last executing test programs: 2m26.883811642s ago: executing program 2 (id=10982): r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, 0x0, 0x0) 2m26.643753026s ago: executing program 2 (id=10986): r0 = syz_open_procfs(0x0, &(0x7f0000000340)='net/ptype\x00') prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) 2m26.415553869s ago: executing program 2 (id=10990): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x70, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x44, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'vcan0\x00'}, {0x14, 0x1, 'veth1_to_bond\x00'}, {0x14, 0x1, 'veth0_vlan\x00'}]}]}]}], {0x14, 0x10}}, 0x110}}, 0x0) 2m26.22062256s ago: executing program 2 (id=10993): r0 = syz_open_dev$swradio(&(0x7f00000013c0), 0x0, 0x2) ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000140)=@multiplanar_fd={0x1, 0x9, 0x4, 0x4, 0x4, {0x0, 0xea60}, {0x2, 0x8, 0x87, 0x70, 0x0, 0x3, "24debca3"}, 0x0, 0x4, {&(0x7f00000000c0)=[{0x56c, 0x7d, {}, 0x5}, {0x401, 0xfffffe01, {}, 0x4}]}, 0x3}) 2m25.996864153s ago: executing program 2 (id=10998): syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x17c, &(0x7f0000000380)="$eJzskr9OAkEQxr+9O/5oFDWxooGC+KdQjkONnZbY29lI4ETiocKRKITijDEUFsbSJ+A1THwBLYwPQE1BrM2ZvZ3bLL6C+yvu2/l2ZnZ2c+d+208B+JkOajhEhIkMPhiDBSDHhDcxhD6TfpI+CcE75R2Rf0+a9Xv9JAC+nceKMC6qnud28gC+I09a/sGdgUnU6ms6qPHFKYAwDEPu1QGejgUlxwTQVnKyFrAaXSKUORYNsA6g2G1dF/1ef6vZqjbchnvpmOU9e8e2d53iWdNzbfFlyhF0FXDdBJBKQ8L3EwAeKJ7HLEwZjfbZHE5kbTJ+www9IExZayi1sTK8yrlSSsUx1sDHugmWFLcQdbEQXakCBpOCkqXMJ85KRxvbtSuvPgQDi8tGsGSP0hgJGThqUN4PsChaDallgbRCOiIdk+b+/DJWwL+PFG0EQBK31W63U+KPJFYsXjnSc5YD9cH4qS/G7OXeDGg0Go1Go9FoNBrNf+c3AAD//8PfdhM=") execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) 2m24.961732753s ago: executing program 2 (id=11013): syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f0000000280)={[{@nocompress}, {@mode={'mode', 0x3d, 0x8001}}, {@overriderock}, {@hide}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@overriderock}, {@map_off}, {@map_acorn}, {@map_normal}, {@iocharset={'iocharset', 0x3d, 'iso8859-5'}}, {}, {@overriderock}, {@map_off}, {@check_relaxed}, {@mode={'mode', 0x3d, 0x10000}}, {@dmode={'dmode', 0x3d, 0x2}}, {@showassoc}, {@uid}, {@utf8}, {@sbsector={'sbsector', 0x3d, 0x100000001}}]}, 0x2, 0x9e8, &(0x7f0000000440)="$eJzs3c1vHOd9B/Dv8EWiaUOSbdV1BdtayZVM2yxFUrVUwYdWIlcSXb4UJAVY6MFyLaoQxNat3QK2UaAyUPRUowVa9JDcjJxyMuBLfAl8S27JKYcAgf8FIyflxGBml9SSXHJJhW+WPx9id+flN8/zm53Zebi7s/OE75alo6vGlpaq2yOO3/jxHmTMAXZl/JvPv/isvH16P4fSnTeKnyR9SWpJT5Lnk96x8dmZqQ4F3UtuJfk6KZIcTuNxS26l+O889XD86xQ/LOvd0KGtlkwnS3yv7ff+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1ExNj48PFIcysT0jbdrDUltnbHx2ZkiS0vr5ywv0/BV1et38VXHepOivKWvb7mr7+ePP5z9XJLa6bzQGHuh6pA8ffnkyeeOvflsT9fy8htl8wc5vPViP/z4k3vvLi4ufLAriRx81+rTE3MzE1OXr9VrE3MztUsXLgyfu351rnZ1YrI+d3Nuvj5VG5utX56fma0NjL1aG7l06XytPnRz5sb0tfGhyfryxIt/Njo8fKH21tDf1C/Pzs1Mn3traG7s+sTk5MT0tSqmnF3GXCx3xL+emK/N1y9P1Wp37i4unF+TU3fW7L9l0EinNSmDRjsFjQ6Pjo6MjI6OfNrsPXtlwoU3Lr1xcXi4Z3iNrIvYpZ2Wg+WJjTfzzh/E4RF1Ndr/ZDITmc6NvJ1a27+xjGc2M5naYH7Tcvt/5lx903pb2/9mK9/TMvtEeXc6LzVH+zZo/zfIZe/+PszH+ST38m4Ws5iFfLDvGe3t37XUM52JzGUmE5nK5WpKrTmllku5kAsZzju5npOZSy1XM5HJ1DOXm5nLfOrVHjWW2dRzOfOZyWxqGchYXk0tI7mUSzmfWuoZys3M5Eamcy3juVyVcid3q+f9/CY5rgSNbCVodJOgdY35ttv/+tp/Tvje2fmDODyipWb7f6hz6MDYXiQEAAAA7Lg/+XmOHH/mZ79JirxYfS5/dWKyPrzfaQEAAAA7qDpd74XyobccejGF9/8AAADwuCmq39gVSfpzsjG0/EsoHwIAAADAY6L6/v+lFCcfTvD+HwAAAB4zna+x3zGiGFy+/G/tduPxdjOiMVb0X52YrA+NzUy+OZKz1VUGql8arCutOyl6q58fvJZTjahT/Y3H/ocllnX2lVEjQ2+O5LWcbq7IwMvlw8sDbSJHG5GvNCJfaY3szqrI82UkADzuTm/SHm+1/X8tg42IwRNVk99zok0bPKxlBYCDYqWPnd81uzRr0/43I17aqP3/803e/5cRz+TOycYpBUN5L+9nMbczmOYZByfblbrcG0HjNITBDp8G9DdPWfjlxa4Mrvs8oG9lXVtjFzKawbafCLSUWyzncL4R17072wAA9trpTdvhrbX/gx3e//c7pRAADpSVHux3cWC/1xEAWE0rDQAAAAAAAAAAAAAAAAAAAAAAAAAAADtvSxfw/8XZZHFxIdmDzgJWBvq2k+HmA13Zo5z3faA7yX7V/pfZ9lLlNj4oT52B1QP7fGACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgTxRJd7vpXcnhJMNJzu19Vrvn/n4nsFNqj7ZY8SAP8lGO7HQ6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADfd83r/3el8fhkY1J6upIzSW4l+dv9znEnPdjvBPbNP1T3Ldf/70p6s1Skp7HZU/SOjc/OTJWbvzhczv/m8y8+K2+dy17fq0JZQFnDqs4lmjW0TOldvdTT1VL94wsf3vuX9/+pNn6l2jGvzF+dHJ+6NvtXDwOfK75sdIHQ2g3Ccr7/duan/9My+VCz8i/LNW1vbb1Xq3rH19f7x+2W3qDeLbi7uDBa1jRff3v+X//x7kcts57JqeTlgWRgdU1/X942qOnU2udzteLb4j+LI/n/3Kq2f/lsFEtFuYmOVuv/xJ27iwtD772/eHslp39fldOxnExyO+nbek4nq+NJW9Ve19Vb1jpcBZV3xzuUt6mWEkc2eF6frnaZ/m2tQ23jdah0eN6bGZ1vm9H//vOzObvtLX22Q41tFd8Wvy6u51f5j5b+P7rK7X8mbV+dbYqoIlv2lNZ5q15eXY3Ias1HW2e8s7bMDV+V7IL/yt/lL1a2f1fL8b+5rfbmeNRSY/vXRbL918WPjq5rUR6qWqTja1qk5tFno2WaeR5vRG2Q5x/l9aTnxLaOKK93OKLs1uv/B8VAfpv7+v8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOviLpbje9KzmT5FiSo+V4LVlaG3P/Eerr6i8eJc0d8yg5f/cUG65o8SAP8lGO7HVGAAAAAAAAAOyOK+PffP7FZ+Wt+j6+O3/a1ZxTS3qSHCv+r3dsfHZmqkNBvcmt5a/0+7aXw63y7qmH41+XY893WGh/Tx8AgO+03wcAAP//BZNu0Q==") mkdirat(0xffffffffffffff9c, &(0x7f0000000900)='./file0/file0\x00', 0x62) 2m24.950054654s ago: executing program 0 (id=11014): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xca) getsockopt$ax25_int(r0, 0x101, 0xc, &(0x7f0000000040), &(0x7f0000000000)=0x4) 2m24.709827978s ago: executing program 0 (id=11015): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x20, 0x1, 0x8, 0x401, 0x0, 0x0, {0x2}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 2m24.641186342s ago: executing program 0 (id=11018): r0 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/warn_count', 0x280, 0x178) fchown(r0, 0x0, 0xffffffffffffffff) 2m24.461639983s ago: executing program 0 (id=11021): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/cpuinfo\x00', 0x0, 0x0) ppoll(&(0x7f0000000180)=[{r0, 0x4300}], 0x1, 0x0, 0x0, 0x0) 2m24.401594596s ago: executing program 0 (id=11022): syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x17c, &(0x7f0000000380)="$eJzskr9OAkEQxr+9O/5oFDWxooGC+KdQjkONnZbY29lI4ETiocKRKITijDEUFsbSJ+A1THwBLYwPQE1BrM2ZvZ3bLL6C+yvu2/l2ZnZ2c+d+208B+JkOajhEhIkMPhiDBSDHhDcxhD6TfpI+CcE75R2Rf0+a9Xv9JAC+nceKMC6qnud28gC+I09a/sGdgUnU6ms6qPHFKYAwDEPu1QGejgUlxwTQVnKyFrAaXSKUORYNsA6g2G1dF/1ef6vZqjbchnvpmOU9e8e2d53iWdNzbfFlyhF0FXDdBJBKQ8L3EwAeKJ7HLEwZjfbZHE5kbTJ+www9IExZayi1sTK8yrlSSsUx1sDHugmWFLcQdbEQXakCBpOCkqXMJ85KRxvbtSuvPgQDi8tGsGSP0hgJGThqUN4PsChaDallgbRCOiIdk+b+/DJWwL+PFG0EQBK31W63U+KPJFYsXjnSc5YD9cH4qS/G7OXeDGg0Go1Go9FoNBrNf+c3AAD//8PfdhM=") execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) 2m23.429092682s ago: executing program 0 (id=11033): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c00010429bd7000ffdbdf2507000000", @ANYRES32=r0, @ANYBLOB="e0ff8b0a0a0002"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040040) 2m9.590218356s ago: executing program 32 (id=11013): syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f0000000280)={[{@nocompress}, {@mode={'mode', 0x3d, 0x8001}}, {@overriderock}, {@hide}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@overriderock}, {@map_off}, {@map_acorn}, {@map_normal}, {@iocharset={'iocharset', 0x3d, 'iso8859-5'}}, {}, {@overriderock}, {@map_off}, {@check_relaxed}, {@mode={'mode', 0x3d, 0x10000}}, {@dmode={'dmode', 0x3d, 0x2}}, {@showassoc}, {@uid}, {@utf8}, {@sbsector={'sbsector', 0x3d, 0x100000001}}]}, 0x2, 0x9e8, &(0x7f0000000440)="$eJzs3c1vHOd9B/Dv8EWiaUOSbdV1BdtayZVM2yxFUrVUwYdWIlcSXb4UJAVY6MFyLaoQxNat3QK2UaAyUPRUowVa9JDcjJxyMuBLfAl8S27JKYcAgf8FIyflxGBml9SSXHJJhW+WPx9id+flN8/zm53Zebi7s/OE75alo6vGlpaq2yOO3/jxHmTMAXZl/JvPv/isvH16P4fSnTeKnyR9SWpJT5Lnk96x8dmZqQ4F3UtuJfk6KZIcTuNxS26l+O889XD86xQ/LOvd0KGtlkwnS3yv7ff+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1ExNj48PFIcysT0jbdrDUltnbHx2ZkiS0vr5ywv0/BV1et38VXHepOivKWvb7mr7+ePP5z9XJLa6bzQGHuh6pA8ffnkyeeOvflsT9fy8htl8wc5vPViP/z4k3vvLi4ufLAriRx81+rTE3MzE1OXr9VrE3MztUsXLgyfu351rnZ1YrI+d3Nuvj5VG5utX56fma0NjL1aG7l06XytPnRz5sb0tfGhyfryxIt/Njo8fKH21tDf1C/Pzs1Mn3traG7s+sTk5MT0tSqmnF3GXCx3xL+emK/N1y9P1Wp37i4unF+TU3fW7L9l0EinNSmDRjsFjQ6Pjo6MjI6OfNrsPXtlwoU3Lr1xcXi4Z3iNrIvYpZ2Wg+WJjTfzzh/E4RF1Ndr/ZDITmc6NvJ1a27+xjGc2M5naYH7Tcvt/5lx903pb2/9mK9/TMvtEeXc6LzVH+zZo/zfIZe/+PszH+ST38m4Ws5iFfLDvGe3t37XUM52JzGUmE5nK5WpKrTmllku5kAsZzju5npOZSy1XM5HJ1DOXm5nLfOrVHjWW2dRzOfOZyWxqGchYXk0tI7mUSzmfWuoZys3M5Eamcy3juVyVcid3q+f9/CY5rgSNbCVodJOgdY35ttv/+tp/Tvje2fmDODyipWb7f6hz6MDYXiQEAAAA7Lg/+XmOHH/mZ79JirxYfS5/dWKyPrzfaQEAAAA7qDpd74XyobccejGF9/8AAADwuCmq39gVSfpzsjG0/EsoHwIAAADAY6L6/v+lFCcfTvD+HwAAAB4zna+x3zGiGFy+/G/tduPxdjOiMVb0X52YrA+NzUy+OZKz1VUGql8arCutOyl6q58fvJZTjahT/Y3H/ocllnX2lVEjQ2+O5LWcbq7IwMvlw8sDbSJHG5GvNCJfaY3szqrI82UkADzuTm/SHm+1/X8tg42IwRNVk99zok0bPKxlBYCDYqWPnd81uzRr0/43I17aqP3/803e/5cRz+TOycYpBUN5L+9nMbczmOYZByfblbrcG0HjNITBDp8G9DdPWfjlxa4Mrvs8oG9lXVtjFzKawbafCLSUWyzncL4R17072wAA9trpTdvhrbX/gx3e//c7pRAADpSVHux3cWC/1xEAWE0rDQAAAAAAAAAAAAAAAAAAAAAAAAAAADtvSxfw/8XZZHFxIdmDzgJWBvq2k+HmA13Zo5z3faA7yX7V/pfZ9lLlNj4oT52B1QP7fGACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgTxRJd7vpXcnhJMNJzu19Vrvn/n4nsFNqj7ZY8SAP8lGO7HQ6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADfd83r/3el8fhkY1J6upIzSW4l+dv9znEnPdjvBPbNP1T3Ldf/70p6s1Skp7HZU/SOjc/OTJWbvzhczv/m8y8+K2+dy17fq0JZQFnDqs4lmjW0TOldvdTT1VL94wsf3vuX9/+pNn6l2jGvzF+dHJ+6NvtXDwOfK75sdIHQ2g3Ccr7/duan/9My+VCz8i/LNW1vbb1Xq3rH19f7x+2W3qDeLbi7uDBa1jRff3v+X//x7kcts57JqeTlgWRgdU1/X942qOnU2udzteLb4j+LI/n/3Kq2f/lsFEtFuYmOVuv/xJ27iwtD772/eHslp39fldOxnExyO+nbek4nq+NJW9Ve19Vb1jpcBZV3xzuUt6mWEkc2eF6frnaZ/m2tQ23jdah0eN6bGZ1vm9H//vOzObvtLX22Q41tFd8Wvy6u51f5j5b+P7rK7X8mbV+dbYqoIlv2lNZ5q15eXY3Ias1HW2e8s7bMDV+V7IL/yt/lL1a2f1fL8b+5rfbmeNRSY/vXRbL918WPjq5rUR6qWqTja1qk5tFno2WaeR5vRG2Q5x/l9aTnxLaOKK93OKLs1uv/B8VAfpv7+v8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOviLpbje9KzmT5FiSo+V4LVlaG3P/Eerr6i8eJc0d8yg5f/cUG65o8SAP8lGO7HVGAAAAAAAAAOyOK+PffP7FZ+Wt+j6+O3/a1ZxTS3qSHCv+r3dsfHZmqkNBvcmt5a/0+7aXw63y7qmH41+XY893WGh/Tx8AgO+03wcAAP//BZNu0Q==") mkdirat(0xffffffffffffff9c, &(0x7f0000000900)='./file0/file0\x00', 0x62) 2m8.298301741s ago: executing program 33 (id=11033): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c00010429bd7000ffdbdf2507000000", @ANYRES32=r0, @ANYBLOB="e0ff8b0a0a0002"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040040) 30.528613428s ago: executing program 4 (id=12318): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, 0x0, &(0x7f000000e140)) 30.264487243s ago: executing program 4 (id=12320): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=@newtaction={0x68, 0x30, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [{0x54, 0x1, [@m_simple={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'sit\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x6, 0x9, 0x10000000, 0x6, 0x6}}]}, {0x2}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x40) 30.015647227s ago: executing program 4 (id=12324): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, &(0x7f0000000080)={0x0, 0x7ff}) 29.856658097s ago: executing program 4 (id=12326): syz_mount_image$exfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002a00)={[{@dmask={'dmask', 0x3d, 0x8}}, {@namecase}, {@dmask={'dmask', 0x3d, 0x6}}, {@utf8}, {@dmask={'dmask', 0x3d, 0x80}}, {@keep_last_dots}, {@keep_last_dots}, {@sys_tz}, {@namecase}, {@keep_last_dots}]}, 0x1, 0x153b, &(0x7f0000000340)="$eJzs3AucTlXXAPC19t5nDImnSS7D3nsdnuSyTZLkkiSXJEmSJLeEpEleSUgMIUlDEpLLkMQQksvEpHG/3y8JSdIkSUhuyf5+E37qrb73/b73/fL+vln/3+/87DXnrH3WedZznuecg/m269BaTWpXb0RE8C/BC38kAUAsAAwEgLwAEABA+bjycYAB5JSY9K/thP17PZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/x1z/+Bn///x+Hv//9HMsuM/XJNmeu6AcT8sync/+yN+///VvDPbMT9z964/9lV7JUugP0H4PM/O8jxp2u4/9kb95+x7OxKP3++0gtE/sNegyM5LzTmrzp+xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsL3DaX6YA4NL4StfFGGOMMcYYY4yxfx+f40pXwBhjjDHGGGOMsf97CAIkKAggBnJALOSEXCAA4GrIA3khAtdAHFwL+eA6yA8FoCAUgngoDEVAgwELBCEUhWIQheuhONwAJaAklILS4KAMJMCNUBZugnJwM5SHW6AC3AoVoRJUhipwG1SF26Ea3AHV4U6oATWhFtSGu6AO3A114R6oB/dCfbgPGsD90BAegEbwIDSGh6AJPAxN4RFoBs2hBbSEVv+r/OehJ7wAvaA3JEEf6AsvQj/oDwPgJRgIL8MgeAUGw6uQDENgKLwGw+B1GA5vwAgYCaPgTRgNb8EYGAvjYDykwASYCG/DJHgHJsO7MAWmQipMg+nwHsyAmTAL3ofZ8AHMgbkwD+ZDGnwIC2AhpMNHsAg+hgxYDEtgKSyD5bACVsIqWA1rYC2sg/WwATbCJtgMW2ArbIPtsAM+gZ3wKeyC3bAHPoO98Pmv8gGSfunnf5d/6u/yuyEgoECBChXGYAzGYizmwlyYG3NjHsyDEYxgHMZhPsyH+TE/FsSCGI/xWASLoEGDhIRFsShGMYrFsTiWwBJYCkuhQ4cJmIBl8SYsh+WwPJbHClgBK2IlrIRVsApWxapYDathdayONbAG1sJaeBfehX2wLtbFelgP62P9S4+nsBE2wsbYGJtgE2yKTbEZNsMW2AJbYStsja2xDbbBdtgO22N77IAdMBETsSN2xE7YCTtjZ+yCXbArdsVu2B27Zz6fA/AFfAF7Yw3RB/tiX+yHyTkG4Ev4Er6Mg/AVfAVfxWQcgkPxNXwNX8fheBJH4EgchaOwqngLx+BYJDEeUzAFJ+JEnISTMKvQd3EqpuI0nI7TcQbOxJn4Ps7GD/ADnItzcT6mYRouwIWYjum4CE9hBi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+gAsBPcTfuxmTci3txH+7D/bgfD+ABzMRMPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hs/NeNPym5OhlEFiWUiBExIlbEilwil8gtcos8Io+IiIiIE3Ein8gn8ov8oqAoKOJFvCgiiggjjCARxgCAiIqoKC6KixKihCglSgknnEgQCaKsKCvKiXKivLhFVBC3ioqikmjrqogqoqpo56qJO0R1UV3UEDVFLVFb1BZ1RB1RV9QV9UQ9UV/UFw3E/aKh6IMD8EGR1ZkmYgg2FUOxmWgu5MVPsNZiOLYRbUU78bgYiSOwg2jtEsVToqMYg53E38RYfEZ0EeOxq3hOdBPdRQ/xvOgp2rheoreYjH1EXzEV+4n+YoB4SczAmuJ9nJ2zlnhVJIshYqh4TczH18Vw8YYYIUaKUeJNMVq8JcaIsWKcGC9SxAQxUbwtJol3xGTxrpgipopUMU1MF++JGWKmmCXeF7PFB2KOmCvmifkiTXwoFoiFIl18JBaJj0WGWCyWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLnaIT8RO8anYJXaLPeIzsVd8LvaJL8R+8aU4IL4SmeJrcVB8Iw6Jb8Vh8Z04Ir4XR8UxcVz8IE6IH8VJcUqcFmfEWfGTOCd+FueFFyBRCimlkoGMkTlkrMwpc8mrZG4ZXHx1r5Fx8lqZT14n88sCsqAsJONlYVlEammklSRDWVQWk1F5vSwub5AlZElZSpaWTpaRCfJGWVbeJMvJm2V5eYusIG+VFWUlWVlWkbfJqvJ2CZEL+6gha8pasra8SybB3bKuvEfWk/fK+vI+2UDeLxvKB2Qj+aBsLB+STeTDsql8RDaTzWUL2VK2ko/K1vIx2Ua2le3k47K9fEJ2kE/KRPmU7Cj9xbfIM7KLfFZ2lc/JbrK77CF/luell71kbwl9QPaVL8p+sr8cEAsA8mU5SL4iB8tXZbIcIofK1+Qw+bocLt+QI+RIOUq+KUfLt+QYOVaOk+NlipwgJ8q35ST5jpws35VT5FSZKqfJAXLgLzPNkvIf5r/9B/mDf9n7RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tzF1wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vvmFUKVVaOVVGJagb/yf5qri6QZVQJX+Tf6m+pD+pr5VqpVqr1qqNaqPaqXaqvWqvOqgOKlElqo6qo+qkOqnOqrPqorqorqqr6qa6qR6qh+qpeqpeqpdKUkmqr3pR9VP91QD1khqoXlaD1CA1WA1WySpZDVVD1TA1TA1Xw9UINUKNUqPUaDVajVFj1Dg1TqWoFDVRTVST1CQ1WU1WU9QUlapS1XQ1Xc1QM9QsNUvNVrPVHDVHzVPzVJpKUwvUApWu0tUitUhlqMVqsVqqlqrlarlaqVaq1Wq1WqvWqvVqvcpQm9QmtUVtUdvUNrVD7VA71U61S+1Se9QetVftVfvUPrVf7VcH1AGVqTLVQXVQHVKH1GF1WB1RR9RRdVQdV8fVCXVCnVQn1Wl1Wp1VZ9U5dU6dV+ezLvsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBdcF+QPCgQFg0JBfFA4KBLowAQ2EBebHg2uD4oHNwQlgpJBqaB04IIyQUJwY1A2uCkoF9wclA9uCSoEtwYVg0pB5aBKcFtQNbg9qBbcEVQP7gxqBDWDWkHt4K6gTnB3UDe4J6gX3BvUD+4LGgT3Bw2DB4JGwYNB4+ChoEnwcNA0eCRoFjQPWgQtg1b/4vxZp/zl+b0/WeAx10v31km6j+6rX9T9dH89QL+kB+qX9SD9ih6sX9XJeogeql/Tw/Trerh+Q4/QI/Uo/aYerd/SY/RYPU6P1yl6gp6o39aT9Dt6sn5XT9FTdaqepqfr9/QMPVPP0u/r2foDPUfP1fP0fJ2mP9QL9EKdrj/Si/THOkMv1kv0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/Qneqf+VO/Su/Ue/Zneqz/X+/QXer/+Uh/QX+lM/bU+qL/Rh/S3+rD+Th/R3+uj+pg+rn/QJ/SP+qQ+pU/rM/qs/kmf0z/r89pnXdxnfb0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSafyWfym/ymoClo4k28KWKKmCxkyBQ1RU3URE1xU9yUMCVMKVPKOONMgkkwZU1ZU86UM+VNeVPBVDAVTUVT2VQ2t5nbzO3mdnOHucPcae40NU1NU9vUNnVMHVPX1DX1TD1T39Q3DUwD09A0NI1MI9PYNDZNTBPT1DQ1zUwz08K0MK1MK9PatDZtTBvTzrQz7U1708F0MIkm0XQ0HU0n08l0Np1NF9PFdDVdTTfTzfQwPUxP09P0Mr1MkkkyfU1f08/0MwPMADPQDDSDzCAz2Aw2ySbZDDVDzTAzzAw3w80IM9KMyrpQNW+ZMWasGWfGmxSTYiaaiWaSmWQmm8lmipliUk2qmW6mmxlmhpllZpnZZraZY+aYeWaeSTNpZoFZYNJNullkFpkMk2GWmCVmmVlmVpgVZpVZZdaYNWYdrDMbzAazyWwyW8wWs81sMzvMDrPT7DS7zC6zx+wxe81es8/sM/vNfnPAHDCZJtMcNAfNIXPIHDaHzRFzxBw1R81xc9ycMCfMSXPSnDanzVlT4OL3pTexNqfNZa+yue3VNo/Na/8+LmgL2Xhb2Bax2ua3BX4TG2ttCVvSlrKlrbNlbIK98XdxRVvJVrZV7G22qr3dVvtdXMfebevae2w9e6+tbe/6TVzf3mcb2IdtQ0QA29w2ti1tE/uwbWofsc1sc9vCtrTt7RO2g33SJtqnbEf79O/iBXahXWVX2zV2rd1ld9vT9ow9ZL+1Z+1PtpftbQfal+0g+4odbF+1yXbI7+JR9k072r5lx9ixdpwd/7t4ip1qU+00O92+Z2fYmb+L0+yHdrZNt3PsXDvPzv8lzqop3X5kF9mPbYYNYIldapfZ5XaFXXmpVp/Xrrcb7Ea7035qt9itdpvdbndcuhC2u+0e+5ndaz+3B+03dr/90h6wh22m/fqXOOv4Dtvv7BH7vT1qj9nj9gd7wv6oLmVnHfsP9md73noLhAQkSVFAMZSDYikn5aKrKDddTXkoL0XoGoqjaykfXUf5qQAVpEIUT4WpCGkyZIkopKJUjKJ0PV0qrxSVJkdlKIFupLJ0E5Wjm6k83UIV6FaqSJWoMlWh26gq3U7V6A6qTndSDapJtag23UV16G6qS/dQPbqX6tN91IDup4b0ADWiB6kxPURN6GFqSo9QM2pOLagltaJHqTU9Rm2oLbWjx6k9PUEd6ElKpKeoIz1Nnehv1JmeoS70LHWl56gbdace9Dz1pBeoF/WmJOpDfelF6kf9aQC9RAPpZRpEr9BgepWSaQgNpddoGL1Ow+kNGkEjaRS9SaPpLRpDY2kcjacUmkAT6W2aRO/QZHqXptBUSqVpNJ3eoxk0k2bR+zSbPqA5NJfm0XxKow9pAS2kdPqIFtHHlEGLaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtAntJM+pV20m/bQZ7SXPqd99AXtpy/pAH1FmfQ1HaRv6BB9S4fpO9+bvqejdIyO0w90gn6kk3SKTtMZOks/0Tn6mc6TJwgxFKEMVRiEMWGOMDbMGeYKrwpzh1eHecK8YSS8JowLrw3zhdeF+cMCYcGwUBgfFg6LhDo0oQ0pDMOiYbEwGl4fFg9vCEuEJcNSYenQhWXChPDGsGx4U1guvDksH94SVghvDSuGlcKH760S3hZWDW8Pq4V3hNXDO8MaYc2wVlg7vCusE94d1g3vCeuF94blwvvCBuH9YcPwgbBR+GDYOHwobBI+HDYNHwmbhc3DFmHLsFX4aNg6fCxsE7YN24WPh+3DJ8IO4ZNhYvhU2DF8+pf19y388/VJYZ+wb/hi+GLo/T1yXnR+NC36YXRBdGE0PfpRdFH042hGdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3Rj1PvaOcChE0465QIX43K4WJfT5XJXudzuapfH5XURd42Lc9e6fO46l98VcAVdIRfvCrsiTjvjrCMXuqKumIu6611xd4Mr4Uq6Uq60c66MS3AtXSvXyrV2j7k2rq1r5x53j7sn3BPuSfeke8p1dE+7Tu5vrrN7xnVxz7pn3XOum+vuerjnXU83Ic+FczLJ9XV9XT/Xzw1wA9xAN9ANcoPcYDfYJbtkN9QNdcPcMDfcDXcj3Ag3yo1yo91oN8aNcePcOJfiUtxEN9FNcpPcZDfZTXFTXKpLddPddDfDzXBVZ17Yyxw3x81z81yaS3MLXNY1Y7pb5Ba5DJfhlrglbplb5la4FW6VW+XWuDVunVvnNrgNbpPb5La4LW6b2+Z2uB1up9vpdvm8FyZ1e90+t8/td/vdAfeVy3Rfu4PuG3fIfesOu+/cEfe9O+qOuePuB3fC/ehOulPutDvjzrqf3Dn3szvvvEuJTIhMjLwdmRR5JzI58m5kSmRqJDUyLTI98l5kRmRmZFbk/cjsyAeROZG5kXmR+ZG0yIeRBZGFkfTIR5FFkY8jGZHFkSWRpZFlkeUR7wtvCX1RX8xH/fW+uL/Bl/AlfSlf2jtfxif4G31Zf5Mv52/25f0tvoK/1Vf0lXxl/4hv5pv7Fr6lb+Uf9a39Y76Nb+vb+cd9e/+E7+Cf9In+Kd/RP+07+b/5zv4Z38U/67v653w339338M/7nv4F38v39km+j+/rX/T9fH8/wL/kB/qX/SD/ih/sX/XJfogf6l/zw/zrfrh/w4/wI/2omDf96Eu3yDDep/gJfqJ/20/y7/jJ/l0/xU/1qX6an+7f8zP8TD/Lv+9n+w/8HD/Xz/PzfZr/0C/wC326/8gv8h/7DL/40kNlv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8dr/Df+J3+k/9Lr/b7/Gf+b3+c7/Pf+H3+y/9Af+Vz/Rf+4P+G3/If+sP++/8Ef+9P+qP+eP+B3/C/+hP+lP+tD/jz/qf/Dn/sz/P/2eNMcYYY+yfMuHyUPx2zYXH+X3+IEf8auO+AHD11kKZv16fdUW5Lv+FcX8R3z4CAE/17vrgpaVGjaSkpIvbZkgIis0FuPQ3QVli4HK8GNrBE5AIbaHsH9bfX3Q/S/9g/ugtALl+lRMLl+PL838BgEl/MP+jj49aUCE8HfffzD8XoESxyzk54XK8GNr98nylLZT7k/oLtP6T+vHi/Dm/TAFo86uc3HA5vlx/AjwGT0Pib7ZkjDHGGGOMMcYu6C8qd750/3npX3z+0f15vLqckwMux//o/pwxxhhjjDHGGGNX3jPdezz5aGJi287/80G1/1XWPz1oCv9XM/PgDwfeA1z6iQKAf3FCgKyB/CuPYvNfsq/ki6fO369adsYH8J/Ryn/H4Ap/MDHGGGOMMcb+7S5f9P/25+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVDf8WvE7vSx8gYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xdaf8VAAD//3aq+3A=") mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) 