423571][T14192] FAT-fs (loop3): Directory bread(block 68) failed [ 328.430355][T14192] FAT-fs (loop3): Directory bread(block 69) failed [ 328.437011][T14192] FAT-fs (loop3): Directory bread(block 70) failed [ 328.443830][T14192] FAT-fs (loop3): Directory bread(block 71) failed [ 328.450569][T14192] FAT-fs (loop3): Directory bread(block 72) failed [ 328.457213][T14192] FAT-fs (loop3): Directory bread(block 73) failed [ 328.666765][T14197] nvme_fabrics: missing parameter 'transport=%s' [ 328.688895][T14197] nvme_fabrics: missing parameter 'nqn=%s' [ 328.722013][ T5791] ath6kl: Failed to submit usb control message: -71 [ 328.748080][ T5791] ath6kl: unable to send the bmi data to the device: -71 [ 328.773190][ T5791] ath6kl: Unable to send get target info: -71 [ 328.792986][ T5791] ath6kl: Failed to init ath6kl core: -71 [ 328.826948][ T5791] ath6kl_usb: probe of 1-1:0.0 failed with error -71 [ 328.866935][ T5791] usb 1-1: USB disconnect, device number 23 [ 329.105453][ T28] audit: type=1326 audit(1762095636.136:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14213 comm="syz.2.3705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa318efc9 code=0x7ffc0000 [ 329.176519][ T28] audit: type=1326 audit(1762095636.136:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14213 comm="syz.2.3705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa318efc9 code=0x7ffc0000 [ 329.188017][T14218] loop1: detected capacity change from 0 to 64 [ 329.198926][ C1] vkms_vblank_simulate: vblank timer overrun [ 329.242334][ T28] audit: type=1326 audit(1762095636.176:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14213 comm="syz.2.3705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f9aa318efc9 code=0x7ffc0000 [ 329.264712][ C1] vkms_vblank_simulate: vblank timer overrun [ 329.297849][ T28] audit: type=1326 audit(1762095636.176:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14213 comm="syz.2.3705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa318efc9 code=0x7ffc0000 [ 329.313434][T14218] hfs: request for non-existent node 327680 in B*Tree [ 329.369426][T14218] hfs: request for non-existent node 327680 in B*Tree [ 329.504130][T14228] loop3: detected capacity change from 0 to 8 [ 329.553560][T14228] SQUASHFS error: Corrupted symlink [ 329.890191][T14240] kcapi: manufacturer command 52776558133248 unknown. [ 329.915476][T14242] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org. [ 330.060959][T14247] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3719'. [ 330.254123][T14252] loop3: detected capacity change from 0 to 4096 [ 330.463667][T14252] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 330.493298][T14252] ntfs3: loop3: Failed to load $Extend (-22). [ 330.499694][T14252] ntfs3: loop3: Failed to initialize $Extend. [ 330.590938][T14252] ntfs3: loop3: ino=1e, "file1" attr_set_size [ 330.597161][ T28] audit: type=1800 audit(1762095637.636:202): pid=14252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3722" name="file1" dev="loop3" ino=30 res=0 errno=0 [ 331.119621][T14287] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3741'. [ 331.442060][T14301] dlm: Unknown command passed to DLM device : 11 [ 331.442060][T14301] [ 331.616624][T14312] loop1: detected capacity change from 0 to 8 [ 331.671467][T14312] SQUASHFS error: Corrupted symlink [ 331.928919][T14319] loop2: detected capacity change from 0 to 4096 [ 332.101853][T14325] loop0: detected capacity change from 0 to 8192 [ 332.173337][T14325] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 332.202494][T14325] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 332.212685][T14325] REISERFS (device loop0): using ordered data mode [ 332.221956][T14325] reiserfs: using flush barriers [ 332.232197][T14325] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 332.234971][T14333] loop3: detected capacity change from 0 to 64 [ 332.249841][T14325] REISERFS (device loop0): checking transaction log (loop0) [ 332.266706][T14334] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3771'. [ 332.269158][T14325] REISERFS (device loop0): Using r5 hash to sort names [ 332.285967][T14325] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 332.302073][T14334] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 332.309828][T14334] IPv6: NLM_F_CREATE should be set when creating new route [ 332.317310][T14334] IPv6: NLM_F_CREATE should be set when creating new route [ 332.424192][T14333] hfs: request for non-existent node 327680 in B*Tree [ 332.434797][T14333] hfs: request for non-existent node 327680 in B*Tree [ 332.817945][ T27] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 332.862458][T14350] loop0: detected capacity change from 0 to 8 [ 332.908410][T14350] SQUASHFS error: Corrupted symlink [ 333.005598][T14352] loop3: detected capacity change from 0 to 4096 [ 333.015387][ T27] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 333.016353][T14352] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 333.034368][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.042728][ T23] usb 3-1: new low-speed USB device number 13 using dummy_hcd [ 333.064748][ T27] usb 2-1: config 0 descriptor?? [ 333.250170][ T23] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 333.259532][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 333.276078][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 333.286616][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 333.298989][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 333.311089][ T23] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 333.326758][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 333.341404][T14359] dlm: Unknown command passed to DLM device : 11 [ 333.341404][T14359] [ 333.350098][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 333.367978][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 333.397837][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 333.422000][ T23] usb 3-1: config 168 descriptor has 1 excess byte, ignoring [ 333.434784][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 333.445380][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 333.456872][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 333.461592][T14361] sock: sock_timestamping_bind_phc: sock not bind to device [ 333.472357][ T23] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 333.491229][ T23] usb 3-1: string descriptor 0 read error: -22 [ 333.498236][ T23] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 333.512122][ T27] ath6kl: Failed to submit usb control message: -71 [ 333.527697][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.537227][ T27] ath6kl: unable to send the bmi data to the device: -71 [ 333.551638][ T23] adutux 3-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 333.567620][ T27] ath6kl: Unable to send get target info: -71 [ 333.585216][ T27] ath6kl: Failed to init ath6kl core: -71 [ 333.592300][ T27] ath6kl_usb: probe of 2-1:0.0 failed with error -71 [ 333.630129][T14365] loop0: detected capacity change from 0 to 64 [ 333.636868][ T27] usb 2-1: USB disconnect, device number 15 [ 333.680667][T14365] hfs: request for non-existent node 327680 in B*Tree [ 333.697147][T14365] hfs: request for non-existent node 327680 in B*Tree [ 333.846124][ T5845] usb 3-1: USB disconnect, device number 13 [ 333.972147][T14375] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3784'. [ 333.982255][T14375] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3784'. [ 334.537513][T14389] loop1: detected capacity change from 0 to 8192 [ 334.593056][T14389] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 334.637994][T14389] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 334.647315][T14389] REISERFS (device loop1): using ordered data mode [ 334.654297][T14389] reiserfs: using flush barriers [ 334.661950][T14389] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 334.685348][T14389] REISERFS (device loop1): checking transaction log (loop1) [ 334.754479][T14389] REISERFS (device loop1): Using r5 hash to sort names [ 334.765100][T14389] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 334.958218][ T5846] usb 1-1: new low-speed USB device number 24 using dummy_hcd [ 334.977982][ T5845] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 335.149907][ T5846] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 335.157671][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 335.185018][ T5845] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 335.192526][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 335.213279][ T5845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.222697][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 335.230630][ T5845] usb 3-1: config 0 descriptor?? [ 335.247844][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 335.270800][ T5846] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 335.279500][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 335.300043][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 335.320361][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 335.337986][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 335.349697][ T5846] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 335.357176][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 335.377649][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 335.396857][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 335.408482][ T5846] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 335.422285][ T5846] usb 1-1: string descriptor 0 read error: -22 [ 335.429205][ T5846] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 335.447912][ T5846] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 335.497076][ T5846] adutux 1-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 335.704454][ T5845] ath6kl: Failed to submit usb control message: -71 [ 335.725021][ T5845] ath6kl: unable to send the bmi data to the device: -71 [ 335.748066][ T5845] ath6kl: Unable to send get target info: -71 [ 335.777286][ T5845] ath6kl: Failed to init ath6kl core: -71 [ 335.777958][ T5846] usb 1-1: USB disconnect, device number 24 [ 335.797550][ T5845] ath6kl_usb: probe of 3-1:0.0 failed with error -71 [ 335.835575][ T5845] usb 3-1: USB disconnect, device number 14 [ 336.289374][T14430] netlink: 'syz.3.3808': attribute type 1 has an invalid length. [ 336.297550][T14430] netlink: 'syz.3.3808': attribute type 2 has an invalid length. [ 336.349107][T14434] loop2: detected capacity change from 0 to 64 [ 336.365901][T14432] loop1: detected capacity change from 0 to 1764 [ 336.419869][T14434] hfs: request for non-existent node 327680 in B*Tree [ 336.420959][T14432] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 336.450818][T14434] hfs: request for non-existent node 327680 in B*Tree [ 336.676688][T14438] loop3: detected capacity change from 0 to 4096 [ 337.129916][T14456] loop3: detected capacity change from 0 to 2048 [ 337.170796][T14456] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 337.282402][T14463] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 337.381629][T14465] loop0: detected capacity change from 0 to 1024 [ 337.411991][T14469] loop1: detected capacity change from 0 to 164 [ 337.493045][T14469] Unsupported NM flag settings (8) [ 337.569424][ T1075] hfsplus: b-tree write err: -5, ino 4 [ 337.812749][T14480] xt_cgroup: path and classid specified [ 337.862261][T14476] loop0: detected capacity change from 0 to 4096 [ 338.259777][T14495] loop3: detected capacity change from 0 to 1024 [ 338.478588][ T59] hfsplus: b-tree write err: -5, ino 4 [ 338.986622][T14528] program syz.3.3853 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 339.331638][T14544] xt_cgroup: path and classid specified [ 339.421334][T14550] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3865'. [ 339.441897][T14550] netlink: 10 bytes leftover after parsing attributes in process `syz.0.3865'. [ 339.606665][T14558] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 340.109132][T14580] loop0: detected capacity change from 0 to 64 [ 340.138914][T14580] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 340.187529][T14580] MINIX-fs warning: remounting unchecked fs, running fsck is recommended [ 340.447974][T14592] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3886'. [ 340.478233][T14594] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3887'. [ 340.503614][T14594] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3887'. [ 340.742321][T14607] netlink: 'syz.1.3893': attribute type 1 has an invalid length. [ 340.785514][T14607] netlink: 228 bytes leftover after parsing attributes in process `syz.1.3893'. [ 341.029914][T14618] bridge4: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms) [ 341.064845][T14620] loop1: detected capacity change from 0 to 128 [ 341.118713][T14620] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000006f) [ 341.127155][T14620] FAT-fs (loop1): Filesystem has been set read-only [ 341.286178][T14623] loop3: detected capacity change from 0 to 4096 [ 341.319782][T14623] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 341.554757][T14636] loop1: detected capacity change from 0 to 256 [ 341.644774][T14636] FAT-fs (loop1): Directory bread(block 64) failed [ 341.683414][T14636] FAT-fs (loop1): Directory bread(block 65) failed [ 341.711078][T14636] FAT-fs (loop1): Directory bread(block 66) failed [ 341.731898][T14636] FAT-fs (loop1): Directory bread(block 67) failed [ 341.744872][T14636] FAT-fs (loop1): Directory bread(block 68) failed [ 341.775778][T14636] FAT-fs (loop1): Directory bread(block 69) failed [ 341.792300][T14636] FAT-fs (loop1): Directory bread(block 70) failed [ 341.803443][T14636] FAT-fs (loop1): Directory bread(block 71) failed [ 341.813879][T14636] FAT-fs (loop1): Directory bread(block 72) failed [ 341.842511][T14636] FAT-fs (loop1): Directory bread(block 73) failed [ 342.024938][T14644] loop0: detected capacity change from 0 to 8192 [ 342.069330][T14644] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 342.088336][T14644] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 342.118210][T14644] REISERFS (device loop0): using ordered data mode [ 342.125192][T14644] reiserfs: using flush barriers [ 342.138647][T14644] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 342.155522][T14644] REISERFS (device loop0): checking transaction log (loop0) [ 342.164681][T14644] REISERFS (device loop0): Using rupasov hash to sort names [ 342.172103][T14644] REISERFS (device loop0): using 3.5.x disk format [ 342.180213][T14644] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 342.192917][T14644] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 342.204166][T14644] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 342.215515][T14644] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2) [ 342.261354][T14644] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 342.358741][T14644] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 342.388117][T14644] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 342.831830][T14679] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 342.886592][T14679] overlayfs: missing 'lowerdir' [ 342.916369][T14683] ax25_connect(): syz.2.3931 uses autobind, please contact jreuter@yaina.de [ 343.507689][T14709] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3944'. [ 343.545175][T14709] ip6tnl2: entered allmulticast mode [ 344.020141][T14735] QAT: Device 208 not found [ 344.024243][T14733] loop3: detected capacity change from 0 to 1764 [ 344.098627][ T23] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 344.219928][T14737] loop0: detected capacity change from 0 to 4096 [ 344.234721][T14737] __ntfs_warning: 5 callbacks suppressed [ 344.234736][T14737] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 344.300651][T14737] ntfs: volume version 3.1. [ 344.307638][ T23] usb 3-1: Using ep0 maxpacket: 16 [ 344.316822][ T23] usb 3-1: config 0 has an invalid interface number: 105 but max is 0 [ 344.326652][ T23] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 344.341187][ T23] usb 3-1: config 0 has no interface number 0 [ 344.373550][T14737] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 344.395368][ T23] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 344.421843][T14713] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 344.422513][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 344.457712][ T23] usb 3-1: Product: syz [ 344.461938][ T23] usb 3-1: Manufacturer: syz [ 344.467525][T14737] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 344.490616][ T23] usb 3-1: SerialNumber: syz [ 344.498101][T14737] ntfs: (device loop0): ntfs_cluster_alloc(): Failed to map page. [ 344.508822][ T23] usb 3-1: config 0 descriptor?? [ 344.531793][T14737] ntfs: (device loop0): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5). [ 344.562301][T14737] ntfs: (device loop0): ntfs_truncate(): Cannot truncate inode 0x43, attribute type 0x80, because the conversion from resident to non-resident attribute failed with error code -5. [ 344.623630][ T5778] ntfs: (device loop0): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 344.728180][ T23] usb 3-1: Found UVC 0.00 device syz (046d:08f3) [ 344.734604][ T23] usb 3-1: No valid video chain found. [ 344.812916][T14752] loop0: detected capacity change from 0 to 256 [ 344.834284][T14752] exfat: Deprecated parameter 'namecase' [ 344.866525][T14752] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 344.933223][ T23] usb 3-1: USB disconnect, device number 15 [ 345.060766][T14759] loop1: detected capacity change from 0 to 64 [ 345.562435][T14771] (unnamed net_device) (uninitialized): option ad_select: invalid value (4) [ 346.020793][T14791] RDS: rds_bind could not find a transport for 0:0:200::1, load rds_tcp or rds_rdma? [ 346.196652][T14798] binder: 14797:14798 unknown command 1074553619 [ 346.237778][T14798] binder: 14797:14798 ioctl c0306201 200000000540 returned -22 [ 346.832722][T14827] netlink: 'syz.0.4002': attribute type 1 has an invalid length. [ 347.138267][T14841] loop3: detected capacity change from 0 to 128 [ 347.167484][T14841] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 347.202348][T14841] ext4 filesystem being mounted at /1011/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 347.315027][T14841] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:406: inode #2: comm syz.3.4008: No space for directory leaf checksum. Please run e2fsck -D. [ 347.351111][T14851] loop2: detected capacity change from 0 to 136 [ 347.367771][T14841] EXT4-fs error (device loop3): __ext4_find_entry:1696: inode #2: comm syz.3.4008: checksumming directory block 0 [ 347.432755][T14851] Symlink component flag not implemented [ 347.462972][T14853] lo: entered allmulticast mode [ 347.479404][T14853] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 347.494026][T14855] netlink: 4096 bytes leftover after parsing attributes in process `syz.1.4015'. [ 347.516780][ T5780] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 