29.327975347s ago: executing program 4 (id=12333): r0 = socket(0xa, 0x2400000001, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x10000000000030, 0x0, &(0x7f0000e5f000)=0x90) 28.75783794s ago: executing program 4 (id=12340): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000044000000030a01030000000000000000050000000900010073797a300000000008000b4000000002140004800800024000000012080001400000000008000540fffffffc"], 0x8c}}, 0x0) 28.433107259s ago: executing program 34 (id=12340): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000044000000030a01030000000000000000050000000900010073797a300000000008000b4000000002140004800800024000000012080001400000000008000540fffffffc"], 0x8c}}, 0x0) 2.384511621s ago: executing program 1 (id=12539): r0 = syz_open_dev$loop(&(0x7f0000000100), 0xd5d1, 0x0) fsetxattr$security_capability(r0, &(0x7f0000000140), 0x0, 0x0, 0x0) 2.155835635s ago: executing program 1 (id=12542): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r0, 0x104, 0x3, 0x0, &(0x7f0000000040)) 2.144982855s ago: executing program 5 (id=12544): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)={0x1c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x1000000, 0x0, 0x24004800}, 0x4) 1.912069539s ago: executing program 1 (id=12546): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x10, 0x701, 0xfffffffc, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x14\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 1.861880502s ago: executing program 6 (id=12547): setreuid(0x0, 0xee01) setresuid(0x0, 0xee01, 0x0) 1.861713692s ago: executing program 5 (id=12548): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc0202103, &(0x7f0000000080)={r0, 0x3cd, 0x5, 0x6}) 1.714160761s ago: executing program 1 (id=12549): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3a, 0x0, 0x0) 1.697254592s ago: executing program 5 (id=12550): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="e1ffffff00"}) 1.656487954s ago: executing program 6 (id=12551): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, 0x0, 0x0) 1.506084322s ago: executing program 1 (id=12553): ioperm(0x0, 0x2, 0x7e) futex_waitv(&(0x7f0000001d40)=[{0xc43d, 0x0, 0x2}], 0x1, 0x0, 0x0, 0x2) 1.423034257s ago: executing program 6 (id=12554): r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {0x2b, 0x1}, 0x9, 0xe4, 0x0, 0x1e, 0x10001, 0x2, 0x0, 0x8e57, 0x6, 0x0}) 1.400331869s ago: executing program 5 (id=12555): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) write(r0, &(0x7f0000000000)="1546b2000000000000008043f3526b13f78ada17aefbbfc13bc888a3a46e8f0e809292ee0739b4f20800b179aa901b5d50", 0x31) 1.340455622s ago: executing program 3 (id=12556): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_proto_private(r0, 0x8993, &(0x7f0000000080)="f5bb3a") 1.329912433s ago: executing program 1 (id=12557): syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000002"], 0x0) syz_usb_connect$uac1(0x3, 0xa2, &(0x7f0000000040)=ANY=[@ANYBLOB="12011001000000406b1d01014000010203010902900003010380000904000000010100000a24010f00030201020c2402060602040c0032a304090401000001020000090401010101020000072401200404000c2402010201400f0a3b4725090501090000f7090607250183020c00090402000001030000090402010101020000072401"], 0x0) 1.184966381s ago: executing program 5 (id=12558): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000140)='./file1\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x4453, &(0x7f0000008900)="$eJzs3c9vG1kdAPDvONndpGx3k2UPi4SEJVYCAYqSPQFZiTRNm022oahAhbi4TuK2ASeuEgdxqES4VeKExAFxqEDillOVf6D8CVw4lnMlOCAhJKSKINvjxDPxEKfE7bb6fA6Z+P12vvNm3hwmr5Rq3t3YKW/slKtb5UZye+ej8s8a9d3NWpRekN7+17r9v/Hi+mcwfeNUfJ7E3vm3yTm6fvnq929+FPGn9b88PTw8PIyW0ehrpuf3f/3j/lrvsauUq9Nqt39r5+XHEfH+iXG1jETEj9IBXUrT5tPjeERcjIgkIm7e/9Wt8tk6HSnKePSk9nHl2cqDg9kPl/cfHhR/9yTid/UvfOPO5t++PDL716+drXsAAAAAAAAAAAAAAAAAAF5Xizeu//B70zPxOInR/eTk+7qL6bHo/djDc/Ol4X9ZAAAAAAAAAAAAAAAAAAAA+Iw6fv+/nLzX5/3/hfQ4V1D/8DsFGW+d7zgZjqXvXl+4Mj2T7v+enMj/Zpr090sjMdln3/f8/u+XcvX77/+eNlq4i/rguuPr9jsRSWnq8BdH+RNRKk1NRfwh3fj9g+RCqd7YaX79dmN3a/3/7/9Vl41/Z7P8zFmQ7p8/aPznc+0Pf///z0f+rG19vnXyVKaPbPyLJ+Qff5kMFP/LuXrNfw4//jy/bPxH22njvQXmOheAVvx/PXp6/Bdy7Q9r/r8TEeWkNdZy5grQWsO00ovWK2Rl4/9GOy1z6Uz/kEXz/9+5+F/JtV8U/3fP7Rv0v/7v5W9E9JWN/5vttLFMieP5P1k6ff5fzbX/Mu7/rfHvuf8PJBv/9KFtNFOk/Zcc9Pq/mGt/6PF/J8mcAftJZ/xF/6+OrGz8x07kHz//lQZa/32Sq/8/n//OQXd83X7bz389zyFfTTrPf/SXjf94YblB5/9Srt6w5/9ce/3H88rG/0I7Lbt2nmj/HDT+y7n2B4z/m2cdd3tVMtaN//H15D9vddJ/b/03kGz8P9cnFHvtn+31X3L6+v/TXO2Xsf5rnRx7peH2+rrIxv/twnKt+P95gPv/tVy94cc/Ytpa/7ll43+xsFx7/o+dHv+VXL1hx/8rw2wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4BUwnx4nIilNRcT40edSaWoq4nL6+YO4kKxW1yur9cbaT3ciFtL0cryX3Kk3Vqv1ysZWY71WqdbrjbWIK2n++zGW7NQbzcpm9d7Vo7bGk7u16nZztVZtRsRimv7FuNhta3WjuVm9FxGfHOW9W2ps37tb3aqsb2x/e3p6ejqWjsYwmdR+3qxtNTu9d3Ijlo/qTiQ9g2tnf3o0lreTnzR2t7eq9Xb6tZ469cZatd5TZyXN+01MJs3t3a21arNWqTfudPt7mebS48LSjR/cuDZzIv9W0jnOv9hhAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBGj2e/9duIGO18KkXEXPeXpF/5R09qH1eerTw4mP1wef/hwdOicgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwX3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coFQNRFEDfjIUKFi7DKiSdbYIiWhgRXIEuw8XEpbgJ92BhYWshgpkBjX5I8X93TvMgl5l3IQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKxzcTve3bRdRIqDz/2I54eX15/5VZnTMM+8OL+3vPBod13Zvsvr8ey87cp/T3/y0/Lprc/f6cf74338M6un4ff55Xua1T2HG3tNw7r+tV/dexwpNxHRl/wk5dw06+4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgix04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswLEAAAAAgDB/6yj6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXwEAAP//aZ8flA==") mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) 1.103732326s ago: executing program 6 (id=12559): r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) sendfile(r0, r0, 0x0, 0x1) 857.3979ms ago: executing program 3 (id=12560): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90124fc601006034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 856.66784ms ago: executing program 6 (id=12561): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xf0, &(0x7f0000000000), &(0x7f0000000240)=0x4) 629.519834ms ago: executing program 3 (id=12562): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001000)=ANY=[@ANYBLOB="70010000100033060000000000000000fc000000000000000000000000000000ffffffff00000000000000000000000000004000000080040000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414000000000000000000000000000000000032000000fe80000000000000000000000000001a27030000000000000000000000000000fdffffffffffffff0000000000000000ff0f000000000000fcffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008f000000000000000000000029bd7000000000000a00040000000000000000001c00200000004e2200000000ac1414bb00000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00040002"], 0x170}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 597.767145ms ago: executing program 6 (id=12563): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000540)=ANY=[@ANYBLOB="1201000088945b406d04b6088eca0000000109021200017f00c0000904"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 354.98909ms ago: executing program 3 (id=12564): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, 0x0) 224.087427ms ago: executing program 3 (id=12565): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x10, 0x0, 0x0) 654.39µs ago: executing program 5 (id=12566): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, &(0x7f00000002c0)) 0s ago: executing program 3 (id=12567): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x1c, 0x3c, 0x107, 0x0, 0x0, {0x3, 0x7c}, [@typed={0x8, 0x55, 0x0, 0x0, @u32}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0xc004) kernel console output (not intermixed with test programs): bytes leftover after parsing attributes in process `syz.3.11072'. [ 938.174008][ T914] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 938.192634][ T914] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 938.216982][ T914] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 938.317095][ T914] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 938.453857][ T914] hsr_slave_0: entered promiscuous mode [ 938.469858][ T914] hsr_slave_1: entered promiscuous mode [ 938.699506][ T1269] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap4 [ 938.739117][ T1269] ip6gretap4: entered allmulticast mode [ 938.843167][ T1162] xfrm0 speed is unknown, defaulting to 1000 [ 938.931732][ T1162] C speed is unknown, defaulting to 1000 [ 939.149673][ T1350] netlink: 'syz.1.11083': attribute type 1 has an invalid length. [ 939.167730][ T1350] netlink: 'syz.1.11083': attribute type 2 has an invalid length. [ 939.571709][ T914] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 939.629072][ T914] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 939.646462][ T914] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 939.672621][ T1414] binder: Bad value for 'stats' [ 939.680053][ T914] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 939.862428][ T1162] chnl_net:caif_netlink_parms(): no params data found [ 939.948310][T19703] Bluetooth: hci4: command tx timeout [ 939.948579][ T921] Bluetooth: hci5: command tx timeout [ 940.331558][ T1162] bridge0: port 1(bridge_slave_0) entered blocking state [ 940.377177][ T1162] bridge0: port 1(bridge_slave_0) entered disabled state [ 940.384511][ T1162] bridge_slave_0: entered allmulticast mode [ 940.403909][ T1162] bridge_slave_0: entered promiscuous mode [ 940.414921][ T1508] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode active-backup(1) [ 940.429727][ T1162] bridge0: port 2(bridge_slave_1) entered blocking state [ 940.438053][ T1162] bridge0: port 2(bridge_slave_1) entered disabled state [ 940.445343][ T1162] bridge_slave_1: entered allmulticast mode [ 940.453674][ T1162] bridge_slave_1: entered promiscuous mode [ 940.560593][ T1162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 940.600102][ T1162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 940.626425][ T914] 8021q: adding VLAN 0 to HW filter on device bond0 [ 940.735831][ T1162] team0: Port device team_slave_0 added [ 940.806498][ T1162] team0: Port device team_slave_1 added [ 940.863016][ T914] 8021q: adding VLAN 0 to HW filter on device team0 [ 940.885814][ T1162] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 940.901850][ T1162] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 940.945146][ T1162] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 940.981969][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state [ 940.989198][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 941.043837][T15195] bridge0: port 2(bridge_slave_1) entered blocking state [ 941.051053][T15195] bridge0: port 2(bridge_slave_1) entered forwarding state [ 941.063950][ T1579] netlink: 'syz.1.11107': attribute type 1 has an invalid length. [ 941.087829][ T1162] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 941.094833][ T1162] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 941.187182][ T1162] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 941.335395][ T1162] hsr_slave_0: entered promiscuous mode [ 941.376179][ T1162] hsr_slave_1: entered promiscuous mode [ 941.397978][ T1162] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 941.415312][ T1162] Cannot create hsr debugfs directory [ 941.531654][ T1626] netlink: 52 bytes leftover after parsing attributes in process `syz.3.11113'. [ 941.637566][ T914] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 942.027439][T19703] Bluetooth: hci5: command tx timeout [ 942.033010][ T921] Bluetooth: hci4: command tx timeout [ 942.146773][ T1162] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 942.156628][ T1610] loop1: detected capacity change from 0 to 32768 [ 942.191062][ T1162] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 942.222528][ T1610] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.11112 (1610) [ 942.250614][ T1162] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 942.275586][ T1162] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 942.290069][ T1610] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 942.311274][ T1610] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 942.345944][ T1610] BTRFS info (device loop1): using free space tree [ 942.381135][ T914] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 942.457212][ T787] usb 4-1: new high-speed USB device number 61 using dummy_hcd [ 942.507890][ T1610] BTRFS info (device loop1): enabling ssd optimizations [ 942.531978][ T1610] BTRFS info (device loop1): auto enabling async discard [ 942.631752][ T1162] 8021q: adding VLAN 0 to HW filter on device bond0 [ 942.647330][ T787] usb 4-1: Using ep0 maxpacket: 16 [ 942.698160][ T787] usb 4-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 942.708209][ T5777] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 942.734769][ T787] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 942.744652][ T1162] 8021q: adding VLAN 0 to HW filter on device team0 [ 942.775749][ T787] usb 4-1: Product: syz [ 942.782098][ T787] usb 4-1: Manufacturer: syz [ 942.786792][ T787] usb 4-1: SerialNumber: syz [ 942.822819][ T787] usb 4-1: config 0 descriptor?? [ 942.849613][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 942.856782][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 942.979189][T15195] bridge0: port 2(bridge_slave_1) entered blocking state [ 942.986606][T15195] bridge0: port 2(bridge_slave_1) entered forwarding state [ 943.087522][ T787] speedtch 4-1:0.0: speedtch_bind: data interface not found! [ 943.094994][ T787] speedtch 4-1:0.0: usbatm_usb_probe: bind failed: -19! [ 943.354692][ T787] usb 4-1: USB disconnect, device number 61 [ 943.446191][ T914] veth0_vlan: entered promiscuous mode [ 943.502141][ T914] veth1_vlan: entered promiscuous mode [ 943.581946][ T914] veth0_macvtap: entered promiscuous mode [ 943.612884][ T914] veth1_macvtap: entered promiscuous mode [ 943.676659][ T1162] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 943.695315][ T914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 943.707808][ T914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 943.719528][ T914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 943.730387][ T914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 943.743161][ T914] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 943.758607][ T914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 943.770181][ T914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 943.780623][ T914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 943.803188][ T914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 943.813560][ T914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 943.834053][ T914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 943.858404][ T914] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 943.883158][ T914] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 943.892863][ T914] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 943.917127][ T914] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 943.931956][ T914] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 944.107979][ T921] Bluetooth: hci4: command tx timeout [ 944.113482][ T921] Bluetooth: hci5: command tx timeout [ 944.360822][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 944.380349][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 944.514609][T15195] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 944.552541][T15195] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 944.691946][ T1162] veth0_vlan: entered promiscuous mode [ 944.750058][ T1162] veth1_vlan: entered promiscuous mode [ 944.816722][ T1817] loop3: detected capacity change from 0 to 64 [ 944.834326][ T1162] veth0_macvtap: entered promiscuous mode [ 944.875932][ T1162] veth1_macvtap: entered promiscuous mode [ 944.970651][ T1162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 945.010932][ T1162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 945.067403][ T1162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 945.083076][ T1162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 945.114229][ T1162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 945.126415][ T1825] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11129'. [ 945.130737][ T1162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 945.166507][ T1162] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 945.215698][ T1162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 945.273315][ T1162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 945.305150][ T1162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 945.337373][ T1162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 945.362456][ T1162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 945.388082][ T1162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 945.438887][ T1162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 945.450304][ T1162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 945.463347][ T1162] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 945.551054][ T1162] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 945.577977][ T1162] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 945.597420][ T1162] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 945.606216][ T1162] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 945.902613][T30328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 945.931319][T30328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 945.948002][ T1862] netlink: 96 bytes leftover after parsing attributes in process `syz.4.11139'. [ 946.048445][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 946.087455][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 946.189872][ T921] Bluetooth: hci5: command tx timeout [ 946.422271][ T1892] loop5: detected capacity change from 0 to 64 [ 946.487441][ T787] usb 4-1: new high-speed USB device number 62 using dummy_hcd [ 946.534898][ T1895] loop4: detected capacity change from 0 to 4096 [ 946.614692][ T1900] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 946.677098][ T787] usb 4-1: Using ep0 maxpacket: 32 [ 946.698222][ T787] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 946.727644][ T787] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 946.745730][ T787] usb 4-1: Product: syz [ 946.750711][ T787] usb 4-1: Manufacturer: syz [ 946.760436][ T787] usb 4-1: SerialNumber: syz [ 946.773575][ T787] usb 4-1: config 0 descriptor?? [ 946.793243][ T787] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 947.205457][ T1920] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11151'. [ 947.222808][ T787] gspca_stk1135: reg_w 0x0 err -71 [ 947.242239][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 947.250378][ T1920] netlink: 16 bytes leftover after parsing attributes in process `syz.4.11151'. [ 947.270302][ T787] gspca_stk1135: Sensor write failed [ 947.276632][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 947.302736][ T787] gspca_stk1135: Sensor write failed [ 947.322066][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 947.331163][ T1885] loop1: detected capacity change from 0 to 32768 [ 947.337674][ T787] gspca_stk1135: Sensor read failed [ 947.340400][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 947.377158][ T787] gspca_stk1135: Sensor read failed [ 947.382432][ T787] gspca_stk1135: Detected sensor type unknown (0x0) [ 947.414360][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 947.415105][ T1885] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 947.446067][ T787] gspca_stk1135: Sensor read failed [ 947.452448][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 947.460849][ T787] gspca_stk1135: Sensor read failed [ 947.466138][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 947.474566][ T787] gspca_stk1135: Sensor write failed [ 947.480125][ T787] gspca_stk1135: serial bus timeout: status=0x00 [ 947.486602][ T787] gspca_stk1135: Sensor write failed [ 947.492205][ T787] stk1135: probe of 4-1:0.0 failed with error -71 [ 947.506332][ T787] usb 4-1: USB disconnect, device number 62 [ 947.541174][ T1885] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 947.620226][ T1936] netlink: 'syz.4.11152': attribute type 1 has an invalid length. [ 947.637106][ T1936] netlink: 224 bytes leftover after parsing attributes in process `syz.4.11152'. [ 947.692763][ T1885] (syz.1.11142,1885,0):ocfs2_remount:623 ERROR: Cannot change heartbeat mode on remount [ 948.000066][ T5777] ocfs2: Unmounting device (7,1) on (node local) [ 948.207642][ T1954] Cannot find del_set index 2 as target [ 948.628367][ T1969] netlink: 2 bytes leftover after parsing attributes in process `syz.4.11163'. [ 948.960952][ T1981] delete_channel: no stack [ 949.182618][ T1957] loop3: detected capacity change from 0 to 32768 [ 949.379297][ T1957] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 949.540134][ T1957] (syz.3.11160,1957,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=0, inode=0, rec_len=49, name_len=1 [ 949.587204][ T1957] (syz.3.11160,1957,1):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 949.620316][ T1957] (syz.3.11160,1957,1):ocfs2_symlink:1867 ERROR: status = -2 [ 949.631965][ T2012] qrtr: Invalid version 195 [ 949.639827][ T1957] (syz.3.11160,1957,1):ocfs2_symlink:2068 ERROR: status = -2 [ 949.824014][ T2018] netlink: 'syz.5.11176': attribute type 21 has an invalid length. [ 949.833733][ T2018] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11176'. [ 949.910449][ T5776] ocfs2: Unmounting device (7,3) on (node local) [ 950.025545][ T27] audit: type=1326 audit(2000000782.417:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2024 comm="syz.5.11180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8df39aeb9 code=0x7ffc0000 [ 950.117213][ T27] audit: type=1326 audit(2000000782.417:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2024 comm="syz.5.11180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8df39aeb9 code=0x7ffc0000 [ 950.207525][ T27] audit: type=1326 audit(2000000782.457:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2024 comm="syz.5.11180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7fa8df39aeb9 code=0x7ffc0000 [ 950.294389][ T27] audit: type=1326 audit(2000000782.457:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2024 comm="syz.5.11180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8df39aeb9 code=0x7ffc0000 [ 950.384794][ T27] audit: type=1400 audit(2000000782.487:320): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147C8A3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 950.617862][ T2052] x_tables: duplicate underflow at hook 4 [ 950.785639][ T2058] binder: 2056:2058 ioctl 400c620e ffffffffffffffff returned -14 [ 951.236001][ T2082] loop3: detected capacity change from 0 to 8 [ 951.271990][ T2086] netlink: 'syz.1.11198': attribute type 10 has an invalid length. [ 951.291918][ T2086] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11198'. [ 951.327113][ T2082] SQUASHFS error: lzo decompression failed, data probably corrupt [ 951.335024][ T2082] SQUASHFS error: Failed to read block 0x0: -5 [ 951.351762][ T2086] batman_adv: batadv0: Adding interface: virt_wifi0 [ 951.370798][ T2086] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 951.409281][ T2082] SQUASHFS error: lzo decompression failed, data probably corrupt [ 951.427635][ T2082] SQUASHFS error: Failed to read block 0x0: -5 [ 951.436367][ T27] audit: type=1800 audit(2000000783.827:321): pid=2082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.11197" name="file2" dev="loop3" ino=3 res=0 errno=0 [ 951.458931][ T2086] batman_adv: batadv0: Interface activated: virt_wifi0 [ 951.469486][ T2092] netlink: 'syz.4.11200': attribute type 30 has an invalid length. [ 951.517193][ T2092] netlink: 32 bytes leftover after parsing attributes in process `syz.4.11200'. [ 951.547358][ T2092] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 951.572524][ T2092] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 951.742184][ T2106] loop3: detected capacity change from 0 to 512 [ 951.810625][ T2106] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 951.862016][ T2106] EXT4-fs (loop3): 1 truncate cleaned up [ 951.878452][ T2106] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 952.173213][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 952.554592][ T2157] loop1: detected capacity change from 0 to 512 [ 952.589561][ T2157] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 952.650332][ T2157] EXT4-fs (loop1): 1 truncate cleaned up [ 952.657036][ T28] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 952.679818][ T2157] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 952.830184][ T5777] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 952.851409][ T28] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 952.863880][ T28] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 952.898300][ T28] usb 6-1: Product: syz [ 952.902549][ T28] usb 6-1: Manufacturer: syz [ 952.921127][ T28] usb 6-1: SerialNumber: syz [ 952.952403][ T28] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 952.998503][ T787] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 953.228520][ T2191] netlink: 'syz.3.11225': attribute type 1 has an invalid length. [ 953.254674][ T2191] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11225'. [ 953.418412][ T2196] loop4: detected capacity change from 0 to 4096 [ 953.469005][ T2196] ntfs: (device loop4): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 953.538188][T32465] usb 6-1: USB disconnect, device number 2 [ 953.565620][ T2196] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing. [ 953.587616][ T2196] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 953.610743][ T2196] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr. Mounting read-only. Run ntfsfix and/or chkdsk. [ 953.705818][ T2196] ntfs: volume version 3.1. [ 954.036614][ T2229] loop1: detected capacity change from 0 to 64 [ 954.039664][ T787] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 954.066786][ T787] ath9k_htc: Failed to initialize the device [ 954.096699][ T2229] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 954.100490][T32465] usb 6-1: ath9k_htc: USB layer deinitialized [ 954.214853][ T2229] minix_free_inode: bit 3 already cleared [ 954.782832][ T2275] netlink: 36 bytes leftover after parsing attributes in process `syz.5.11248'. [ 955.153398][ T2289] loop1: detected capacity change from 0 to 8 [ 955.215661][ T2291] loop5: detected capacity change from 0 to 764 [ 955.224632][ T2289] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 955.258689][ T2291] rock: directory entry would overflow storage [ 955.306098][ T2291] rock: sig=0x4654, size=5, remaining=4 [ 955.636446][ T2266] loop3: detected capacity change from 0 to 32768 [ 955.650607][ T2303] loop4: detected capacity change from 0 to 4096 [ 955.805366][ T2320] netlink: 'syz.5.11259': attribute type 21 has an invalid length. [ 955.837140][ T2320] netlink: 156 bytes leftover after parsing attributes in process `syz.5.11259'. [ 956.037622][T19321] usb 2-1: new high-speed USB device number 58 using dummy_hcd [ 956.220241][ T2334] loop4: detected capacity change from 0 to 512 [ 956.250675][T19321] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 956.265383][ T2334] EXT4-fs: Ignoring removed orlov option [ 956.273206][T19321] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 956.295453][T19321] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 956.306684][T19321] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 956.348137][ T2334] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 956.367171][T19321] usb 2-1: SerialNumber: syz [ 956.397058][ T2334] EXT4-fs (loop4): orphan cleanup on readonly fs [ 956.438512][ T2334] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.11262: bg 0: block 248: padding at end of block bitmap is not set [ 956.462663][ T2334] EXT4-fs (loop4): Remounting filesystem read-only [ 956.497124][ T2334] __quota_error: 3 callbacks suppressed [ 956.497141][ T2334] Quota error (device loop4): write_blk: dquota write failed [ 956.510489][ T2334] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 956.530887][ T2334] EXT4-fs (loop4): 1 truncate cleaned up [ 956.552374][ T2334] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 956.605421][T19321] usb 2-1: 0:2 : does not exist [ 956.635843][T19321] usb 2-1: unit 5: unexpected type 0x03 [ 956.704683][T19321] usb 2-1: USB disconnect, device number 58 [ 956.708590][ T2334] EXT4-fs: Ignoring removed orlov option [ 956.716365][ T2334] EXT4-fs: Cannot specify journal on remount [ 956.804337][ T914] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 956.925559][ T2356] loop3: detected capacity change from 0 to 4096 [ 956.939702][ T2356] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 956.968942][ T2356] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 957.017123][ T2356] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 957.038502][ T2356] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 957.053120][ T2356] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 957.066728][ T2356] ntfs: volume version 3.1. [ 957.084736][ T2356] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 957.130096][ T2356] ntfs: (device loop3): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 957.159397][ T2356] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 957.516383][ T2398] loop5: detected capacity change from 0 to 764 [ 957.599655][ T2398] 9pnet_fd: p9_fd_create_unix (2398): problem connecting socket: ./file0: -30 [ 957.644722][ T2396] loop3: detected capacity change from 0 to 4096 [ 957.717471][ T2396] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 957.942610][ T2396] ntfs3: loop3: failed to convert "c46c" to cp866 [ 958.148444][ T2428] netlink: 224 bytes leftover after parsing attributes in process `syz.5.11278'. [ 958.457022][T32465] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 958.598784][ T2411] loop1: detected capacity change from 0 to 32768 [ 958.647120][T32465] usb 4-1: Using ep0 maxpacket: 16 [ 958.654833][T32465] usb 4-1: config index 0 descriptor too short (expected 65, got 36) [ 958.663611][T32465] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 958.683203][T32465] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 958.714827][ T2411] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 958.735360][T32465] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 958.760160][T32465] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 958.769850][T32465] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 958.823830][ T2411] XFS (loop1): Ending clean mount [ 958.843838][T32465] usb 4-1: config 0 descriptor?? [ 958.896426][T32465] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input43 [ 958.924547][ T2411] XFS (loop1): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair. [ 958.975187][ T5129] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 959.045607][ T5129] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 959.081658][ T5129] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 959.140628][ T1714] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 959.150603][ T5777] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 959.203005][ T5129] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 959.272951][ T2431] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 959.338174][ T5129] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 959.360516][T32465] usb 4-1: USB disconnect, device number 63 [ 959.398029][ T5129] pxrc 4-1:0.0: pxrc_open - usb_submit_urb failed, error: -19 [ 959.491859][ T2506] loop5: detected capacity change from 0 to 64 [ 959.565536][ T2506] syz.5.11292: attempt to access beyond end of device [ 959.565536][ T2506] loop5: rw=0, sector=2590, nr_sectors = 2 limit=64 [ 959.623663][ T2506] Buffer I/O error on dev loop5, logical block 1295, async page read [ 959.652016][ T2506] syz.5.11292: attempt to access beyond end of device [ 959.652016][ T2506] loop5: rw=0, sector=2590, nr_sectors = 2 limit=64 [ 959.708789][ T2521] netlink: 80 bytes leftover after parsing attributes in process `syz.1.11289'. [ 959.727434][ T2506] Buffer I/O error on dev loop5, logical block 1295, async page read [ 959.786831][ T2524] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11293'. [ 959.985173][ T2533] loop5: detected capacity change from 0 to 512 [ 960.018250][ T2533] EXT4-fs: Ignoring removed nobh option [ 960.145265][ T2533] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13 [ 960.228451][ T2553] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11298'. [ 960.240284][ T2533] EXT4-fs error (device loop5): ext4_clear_blocks:883: inode #13: comm syz.5.11296: attempt to clear invalid blocks 1 len 1 [ 960.305318][ T2553] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11298'. [ 960.327910][ T2533] EXT4-fs (loop5): Remounting filesystem read-only [ 960.336418][ T2533] EXT4-fs (loop5): 1 truncate cleaned up [ 960.352224][ T2533] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 960.391099][ T2559] netlink: 'syz.1.11301': attribute type 11 has an invalid length. [ 960.547987][ T1162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 960.747796][ T2577] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.11304'. [ 961.030329][ T2556] loop4: detected capacity change from 0 to 32768 [ 961.138062][ T2556] jfs_strtoUCS: char2uni returned -22. [ 961.145054][ T2556] charset = cp932, char = 0xfc [ 961.574435][ T2621] syz.1.11316[2621] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 961.574586][ T2621] syz.1.11316[2621] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 962.001776][ T2589] loop3: detected capacity change from 0 to 32768 [ 962.105745][ T2589] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 962.273970][ T2589] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 962.319149][ T2670] loop4: detected capacity change from 0 to 16 [ 962.341012][ T2670] erofs: (device loop4): mounted with root inode @ nid 36. [ 962.356083][ T2670] erofs: (device loop4): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 86 [ 962.392535][ T2670] erofs: (device loop4): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 86 [ 962.447457][ T27] kauditd_printk_skb: 9 callbacks suppressed [ 962.447474][ T27] audit: type=1800 audit(2000000794.847:323): pid=2670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.11328" name="file1" dev="loop4" ino=86 res=0 errno=0 [ 962.510062][ T2589] XFS (loop3): Starting recovery (logdev: internal) [ 962.581425][ T2589] XFS (loop3): Ending recovery (logdev: internal) [ 962.607879][ T2589] XFS (loop3): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 962.635109][ T2589] XFS (loop3): Failed to initialize disk quotas. [ 962.818793][ T2589] XFS (loop3): AG 0: Corrupt btree 5 pointer at level 1 index 0. [ 962.826302][ T2698] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11332'. [ 962.852672][ T2698] netlink: 'syz.1.11332': attribute type 1 has an invalid length. [ 962.885543][ T2698] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11332'. [ 962.967275][ T5776] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 963.055971][ T2706] netlink: 'syz.1.11337': attribute type 27 has an invalid length. [ 963.577727][ T2736] loop5: detected capacity change from 0 to 64 [ 964.095678][ T2757] loop5: detected capacity change from 0 to 4096 [ 964.447134][ T2757] ntfs3: loop5: ino=9, attr_set_size [ 964.575327][ T2781] loop1: detected capacity change from 0 to 2048 [ 964.615975][ T2781] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 964.680591][ T2796] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 964.685710][ T2781] syz.1.11354: attempt to access beyond end of device [ 964.685710][ T2781] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 964.849047][ T2781] syz.1.11354: attempt to access beyond end of device [ 964.849047][ T2781] loop1: rw=0, sector=33554430, nr_sectors = 2 limit=2048 [ 964.907627][ T2781] NILFS (loop1): I/O error reading meta-data file (ino=6, block-offset=3) [ 965.064480][ T921] Bluetooth: hci5: unexpected cc 0x0c5b length: 5 > 1 [ 965.865699][ T2871] loop1: detected capacity change from 0 to 8 [ 965.923306][ T2871] SQUASHFS error: Unable to read inode 0xe3 [ 966.067137][ T9] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 