347.531803][T14855] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 347.686252][T14859] loop0: detected capacity change from 0 to 256 [ 347.741887][T14859] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 347.822949][T14859] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008) [ 347.836099][T14859] exFAT-fs (loop0): Filesystem has been set read-only [ 347.861874][T14859] exFAT-fs (loop0): error, failed to bmap (inode : ffff88805f032860 iblock : 8, err : -5) [ 347.882410][T14859] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008) [ 347.892371][T14859] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008) [ 348.073583][T14871] loop2: detected capacity change from 0 to 1764 [ 348.535048][T14894] netlink: 'syz.2.4035': attribute type 11 has an invalid length. [ 348.827675][ T23] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 348.910943][T14912] loop0: detected capacity change from 0 to 8 [ 348.923063][T14912] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 348.943133][ T5794] udevd[5794]: incorrect cramfs checksum on /dev/loop0 [ 348.969509][T14912] cramfs: Error -5 while decompressing! [ 348.975590][T14912] cramfs: ffffffff96fdd368(26)->ffff88807616d000(4096) [ 348.994755][T14912] cramfs: Error -3 while decompressing! [ 349.021921][T14912] cramfs: ffffffff96fdd382(26)->ffff88805788f000(4096) [ 349.022248][ T5794] udevd[5794]: incorrect cramfs checksum on /dev/loop0 [ 349.042231][T14912] cramfs: Error -3 while decompressing! [ 349.054807][ T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 349.070458][ T23] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 349.080591][T14912] cramfs: ffffffff96fdd39c(16)->ffff88805952d000(4096) [ 349.087532][T14912] cramfs: Error -5 while decompressing! [ 349.098481][T14912] cramfs: ffffffff96fdd368(26)->ffff88807616d000(4096) [ 349.100508][ T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 349.124132][ T28] audit: type=1800 audit(1762095656.166:208): pid=14912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4043" name="file2" dev="loop0" ino=348 res=0 errno=0 [ 349.147727][ T23] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 349.178840][ T23] usb 4-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 349.191943][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 349.204722][T14919] IPv6: Can't replace route, no match found [ 349.208497][ T23] usb 4-1: Product: syz [ 349.246757][ T23] usb 4-1: Manufacturer: syz [ 349.258119][ T23] usb 4-1: SerialNumber: syz [ 349.285252][ T23] usb 4-1: config 0 descriptor?? [ 349.315675][ T23] ums-isd200 4-1:0.0: USB Mass Storage device detected [ 349.504045][T14932] loop1: detected capacity change from 0 to 256 [ 349.515472][T14932] exfat: Deprecated parameter 'namecase' [ 349.534145][T14934] loop2: detected capacity change from 0 to 256 [ 349.535040][T14935] : renamed from veth0_to_bond (while UP) [ 349.554323][ T23] ums-isd200: probe of 4-1:0.0 failed with error -22 [ 349.593975][T14932] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 349.618232][T14934] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 349.728058][ T8] usb 4-1: USB disconnect, device number 15 [ 349.996020][T14945] tmpfs: Bad value for 'nr_inodes' [ 350.200167][T14953] netlink: 4096 bytes leftover after parsing attributes in process `syz.0.4063'. [ 350.218744][T14953] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 350.314481][T14957] netlink: 'syz.2.4065': attribute type 1 has an invalid length. [ 350.652745][T14967] loop1: detected capacity change from 0 to 4096 [ 350.684523][T14967] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 350.774252][T14967] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 350.785603][T14977] openvswitch: netlink: EtherType 0 is less than min 600 [ 350.793099][ T5845] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 350.800857][T14967] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 350.867843][T14967] ntfs3: loop1: ino=5, "/" directory corrupted [ 350.975845][ T59] ntfs3: loop1: ino=3, ntfs3_write_inode failed, -22. [ 350.988503][ T5787] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 350.995070][ T5787] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 351.017792][ T5845] usb 1-1: Using ep0 maxpacket: 16 [ 351.027070][ T5845] usb 1-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 351.028281][ T5787] ntfs3: loop1: ino=3, ntfs_set_state failed, -22. [ 351.058461][ T5845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 351.066524][ T5845] usb 1-1: Product: syz [ 351.067798][ T59] ntfs3: loop1: ino=3, ntfs3_write_inode failed, -22. [ 351.107662][ T5845] usb 1-1: Manufacturer: syz [ 351.112327][ T5845] usb 1-1: SerialNumber: syz [ 351.146623][ T5845] usb 1-1: config 0 descriptor?? [ 351.172119][T14985] loop2: detected capacity change from 0 to 512 [ 351.202513][T14985] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 351.248805][T14985] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002] [ 351.263268][T14985] EXT4-fs (loop2): orphan cleanup on readonly fs [ 351.273120][T14985] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.4079: bad orphan inode 267 [ 351.295122][T14985] EXT4-fs (loop2): Remounting filesystem read-only [ 351.321171][T14985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 351.357524][T14990] loop3: detected capacity change from 0 to 4096 [ 351.389083][T14985] EXT4-fs warning (device loop2): dx_probe:893: inode #2: comm syz.2.4079: dx entry: limit 0 != root limit 125 [ 351.404294][T14990] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 351.414731][T14985] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.4079: Corrupt directory, running e2fsck is recommended [ 351.437837][ T5845] speedtch 1-1:0.0: speedtch_bind: wrong device class 68 [ 351.444958][ T5845] speedtch 1-1:0.0: usbatm_usb_probe: bind failed: -19! [ 351.516304][ T5779] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 351.517716][T14990] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 351.578568][T14990] ntfs3: loop3: mft corrupted [ 351.642282][ T5845] usb 1-1: USB disconnect, device number 25 [ 351.667503][T14996] loop1: detected capacity change from 0 to 128 [ 351.695710][T14990] ntfs3: loop3: ino=1e, "file1" ntfs_sync_inode failed, -22. [ 351.710504][T14996] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 351.747505][T14999] loop2: detected capacity change from 0 to 4096 [ 351.749690][T14996] ext4 filesystem being mounted at /1033/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 351.801183][T14999] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 351.815381][T14996] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:406: inode #2: comm syz.1.4085: No space for directory leaf checksum. Please run e2fsck -D. [ 351.845807][T14996] EXT4-fs error (device loop1): __ext4_find_entry:1696: inode #2: comm syz.1.4085: checksumming directory block 0 [ 351.860450][ T2875] ntfs3: loop3: ino=1e, ntfs3_write_inode failed, -22. [ 351.953736][ T5787] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 351.982416][T14999] ntfs: volume version 3.1. [ 352.108242][T14999] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 352.176212][T14999] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 352.260572][T14999] ntfs: (device loop2): ntfs_cluster_alloc(): Failed to map page. [ 352.287760][T14999] ntfs: (device loop2): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5). [ 352.336005][T14999] ntfs: (device loop2): ntfs_truncate(): Cannot truncate inode 0x43, attribute type 0x80, because the conversion from resident to non-resident attribute failed with error code -5. [ 352.383350][T15012] loop0: detected capacity change from 0 to 256 [ 352.390891][T15012] exfat: Deprecated parameter 'namecase' [ 352.402865][T15012] exfat: Deprecated parameter 'utf8' [ 352.446614][T15012] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x3f800a9b, utbl_chksum : 0xe619d30d) [ 352.460790][T15014] loop1: detected capacity change from 0 to 256 [ 352.526810][ T5779] ntfs: (device loop2): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 352.924814][T15031] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4099'. [ 353.229698][T15044] syz.1.4107: attempt to access beyond end of device [ 353.229698][T15044] nbd1: rw=0, sector=0, nr_sectors = 8 limit=0 [ 353.253977][T15040] loop2: detected capacity change from 0 to 2048 [ 353.266104][T15044] F2FS-fs (nbd1): Unable to read 1th superblock [ 353.308822][T15044] syz.1.4107: attempt to access beyond end of device [ 353.308822][T15044] nbd1: rw=0, sector=8, nr_sectors = 8 limit=0 [ 353.328711][T15040] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 353.365487][T15044] F2FS-fs (nbd1): Unable to read 2th superblock [ 353.898937][T15067] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode [ 353.914059][ T28] audit: type=1326 audit(1762095660.956:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.0.4117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 353.990550][ T28] audit: type=1326 audit(1762095660.986:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.0.4117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 354.056066][ T28] audit: type=1326 audit(1762095660.996:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15065 comm="syz.0.4117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 354.108102][T15075] netlink: 'syz.0.4123': attribute type 11 has an invalid length. [ 354.137339][T15075] netlink: 212832 bytes leftover after parsing attributes in process `syz.0.4123'. [ 354.352178][T15083] loop3: detected capacity change from 0 to 1764 [ 354.392031][T15083] iso9660: Corrupted directory entry in block 14 of inode 1920 [ 354.681878][T15096] loop3: detected capacity change from 0 to 256 [ 354.745098][T15096] FAT-fs (loop3): Directory bread(block 64) failed [ 354.772379][T15096] FAT-fs (loop3): Directory bread(block 65) failed [ 354.798975][T15096] FAT-fs (loop3): Directory bread(block 66) failed [ 354.825995][T15096] FAT-fs (loop3): Directory bread(block 67) failed [ 354.846758][T15096] FAT-fs (loop3): Directory bread(block 68) failed [ 354.866751][T15096] FAT-fs (loop3): Directory bread(block 69) failed [ 354.883106][T15096] FAT-fs (loop3): Directory bread(block 70) failed [ 354.903378][T15096] FAT-fs (loop3): Directory bread(block 71) failed [ 354.918461][T15096] FAT-fs (loop3): Directory bread(block 72) failed [ 354.935165][T15096] FAT-fs (loop3): Directory bread(block 73) failed [ 355.011205][T15096] syz.3.4131: attempt to access beyond end of device [ 355.011205][T15096] loop3: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 355.048291][T15096] syz.3.4131: attempt to access beyond end of device [ 355.048291][T15096] loop3: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 355.094279][T15084] loop2: detected capacity change from 0 to 32768 [ 355.106491][T15084] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.4126 (15084) [ 355.148267][T15084] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 355.164524][T15084] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 355.188503][T15084] BTRFS info (device loop2): using free space tree [ 355.419300][T15084] BTRFS info (device loop2): enabling ssd optimizations [ 355.426318][T15084] BTRFS info (device loop2): auto enabling async discard [ 355.477935][T15134] netlink: 'syz.3.4145': attribute type 3 has an invalid length. [ 355.653857][T15141] loop3: detected capacity change from 0 to 8 [ 355.677234][ T5779] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 355.693218][T15141] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 355.723099][ T5794] udevd[5794]: incorrect cramfs checksum on /dev/loop3 [ 355.753294][T15141] cramfs: Error -3 while decompressing! [ 355.833430][ T5794] udevd[5794]: incorrect cramfs checksum on /dev/loop3 [ 355.849144][T15141] cramfs: ffffffff96fe1368(26)->ffff888057b55000(4096) [ 355.865741][T15141] cramfs: Error -3 while decompressing! [ 355.918073][T15141] cramfs: ffffffff96fe1382(26)->ffff8880580a6000(4096) [ 355.937671][T15141] cramfs: Error -3 while decompressing! [ 355.943273][T15141] cramfs: ffffffff96fe139c(16)->ffff888054d95000(4096) [ 355.972354][T15141] cramfs: Error -3 while decompressing! [ 355.997884][T15141] cramfs: ffffffff96fe1368(26)->ffff888057b55000(4096) [ 356.150863][ T5784] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 356.201154][T15154] dvmrp0: left allmulticast mode [ 356.394211][ T5784] usb 1-1: config 0 has an invalid interface number: 199 but max is 1 [ 356.413147][ T5784] usb 1-1: config 0 has no interface number 1 [ 356.428263][ T5784] usb 1-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 356.458873][ T5784] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 356.499074][ T5784] usb 1-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 356.524961][ T5784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 356.529077][T15165] QAT: failed to copy from user cfg_data. [ 356.542059][ T5784] usb 1-1: SerialNumber: syz [ 356.556291][ T5784] usb 1-1: config 0 descriptor?? [ 356.608019][ T5784] usb 1-1: Found UVC 0.00 device (0002:0000) [ 356.637732][ T5784] usb 1-1: No valid video chain found. [ 356.694824][T15171] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma? [ 356.797092][ T8] usb 1-1: USB disconnect, device number 26 [ 356.805816][T15174] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 356.973624][T15181] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4167'. [ 357.076722][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 357.076737][ T28] audit: type=1326 audit(1762095664.116:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15184 comm="syz.2.4169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa318efc9 code=0x7ffc0000 [ 357.115462][ T28] audit: type=1326 audit(1762095664.116:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15184 comm="syz.2.4169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa318efc9 code=0x7ffc0000 [ 357.167968][ T28] audit: type=1326 audit(1762095664.126:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15184 comm="syz.2.4169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f9aa318efc9 code=0x7ffc0000 [ 357.215287][ T28] audit: type=1326 audit(1762095664.126:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15184 comm="syz.2.4169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa318efc9 code=0x7ffc0000 [ 357.271600][T15193] loop2: detected capacity change from 0 to 1024 [ 357.468001][T15199] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4176'. [ 357.680429][T15204] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4179'. [ 357.734131][T15204] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4179'. [ 358.104850][T15224] loop0: detected capacity change from 0 to 4096 [ 358.112407][ T5784] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 358.146211][T15227] netlink: 'syz.1.4197': attribute type 3 has an invalid length. [ 358.237279][T15224] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 358.307740][ T5784] usb 3-1: Using ep0 maxpacket: 16 [ 358.334678][ T5784] usb 3-1: config 0 has an invalid interface number: 237 but max is 0 [ 358.356148][ T5784] usb 3-1: config 0 has no interface number 0 [ 358.367503][T15224] ntfs3: loop0: Failed to load $Extend (-22). [ 358.375934][T15224] ntfs3: loop0: Failed to initialize $Extend. [ 358.382665][ T5784] usb 3-1: config 0 interface 237 has no altsetting 0 [ 358.401337][ T5784] usb 3-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad [ 358.422226][ T5784] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.448282][ T5784] usb 3-1: Product: syz [ 358.465437][ T5784] usb 3-1: Manufacturer: syz [ 358.482089][ T5784] usb 3-1: SerialNumber: syz [ 358.520906][ T5784] usb 3-1: config 0 descriptor?? [ 358.549353][ T5784] snd_usb_podhd 3-1:0.237: Line 6 POD HD300 found [ 358.751278][ T5784] snd_usb_podhd 3-1:0.237: cannot get proper max packet size [ 358.760566][T15243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4199'. [ 358.786095][ T5784] snd_usb_podhd 3-1:0.237: Line 6 POD HD300 now disconnected [ 358.803877][ T5784] snd_usb_podhd: probe of 3-1:0.237 failed with error -22 [ 358.904681][T15250] program syz.0.4201 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 358.950281][ T8] usb 3-1: USB disconnect, device number 16 [ 359.003852][T15252] loop1: detected capacity change from 0 to 2048 [ 359.062215][T15254] loop3: detected capacity change from 0 to 1024 [ 359.071029][T15252] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 359.089802][T15254] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 359.542985][T15271] loop3: detected capacity change from 0 to 64 [ 359.567788][T15271] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 359.602653][T15271] MINIX-fs warning: remounting unchecked fs, running fsck is recommended [ 360.307764][ T23] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 360.507718][ T23] usb 1-1: Using ep0 maxpacket: 16 [ 360.522233][ T23] usb 1-1: config 0 has an invalid interface number: 214 but max is 0 [ 360.547729][ T23] usb 1-1: config 0 has no interface number 0 [ 360.558258][ T23] usb 1-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64 [ 360.600922][ T23] usb 1-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 360.620574][ T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 360.644030][ T23] usb 1-1: Product: syz [ 360.654155][ T23] usb 1-1: Manufacturer: syz [ 360.662866][ T23] usb 1-1: SerialNumber: syz [ 360.700713][ T23] usb 1-1: config 0 descriptor?? [ 360.808186][T15320] loop1: detected capacity change from 0 to 4096 [ 360.816090][T15320] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 360.881743][T15326] loop3: detected capacity change from 0 to 128 [ 360.952348][T15326] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000006f) [ 360.975361][T15326] FAT-fs (loop3): Filesystem has been set read-only [ 361.119740][ T23] usbtouchscreen: probe of 1-1:0.214 failed with error -71 [ 361.155379][ T23] usb 1-1: USB disconnect, device number 27 [ 361.361737][T15338] netlink: 'syz.1.4242': attribute type 10 has an invalid length. [ 361.372483][T15338] bridge0: port 2(bridge_slave_1) entered disabled state [ 361.380439][T15338] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.433698][T15338] bridge0: port 2(bridge_slave_1) entered blocking state [ 361.440960][T15338] bridge0: port 2(bridge_slave_1) entered forwarding state [ 361.448573][T15338] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.455701][T15338] bridge0: port 1(bridge_slave_0) entered forwarding state [ 361.470038][T15338] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 361.701115][ T5791] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 361.897810][ T5791] usb 4-1: Using ep0 maxpacket: 8 [ 361.905276][ T5791] usb 4-1: unable to get BOS descriptor or descriptor too short [ 361.914700][ T5791] usb 4-1: config 17 has an invalid interface number: 8 but max is 1 [ 361.922929][ T5791] usb 4-1: config 17 has 1 interface, different from the descriptor's value: 2 [ 361.931995][ T5791] usb 4-1: config 17 has no interface number 0 [ 361.938351][ T5791] usb 4-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 26232, setting to 64 [ 361.949472][ T5791] usb 4-1: config 17 interface 8 has no altsetting 0 [ 361.959445][ T5791] usb 4-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff [ 361.968751][ T5791] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 361.976838][ T5791] usb 4-1: Product: syz [ 361.981148][ T5791] usb 4-1: Manufacturer: syz [ 361.987632][ T5791] usb 4-1: SerialNumber: syz [ 362.099141][T15352] QAT: Device 208 not found [ 362.231403][ T5791] usb 4-1: selecting invalid altsetting 0 [ 362.302492][ T5791] usb 4-1: USB disconnect, device number 16 [ 362.351547][T15361] vcan0: entered promiscuous mode [ 362.365648][ T5794] udevd[5794]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 362.420316][T15361] A link change request failed with some changes committed already. Interface vcan0 may have been left with an inconsistent configuration, please check. [ 362.785196][T15379] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4261'. [ 363.373324][T15403] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 363.822027][T15421] exFAT-fs (nullb0): mounting with "discard" option, but the device does not support discard [ 363.865335][T15421] exFAT-fs (nullb0): invalid boot record signature [ 363.883243][T15421] exFAT-fs (nullb0): failed to read boot sector [ 363.901674][T15421] exFAT-fs (nullb0): failed to recognize exfat type [ 363.910570][T15425] loop3: detected capacity change from 0 to 16 [ 363.959396][T15425] erofs: (device loop3): mounted with root inode @ nid 36. [ 364.222782][T15431] (syz.1.4287,15431,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 364.271367][T15431] (syz.1.4287,15431,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 364.478036][T15417] loop0: detected capacity change from 0 to 32768 [ 364.503223][T15417] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.4278 (15417) [ 364.558491][T15417] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 364.605903][T15417] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 364.628015][T15417] BTRFS info (device loop0): force zlib compression, level 3 [ 364.635466][T15417] BTRFS info (device loop0): force clearing of disk cache [ 364.647421][T15440] syz.2.4291 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 364.678035][T15417] BTRFS info (device loop0): setting nodatasum [ 364.684271][T15417] BTRFS info (device loop0): use zlib compression, level 3 [ 364.715705][T15443] loop3: detected capacity change from 0 to 2048 [ 364.730424][T15417] BTRFS info (device loop0): allowing degraded mounts [ 364.747761][T15417] BTRFS info (device loop0): enabling disk space caching [ 364.754853][T15417] BTRFS info (device loop0): disk space caching is enabled [ 364.793148][T15443] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 364.978539][T15417] BTRFS info (device loop0): enabling ssd optimizations [ 364.985618][T15417] BTRFS info (device loop0): auto enabling async discard [ 365.022173][T15446] loop1: detected capacity change from 0 to 4096 [ 365.027859][T15417] BTRFS info (device loop0): rebuilding free space tree [ 365.067158][T15446] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 365.088981][T15417] BTRFS info (device loop0): disabling free space tree [ 365.125110][T15417] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 365.157729][T15417] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 365.170488][T15446] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 365.189133][T15446] ntfs3: loop1: Failed to load $Extend (-22). [ 365.209315][T15446] ntfs3: loop1: Failed to initialize $Extend. [ 365.271478][T15469] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 365.317711][T15469] overlayfs: missing 'lowerdir' [ 365.345351][ T5778] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 365.526227][ T5795] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop0 scanned by udevd (5795) [ 365.995142][T15488] netlink: 'syz.3.4306': attribute type 10 has an invalid length. [ 365.998335][T15483] loop1: detected capacity change from 0 to 4096 [ 366.034366][T15483] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 366.034427][T15488] bridge0: port 2(bridge_slave_1) entered disabled state [ 366.050940][T15488] bridge0: port 1(bridge_slave_0) entered disabled state [ 366.152966][T15488] bridge0: port 2(bridge_slave_1) entered blocking state [ 366.160248][T15488] bridge0: port 2(bridge_slave_1) entered forwarding state [ 366.167831][T15488] bridge0: port 1(bridge_slave_0) entered blocking state [ 366.175023][T15488] bridge0: port 1(bridge_slave_0) entered forwarding state [ 366.213406][T15488] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 366.217293][T15483] ntfs3: loop1: ino=1e, "file1" ntfs_sync_inode failed, -22. [ 366.256532][T15483] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 366.368379][ T5845] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 366.380528][ T59] ntfs3: loop1: ino=1e, ntfs3_write_inode failed, -22. [ 366.559935][ T5845] usb 1-1: config 0 has an invalid interface number: 69 but max is 0 [ 366.577704][ T5845] usb 1-1: config 0 has no interface number 0 [ 366.594520][ T5845] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 366.641536][ T5845] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 366.679296][ T5845] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 366.698955][ T5845] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 366.715467][ T5845] usb 1-1: Product: syz [ 366.720087][ T5845] usb 1-1: Manufacturer: syz [ 366.724801][ T5845] usb 1-1: SerialNumber: syz [ 366.736087][ T5845] usb 1-1: config 0 descriptor?? [ 366.752350][T15492] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 366.772605][ T5845] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 366.809435][ T5845] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 367.173598][T15521] netlink: 'syz.2.4321': attribute type 10 has an invalid length. [ 367.194625][T15521] bridge0: port 2(bridge_slave_1) entered disabled state [ 367.203581][T15521] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.221696][ T5845] usb 1-1: USB disconnect, device number 28 [ 367.229198][T15521] bridge0: port 2(bridge_slave_1) entered blocking state [ 367.236395][T15521] bridge0: port 2(bridge_slave_1) entered forwarding state [ 367.238441][T15522] loop1: detected capacity change from 0 to 2048 [ 367.243947][T15521] bridge0: port 1(bridge_slave_0) entered blocking state [ 367.257181][T15521] bridge0: port 1(bridge_slave_0) entered forwarding state [ 367.265863][ T5845] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 367.280932][T15521] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 367.292862][ T5845] cyberjack 1-1:0.69: device disconnected [ 367.301370][T15522] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 367.303608][T15520] loop3: detected capacity change from 0 to 4096 [ 367.326776][T15520] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 367.433082][T15520] ntfs3: loop3: ino=3, ntfs_set_state failed, -22. [ 367.447741][T15520] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 367.450371][T15523] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 367.572084][T15520] ntfs3: loop3: ino=5, "/" directory corrupted [ 367.681142][ T11] ntfs3: loop3: ino=3, ntfs3_write_inode failed, -22. [ 367.701854][ T5780] ntfs3: loop3: ino=3, ntfs_set_state failed, -22. [ 367.715852][ T5780] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 367.742058][ T5780] ntfs3: loop3: ino=3, ntfs_set_state failed, -22. [ 367.752044][ T1075] ntfs3: loop3: ino=3, ntfs3_write_inode failed, -22. [ 368.157003][T15545] netlink: 'syz.0.4333': attribute type 10 has an invalid length. [ 368.184775][T15545] bridge0: port 2(bridge_slave_1) entered disabled state [ 368.192552][T15545] bridge0: port 1(bridge_slave_0) entered disabled state [ 368.248606][T15545] bridge0: port 2(bridge_slave_1) entered blocking state [ 368.255879][T15545] bridge0: port 2(bridge_slave_1) entered forwarding state [ 368.263518][T15545] bridge0: port 1(bridge_slave_0) entered blocking state [ 368.270753][T15545] bridge0: port 1(bridge_slave_0) entered forwarding state [ 368.302006][T15545] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 368.458698][T15557] netlink: 'syz.3.4341': attribute type 9 has an invalid length. [ 368.701042][T15565] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4344'. [ 369.054987][T15579] netlink: 'syz.1.4351': attribute type 10 has an invalid length. [ 369.091830][T15579] bridge0: port 2(bridge_slave_1) entered disabled state [ 369.099183][T15579] bridge0: port 1(bridge_slave_0) entered disabled state [ 369.708942][T15605] netlink: 'syz.1.4364': attribute type 10 has an invalid length. [ 370.070027][T15622] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4371'. [ 370.406367][T15627] loop0: detected capacity change from 0 to 4096 [ 370.463355][T15627] ntfs3: loop0: ino=3, Correct links count -> 2. [ 370.522253][T15639] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4377'. [ 370.977081][T15651] nvme_fabrics: unknown parameter or missing value 'V' in ctrl creation request [ 371.167986][T15659] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4389'. [ 371.192266][T15657] loop0: detected capacity change from 0 to 4096 [ 371.663675][T15671] loop3: detected capacity change from 0 to 4096 [ 371.692842][T15671] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 