966.104979][ T2883] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11375'. [ 966.250707][ T2888] loop1: detected capacity change from 0 to 512 [ 966.264832][ T9] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 966.278140][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 966.286317][ T9] usb 4-1: Product: syz [ 966.301369][ T2888] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 966.316472][ T9] usb 4-1: Manufacturer: syz [ 966.331297][ T9] usb 4-1: SerialNumber: syz [ 966.340612][ T2895] ip6t_REJECT: ECHOREPLY is not supported [ 966.372361][ T9] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 966.400335][T19321] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 966.957973][ T9] usb 4-1: USB disconnect, device number 64 [ 967.043834][ T2931] loop1: detected capacity change from 0 to 256 [ 967.115913][ T2931] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 967.488163][T19321] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 967.495304][T19321] ath9k_htc: Failed to initialize the device [ 967.533696][ T9] usb 4-1: ath9k_htc: USB layer deinitialized [ 968.326772][ T2994] netlink: 'syz.3.11404': attribute type 1 has an invalid length. [ 968.335572][ T2996] Cannot find del_set index 1 as target [ 968.423863][ T2964] loop5: detected capacity change from 0 to 32768 [ 968.484974][ T2964] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 scanned by syz.5.11394 (2964) [ 968.543683][ T2964] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 968.567168][ T2964] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm [ 968.598278][ T2964] BTRFS info (device loop5): force zlib compression, level 3 [ 968.627703][ T2964] BTRFS info (device loop5): force clearing of disk cache [ 968.653987][ T2964] BTRFS info (device loop5): setting nodatasum [ 968.672335][ T2964] BTRFS info (device loop5): allowing degraded mounts [ 968.691566][ T2964] BTRFS info (device loop5): enabling disk space caching [ 968.730099][ T2964] BTRFS info (device loop5): disk space caching is enabled [ 968.837143][ T2983] loop1: detected capacity change from 0 to 32768 [ 968.918638][ T2983] ea_get: invalid extended attribute [ 968.924527][ T2983] ffff88805a851ef0: 04 00 00 00 .... [ 968.955781][ T3023] loop3: detected capacity change from 0 to 2048 [ 968.962761][ T2964] BTRFS info (device loop5): auto enabling async discard [ 968.997618][ T2964] BTRFS info (device loop5): rebuilding free space tree [ 969.034053][ T3023] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 969.064561][ T2964] BTRFS info (device loop5): disabling free space tree [ 969.097382][ T2964] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 969.122426][ T3032] netlink: 324 bytes leftover after parsing attributes in process `syz.4.11410'. [ 969.137058][ T2964] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 969.155999][ T3034] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 969.547855][ T1162] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 969.740648][ T892] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop5 scanned by udevd (892) [ 970.007499][ T3066] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11420'. [ 970.057027][ T3066] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11420'. [ 971.047141][ T5849] usb 2-1: new high-speed USB device number 59 using dummy_hcd [ 971.257812][ T5849] usb 2-1: Using ep0 maxpacket: 16 [ 971.275461][ T5849] usb 2-1: config 3 has an invalid interface number: 12 but max is 0 [ 971.307759][ T5849] usb 2-1: config 3 has no interface number 0 [ 971.319367][ T5849] usb 2-1: config 3 interface 12 has no altsetting 0 [ 971.338964][ T5849] usb 2-1: string descriptor 0 read error: -22 [ 971.345312][ T5849] usb 2-1: New USB device found, idVendor=a156, idProduct=e35a, bcdDevice=74.ff [ 971.355042][ T5849] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 971.372862][ T3136] loop5: detected capacity change from 0 to 256 [ 971.390883][ T5849] usb-storage 2-1:3.12: USB Mass Storage device detected [ 971.429627][ T3136] exfat: Deprecated parameter 'namecase' [ 971.557598][ T3136] exfat: Deprecated parameter 'utf8' [ 971.592764][ T3136] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x22785e93, utbl_chksum : 0xe619d30d) [ 971.690885][ T5849] usb 2-1: USB disconnect, device number 59 [ 971.775982][ T3150] loop3: detected capacity change from 0 to 4096 [ 971.793476][ T3150] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 971.872769][ T3167] netlink: 'syz.5.11444': attribute type 3 has an invalid length. [ 972.173567][ T3172] loop5: detected capacity change from 0 to 4096 [ 972.195356][ T3172] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512). [ 972.307848][ T3144] loop4: detected capacity change from 0 to 32768 [ 972.374648][ T3172] ntfs3: loop5: Failed to initialize $Extend/$ObjId. [ 972.415318][ T3144] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 972.719775][ T3144] XFS (loop4): Ending clean mount [ 973.077384][ T914] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 973.294621][ T3232] loop1: detected capacity change from 0 to 512 [ 973.339249][ T3232] EXT4-fs: Ignoring removed mblk_io_submit option [ 973.358968][ T3232] EXT4-fs (loop1): orphan cleanup on readonly fs [ 973.365607][ T3232] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 973.413242][ T3232] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.11461: attempt to clear invalid blocks 2 len 1 [ 973.465647][ T3232] EXT4-fs (loop1): Remounting filesystem read-only [ 973.521488][ T3232] EXT4-fs (loop1): 1 truncate cleaned up [ 973.563394][ T3232] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 973.782707][ T5777] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 973.951183][ T3259] kAFS: unable to lookup cell '/,' [ 974.537097][ T27] audit: type=1326 audit(2000000806.927:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3290 comm="syz.1.11479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 974.628294][ T27] audit: type=1326 audit(2000000806.927:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3290 comm="syz.1.11479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 974.727406][ T27] audit: type=1326 audit(2000000806.957:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3290 comm="syz.1.11479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 974.812055][ T27] audit: type=1326 audit(2000000806.957:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3290 comm="syz.1.11479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 974.907153][ T27] audit: type=1326 audit(2000000806.957:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3290 comm="syz.1.11479" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 974.979772][ T3312] loop1: detected capacity change from 0 to 16 [ 975.019502][ T3312] erofs: (device loop1): mounted with root inode @ nid 36. [ 975.040360][ T3312] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 25964 @ lcn 143 of nid 36 [ 975.094093][ T3312] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 975.112609][ T3312] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 25964 @ lcn 143 of nid 36 [ 975.153562][ T3312] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 975.175611][ T3312] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 71 of nid 36 [ 975.281704][ T3326] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on [ 975.420078][ T3356] loop3: detected capacity change from 0 to 8 [ 975.444886][ T3356] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 975.493862][ T2351] udevd[2351]: incorrect cramfs checksum on /dev/loop3 [ 975.537568][ T3356] cramfs: Error -5 while decompressing! [ 975.543241][ T3356] cramfs: ffffffff973f7368(26)->ffff888054118000(4096) [ 975.595307][ T3356] cramfs: Error -3 while decompressing! [ 975.611170][ T3356] cramfs: ffffffff973f7382(26)->ffff8880b4d62000(4096) [ 975.624832][ T3356] cramfs: Error -3 while decompressing! [ 975.639145][ T892] udevd[892]: incorrect cramfs checksum on /dev/loop3 [ 975.667206][ T3356] cramfs: ffffffff973f739c(16)->ffff88805be6f000(4096) [ 975.688750][ T3356] cramfs: Error -5 while decompressing! [ 975.732822][ T3356] cramfs: ffffffff973f7368(26)->ffff888054118000(4096) [ 975.752475][ T27] audit: type=1800 audit(2000000808.147:329): pid=3356 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.11491" name="file2" dev="loop3" ino=348 res=0 errno=0 [ 976.339052][ T3425] loop3: detected capacity change from 0 to 128 [ 976.388219][ T3425] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 976.425503][ T3425] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 976.652812][ T3439] netlink: 156 bytes leftover after parsing attributes in process `syz.1.11510'. [ 976.697196][ T3439] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11510'. [ 976.714133][ T3439] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11510'. [ 977.208383][ T3469] netlink: 68 bytes leftover after parsing attributes in process `syz.3.11520'. [ 977.258352][ T3472] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11521'. [ 977.392507][ T3481] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11524'. [ 977.496684][ T3485] tc_dump_action: action bad kind [ 977.525720][ T3487] netlink: 144 bytes leftover after parsing attributes in process `syz.5.11525'. [ 977.715060][ T3497] loop1: detected capacity change from 0 to 1024 [ 978.878425][ T3567] kAFS: unable to lookup cell '' [ 979.362802][ T3588] loop4: detected capacity change from 0 to 4096 [ 979.419188][ T3588] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 979.661926][ T3602] loop1: detected capacity change from 0 to 256 [ 979.674560][ T3588] ntfs3: loop4: failed to convert "c46c" to koi8-ru [ 979.776652][ T3602] FAT-fs (loop1): Directory bread(block 64) failed [ 979.793314][ T3602] FAT-fs (loop1): Directory bread(block 65) failed [ 979.838893][ T3602] FAT-fs (loop1): Directory bread(block 66) failed [ 979.866404][ T3602] FAT-fs (loop1): Directory bread(block 67) failed [ 979.900169][ T3602] FAT-fs (loop1): Directory bread(block 68) failed [ 979.906917][ T3602] FAT-fs (loop1): Directory bread(block 69) failed [ 979.930932][ T3602] FAT-fs (loop1): Directory bread(block 70) failed [ 979.965180][ T3602] FAT-fs (loop1): Directory bread(block 71) failed [ 979.999317][ T3602] FAT-fs (loop1): Directory bread(block 72) failed [ 980.005925][ T3602] FAT-fs (loop1): Directory bread(block 73) failed [ 980.014469][ T5849] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 980.235764][ T5849] usb 6-1: Using ep0 maxpacket: 16 [ 980.244280][ T5849] usb 6-1: config 0 has an invalid interface number: 163 but max is 0 [ 980.276705][ T5849] usb 6-1: config 0 has no interface number 0 [ 980.307149][ T5849] usb 6-1: config 0 interface 163 has no altsetting 0 [ 980.325158][ T5849] usb 6-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=56.cc [ 980.340474][ T5849] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 980.351264][ T5849] usb 6-1: Product: syz [ 980.355511][ T5849] usb 6-1: Manufacturer: syz [ 980.371465][ T5849] usb 6-1: SerialNumber: syz [ 980.409999][ T5849] usb 6-1: config 0 descriptor?? [ 980.496716][ T3634] netlink: 88 bytes leftover after parsing attributes in process `syz.3.11570'. [ 980.810577][ T3653] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 980.855067][ T5849] usb 6-1: USB disconnect, device number 3 [ 980.872163][ T5849] f81534a_ctrl 6-1:0.163: failed to set register 0x116: -19 [ 980.889805][ T5849] f81534a_ctrl 6-1:0.163: failed to enable ports: -19 [ 981.652439][ T3699] loop5: detected capacity change from 0 to 1764 [ 982.012471][ T3725] loop1: detected capacity change from 0 to 8 [ 982.327431][ T3740] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.11601'. [ 982.355569][ T3740] openvswitch: netlink: IP tunnel attribute has 3064 unknown bytes. [ 982.549645][ T3745] loop1: detected capacity change from 0 to 8192 [ 982.586994][ T3745] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 982.607481][ T3745] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 982.616779][ T3745] REISERFS (device loop1): using ordered data mode [ 982.624025][ T3745] reiserfs: using flush barriers [ 982.631931][ T3745] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 982.649342][ T3745] REISERFS (device loop1): checking transaction log (loop1) [ 982.677763][ T3745] REISERFS (device loop1): Using rupasov hash to sort names [ 982.762034][ T3763] loop3: detected capacity change from 0 to 512 [ 982.904237][ T3763] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.11605: bg 0: block 393: padding at end of block bitmap is not set [ 982.948100][ T3763] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6653: Corrupt filesystem [ 982.996778][ T3763] EXT4-fs (loop3): 2 truncates cleaned up [ 983.027633][ T3763] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 983.276437][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 983.785997][ T3808] loop5: detected capacity change from 0 to 1024 [ 984.170843][ T3834] loop3: detected capacity change from 0 to 512 [ 984.272211][ T3834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 984.328559][ T3834] ext4 filesystem being mounted at /2848/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 984.429471][ T3834] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 984.517046][ T3834] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 984.547112][ T3834] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.11626: Failed to acquire dquot type 0 [ 984.676053][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 984.729798][ T3864] netlink: 'syz.1.11635': attribute type 11 has an invalid length. [ 984.836471][ T3870] comedi comedi0: comedi_parport: I/O port conflict (0x3,3) [ 984.941857][ T27] audit: type=1800 audit(2000000817.337:330): pid=3859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.5.11633" name="/newroot/126/file0" dev="tmpfs" ino=662 res=0 errno=0 [ 985.009800][ T3876] netlink: 'syz.1.11638': attribute type 1 has an invalid length. [ 985.596651][ T3906] tmpfs: Bad value for 'mpol' [ 985.701919][ T3910] netlink: 'syz.1.11651': attribute type 1 has an invalid length. [ 986.095383][ T3927] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11655'. [ 986.136047][ T3927] netlink: 31 bytes leftover after parsing attributes in process `syz.3.11655'. [ 986.173829][ T3927] netlink: 'syz.3.11655': attribute type 3 has an invalid length. [ 986.197117][ T3927] netlink: 'syz.3.11655': attribute type 2 has an invalid length. [ 986.205008][ T3927] netlink: 31 bytes leftover after parsing attributes in process `syz.3.11655'. [ 986.217293][ T3886] loop5: detected capacity change from 0 to 32768 [ 986.245185][ T3933] loop4: detected capacity change from 0 to 256 [ 986.294208][ T3886] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 986.485325][ T3933] FAT-fs (loop4): Directory bread(block 64) failed [ 986.521763][ T3933] FAT-fs (loop4): Directory bread(block 65) failed [ 986.556563][ T3933] FAT-fs (loop4): Directory bread(block 66) failed [ 986.587822][ T3933] FAT-fs (loop4): Directory bread(block 67) failed [ 986.594531][ T3933] FAT-fs (loop4): Directory bread(block 68) failed [ 986.632045][ T3933] FAT-fs (loop4): Directory bread(block 69) failed [ 986.644384][ T3886] XFS (loop5): Ending clean mount [ 986.654389][ T3933] FAT-fs (loop4): Directory bread(block 70) failed [ 986.665242][ T3886] XFS (loop5): Quotacheck needed: Please wait. [ 986.680381][ T3933] FAT-fs (loop4): Directory bread(block 71) failed [ 986.690522][ T3950] loop3: detected capacity change from 0 to 256 [ 986.707522][ T3933] FAT-fs (loop4): Directory bread(block 72) failed [ 986.714246][ T3933] FAT-fs (loop4): Directory bread(block 73) failed [ 986.722476][ T3950] FAT-fs (loop3): "posix" option is obsolete, not supported now [ 986.862484][ T3886] XFS (loop5): Quotacheck: Done. [ 986.954465][ T3931] loop1: detected capacity change from 0 to 32768 [ 987.011532][ T3931] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 987.247099][ T1162] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 987.332620][ T2351] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11 [ 987.655598][ T3984] loop1: detected capacity change from 0 to 512 [ 987.803423][ T3984] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.11666: bg 0: block 393: padding at end of block bitmap is not set [ 987.819411][ T3984] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6653: Corrupt filesystem [ 987.832568][ T3984] EXT4-fs (loop1): 2 truncates cleaned up [ 987.840232][ T3984] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 987.967751][ T3996] sctp: [Deprecated]: syz.5.11664 (pid 3996) Use of int in max_burst socket option. [ 987.967751][ T3996] Use struct sctp_assoc_value instead [ 988.018099][ T5777] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 988.919704][ T4009] loop1: detected capacity change from 0 to 32768 [ 988.961934][ T4009] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.11671 (4009) [ 989.031751][ T4009] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 989.059626][ T4009] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 989.076641][ T4009] BTRFS info (device loop1): using free space tree [ 989.277804][ T4009] BTRFS info (device loop1): enabling ssd optimizations [ 989.293392][ T4009] BTRFS info (device loop1): auto enabling async discard [ 989.455312][ T4080] loop4: detected capacity change from 0 to 64 [ 989.492539][ T5777] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 990.127011][T32465] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 990.183586][ T4114] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11698'. [ 990.347462][T32465] usb 6-1: config 0 has an invalid interface number: 64 but max is 0 [ 990.355727][T32465] usb 6-1: config 0 has no interface number 0 [ 990.384646][T32465] usb 6-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07 [ 990.407301][T32465] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 990.426054][T32465] usb 6-1: Product: syz [ 990.430654][T32465] usb 6-1: Manufacturer: syz [ 990.435792][T32465] usb 6-1: SerialNumber: syz [ 990.480772][T32465] usb 6-1: config 0 descriptor?? [ 990.621079][ T4127] loop1: detected capacity change from 0 to 1024 [ 990.637888][ T4127] EXT4-fs: Ignoring removed orlov option [ 990.725215][ T4127] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 990.767198][ T4127] ext4 filesystem being mounted at /3113/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 990.784780][T32465] usb 6-1: Found UVC 0.08 device syz (046d:0823) [ 990.834659][T32465] usb 6-1: No valid video chain found. [ 990.840475][ T5777] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 990.918367][T32465] usb 6-1: USB disconnect, device number 4 [ 990.966665][ T4152] dvmrp0: entered allmulticast mode [ 991.605399][ T27] audit: type=1326 audit(2000000823.987:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4186 comm="syz.4.11718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 991.696971][ T27] audit: type=1326 audit(2000000823.987:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4186 comm="syz.4.11718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 991.750034][ T27] audit: type=1326 audit(2000000824.027:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4186 comm="syz.4.11718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 991.835231][ T27] audit: type=1326 audit(2000000824.027:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4186 comm="syz.4.11718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 991.920595][ T27] audit: type=1326 audit(2000000824.027:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4186 comm="syz.4.11718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 992.754688][ T4185] loop3: detected capacity change from 0 to 40427 [ 992.780153][ T4185] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 992.795738][ T4185] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 992.829838][ T4185] F2FS-fs (loop3): Found nat_bits in checkpoint [ 993.007264][ T27] audit: type=1326 audit(2000000825.397:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4251 comm="syz.1.11740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 993.087024][ T4185] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 993.094132][ T4185] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 993.109155][ T27] audit: type=1326 audit(2000000825.397:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4251 comm="syz.1.11740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 993.156981][ T27] audit: type=1326 audit(2000000825.407:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4251 comm="syz.1.11740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 993.182604][ T27] audit: type=1326 audit(2000000825.407:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4251 comm="syz.1.11740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 993.231609][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.252172][ T27] audit: type=1326 audit(2000000825.407:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4251 comm="syz.1.11740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 993.288170][ T4185] syz.3.11717: attempt to access beyond end of device [ 993.288170][ T4185] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 993.408191][ T5776] syz-executor: attempt to access beyond end of device [ 993.408191][ T5776] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 993.457207][ T5776] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 995.234381][ T4339] loop1: detected capacity change from 0 to 256 [ 995.391231][ T4339] FAT-fs (loop1): Directory bread(block 64) failed [ 995.417434][ T4339] FAT-fs (loop1): Directory bread(block 65) failed [ 995.439349][ T4339] FAT-fs (loop1): Directory bread(block 66) failed [ 995.445986][ T4339] FAT-fs (loop1): Directory bread(block 67) failed [ 995.485389][ T4339] FAT-fs (loop1): Directory bread(block 68) failed [ 995.516979][ T4339] FAT-fs (loop1): Directory bread(block 69) failed [ 995.523682][ T4339] FAT-fs (loop1): Directory bread(block 70) failed [ 995.536483][ T4314] loop4: detected capacity change from 0 to 32768 [ 995.559194][ T4339] FAT-fs (loop1): Directory bread(block 71) failed [ 995.565884][ T4339] FAT-fs (loop1): Directory bread(block 72) failed [ 995.572740][ T4339] FAT-fs (loop1): Directory bread(block 73) failed [ 995.593442][ T4314] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 995.839647][ T5849] XFS (loop4): Metadata corruption detected at xfs_agf_verify+0x211/0x9b0, xfs_agf block 0x1 [ 995.869253][ T5849] XFS (loop4): Unmount and run xfs_repair [ 995.879801][ T5849] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 995.895686][ T4366] xt_CT: You must specify a L4 protocol and not use inversions on it [ 995.905377][ T5849] 00000000: 58 41 47 46 00 00 00 00 00 00 00 00 00 00 20 00 XAGF.......... . [ 995.938279][ T5849] 00000010: 00 00 00 01 00 00 00 02 00 00 00 05 00 00 00 01 ................ [ 995.957045][ T5849] 00000020: 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 06 ................ [ 996.007005][ T5849] 00000030: 00 00 00 06 00 00 0d cb 00 00 0d b8 00 00 00 00 ................ [ 996.025307][ T5849] 00000040: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 996.060867][ T5849] 00000050: 00 00 00 01 00 00 00 01 00 00 00 06 00 00 00 01 ................ [ 996.081933][ T5849] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 996.126910][ T5849] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 996.136117][ T4314] XFS (loop4): metadata I/O error in "xfs_read_agf+0x294/0x590" at daddr 0x1 len 1 error 117 [ 996.187031][ T4314] XFS (loop4): Error -117 reserving per-AG metadata reserve pool. [ 996.214294][ T4314] XFS (loop4): Corruption of in-memory data (0x8) detected at xfs_fs_reserve_ag_blocks+0x25e/0x2d0 (fs/xfs/xfs_fsops.c:592). Shutting down filesystem. [ 996.247879][ T4314] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 996.256306][ T4314] XFS (loop4): Ending clean mount [ 996.512361][ T914] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 996.774829][ T4409] loop5: detected capacity change from 0 to 512 [ 996.818378][ T4409] EXT4-fs: Ignoring removed orlov option [ 996.847127][ T4409] EXT4-fs: Ignoring removed nobh option [ 996.881129][ T4409] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 997.010188][ T4409] EXT4-fs error (device loop5): ext4_validate_block_bitmap:439: comm syz.5.11785: bg 0: block 248: padding at end of block bitmap is not set [ 997.130332][ T4409] Quota error (device loop5): write_blk: dquota write failed [ 997.177405][ T4409] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 997.225802][ T4409] EXT4-fs error (device loop5): ext4_acquire_dquot:6949: comm syz.5.11785: Failed to acquire dquot type 1 [ 997.277588][ T4428] loop4: detected capacity change from 0 to 4096 [ 997.303088][ T4409] EXT4-fs (loop5): 1 truncate cleaned up [ 997.310298][ T4428] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 997.330949][ T4409] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 997.399494][ T4409] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 997.497093][ T4439] loop3: detected capacity change from 0 to 128 [ 997.510495][ T4428] ntfs3: loop4: failed to convert "c46c" to iso8859-1 [ 997.532782][ T4439] VFS: Found a Xenix FS (block size = 1024) on device loop3 [ 997.535458][ T4409] EXT4-fs: Ignoring removed orlov option [ 997.586734][ T4409] EXT4-fs: Ignoring removed nobh option [ 997.629754][ T4409] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 997.672059][ T4409] EXT4-fs error (device loop5): __ext4_remount:6752: comm syz.5.11785: Abort forced by user [ 997.697665][ T4409] EXT4-fs (loop5): Remounting filesystem read-only [ 997.704246][ T4409] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000. [ 997.788625][ T5776] sysv_free_block: flc_count > flc_size [ 997.794251][ T5776] sysv_free_block: flc_count > flc_size [ 997.811377][ T5776] sysv_free_block: flc_count > flc_size [ 997.827092][ T5776] sysv_free_block: flc_count > flc_size [ 997.837437][ T5776] sysv_free_block: flc_count > flc_size [ 997.854385][ T5776] sysv_free_block: flc_count > flc_size [ 997.863708][ T5776] sysv_free_block: flc_count > flc_size [ 997.889015][ T5776] sysv_free_block: flc_count > flc_size [ 997.894629][ T5776] sysv_free_block: flc_count > flc_size [ 997.914230][ T1162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 997.931911][ T5776] sysv_free_block: flc_count > flc_size [ 997.973735][ T5776] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 998.179430][ T4465] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11799'. [ 998.228326][ T4465] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11799'. [ 998.374099][ T4478] loop1: detected capacity change from 0 to 512 [ 998.421574][ T4478] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 998.465516][ T4478] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 998.484068][ T4478] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 998.551220][ T4478] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 998.587014][ T4478] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000] [ 998.636174][ T4478] EXT4-fs (loop1): orphan cleanup on readonly fs [ 998.699419][ T4478] EXT4-fs warning (device loop1): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 998.730082][ T4500] ieee802154 phy1 wpan1: encryption failed: -22 [ 998.772509][ T4478] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 998.812565][ T4478] EXT4-fs (loop1): 1 truncate cleaned up [ 998.847834][ T4478] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 999.046354][ T5777] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 999.070848][ T4513] netlink: 'syz.4.11813': attribute type 1 has an invalid length. [ 999.089641][ T4513] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11813'. [ 999.297248][ T4527] loop4: detected capacity change from 0 to 256 [ 999.315891][ T4529] CIFS mount error: No usable UNC path provided in device string! [ 999.315891][ T4529] [ 999.326332][ T4529] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 999.718863][ T4550] netlink: 'syz.3.11823': attribute type 27 has an invalid length. [ 999.951328][ T4563] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 999.969436][ T4563] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 1000.172220][ T4572] loop5: detected capacity change from 0 to 256 [ 1000.195718][ T4572] exfat: Deprecated parameter 'utf8' [ 1000.217464][ T4572] exfat: Deprecated parameter 'utf8' [ 1000.298469][ T4572] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x97423c56, utbl_chksum : 0xe619d30d) [ 1000.573922][ T4591] loop1: detected capacity change from 0 to 128 [ 1000.645318][ T4591] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 1001.233269][ T4615] loop1: detected capacity change from 0 to 256 [ 1001.288067][ T4618] affs: No valid root block on device nbd5 [ 1001.333905][ T4615] FAT-fs (loop1): Directory bread(block 64) failed [ 1001.352780][ T4615] FAT-fs (loop1): Directory bread(block 65) failed [ 1001.386651][ T4615] FAT-fs (loop1): Directory bread(block 66) failed [ 1001.397686][ T4615] FAT-fs (loop1): Directory bread(block 67) failed [ 1001.404458][ T4615] FAT-fs (loop1): Directory bread(block 68) failed [ 1001.427034][ T4615] FAT-fs (loop1): Directory bread(block 69) failed [ 1001.434066][ T4615] FAT-fs (loop1): Directory bread(block 70) failed [ 1001.481597][ T4615] FAT-fs (loop1): Directory bread(block 71) failed [ 1001.507158][ T4615] FAT-fs (loop1): Directory bread(block 72) failed [ 1001.513788][ T4615] FAT-fs (loop1): Directory bread(block 73) failed [ 1001.609207][ T4629] Cannot find add_set index 0 as target [ 1001.840590][ T4639] netlink: 40 bytes leftover after parsing attributes in process `syz.5.11849'. [ 1002.345715][ T4681] netlink: 'syz.3.11858': attribute type 10 has an invalid length. [ 1002.347875][ T4678] netlink: 'syz.1.11857': attribute type 3 has an invalid length. [ 1002.371603][ T4676] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (6) [ 1002.937588][T19321] usb 2-1: new high-speed USB device number 60 using dummy_hcd [ 1003.138994][T19321] usb 2-1: Using ep0 maxpacket: 8 [ 1003.176478][T19321] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1003.203218][T19321] usb 2-1: config 8 has an invalid interface number: 61 but max is 2 [ 1003.228888][T19321] usb 2-1: config 8 has 1 interface, different from the descriptor's value: 3 [ 1003.268399][T19321] usb 2-1: config 8 has no interface number 0 [ 1003.274633][T19321] usb 2-1: config 8 interface 61 altsetting 8 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1003.317323][T19321] usb 2-1: config 8 interface 61 altsetting 8 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1003.360310][T19321] usb 2-1: config 8 interface 61 has no altsetting 0 [ 1003.393654][T19321] usb 2-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=e9.1f [ 1003.431663][T19321] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1003.451312][ T4740] loop3: detected capacity change from 0 to 256 [ 1003.458145][T19321] usb 2-1: Product: syz [ 1003.468455][T19321] usb 2-1: Manufacturer: syz [ 1003.486171][T19321] usb 2-1: SerialNumber: syz [ 1003.634310][ T4740] FAT-fs (loop3): Directory bread(block 64) failed [ 1003.655550][ T4740] FAT-fs (loop3): Directory bread(block 65) failed [ 1003.667926][ T4740] FAT-fs (loop3): Directory bread(block 66) failed [ 1003.674908][ T4740] FAT-fs (loop3): Directory bread(block 67) failed [ 1003.682115][ T4740] FAT-fs (loop3): Directory bread(block 68) failed [ 1003.690108][ T4740] FAT-fs (loop3): Directory bread(block 69) failed [ 1003.696776][ T4740] FAT-fs (loop3): Directory bread(block 70) failed [ 1003.703869][ T4740] FAT-fs (loop3): Directory bread(block 71) failed [ 1003.723075][ T4740] FAT-fs (loop3): Directory bread(block 72) failed [ 1003.733699][ T4740] FAT-fs (loop3): Directory bread(block 73) failed [ 1003.766508][T19321] bfusb: probe of 2-1:8.61 failed with error -5 [ 1003.801616][T19321] usb 2-1: USB disconnect, device number 60 [ 1003.903669][ T27] audit: type=1800 audit(2000000836.297:341): pid=4740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.11877" name="file1" dev="loop3" ino=1048736 res=0 errno=0 [ 1003.961428][ T4765] loop4: detected capacity change from 0 to 64 [ 1004.384805][ T4787] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 1004.980536][ T4813] loop3: detected capacity change from 0 to 512 [ 1005.027789][ T4813] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0022] [ 1005.036024][ T4813] System zones: 1-12 [ 1005.053778][ T4813] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.11895: Directory hole found for htree index block 0 [ 1005.088362][ T4813] EXT4-fs (loop3): Remounting filesystem read-only [ 1005.094998][ T4813] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 1005.152730][ T4813] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 1005.198300][ T4813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1005.355515][ T4829] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.11899' sets config #2048 [ 1005.365375][ T4813] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 1005.476096][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1006.496803][ T4895] netlink: 'syz.1.11920': attribute type 3 has an invalid length. [ 1007.029705][ T4919] loop1: detected capacity change from 0 to 4096 [ 1007.056089][ T4919] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1007.141448][ T4919] ntfs: (device loop1): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 1007.157083][ T4919] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1007.207234][ T4919] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1007.274221][ T4919] ntfs: volume version 3.1. [ 1007.477679][ T5777] ntfs: (device loop1): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 1007.660008][ T4952] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1008.386578][ T4992] ieee802154 phy1 wpan1: encryption failed: -22 [ 1008.408408][ T27] audit: type=1326 audit(2000000840.807:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4997 comm="syz.4.11953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1008.484546][ T5001] loop1: detected capacity change from 0 to 128 [ 1008.502491][ T27] audit: type=1326 audit(2000000840.837:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4997 comm="syz.4.11953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1008.617258][ T27] audit: type=1326 audit(2000000840.837:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4997 comm="syz.4.11953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1008.715008][ T27] audit: type=1326 audit(2000000840.837:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4997 comm="syz.4.11953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1008.985946][ T5026] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1009.554052][ T5048] netlink: 'syz.1.11968': attribute type 10 has an invalid length. [ 1009.575142][ T5048] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11968'. [ 1009.617236][ T5048] netlink: 'syz.1.11968': attribute type 10 has an invalid length. [ 1009.650413][ T5048] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11968'. [ 1010.075568][ T5067] netlink: 'syz.1.11974': attribute type 11 has an invalid length. [ 1010.258045][ T5074] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11976'. [ 1010.416694][ T5040] loop5: detected capacity change from 0 to 32768 [ 1010.491703][ T5040] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 1010.559016][ T5094] netlink: 168 bytes leftover after parsing attributes in process `syz.1.11982'. [ 1010.604007][ T5040] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1010.729178][ T5040] (syz.5.11965,5040,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=0, inode=281474976710721, rec_len=32768, name_len=1 [ 1010.768022][ T5040] (syz.5.11965,5040,1):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 1010.817291][ T5040] (syz.5.11965,5040,1):ocfs2_mknod:298 ERROR: status = -2 [ 1010.855365][ T5040] (syz.5.11965,5040,1):ocfs2_mknod:502 ERROR: status = -2 [ 1010.897053][ T5040] (syz.5.11965,5040,1):ocfs2_create:676 ERROR: status = -2 [ 1010.973293][ T5115] loop4: detected capacity change from 0 to 512 [ 1011.038928][ T5110] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11985'. [ 1011.055570][ T5115] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1011.151192][ T5115] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1011.247733][ T1162] ocfs2: Unmounting device (7,5) on (node local) [ 1011.447212][ T914] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1011.760133][ T5160] loop5: detected capacity change from 0 to 128 [ 1012.724767][ T5218] loop1: detected capacity change from 0 to 64 [ 1013.549514][ T5263] loop3: detected capacity change from 0 to 256 [ 1013.557288][ T5849] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 1013.579074][ T5263] exfat: Deprecated parameter 'namecase' [ 1013.617863][ T5263] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 1013.756986][ T5849] usb 6-1: Using ep0 maxpacket: 32 [ 1013.764310][ T5849] usb 6-1: config 0 has an invalid interface number: 35 but max is 0 [ 1013.787857][ T5849] usb 6-1: config 0 has no interface number 0 [ 1013.823520][ T5849] usb 6-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1013.865109][ T5849] usb 6-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 1013.914406][ T5849] usb 6-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 1013.930952][ T5849] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1013.947392][ T5278] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12032'. [ 1013.966799][ T5849] usb 6-1: Product: syz [ 1013.971180][ T5849] usb 6-1: Manufacturer: syz [ 1013.975813][ T5849] usb 6-1: SerialNumber: syz [ 1014.018748][ T5849] usb 6-1: config 0 descriptor?? [ 1014.209559][ T5249] loop4: detected capacity change from 0 to 32768 [ 1014.256123][ T5249] (syz.4.12023,5249,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1014.305157][ T5249] (syz.4.12023,5249,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1014.371131][ T5249] JBD2: Ignoring recovery information on journal [ 1014.466800][ T5249] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1014.499933][ T5849] radio-si470x 6-1:0.35: si470x_get_report: usb_control_msg returned -71 [ 1014.542250][ T5849] radio-si470x: probe of 6-1:0.35 failed with error -5 [ 1014.619649][ T5849] radio-raremono 6-1:0.35: this is not Thanko's Raremono. [ 1014.672530][ T5849] usb 6-1: USB disconnect, device number 5 [ 1014.820674][ T914] ocfs2: Unmounting device (7,4) on (node local) [ 1015.523844][ T5353] ieee802154 phy1 wpan1: encryption failed: -22 [ 1015.894530][ T5374] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12058'. [ 1016.587721][ T5849] usb 2-1: new high-speed USB device number 61 using dummy_hcd [ 1016.649498][ T5422] netlink: 36 bytes leftover after parsing attributes in process `syz.5.12072'. [ 1016.660304][ T5422] netlink: 36 bytes leftover after parsing attributes in process `syz.5.12072'. [ 1016.682353][ T5422] netlink: 19 bytes leftover after parsing attributes in process `syz.5.12072'. [ 1016.707161][ T5425] loop3: detected capacity change from 0 to 47 [ 1016.807253][ T5849] usb 2-1: Using ep0 maxpacket: 16 [ 1016.818828][ T5849] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1016.847967][ T5849] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 1016.875536][ T5849] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1016.887403][ T5849] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 1016.917183][ T5849] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1016.956414][ T5849] usb 2-1: Product: syz [ 1016.970722][ T5849] usb 2-1: Manufacturer: syz [ 1016.975399][ T5849] usb 2-1: SerialNumber: syz [ 1017.010336][ T5849] usb 2-1: config 0 descriptor?? [ 1017.440855][ T5471] netlink: 304 bytes leftover after parsing attributes in process `syz.3.12083'. [ 1017.486266][ T5849] usb 2-1: USB disconnect, device number 61 [ 1017.710291][ T5484] 9pnet: Could not find request transport: x [ 1018.214388][ T5513] loop1: detected capacity change from 0 to 1024 [ 1018.297643][ T5513] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1018.417385][ T5513] EXT4-fs error (device loop1): __ext4_new_inode:1075: comm syz.1.12093: reserved inode found cleared - inode=18 [ 1018.579627][ T5777] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1018.757944][ T5503] loop5: detected capacity change from 0 to 32768 [ 1018.843126][ T5503] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 1018.888091][ T5503] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1018.948738][ T5512] loop3: detected capacity change from 0 to 32768 [ 1018.960249][ T5512] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.12092 (5512) [ 1019.014697][ T5512] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1019.026766][ T5512] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 1019.027174][ T5512] BTRFS info (device loop3): turning off barriers [ 1019.027234][ T5512] BTRFS info (device loop3): enabling all of the rescue options [ 1019.027253][ T5512] BTRFS info (device loop3): ignoring data csums [ 1019.027269][ T5512] BTRFS info (device loop3): ignoring bad roots [ 1019.027285][ T5512] BTRFS info (device loop3): disabling log replay at mount time [ 1019.027338][ T5512] BTRFS info (device loop3): disabling tree log [ 1019.027355][ T5512] BTRFS info (device loop3): turning on flush-on-commit [ 1019.027372][ T5512] BTRFS info (device loop3): using free space tree [ 1019.047510][ T5503] (syz.5.12089,5503,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 1019.047608][ T5503] (syz.5.12089,5503,0):ocfs2_xattr_block_find:2831 ERROR: status = -12 [ 1019.194295][ T5512] BTRFS info (device loop3: state C): enabling ssd optimizations [ 1019.278627][ T1162] ocfs2: Unmounting device (7,5) on (node local) [ 1019.645054][ T5776] BTRFS info (device loop3: state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 1020.128493][ T5548] loop1: detected capacity change from 0 to 32768 [ 1020.152640][ T5548] (syz.1.12099,5548,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1020.183672][ T5548] (syz.1.12099,5548,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 1020.314923][ T5607] raw_sendmsg: syz.4.12108 forgot to set AF_INET. Fix it! [ 1020.325290][ T5548] JBD2: Ignoring recovery information on journal [ 1020.430385][ T5548] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1020.446908][ T5849] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 1020.657586][ T5849] usb 6-1: Using ep0 maxpacket: 16 [ 1020.723174][ T5849] usb 6-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 1020.766906][ T5849] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1020.784686][ T5620] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12110'. [ 1020.803198][ T5849] usb 6-1: Product: syz [ 1020.827577][ T5849] usb 6-1: Manufacturer: syz [ 1020.832334][ T5849] usb 6-1: SerialNumber: syz [ 1020.848653][ T5849] usb 6-1: config 0 descriptor?? [ 1021.027851][ T5777] ocfs2: Unmounting device (7,1) on (node local) [ 1021.104185][ T5849] speedtch 6-1:0.0: speedtch_bind: wrong device class 68 [ 1021.153874][ T5849] speedtch 6-1:0.0: usbatm_usb_probe: bind failed: -19! [ 1021.337199][ T969] usb 6-1: USB disconnect, device number 6 [ 1021.765434][ T5696] IPv6: NLM_F_CREATE should be specified when creating new route [ 1022.169479][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 1022.169494][ T27] audit: type=1326 audit(2000000854.557:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.4.12129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1022.220114][ T27] audit: type=1326 audit(2000000854.557:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.4.12129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1022.338141][ T27] audit: type=1326 audit(2000000854.567:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.4.12129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1022.421165][ T27] audit: type=1326 audit(2000000854.567:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.4.12129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1022.516312][ T27] audit: type=1326 audit(2000000854.567:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.4.12129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1022.706163][ T5739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12136'. [ 1022.715871][ T5743] loop4: detected capacity change from 0 to 16 [ 1022.740846][ T5743] erofs: (device loop4): mounted with root inode @ nid 36. [ 1022.794574][ T5743] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 72 of nid 36 [ 1022.993751][ T5756] loop1: detected capacity change from 0 to 1024 [ 1023.208735][ T11] hfsplus: b-tree write err: -5, ino 4 [ 1023.564727][ T5821] C: renamed from team_slave_0 (while UP) [ 1023.575556][ T5821] netlink: 'syz.5.12152': attribute type 1 has an invalid length. [ 1023.614638][ T5821] netlink: 152 bytes leftover after parsing attributes in process `syz.5.12152'. [ 1023.647020][ T5821] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 1023.735404][ T27] audit: type=1326 audit(2000000856.127:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5851 comm="syz.4.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1023.846980][ T27] audit: type=1326 audit(2000000856.127:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5851 comm="syz.4.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1023.927473][ T27] audit: type=1326 audit(2000000856.167:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5851 comm="syz.4.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1023.961195][ T5861] sock: sock_timestamping_bind_phc: sock not bind to device [ 1024.022868][ T27] audit: type=1326 audit(2000000856.167:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5851 comm="syz.4.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1024.109255][ T27] audit: type=1326 audit(2000000856.167:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5851 comm="syz.4.12153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f156219aeb9 code=0x7ffc0000 [ 1024.735613][ T5907] loop1: detected capacity change from 0 to 256 [ 1024.772372][ T5907] exfat: Deprecated parameter 'utf8' [ 1024.792757][ T5907] exfat: Deprecated parameter 'namecase' [ 1024.808718][ T5908] loop4: detected capacity change from 0 to 2048 [ 1024.849122][ T5908] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 1024.887338][ T5907] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x8b6193f0, utbl_chksum : 0xe619d30d) [ 1024.969160][ T1714] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1025.348421][ T5937] overlayfs: conflicting options: verity=require,redirect_dir=nofollow [ 1025.419989][ T5943] netlink: 16 bytes leftover after parsing attributes in process `syz.1.12181'. [ 1025.441539][ T5943] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12181'. [ 1025.477398][ T5943] ip6gretap5: entered allmulticast mode [ 1025.624261][ T5955] netlink: 392 bytes leftover after parsing attributes in process `syz.5.12183'. [ 1025.720230][ T5960] loop3: detected capacity change from 0 to 164 [ 1026.297551][ T5992] binfmt_misc: register: failed to install interpreter file ./file0 [ 1026.377486][ T5997] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12197'. [ 1026.482290][ T6003] netlink: 64 bytes leftover after parsing attributes in process `syz.5.12198'. [ 1026.623490][ T6011] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12202'. [ 1026.652778][ T6010] ipip0: entered promiscuous mode [ 1027.138215][ T6036] loop5: detected capacity change from 0 to 1764 [ 1027.312499][ T6049] netlink: zone id is out of range [ 1027.660775][ T6061] loop1: detected capacity change from 0 to 4096 [ 1027.691643][ T6061] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 1028.006648][ T6080] vlan0: entered promiscuous mode [ 1028.042230][ T6080] veth0_vlan: entered promiscuous mode [ 1028.407958][ T6043] loop4: detected capacity change from 0 to 40427 [ 1028.425155][ T6043] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 1028.447635][ T6043] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1028.485080][ T6043] F2FS-fs (loop4): invalid crc value [ 1028.494306][ T6097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12226'. [ 1028.540384][ T6043] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1028.774222][ T6043] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1028.813226][ T6043] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 1029.432028][ T6147] loop1: detected capacity change from 0 to 64 [ 1029.777035][ T6165] netlink: 96 bytes leftover after parsing attributes in process `syz.4.12236'. [ 1030.293413][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 1030.293431][ T27] audit: type=1326 audit(2000000862.687:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6196 comm="syz.1.12256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 1030.384616][ T27] audit: type=1326 audit(2000000862.687:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6196 comm="syz.1.12256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 1030.450058][ T6191] loop4: detected capacity change from 0 to 4096 [ 1030.467058][ T27] audit: type=1326 audit(2000000862.687:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6196 comm="syz.1.12256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 1030.477099][ T6191] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 1030.509518][ T6200] loop5: detected capacity change from 0 to 2048 [ 1030.581848][ T27] audit: type=1326 audit(2000000862.687:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6196 comm="syz.1.12256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 1030.615576][ T6191] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 1030.648500][ T6208] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1030.706631][ T27] audit: type=1326 audit(2000000862.687:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6196 comm="syz.1.12256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 1030.768944][ T6213] loop1: detected capacity change from 0 to 16 [ 1030.825682][ T6213] erofs: (device loop1): mounted with root inode @ nid 36. [ 1030.882032][ T6213] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 32768 [ 1030.937634][ T6213] erofs: (device loop1): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 32768 [ 1030.967014][ T6213] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 32811 of nid 36 [ 1031.161468][ T6229] netlink: 'syz.4.12263': attribute type 5 has an invalid length. [ 1031.179484][ T6230] netlink: 'syz.3.12264': attribute type 9 has an invalid length. [ 1031.218928][ T6233] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.12265'. [ 1031.227895][ T6230] netlink: 911 bytes leftover after parsing attributes in process `syz.3.12264'. [ 1031.828544][ T6265] netlink: 36 bytes leftover after parsing attributes in process `syz.4.12275'. [ 1032.056224][ T6282] netlink: 20 bytes leftover after parsing attributes in process `syz.4.12280'. [ 1032.934150][ T6327] loop1: detected capacity change from 0 to 4096 [ 1032.972304][ T6327] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 1033.000095][ T6327] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1033.094843][ T5777] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1033.709962][ T27] audit: type=1326 audit(2000000866.107:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6367 comm="syz.3.12309" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5aaf79aeb9 code=0x0 [ 1034.121996][ T6386] netlink: 224 bytes leftover after parsing attributes in process `syz.5.12315'. [ 1034.270229][ T6358] loop1: detected capacity change from 0 to 32768 [ 1034.331072][ T6358] syz.1.12306: attempt to access beyond end of device [ 1034.331072][ T6358] loop1: rw=1, sector=4680032, nr_sectors = 8 limit=32768 [ 1034.374613][ T6358] metapage_write_end_io: I/O error [ 1034.401067][ T6358] blkno = 8ed2c, nblocks = 1 [ 1034.405750][ T6358] ERROR: (device loop1): dbUpdatePMap: blocks are outside the map [ 1034.405750][ T6358] [ 1034.426217][ T6358] ERROR: (device loop1): remounting filesystem as read-only [ 1034.441793][ T6358] ERROR: (device loop1): duplicateIXtree: [ 1034.441793][ T6358] [ 1034.615329][ T111] blkno = 8ed2c, nblocks = 4 [ 1034.621128][ T111] ERROR: (device loop1): dbUpdatePMap: blocks are outside the map [ 1034.621128][ T111] [ 1034.650647][ T5777] syz-executor: attempt to access beyond end of device [ 1034.650647][ T5777] loop1: rw=1, sector=4680032, nr_sectors = 8 limit=32768 [ 1034.683710][ T5777] metapage_write_end_io: I/O error [ 1034.710839][ T5777] JFS: metapage_get_blocks failed [ 1034.716320][ T5777] JFS: metapage_get_blocks failed [ 1034.760147][ T5777] JFS: metapage_get_blocks failed [ 1034.765284][ T5777] JFS: metapage_get_blocks failed [ 1034.829645][ T6415] usb usb8: usbfs: process 6415 (syz.4.12324) did not claim interface 0 before use [ 1035.013512][ T6421] loop4: detected capacity change from 0 to 256 [ 1035.050487][ T6421] exfat: Deprecated parameter 'namecase' [ 1035.079196][ T6421] exfat: Deprecated parameter 'utf8' [ 1035.096414][ T6421] exfat: Deprecated parameter 'namecase' [ 1035.171653][ T6421] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 1035.252568][ T6421] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 1035.796168][ T6458] netlink: 'syz.1.12336': attribute type 10 has an invalid length. [ 1035.813374][ T6458] netlink: 55 bytes leftover after parsing attributes in process `syz.1.12336'. [ 1036.104163][ T6458] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 1036.234930][ T6458] batman_adv: batadv0: Removing interface: virt_wifi0 [ 1036.652737][ T2967] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1036.711443][ T6494] loop5: detected capacity change from 0 to 764 [ 1037.020145][ T2967] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1037.250799][ T6511] loop1: detected capacity change from 0 to 4096 [ 1037.298950][T19703] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1037.311295][T19703] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1037.330491][T19703] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1037.339808][T19703] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1037.355865][ T2967] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1037.368655][T19703] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1037.376111][T19703] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1037.405098][ T921] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1037.413512][ T921] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1037.421023][ T921] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1037.444218][ T921] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1037.457700][ T921] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1037.472645][ T921] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1037.615012][ T6511] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 1037.700764][ T2967] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1037.725273][ T6545] netlink: 24 bytes leftover after parsing attributes in process `syz.5.12355'. [ 1037.947149][ T5777] ntfs3: loop1: ino=9, ntfs_sync_fs failed, -22. [ 1038.085617][ T27] audit: type=1326 audit(2000000870.467:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6552 comm="syz.5.12358" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa8df39aeb9 code=0x0 [ 1038.294845][ T6550] loop3: detected capacity change from 0 to 8192 [ 1038.877122][ T6517] xfrm0 speed is unknown, defaulting to 1000 [ 1038.890515][ T6517] C speed is unknown, defaulting to 1000 [ 1039.548751][T19703] Bluetooth: hci4: command tx timeout [ 1039.698946][ T6580] loop1: detected capacity change from 0 to 32768 [ 1039.779235][ T6580] [ 1039.779235][ T6580] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1039.779235][ T6580] [ 1039.891158][ T6580] __jfs_setxattr: xattr_size = 67, new_size = 161 [ 1039.949166][ T6660] loop5: detected capacity change from 0 to 16 [ 1040.026027][ T6660] erofs: (device loop5): mounted with root inode @ nid 36. [ 1040.042144][T15195] [ 1040.042144][T15195] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1040.042144][T15195] [ 1040.111005][T15195] [ 1040.111005][T15195] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1040.111005][T15195] [ 1040.127530][ T112] [ 1040.127530][ T112] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1040.127530][ T112] [ 1040.148013][ T5777] [ 1040.148013][ T5777] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1040.148013][ T5777] [ 1040.172917][ T5777] [ 1040.172917][ T5777] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1040.172917][ T5777] [ 1040.389807][ T6517] chnl_net:caif_netlink_parms(): no params data found [ 1040.668272][ T6708] loop5: detected capacity change from 0 to 2048 [ 1040.687628][ T6708] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1040.757468][ T6734] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1040.758739][ T6708] syz.5.12375: attempt to access beyond end of device [ 1040.758739][ T6708] loop5: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 1040.865735][ T6708] syz.5.12375: attempt to access beyond end of device [ 1040.865735][ T6708] loop5: rw=0, sector=9437254, nr_sectors = 2 limit=2048 [ 1040.946507][ T6708] NILFS (loop5): I/O error reading meta-data file (ino=6, block-offset=0) [ 1041.492729][ T6517] bridge0: port 1(bridge_slave_0) entered blocking state [ 1041.511765][ T6517] bridge0: port 1(bridge_slave_0) entered disabled state [ 1041.545236][ T6517] bridge_slave_0: entered allmulticast mode [ 1041.562414][ T6517] bridge_slave_0: entered promiscuous mode [ 1041.627140][T19703] Bluetooth: hci4: command tx timeout [ 1041.703937][ T6517] bridge0: port 2(bridge_slave_1) entered blocking state [ 1041.737034][ T6517] bridge0: port 2(bridge_slave_1) entered disabled state [ 1041.757190][ T6517] bridge_slave_1: entered allmulticast mode [ 1041.766319][ T6517] bridge_slave_1: entered promiscuous mode [ 1042.169002][ T5849] usb 4-1: new high-speed USB device number 65 using dummy_hcd [ 1042.376951][ T5849] usb 4-1: Using ep0 maxpacket: 8 [ 1042.403050][ T5849] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 1042.421706][ T5849] usb 4-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 1042.460578][ T5849] usb 4-1: config 179 has no interface number 0 [ 1042.474861][ T6517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1042.503624][ T5849] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid wMaxPacketSize 0 [ 1042.514896][ T6517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1042.538504][ T5849] usb 4-1: config 179 interface 65 altsetting 12 has 1 endpoint descriptor, different from the interface descriptor's value: 23 [ 1042.572527][ T5849] usb 4-1: config 179 interface 65 has no altsetting 0 [ 1042.609098][ T5849] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1042.641507][ T5849] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1042.911667][ T787] usb 4-1: USB disconnect, device number 65 [ 1042.979817][ T6517] team0: Port device team_slave_0 added [ 1043.055041][ T6517] team0: Port device team_slave_1 added [ 1043.248827][ T2967] hsr_slave_0: left promiscuous mode [ 1043.265494][ T2967] hsr_slave_1: left promiscuous mode [ 1043.277993][ T2967] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1043.285541][ T2967] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1043.329751][ T2967] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1043.345818][ T2967] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1043.368019][ T2967] bridge_slave_1: left allmulticast mode [ 1043.374018][ T2967] bridge_slave_1: left promiscuous mode [ 1043.388300][ T2967] bridge0: port 2(bridge_slave_1) entered disabled state [ 1043.451045][ T2967] bridge_slave_0: left allmulticast mode [ 1043.456769][ T2967] bridge_slave_0: left promiscuous mode [ 1043.475543][ T2967] bridge0: port 1(bridge_slave_0) entered disabled state [ 1043.650937][ T2967] veth1_macvtap: left promiscuous mode [ 1043.673650][ T2967] veth0_macvtap: left promiscuous mode [ 1043.689967][ T2967] veth1_vlan: left promiscuous mode [ 1043.707699][T19703] Bluetooth: hci4: command tx timeout [ 1043.716109][ T2967] veth0_vlan: left promiscuous mode [ 1044.224017][ T2967] bond1 (unregistering): Released all slaves [ 1045.020460][ T2967] team0 (unregistering): Port device team_slave_1 removed [ 1045.102443][ T2967] team0 (unregistering): Port device team_slave_0 removed [ 1045.174576][ T2967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1045.255693][ T2967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1045.788305][T19703] Bluetooth: hci4: command tx timeout [ 1045.814540][ T2967] bond0 (unregistering): Released all slaves [ 1045.927998][ T6517] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1045.935011][ T6517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1045.964089][ T6517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1045.981723][ T6517] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1045.988789][ T6517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1046.019834][ T6517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1046.069377][ T6947] workqueue: Failed to create a rescuer kthread for wq "bond8": -EINTR [ 1046.186198][ T6964] netlink: 32 bytes leftover after parsing attributes in process `syz.5.12405'. [ 1046.322003][ T6991] Cannot find del_set index 286 as target [ 1046.406709][ T6517] hsr_slave_0: entered promiscuous mode [ 1046.434283][ T6517] hsr_slave_1: entered promiscuous mode [ 1046.663408][ T7021] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 1046.807286][ T7045] loop3: detected capacity change from 0 to 512 [ 1047.002851][ T27] audit: type=1326 audit(2000000879.347:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7049 comm="syz.1.12413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 1047.108191][ T7045] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec018, mo2=0002] [ 1047.118481][ T7045] System zones: 0-2, 18-18, 34-34 [ 1047.123902][ T7045] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1047.131611][ T27] audit: type=1326 audit(2000000879.347:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7049 comm="syz.1.12413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 1047.172949][ T7045] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.12412: bg 0: block 248: padding at end of block bitmap is not set [ 1047.221906][ T27] audit: type=1326 audit(2000000879.357:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7049 comm="syz.1.12413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 1047.250110][ T7045] Quota error (device loop3): write_blk: dquota write failed [ 1047.283787][ T7088] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12414'. [ 1047.307530][ T7045] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1047.358030][ T7045] EXT4-fs error (device loop3): ext4_acquire_dquot:6949: comm syz.3.12412: Failed to acquire dquot type 1 [ 1047.387083][ T27] audit: type=1326 audit(2000000879.357:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7049 comm="syz.1.12413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180ad9aeb9 code=0x7ffc0000 [ 1047.537744][ T7045] EXT4-fs (loop3): 1 orphan inode deleted [ 1047.552931][ T11] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-5 [ 1047.574468][ T11] EXT4-fs error (device loop3): ext4_release_dquot:6985: comm kworker/u4:0: Failed to release dquot type 1 [ 1047.615971][ T7045] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1047.682141][ T7045] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz.3.12412: deleted inode referenced: 12 [ 1047.874987][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1047.916054][ T6517] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1048.045004][ T6517] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1048.113585][ T6517] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1048.159778][ T6517] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1048.397577][ T7152] netlink: 'syz.3.12423': attribute type 32 has an invalid length. [ 1048.579389][ T7165] netlink: 'syz.1.12425': attribute type 21 has an invalid length. [ 1048.598907][ T7165] netlink: 128 bytes leftover after parsing attributes in process `syz.1.12425'. [ 1048.617950][ T7165] netlink: 'syz.1.12425': attribute type 4 has an invalid length. [ 1048.625978][ T7165] netlink: 'syz.1.12425': attribute type 5 has an invalid length. [ 1048.680987][ T7165] netlink: 3 bytes leftover after parsing attributes in process `syz.1.12425'. [ 1048.755526][ T6517] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1048.782093][ T7172] openvswitch: netlink: Actions may not be safe on all matching packets [ 1048.852593][ T6517] 8021q: adding VLAN 0 to HW filter on device team0 [ 1048.906869][ T2967] bridge0: port 1(bridge_slave_0) entered blocking state [ 1048.914068][ T2967] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1048.988989][ T2967] bridge0: port 2(bridge_slave_1) entered blocking state [ 1048.996273][ T2967] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1049.807066][T32465] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 1049.851714][ T6517] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1049.999925][T32465] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 1050.016910][T32465] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 1050.057016][T32465] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1050.091243][T32465] usb 4-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=c2.f4 [ 1050.110753][T32465] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1050.130670][T32465] usb 4-1: Product: syz [ 1050.155640][T32465] usb 4-1: Manufacturer: syz [ 1050.162026][T32465] usb 4-1: SerialNumber: syz [ 1050.204517][T32465] usb 4-1: config 0 descriptor?? [ 1050.486010][T32465] usb 4-1: USB disconnect, device number 66 [ 1050.632661][ T7193] loop5: detected capacity change from 0 to 32768 [ 1050.686673][ T7193] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1050.717879][ T7193] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1050.795634][ T6517] veth0_vlan: entered promiscuous mode [ 1050.835970][ T7193] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 1050.882160][ T6517] veth1_vlan: entered promiscuous mode [ 1050.907508][T32465] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 1050.916483][T32465] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 1051.044667][ T6517] veth0_macvtap: entered promiscuous mode [ 1051.071552][ T6517] veth1_macvtap: entered promiscuous mode [ 1051.160030][ T6517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1051.197451][T32465] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 280ms [ 1051.205577][T32465] gfs2: fsid=syz:syz.0: jid=0: Done [ 1051.205884][ T6517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.258301][ T7193] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 1051.271380][ T6517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1051.303347][ T6517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.333216][ T6517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1051.364824][ T6517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.386223][ T6517] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1051.441001][ T6517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1051.471730][ T6517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.486775][ T6517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1051.506309][ T6517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.521218][ T6517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1051.558117][ T6517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.568896][ T6517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1051.581971][ T6517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1051.593948][ T6517] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1051.641329][ T6517] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1051.667233][ T6517] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1051.686240][ T6517] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1051.729204][ T6517] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1051.977731][T15195] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1051.985612][T15195] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1052.091607][ T6531] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1052.108733][ T6531] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1052.200902][ T7193] gfs2: fsid=syz:syz.0: found 1 quota changes [ 1052.432013][ T1162] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129 [ 1052.466135][ T1162] CPU: 0 PID: 1162 Comm: syz-executor Not tainted syzkaller #0 [ 1052.473766][ T1162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1052.483857][ T1162] Call Trace: [ 1052.487176][ T1162] [ 1052.490151][ T1162] dump_stack_lvl+0x18c/0x250 [ 1052.494889][ T1162] ? show_regs_print_info+0x20/0x20 [ 1052.500139][ T1162] ? load_image+0x400/0x400 [ 1052.504695][ T1162] ? do_raw_spin_unlock+0x121/0x230 [ 1052.509948][ T1162] gfs2_assert_warn_i+0x193/0x2c0 [ 1052.515036][ T1162] gfs2_qd_dispose+0x4aa/0x5b0 [ 1052.519853][ T1162] gfs2_quota_cleanup+0x410/0x720 [ 1052.524962][ T1162] ? spin_lock_bucket+0x150/0x150 [ 1052.530032][ T1162] ? __might_sleep+0xe0/0xe0 [ 1052.534676][ T1162] ? gfs2_ail_empty_tr+0x2f0/0x2f0 [ 1052.539876][ T1162] ? gfs2_quota_sync+0x591/0x5a0 [ 1052.544862][ T1162] gfs2_make_fs_ro+0x2aa/0x320 [ 1052.549682][ T1162] ? gfs2_dinode_out+0xb10/0xb10 [ 1052.555104][ T1162] ? __lock_acquire+0x7d40/0x7d40 [ 1052.560174][ T1162] ? __rwlock_init+0x150/0x150 [ 1052.564981][ T1162] ? do_raw_spin_unlock+0x121/0x230 [ 1052.570212][ T1162] gfs2_put_super+0x224/0x930 [ 1052.574918][ T1162] ? gfs2_evict_inode+0x1350/0x1350 [ 1052.580138][ T1162] generic_shutdown_super+0x134/0x2b0 [ 1052.585536][ T1162] kill_block_super+0x44/0x90 [ 1052.590267][ T1162] deactivate_locked_super+0x97/0x100 [ 1052.595697][ T1162] cleanup_mnt+0x43b/0x4d0 [ 1052.600158][ T1162] task_work_run+0x1d4/0x260 [ 1052.604779][ T1162] ? task_work_cancel+0x220/0x220 [ 1052.609839][ T1162] ? exit_to_user_mode_loop+0x3b/0x110 [ 1052.615342][ T1162] exit_to_user_mode_loop+0xe6/0x110 [ 1052.620687][ T1162] exit_to_user_mode_prepare+0xee/0x180 [ 1052.626260][ T1162] syscall_exit_to_user_mode+0x1a/0x50 [ 1052.631750][ T1162] do_syscall_64+0x61/0xa0 [ 1052.636193][ T1162] ? clear_bhb_loop+0x40/0x90 [ 1052.640897][ T1162] ? clear_bhb_loop+0x40/0x90 [ 1052.645598][ T1162] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1052.651507][ T1162] RIP: 0033:0x7fa8df39c117 [ 1052.655941][ T1162] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1052.675568][ T1162] RSP: 002b:00007ffc3ed3d988 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1052.684035][ T1162] RAX: 0000000000000000 RBX: 00007fa8df40471f RCX: 00007fa8df39c117 [ 1052.692035][ T1162] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3ed3da40 [ 1052.700026][ T1162] RBP: 00007ffc3ed3da40 R08: 00007ffc3ed3ea40 R09: 00000000ffffffff [ 1052.708017][ T1162] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc3ed3ead0 [ 1052.716041][ T1162] R13: 00007fa8df40471f R14: 000000000010024b R15: 00007ffc3ed3eb10 [ 1052.724048][ T1162] [ 1053.164083][ T7295] loop3: detected capacity change from 0 to 32768 [ 1053.278099][ T7295] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1053.616235][ T7295] XFS (loop3): Ending clean mount [ 1053.626629][ T7295] XFS (loop3): Quotacheck needed: Please wait. [ 1053.834555][ T7361] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 1053.913742][ T7295] XFS (loop3): Quotacheck: Done. [ 1054.181511][ T5776] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1054.537076][ T7383] loop6: detected capacity change from 0 to 4096 [ 1054.558981][ T7383] EXT4-fs: Ignoring removed mblk_io_submit option [ 1054.567250][ T7387] netdevsim netdevsim5: Direct firmware load for ..€ failed with error -2 [ 1054.587633][ T7387] netdevsim netdevsim5: Falling back to sysfs fallback for: ..