371.787826][T15678] netlink: 'syz.1.4397': attribute type 10 has an invalid length. [ 371.812000][T15678] team0: left promiscuous mode [ 371.827093][T15678] team_slave_0: left promiscuous mode [ 371.833321][T15671] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 371.849627][T15678] : left promiscuous mode [ 371.858146][T15671] ntfs3: loop3: Failed to load $Extend (-22). [ 371.864297][T15671] ntfs3: loop3: Failed to initialize $Extend. [ 371.869025][T15678] mac80211_hwsim hwsim5 wlan1: left promiscuous mode [ 371.894577][T15678] dummy0: left promiscuous mode [ 371.925431][T15678] bond0: (slave team0): Enslaving as an active interface with an up link [ 372.203094][T15689] loop3: detected capacity change from 0 to 512 [ 372.280187][T15689] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 372.372119][T15689] ext4 filesystem being mounted at /1110/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 372.578973][T15689] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 372.602775][T15704] loop0: detected capacity change from 0 to 2048 [ 372.618274][T15689] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 372.660916][T15689] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4401: Failed to acquire dquot type 1 [ 372.686028][T15704] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 372.906222][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.146589][T15725] netlink: 'syz.1.4421': attribute type 10 has an invalid length. [ 373.169371][T15725] batman_adv: batadv0: Adding interface: wlan0 [ 373.179879][T15726] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 373.198799][T15725] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 373.248258][T15725] batman_adv: batadv0: Interface activated: wlan0 [ 373.265530][T15728] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4422'. [ 373.473288][T15736] loop3: detected capacity change from 0 to 64 [ 374.055909][T15760] netdevsim netdevsim0: Firmware load for '..' refused, path contains '..' component [ 374.271189][T15767] CIFS: VFS: Malformed UNC in devname [ 374.272767][T15769] ksmbd: Unknown IPC event: 3, ignore. [ 374.389367][T15771] netlink: 100 bytes leftover after parsing attributes in process `syz.3.4442'. [ 374.672954][T15785] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4450'. [ 374.806958][T15788] loop1: detected capacity change from 0 to 512 [ 374.846453][T15788] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 374.896219][T15788] ext4 filesystem being mounted at /1143/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 374.941157][T15788] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 374.952524][T15788] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 374.962445][T15788] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.4451: Failed to acquire dquot type 1 [ 375.072292][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 375.422583][T15813] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4462'. [ 375.542878][T15817] loop3: detected capacity change from 0 to 512 [ 375.579734][T15817] ext4: Unknown parameter '.' [ 375.642684][T15823] loop0: detected capacity change from 0 to 512 [ 375.650221][ T5795] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 375.740220][T15823] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 375.847839][T15823] ext4 filesystem being mounted at /1087/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 375.958182][T15823] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 375.978375][T15823] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 376.024132][T15823] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.4467: Failed to acquire dquot type 1 [ 376.206318][ T5778] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 376.343468][T15838] netlink: zone id is out of range [ 376.359198][T15838] netlink: zone id is out of range [ 376.366747][T15838] netlink: zone id is out of range [ 376.387750][T15838] netlink: zone id is out of range [ 376.392930][T15838] netlink: zone id is out of range [ 376.437701][T15838] netlink: zone id is out of range [ 376.442897][T15838] netlink: zone id is out of range [ 376.467636][T15838] netlink: zone id is out of range [ 376.472814][T15838] netlink: zone id is out of range [ 376.517697][T15838] netlink: zone id is out of range [ 376.660581][T15844] veth3: entered allmulticast mode [ 376.756848][T15850] loop0: detected capacity change from 0 to 2048 [ 376.795179][T15850] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 377.100130][T15863] loop3: detected capacity change from 0 to 8 [ 377.768889][T15890] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4500'. [ 377.827844][T15890] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4500'. [ 378.025727][T15902] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4507'. [ 378.137779][ T23] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 378.181624][T15909] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4509'. [ 378.342638][ T23] usb 3-1: Using ep0 maxpacket: 16 [ 378.350157][ T23] usb 3-1: config 0 has no interfaces? [ 378.361783][ T23] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 378.377210][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 378.394058][T15916] loop1: detected capacity change from 0 to 16 [ 378.397023][ T23] usb 3-1: Product: syz [ 378.405414][ T23] usb 3-1: Manufacturer: syz [ 378.411075][ T23] usb 3-1: SerialNumber: syz [ 378.421639][ T23] r8152-cfgselector 3-1: config 0 descriptor?? [ 378.430382][T15916] erofs: (device loop1): mounted with root inode @ nid 36. [ 378.661790][ T23] usbip-host 3-1: 3-1 is not in match_busid table... skip! [ 378.709605][T15928] PKCS7: Unknown OID: [4] 0.0 [ 378.719871][T15928] PKCS7: Only support pkcs7_signedData type [ 378.858705][ T5845] usb 3-1: USB disconnect, device number 17 [ 379.023184][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.036051][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.197099][T15950] loop1: detected capacity change from 0 to 164 [ 379.252687][T15950] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 380.018508][T15982] netlink: 'syz.3.4546': attribute type 10 has an invalid length. [ 380.158405][T15982] 8021q: adding VLAN 0 to HW filter on device team0 [ 380.200010][T15982] bond0: (slave team0): Enslaving as an active interface with an up link [ 380.393558][T15994] loop1: detected capacity change from 0 to 1024 [ 380.659682][ T11] hfsplus: b-tree write err: -5, ino 4 [ 380.983453][T16020] netlink: 'syz.0.4563': attribute type 10 has an invalid length. [ 381.007755][T16020] team0: left promiscuous mode [ 381.016181][T16020] team_slave_0: left promiscuous mode [ 381.022471][T16020] : left promiscuous mode [ 381.027201][T16020] mac80211_hwsim hwsim7 wlan1: left promiscuous mode [ 381.034703][T16020] dummy0: left promiscuous mode [ 381.043172][T16020] 8021q: adding VLAN 0 to HW filter on device team0 [ 381.052796][T16020] bond0: (slave team0): Enslaving as an active interface with an up link [ 381.155637][T16026] nfs: Unknown parameter 'ntext' [ 381.178143][ T8] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 381.228261][ T5846] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 381.377699][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 381.394979][ T8] usb 3-1: unable to get BOS descriptor or descriptor too short [ 381.415470][ T8] usb 3-1: config 7 has an invalid interface number: 128 but max is 0 [ 381.425186][ T5846] usb 2-1: Using ep0 maxpacket: 16 [ 381.441043][ T8] usb 3-1: config 7 contains an unexpected descriptor of type 0x1, skipping [ 381.457981][ T8] usb 3-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 381.471192][ T5846] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 381.480963][ T5846] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 381.489143][ T8] usb 3-1: config 7 has no interface number 0 [ 381.495796][ T8] usb 3-1: config 7 interface 128 altsetting 2 has an invalid endpoint with address 0x17, skipping [ 381.508150][ T5846] usb 2-1: Product: syz [ 381.512343][ T5846] usb 2-1: Manufacturer: syz [ 381.532845][ T5846] usb 2-1: SerialNumber: syz [ 381.538944][ T8] usb 3-1: config 7 interface 128 altsetting 2 endpoint 0x87 has an invalid bInterval 209, changing to 11 [ 381.556552][ T8] usb 3-1: config 7 interface 128 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 381.570611][ T5846] r8152-cfgselector 2-1: config 0 descriptor?? [ 381.592145][ T8] usb 3-1: config 7 interface 128 has no altsetting 0 [ 381.607775][ T8] usb 3-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13 [ 381.617445][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 381.637625][ T8] usb 3-1: Product: syz [ 381.641954][ T8] usb 3-1: Manufacturer: syz [ 381.646605][ T8] usb 3-1: SerialNumber: syz [ 381.661761][T16014] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 381.799344][ T5846] usbip-host 2-1: 2-1 is not in match_busid table... skip! [ 381.914521][ T8] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 381.931958][ T8] usb 3-1: MIDIStreaming interface descriptor not found [ 382.016003][ T23] usb 2-1: USB disconnect, device number 16 [ 382.029254][ T2875] usb 2-1: config 0 descriptor?? [ 382.057215][ T8] usb 3-1: USB disconnect, device number 18 [ 382.447079][T16067] loop0: detected capacity change from 0 to 16 [ 382.462434][T16067] erofs: (device loop0): mounted with root inode @ nid 36. [ 382.605050][T16071] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 382.659008][T16071] net_ratelimit: 334 callbacks suppressed [ 382.659025][T16071] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 382.734098][T16076] comedi comedi0: dt2801: I/O port conflict (0xffffffffffffff7f,2) [ 382.968454][ T5784] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 382.988806][T16089] loop1: detected capacity change from 0 to 2048 [ 383.024779][T16089] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 383.156961][ T5784] usb 3-1: config 0 has an invalid interface number: 50 but max is 0 [ 383.173875][ T5784] usb 3-1: config 0 has no interface number 0 [ 383.187029][ T5784] usb 3-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 383.207735][ T23] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 383.218560][ T5784] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 383.243390][ T5784] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.258020][ T5784] usb 3-1: Product: syz [ 383.269971][ T5784] usb 3-1: Manufacturer: syz [ 383.282226][ T5784] usb 3-1: SerialNumber: syz [ 383.305761][ T5784] usb 3-1: config 0 descriptor?? [ 383.333901][T16099] loop3: detected capacity change from 0 to 1024 [ 383.338523][ T5784] yurex 3-1:0.50: USB YUREX device now attached to Yurex #0 [ 383.411753][T16101] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 383.426022][ T23] usb 1-1: Using ep0 maxpacket: 32 [ 383.433600][T16101] overlayfs: missing 'lowerdir' [ 383.435671][ T49] hfsplus: b-tree write err: -5, ino 4 [ 383.454965][ T23] usb 1-1: unable to get BOS descriptor or descriptor too short [ 383.465442][ T23] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 383.489386][ T23] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 383.507654][ T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.516654][ T23] usb 1-1: Product: syz [ 383.521694][ T23] usb 1-1: Manufacturer: syz [ 383.548714][ T23] usb 1-1: SerialNumber: syz [ 383.757967][ T5784] usb 3-1: USB disconnect, device number 19 [ 383.782385][ T5784] yurex 3-1:0.50: USB YUREX #0 now disconnected [ 383.806118][ T23] usb 1-1: Not enough endpoints found in device, aborting! [ 383.995708][ T23] usb 1-1: USB disconnect, device number 29 [ 384.086194][T16121] netlink: 'syz.1.4615': attribute type 3 has an invalid length. [ 384.209004][T16125] netlink: 'syz.3.4618': attribute type 7 has an invalid length. [ 384.563444][T16135] loop3: detected capacity change from 0 to 164 [ 384.694761][T16135] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 385.628896][T16141] loop0: detected capacity change from 0 to 32768 [ 385.632934][T16163] ieee802154 phy0 wpan0: encryption failed: -22 [ 385.718942][T16141] JBD2: Ignoring recovery information on journal [ 385.913883][T16141] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 385.966575][T16141] (syz.0.4625,16141,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=51539607617, rec_len=0, name_len=0 [ 386.027980][T16141] (syz.0.4625,16141,1):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 386.037175][T16141] (syz.0.4625,16141,1):ocfs2_mknod:298 ERROR: status = -2 [ 386.062245][T16141] (syz.0.4625,16141,1):ocfs2_mknod:502 ERROR: status = -2 [ 386.089708][T16141] (syz.0.4625,16141,1):ocfs2_create:676 ERROR: status = -2 [ 386.192749][ T5778] ocfs2: Unmounting device (7,0) on (node local) [ 386.219641][ T28] audit: type=1326 audit(1762095693.266:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.3.4644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34418efc9 code=0x7ffc0000 [ 386.306695][ T28] audit: type=1326 audit(1762095693.266:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.3.4644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34418efc9 code=0x7ffc0000 [ 386.345275][ T28] audit: type=1326 audit(1762095693.306:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.3.4644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7fe34418efc9 code=0x7ffc0000 [ 386.372946][ T28] audit: type=1326 audit(1762095693.306:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.3.4644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34418efc9 code=0x7ffc0000 [ 386.422205][ T28] audit: type=1326 audit(1762095693.306:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16182 comm="syz.3.4644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe34418efc9 code=0x7ffc0000 [ 386.445100][ T5846] usb 2-1: new full-speed USB device number 17 using dummy_hcd [ 386.552655][T16187] loop3: detected capacity change from 0 to 4096 [ 386.579901][T16187] EXT4-fs (loop3): Test dummy encryption mode enabled [ 386.603775][T16187] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 386.610858][T16192] MTD: Couldn't look up '/dev/sg0': -15 [ 386.622195][T16187] System zones: 0-5 [ 386.660022][ T5846] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 386.678846][ T5846] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 386.718925][T16187] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 386.782694][ T5846] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 386.813906][ T5846] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 386.838351][ T5846] usb 2-1: SerialNumber: syz [ 386.862632][ T5846] usb 2-1: 0:2 : does not exist [ 386.969166][ T5780] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 387.366589][ T23] usb 2-1: USB disconnect, device number 17 [ 387.387137][T16217] netlink: 'syz.3.4660': attribute type 3 has an invalid length. [ 388.129864][T16231] netlink: 144 bytes leftover after parsing attributes in process `syz.1.4666'. [ 388.782095][ T1075] hfsplus: b-tree write err: -5, ino 4 [ 388.891356][T16261] loop0: detected capacity change from 0 to 64 [ 389.437874][T16253] loop1: detected capacity change from 0 to 32768 [ 389.446190][T16253] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.4678 (16253) [ 389.515481][T16253] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 389.550589][T16253] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 389.592139][T16253] BTRFS info (device loop1): using free space tree [ 389.666311][T16289] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 389.701561][T16294] loop3: detected capacity change from 0 to 64 [ 389.735454][T16301] netlink: 'syz.0.4695': attribute type 10 has an invalid length. [ 389.750092][T16301] netlink: 212412 bytes leftover after parsing attributes in process `syz.0.4695'. [ 389.763615][T16301] openvswitch: netlink: Flow key attr not present in new flow. [ 389.791145][T16294] Trying to free block not in datazone [ 389.797259][T16294] Trying to free block not in datazone [ 389.838085][T16253] BTRFS info (device loop1): enabling ssd optimizations [ 389.845095][T16253] BTRFS info (device loop1): auto enabling async discard [ 389.867632][T16294] Trying to free block not in datazone [ 389.873191][T16294] Trying to free block not in datazone [ 389.907483][T16294] Trying to free block not in datazone [ 389.962718][T16294] Trying to free block not in datazone [ 389.998891][T16294] Trying to free block not in datazone [ 390.040300][T16294] Trying to free block not in datazone [ 390.076159][T16294] Trying to free block not in datazone [ 390.087859][T16294] Trying to free block not in datazone [ 390.093544][T16294] Trying to free block not in datazone [ 390.147780][T16294] Trying to free block not in datazone [ 390.404667][ T5787] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 390.463737][T16321] loop3: detected capacity change from 0 to 256 [ 390.481765][T16321] exfat: Deprecated parameter 'utf8' [ 390.512995][T16321] exfat: Deprecated parameter 'namecase' [ 390.523697][T16321] exfat: Deprecated parameter 'utf8' [ 390.575361][T16324] syz.0.4705: attempt to access beyond end of device [ 390.575361][T16324] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0 [ 390.614001][T16321] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 390.676425][T16324] syz.0.4705: attempt to access beyond end of device [ 390.676425][T16324] nbd0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 390.698258][T16326] netlink: 256 bytes leftover after parsing attributes in process `syz.2.4706'. [ 390.751212][T16324] syz.0.4705: attempt to access beyond end of device [ 390.751212][T16324] nbd0: rw=0, sector=0, nr_sectors = 2 limit=0 [ 390.808468][T16324] syz.0.4705: attempt to access beyond end of device [ 390.808468][T16324] nbd0: rw=0, sector=18, nr_sectors = 2 limit=0 [ 390.882070][T16324] syz.0.4705: attempt to access beyond end of device [ 390.882070][T16324] nbd0: rw=0, sector=30, nr_sectors = 2 limit=0 [ 390.928277][T16332] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4715'. [ 390.957411][T16324] syz.0.4705: attempt to access beyond end of device [ 390.957411][T16324] nbd0: rw=0, sector=36, nr_sectors = 2 limit=0 [ 391.009117][T16324] VFS: unable to find oldfs superblock on device nbd0 [ 391.059224][T16334] loop1: detected capacity change from 0 to 64 [ 391.169432][T16334] Trying to free block not in datazone [ 391.282365][ T28] audit: type=1326 audit(1762095698.326:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16337 comm="syz.0.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 391.397824][ T28] audit: type=1326 audit(1762095698.326:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16337 comm="syz.0.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 391.463416][ T28] audit: type=1326 audit(1762095698.326:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16337 comm="syz.0.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 391.492714][ T28] audit: type=1326 audit(1762095698.326:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16337 comm="syz.0.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 391.547663][ T28] audit: type=1326 audit(1762095698.326:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16337 comm="syz.0.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31f418efc9 code=0x7ffc0000 [ 391.693423][T16348] xt_CT: No such helper "netbios-ns" [ 391.825030][T16331] loop3: detected capacity change from 0 to 32768 [ 391.886986][T16331] JBD2: Ignoring recovery information on journal [ 391.908130][T16358] cifs: Unknown parameter 'IT&:"1:ӭ'4,Zz-#F<]%gC [ 391.908130][T16358] SȘȞZ6' [ 392.075531][T16331] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 392.191813][T16331] [ 392.194239][T16331] ====================================================== [ 392.201274][T16331] WARNING: possible circular locking dependency detected [ 392.208334][T16331] syzkaller #0 Not tainted [ 392.212761][T16331] ------------------------------------------------------ [ 392.219789][T16331] syz.3.4707/16331 is trying to acquire lock: [ 392.225873][T16331] ffff88802143c608 (sb_internal#3){.+.+}-{0:0}, at: ocfs2_setattr+0x102f/0x1b20 [ 392.234971][T16331] [ 392.234971][T16331] but task is already holding lock: [ 392.242354][T16331] ffff88805ba5ea20 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_setattr+0xfb9/0x1b20 [ 392.252659][T16331] [ 392.252659][T16331] which lock already depends on the new lock. [ 392.252659][T16331] [ 392.263056][T16331] [ 392.263056][T16331] the existing dependency chain (in reverse order) is: [ 392.272063][T16331] [ 392.272063][T16331] -> #4 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}: [ 392.280843][T16331] down_write+0x97/0x1f0 [ 392.285612][T16331] ocfs2_try_remove_refcount_tree+0xb7/0x320 [ 392.292115][T16331] ocfs2_xattr_set+0x596/0x11f0 [ 392.297477][T16331] ocfs2_set_acl+0x4e1/0x590 [ 392.302588][T16331] ocfs2_iop_set_acl+0x1ab/0x2a0 [ 392.308047][T16331] vfs_set_acl+0x803/0xa60 [ 392.312989][T16331] path_setxattr+0x39f/0x550 [ 392.318097][T16331] __x64_sys_setxattr+0xbb/0xd0 [ 392.323462][T16331] do_syscall_64+0x55/0xb0 [ 392.328420][T16331] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 392.334841][T16331] [ 392.334841][T16331] -> #3 (&oi->ip_xattr_sem){++++}-{3:3}: [ 392.342667][T16331] down_read+0x46/0x2e0 [ 392.347344][T16331] ocfs2_init_acl+0x2fa/0x720 [ 392.352566][T16331] ocfs2_mknod+0x12e5/0x20f0 [ 392.357690][T16331] ocfs2_create+0x196/0x410 [ 392.362704][T16331] path_openat+0x1277/0x3190 [ 392.367817][T16331] do_filp_open+0x1c5/0x3d0 [ 392.372870][T16331] do_sys_openat2+0x12c/0x1c0 [ 392.378062][T16331] __x64_sys_openat+0x139/0x160 [ 392.383427][T16331] do_syscall_64+0x55/0xb0 [ 392.388361][T16331] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 392.394767][T16331] [ 392.394767][T16331] -> #2 (jbd2_handle){++++}-{0:0}: [ 392.402062][T16331] start_this_handle+0x1e9d/0x20c0 [ 392.407689][T16331] jbd2__journal_start+0x2bb/0x5b0 [ 392.413318][T16331] jbd2_journal_start+0x2a/0x40 [ 392.418686][T16331] ocfs2_start_trans+0x376/0x6c0 [ 392.424154][T16331] ocfs2_reserve_local_alloc_bits+0xaef/0x24b0 [ 392.430846][T16331] ocfs2_reserve_clusters_with_limit+0x1bf/0xba0 [ 392.437713][T16331] ocfs2_symlink+0x105d/0x2550 [ 392.442995][T16331] vfs_symlink+0x138/0x2b0 [ 392.447931][T16331] do_symlinkat+0x1b2/0x3f0 [ 392.453065][T16331] __x64_sys_symlinkat+0x99/0xb0 [ 392.458543][T16331] do_syscall_64+0x55/0xb0 [ 392.463492][T16331] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 392.469902][T16331] [ 392.469902][T16331] -> #1 (&journal->j_trans_barrier){.+.+}-{3:3}: [ 392.478411][T16331] down_read+0x46/0x2e0 [ 392.483095][T16331] ocfs2_start_trans+0x36a/0x6c0 [ 392.488555][T16331] ocfs2_reserve_local_alloc_bits+0xaef/0x24b0 [ 392.495225][T16331] ocfs2_reserve_clusters_with_limit+0x1bf/0xba0 [ 392.502092][T16331] ocfs2_symlink+0x105d/0x2550 [ 392.507377][T16331] vfs_symlink+0x138/0x2b0 [ 392.512330][T16331] do_symlinkat+0x1b2/0x3f0 [ 392.517367][T16331] __x64_sys_symlinkat+0x99/0xb0 [ 392.522853][T16331] do_syscall_64+0x55/0xb0 [ 392.527797][T16331] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 392.534215][T16331] [ 392.534215][T16331] -> #0 (sb_internal#3){.+.+}-{0:0}: [ 392.541683][T16331] __lock_acquire+0x2ddb/0x7c80 [ 392.547054][T16331] lock_acquire+0x197/0x410 [ 392.552072][T16331] ocfs2_start_trans+0x26b/0x6c0 [ 392.557531][T16331] ocfs2_setattr+0x102f/0x1b20 [ 392.562823][T16331] notify_change+0xb0d/0xe10 [ 392.567935][T16331] chown_common+0x3f9/0x5a0 [ 392.572955][T16331] do_fchownat+0x168/0x270 [ 392.577885][T16331] __x64_sys_lchown+0x85/0x90 [ 392.583074][T16331] do_syscall_64+0x55/0xb0 [ 392.588013][T16331] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 392.594419][T16331] [ 392.594419][T16331] other info that might help us debug this: [ 392.594419][T16331] [ 392.604639][T16331] Chain exists of: [ 392.604639][T16331] sb_internal#3 --> &oi->ip_xattr_sem --> &ocfs2_file_ip_alloc_sem_key [ 392.604639][T16331] [ 392.618806][T16331] Possible unsafe locking scenario: [ 392.618806][T16331] [ 392.626249][T16331] CPU0 CPU1 [ 392.631603][T16331] ---- ---- [ 392.636977][T16331] lock(&ocfs2_file_ip_alloc_sem_key); [ 392.642517][T16331] lock(&oi->ip_xattr_sem); [ 392.649622][T16331] lock(&ocfs2_file_ip_alloc_sem_key); [ 392.657680][T16331] rlock(sb_internal#3); [ 392.662022][T16331] [ 392.662022][T16331] *** DEADLOCK *** [ 392.662022][T16331] [ 392.670165][T16331] 3 locks held by syz.3.4707/16331: [ 392.675356][T16331] #0: ffff88802143c418 (sb_writers#18){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 392.684588][T16331] #1: ffff88805ba5ed98 (&type->i_mutex_dir_key#17){+.+.}-{3:3}, at: chown_common+0x313/0x5a0 [ 392.694853][T16331] #2: ffff88805ba5ea20 (&ocfs2_file_ip_alloc_sem_key){++++}-{3:3}, at: ocfs2_setattr+0xfb9/0x1b20 [ 392.705557][T16331] [ 392.705557][T16331] stack backtrace: [ 392.711454][T16331] CPU: 1 PID: 16331 Comm: syz.3.4707 Not tainted syzkaller #0 [ 392.718909][T16331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 392.728970][T16331] Call Trace: [ 392.732248][T16331] [ 392.735177][T16331] dump_stack_lvl+0x16c/0x230 [ 392.739856][T16331] ? load_image+0x3b0/0x3b0 [ 392.744363][T16331] ? show_regs_print_info+0x20/0x20 [ 392.749568][T16331] ? print_circular_bug+0x12b/0x1a0 [ 392.754771][T16331] check_noncircular+0x2bd/0x3c0 [ 392.759704][T16331] ? look_up_lock_class+0x75/0x140 [ 392.764811][T16331] ? print_deadlock_bug+0x5d0/0x5d0 [ 392.770003][T16331] ? lockdep_lock+0xe0/0x220 [ 392.774588][T16331] ? _find_first_zero_bit+0xd3/0x100 [ 392.779876][T16331] __lock_acquire+0x2ddb/0x7c80 [ 392.784763][T16331] ? lock_chain_count+0x20/0x20 [ 392.789642][T16331] ? verify_lock_unused+0x140/0x140 [ 392.794846][T16331] ? asan.module_dtor+0x20/0x20 [ 392.799712][T16331] ? lockdep_hardirqs_on+0x98/0x150 [ 392.804907][T16331] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 392.811066][T16331] lock_acquire+0x197/0x410 [ 392.815573][T16331] ? ocfs2_setattr+0x102f/0x1b20 [ 392.820514][T16331] ? __might_sleep+0xe0/0xe0 [ 392.825099][T16331] ? do_raw_spin_lock+0x121/0x2c0 [ 392.830121][T16331] ? read_lock_is_recursive+0x20/0x20 [ 392.835487][T16331] ? __rwlock_init+0x150/0x150 [ 392.840249][T16331] ? preempt_schedule_thunk+0x1a/0x30 [ 392.845624][T16331] ocfs2_start_trans+0x26b/0x6c0 [ 392.850584][T16331] ? ocfs2_setattr+0x102f/0x1b20 [ 392.855532][T16331] ? ocfs2_recovery_exit+0x50/0x50 [ 392.860640][T16331] ? setattr_prepare+0x1e6/0xac0 [ 392.865572][T16331] ocfs2_setattr+0x102f/0x1b20 [ 392.870338][T16331] ? ocfs2_extend_allocation+0x1760/0x1760 [ 392.876139][T16331] ? ktime_get_coarse_real_ts64+0x3a/0x120 [ 392.881977][T16331] ? seqcount_lockdep_reader_access+0x176/0x1c0 [ 392.888216][T16331] ? ktime_get_coarse_real_ts64+0x110/0x120 [ 392.894107][T16331] ? current_time+0x18d/0x270 [ 392.898780][T16331] ? inode_set_ctime_current+0x2d0/0x2d0 [ 392.904411][T16331] ? apparmor_path_chown+0x239/0x2d0 [ 392.909695][T16331] ? evm_inode_setattr+0x94/0x6a0 [ 392.914727][T16331] ? bpf_lsm_inode_setattr+0x9/0x10 [ 392.920007][T16331] ? try_break_deleg+0x79/0x120 [ 392.924869][T16331] ? ocfs2_extend_allocation+0x1760/0x1760 [ 392.930678][T16331] notify_change+0xb0d/0xe10 [ 392.935269][T16331] chown_common+0x3f9/0x5a0 [ 392.939771][T16331] ? __ia32_sys_chmod+0x70/0x70 [ 392.944623][T16331] ? rcu_read_lock_any_held+0xb4/0x120 [ 392.950089][T16331] ? __mnt_want_write+0x223/0x2a0 [ 392.955124][T16331] do_fchownat+0x168/0x270 [ 392.959540][T16331] ? chown_common+0x5a0/0x5a0 [ 392.964217][T16331] __x64_sys_lchown+0x85/0x90 [ 392.968891][T16331] do_syscall_64+0x55/0xb0 [ 392.973307][T16331] ? clear_bhb_loop+0x40/0x90 [ 392.977980][T16331] ? clear_bhb_loop+0x40/0x90 [ 392.982655][T16331] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 392.988544][T16331] RIP: 0033:0x7fe34418efc9 [ 392.992969][T16331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 393.012577][T16331] RSP: 002b:00007fe3450bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e [ 393.020988][T16331] RAX: ffffffffffffffda RBX: 00007fe3443e5fa0 RCX: 00007fe34418efc9 [ 393.028954][T16331] RDX: 000000000000ee01 RSI: ffffffffffffffff RDI: 0000200000000000 [ 393.036923][T16331] RBP: 00007fe344211f91 R08: 0000000000000000 R09: 0000000000000000 [ 393.044891][T16331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 393.052857][T16331] R13: 00007fe3443e6038 R14: 00007fe3443e5fa0 R15: 00007ffde37b3928 [ 393.060830][T16331] [ 393.188846][ T5780] ocfs2: Unmounting device (7,3) on (node local) [ 394.387792][ C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!