€ [ 1054.619103][ T7383] EXT4-fs (loop6): Test dummy encryption mode enabled [ 1054.672724][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.680749][ T7383] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1054.899994][ T6517] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1054.928213][ T7368] loop1: detected capacity change from 0 to 32768 [ 1054.965190][ T7368] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1055.025205][ T7368] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1055.087974][ T7368] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 1055.127241][ T5849] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 1055.134457][ T5849] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 1055.367013][ T5849] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 232ms [ 1055.413075][ T5849] gfs2: fsid=syz:syz.0: jid=0: Done [ 1055.429450][ T7368] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 1056.142767][ T7368] gfs2: fsid=syz:syz.0: found 1 quota changes [ 1056.220289][ T7446] loop6: detected capacity change from 0 to 16 [ 1056.251772][ T7446] erofs: (device loop6): mounted with root inode @ nid 36. [ 1056.540810][ T787] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 1056.553315][ T5777] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129 [ 1056.592007][ T5777] CPU: 0 PID: 5777 Comm: syz-executor Not tainted syzkaller #0 [ 1056.599633][ T5777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1056.609729][ T5777] Call Trace: [ 1056.613053][ T5777] [ 1056.616022][ T5777] dump_stack_lvl+0x18c/0x250 [ 1056.620760][ T5777] ? show_regs_print_info+0x20/0x20 [ 1056.626022][ T5777] ? load_image+0x400/0x400 [ 1056.630585][ T5777] ? do_raw_spin_unlock+0x121/0x230 [ 1056.635839][ T5777] gfs2_assert_warn_i+0x193/0x2c0 [ 1056.640918][ T5777] gfs2_qd_dispose+0x4aa/0x5b0 [ 1056.645734][ T5777] gfs2_quota_cleanup+0x410/0x720 [ 1056.650810][ T5777] ? spin_lock_bucket+0x150/0x150 [ 1056.655903][ T5777] ? __might_sleep+0xe0/0xe0 [ 1056.660538][ T5777] ? gfs2_ail_empty_tr+0x2f0/0x2f0 [ 1056.665724][ T5777] ? gfs2_quota_sync+0x591/0x5a0 [ 1056.670706][ T5777] gfs2_make_fs_ro+0x2aa/0x320 [ 1056.675512][ T5777] ? gfs2_dinode_out+0xb10/0xb10 [ 1056.680486][ T5777] ? __lock_acquire+0x7d40/0x7d40 [ 1056.685558][ T5777] ? __rwlock_init+0x150/0x150 [ 1056.690382][ T5777] ? do_raw_spin_unlock+0x121/0x230 [ 1056.695636][ T5777] gfs2_put_super+0x224/0x930 [ 1056.700377][ T5777] ? gfs2_evict_inode+0x1350/0x1350 [ 1056.705621][ T5777] generic_shutdown_super+0x134/0x2b0 [ 1056.711046][ T5777] kill_block_super+0x44/0x90 [ 1056.715769][ T5777] deactivate_locked_super+0x97/0x100 [ 1056.721181][ T5777] cleanup_mnt+0x43b/0x4d0 [ 1056.725662][ T5777] task_work_run+0x1d4/0x260 [ 1056.730308][ T5777] ? task_work_cancel+0x220/0x220 [ 1056.735394][ T5777] ? exit_to_user_mode_loop+0x3b/0x110 [ 1056.740953][ T5777] exit_to_user_mode_loop+0xe6/0x110 [ 1056.742230][ T787] usb 6-1: config 0 has an invalid interface number: 107 but max is 0 [ 1056.746281][ T5777] exit_to_user_mode_prepare+0xee/0x180 [ 1056.746318][ T5777] syscall_exit_to_user_mode+0x1a/0x50 [ 1056.746344][ T5777] do_syscall_64+0x61/0xa0 [ 1056.764490][ T787] usb 6-1: config 0 has no interface number 0 [ 1056.765559][ T5777] ? clear_bhb_loop+0x40/0x90 [ 1056.765587][ T5777] ? clear_bhb_loop+0x40/0x90 [ 1056.765613][ T5777] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1056.781942][ T787] usb 6-1: config 0 interface 107 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 10 [ 1056.785467][ T5777] RIP: 0033:0x7f180ad9c117 [ 1056.807008][ T5777] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1056.814340][ T787] usb 6-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 1056.826639][ T5777] RSP: 002b:00007fffb8d93e98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1056.826668][ T5777] RAX: 0000000000000000 RBX: 00007f180ae0471f RCX: 00007f180ad9c117 [ 1056.826683][ T5777] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffb8d93f50 [ 1056.826696][ T5777] RBP: 00007fffb8d93f50 R08: 00007fffb8d94f50 R09: 00000000ffffffff [ 1056.826711][ T5777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffb8d94fe0 [ 1056.826724][ T5777] R13: 00007f180ae0471f R14: 0000000000101e5e R15: 00007fffb8d95020 [ 1056.826756][ T5777] [ 1056.952022][ T787] usb 6-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 1056.961835][ T787] usb 6-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 1056.981745][ T787] usb 6-1: Product: syz [ 1056.986194][ T787] usb 6-1: Manufacturer: syz [ 1057.001895][ T787] usb 6-1: SerialNumber: syz [ 1057.011585][ T787] usb 6-1: config 0 descriptor?? [ 1057.021192][ T787] keyspan 6-1:0.107: Keyspan 4 port adapter converter detected [ 1057.034366][ T787] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 81 [ 1057.046362][ T787] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 1 [ 1057.059673][ T787] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 1057.088846][ T787] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 2 [ 1057.099526][ T787] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 1057.119629][ T787] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 4 [ 1057.130829][ T787] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 1057.158696][ T787] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 6 [ 1057.182597][ T787] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 1057.199465][ T7470] loop3: detected capacity change from 0 to 2048 [ 1057.271414][ T7493] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1057.329248][ T787] usb 6-1: USB disconnect, device number 7 [ 1057.348835][ T7470] NILFS error (device loop3): nilfs_check_page: bad entry in directory #2: disallowed inode number - offset=56, inode=6, rec_len=24, name_len=5 [ 1057.384453][ T787] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 1057.460251][ T787] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 1057.502655][ T787] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 1057.516929][ T7470] Remounting filesystem read-only [ 1057.578118][ T787] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 1057.642799][ T787] keyspan 6-1:0.107: device disconnected [ 1057.855662][ T7530] loop1: detected capacity change from 0 to 128 [ 1057.967627][ T7530] FAT-fs (loop1): error, clusters badly computed (4 != 3) [ 1057.976097][ T7530] FAT-fs (loop1): Filesystem has been set read-only [ 1058.039921][ T7530] FAT-fs (loop1): error, clusters badly computed (5 != 4) [ 1058.077504][ T7530] FAT-fs (loop1): error, clusters badly computed (6 != 5) [ 1058.383540][ T7555] loop6: detected capacity change from 0 to 64 [ 1060.297855][ T7640] loop5: detected capacity change from 0 to 512 [ 1060.752335][ T27] audit: type=1326 audit(2000000893.147:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.12518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8df39aeb9 code=0x7ffc0000 [ 1060.807007][ T27] audit: type=1326 audit(2000000893.147:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.12518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8df39aeb9 code=0x7ffc0000 [ 1060.880655][ T27] audit: type=1326 audit(2000000893.177:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.12518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7fa8df39aeb9 code=0x7ffc0000 [ 1060.962690][ T27] audit: type=1326 audit(2000000893.187:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.12518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8df39aeb9 code=0x7ffc0000 [ 1061.037234][ T27] audit: type=1326 audit(2000000893.187:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.12518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8df39aeb9 code=0x7ffc0000 [ 1061.099148][ T7639] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 1061.107794][ T7589] loop1: detected capacity change from 0 to 40435 [ 1061.144365][ T7589] F2FS-fs (loop1): Segment count (31) mismatch with total segments from devices (16843008) [ 1061.187597][ T7589] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 1061.230234][ T7589] F2FS-fs (loop1): build fault injection attr: rate: 14, type: 0x7ffff [ 1061.638623][ T7690] loop5: detected capacity change from 0 to 764 [ 1061.709054][ T7690] Symlink component flag not implemented [ 1061.727874][ T7690] Symlink component flag not implemented [ 1061.734142][ T7690] Symlink component flag not implemented (128) [ 1061.768469][ T7690] Symlink component flag not implemented (122) [ 1063.293643][ T7777] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12552'. [ 1063.877003][ T1780] usb 2-1: new high-speed USB device number 62 using dummy_hcd [ 1064.025183][ T7814] netlink: 'syz.3.12560': attribute type 3 has an invalid length. [ 1064.033487][ T7814] netlink: 201372 bytes leftover after parsing attributes in process `syz.3.12560'. [ 1064.079848][ T1780] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1064.096928][ T1780] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1064.124211][ T1780] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1064.161620][ T1780] usb 2-1: config 1 has no interface number 1 [ 1064.207286][ T1780] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1064.235634][ T1780] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1064.285456][ T7820] netlink: 'syz.3.12562': attribute type 32 has an invalid length. [ 1064.306278][ T1780] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1064.325274][ T1780] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1064.333612][ T1780] usb 2-1: Product: syz [ 1064.351118][ T1780] usb 2-1: Manufacturer: syz [ 1064.356678][ T1780] usb 2-1: SerialNumber: syz [ 1064.503456][ T7801] loop5: detected capacity change from 0 to 32768 [ 1064.553545][ T787] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 1064.579513][ T7801] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 1064.620671][ T7801] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1064.669372][ T1780] usb 2-1: No endpoint at altset 1, falling back to MIDI 1.0 [ 1064.699996][ T1780] usb 2-1: MIDIStreaming interface descriptor not found [ 1064.739092][ T787] usb 7-1: New USB device found, idVendor=046d, idProduct=08b6, bcdDevice=ca.8e [ 1064.766918][ T787] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1064.827903][ T1162] ocfs2: Unmounting device (7,5) on (node local) [ 1064.913241][ T787] pwc: Logitech/Cisco VT Camera webcam detected. [ 1064.920409][ T29] INFO: task syz-executor:5778 blocked for more than 143 seconds. [ 1064.949553][ T29] Not tainted syzkaller #0 [ 1064.954647][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1064.986604][ T1780] usb 2-1: USB disconnect, device number 62 [ 1064.997258][ T7860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12567'. [ 1065.024741][ T29] task:syz-executor state:D stack:21704 pid:5778 ppid:1 flags:0x00004006 [ 1065.090162][ T29] Call Trace: [ 1065.093583][ T29] [ 1065.128438][ T29] __schedule+0x1553/0x45a0 [ 1065.150513][ T29] ? asan.module_dtor+0x20/0x20 [ 1065.178545][ T29] ? mark_lock+0x94/0x320 [ 1065.183363][ T29] ? lock_chain_count+0x20/0x20 [ 1065.203765][ T29] ? _raw_spin_lock_irq+0xbb/0xf0 [ 1065.242441][ T787] pwc: send_video_command error -71 [ 1065.256908][ T29] ? _raw_spin_lock_irqsave+0x100/0x100 [ 1065.262631][ T29] schedule+0xbd/0x170 [ 1065.267950][ T787] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 1065.275572][ T787] Philips webcam: probe of 7-1:127.0 failed with error -71 [ 1065.298030][ T29] io_schedule+0x80/0xd0 [ 1065.302378][ T29] folio_wait_bit_common+0x714/0xfa0 [ 1065.317309][ T787] usb 7-1: USB disconnect, device number 2 [ 1065.325311][ T29] ? folio_wait_bit+0x30/0x30 [ 1065.339559][ T29] ? filemap_get_entry+0x379/0x3f0 [ 1065.365528][ T29] ? _compound_head+0x120/0x120 [ 1065.386561][ T29] ? find_lock_entries+0xc3e/0xfe0 [ 1065.408114][ T29] __filemap_get_folio+0xbc/0xbb0 [ 1065.413269][ T29] truncate_inode_pages_range+0x46b/0xfb0 [ 1065.446970][ T29] ? mapping_evict_folio+0x510/0x510 [ 1065.452464][ T29] ? _raw_spin_lock_irq+0xbb/0xf0 [ 1065.488193][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 1065.494021][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 1065.518930][ T29] evict+0x4dd/0x8d0 [ 1065.523268][ T29] ? proc_nr_inodes+0x230/0x230 [ 1065.529051][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 1065.534330][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 1065.545655][ T29] evict_inodes+0x606/0x6a0 [ 1065.553764][ T29] ? clear_inode+0x150/0x150 [ 1065.574485][ T29] generic_shutdown_super+0x97/0x2b0 [ 1065.587571][ T29] kill_block_super+0x44/0x90 [ 1065.592309][ T29] deactivate_locked_super+0x97/0x100 [ 1065.602794][ T29] cleanup_mnt+0x43b/0x4d0 [ 1065.607423][ T29] task_work_run+0x1d4/0x260 [ 1065.612076][ T29] ? task_work_cancel+0x220/0x220 [ 1065.622576][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 1065.629638][ T29] exit_to_user_mode_loop+0xe6/0x110 [ 1065.634983][ T29] exit_to_user_mode_prepare+0xee/0x180 [ 1065.642185][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 1065.647904][ T29] do_syscall_64+0x61/0xa0 [ 1065.652387][ T29] ? clear_bhb_loop+0x40/0x90 [ 1065.657176][ T29] ? clear_bhb_loop+0x40/0x90 [ 1065.661912][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1065.667999][ T29] RIP: 0033:0x7f973bd9c117 [ 1065.672472][ T29] RSP: 002b:00007ffe766a90d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1065.681229][ T29] RAX: 0000000000000000 RBX: 00007f973be0471f RCX: 00007f973bd9c117 [ 1065.690248][ T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe766a9190 [ 1065.700339][ T29] RBP: 00007ffe766a9190 R08: 00007ffe766aa190 R09: 00000000ffffffff [ 1065.709068][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe766aa220 [ 1065.717175][ T29] R13: 00007f973be0471f R14: 00000000000e0e97 R15: 00007ffe766aa260 [ 1065.725315][ T29] [ 1065.732987][ T29] INFO: task syz-executor:5775 blocked for more than 144 seconds. [ 1065.753143][ T29] Not tainted syzkaller #0 [ 1065.758190][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1065.767151][ T29] task:syz-executor state:D stack:21704 pid:5775 ppid:1 flags:0x00004004 [ 1065.776448][ T29] Call Trace: [ 1065.780117][ T29] [ 1065.783098][ T29] __schedule+0x1553/0x45a0 [ 1065.788350][ T29] ? mark_lock+0x94/0x320 [ 1065.792740][ T29] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1065.803899][ T29] ? asan.module_dtor+0x20/0x20 [ 1065.809210][ T29] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1065.815439][ T29] schedule+0xbd/0x170 [ 1065.820086][ T29] io_schedule+0x80/0xd0 [ 1065.824388][ T29] folio_wait_bit_common+0x714/0xfa0 [ 1065.830517][ T29] ? folio_wait_bit+0x30/0x30 [ 1065.837009][ T29] ? filemap_get_entry+0x379/0x3f0 [ 1065.842191][ T29] ? _compound_head+0x120/0x120 [ 1065.857039][ T29] ? find_lock_entries+0xc3e/0xfe0 [ 1065.862257][ T29] __filemap_get_folio+0xbc/0xbb0 [ 1065.877296][ T29] truncate_inode_pages_range+0x46b/0xfb0 [ 1065.883144][ T29] ? mapping_evict_folio+0x510/0x510 [ 1065.897263][ T29] ? _raw_spin_lock_irq+0xbb/0xf0 [ 1065.903570][ T29] ? _raw_spin_unlock_irq+0x23/0x50 [ 1065.911971][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 1065.918644][ T29] evict+0x4dd/0x8d0 [ 1065.922689][ T29] ? proc_nr_inodes+0x230/0x230 [ 1065.928266][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 1065.933978][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 1065.939697][ T29] evict_inodes+0x606/0x6a0 [ 1065.944335][ T29] ? clear_inode+0x150/0x150 [ 1065.950359][ T29] generic_shutdown_super+0x97/0x2b0 [ 1065.955779][ T29] kill_block_super+0x44/0x90 [ 1065.960976][ T29] deactivate_locked_super+0x97/0x100 [ 1065.969957][ T29] cleanup_mnt+0x43b/0x4d0 [ 1065.974561][ T29] task_work_run+0x1d4/0x260 [ 1065.979688][ T29] ? task_work_cancel+0x220/0x220 [ 1065.984809][ T29] ? exit_to_user_mode_loop+0x3b/0x110 [ 1065.990761][ T29] exit_to_user_mode_loop+0xe6/0x110 [ 1065.996187][ T29] exit_to_user_mode_prepare+0xee/0x180 [ 1066.001839][ T29] syscall_exit_to_user_mode+0x1a/0x50 [ 1066.007861][ T29] do_syscall_64+0x61/0xa0 [ 1066.012337][ T29] ? clear_bhb_loop+0x40/0x90 [ 1066.017246][ T29] ? clear_bhb_loop+0x40/0x90 [ 1066.022064][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1066.028610][ T29] RIP: 0033:0x7fb7ef59c117 [ 1066.033622][ T29] RSP: 002b:00007fff30279dc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1066.042259][ T29] RAX: 0000000000000000 RBX: 00007fb7ef60471f RCX: 00007fb7ef59c117 [ 1066.050855][ T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff30279e80 [ 1066.059030][ T29] RBP: 00007fff30279e80 R08: 00007fff3027ae80 R09: 00000000ffffffff [ 1066.067231][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff3027af10 [ 1066.075273][ T29] R13: 00007fb7ef60471f R14: 00000000000e0876 R15: 00007fff3027af50 [ 1066.083506][ T29] [ 1066.086705][ T29] [ 1066.086705][ T29] Showing all locks held in the system: [ 1066.125110][ T29] 1 lock held by khungtaskd/29: [ 1066.138313][ T29] #0: ffffffff8d131fe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 1066.148498][ T29] 1 lock held by syslogd/5126: [ 1066.153586][ T29] #0: ffff8880b8e3c018 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 1066.163781][ T29] 1 lock held by klogd/5133: [ 1066.168640][ T29] #0: ffff8880b8e3c018 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 1066.178758][ T29] 2 locks held by getty/5535: [ 1066.183475][ T29] #0: ffff8880318610a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1066.194330][ T29] #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390 [ 1066.204627][ T29] 1 lock held by syz-executor/5778: [ 1066.220326][ T29] #0: ffff888077e940e0 (&type->s_umount_key#93){+.+.}-{3:3}, at: deactivate_super+0xa4/0xe0 [ 1066.231006][ T29] 1 lock held by syz-executor/5775: [ 1066.236243][ T29] #0: ffff8880558f40e0 (&type->s_umount_key#93){+.+.}-{3:3}, at: deactivate_super+0xa4/0xe0 [ 1066.248093][ T29] 4 locks held by kworker/u4:1/15195: [ 1066.253894][ T29] 2 locks held by kworker/0:5/1780: [ 1066.259265][ T29] #0: ffff888017c72538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 1066.270886][ T29] #1: ffffc9001aa4fd00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 1066.283054][ T29] 3 locks held by kworker/u4:4/6531: [ 1066.288785][ T29] 2 locks held by dhcpcd/7868: [ 1066.293601][ T29] #0: ffff888079bfdc20 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: sock_close+0x9b/0x230 [ 1066.304151][ T29] #1: ffffffff8d1379b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3da/0x880 [ 1066.315547][ T29] [ 1066.318945][ T29] ============================================= [ 1066.318945][ T29] [ 1066.327954][ T29] NMI backtrace for cpu 1 [ 1066.332331][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 1066.339562][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1066.349654][ T29] Call Trace: [ 1066.352962][ T29] [ 1066.355923][ T29] dump_stack_lvl+0x18c/0x250 [ 1066.360651][ T29] ? show_regs_print_info+0x20/0x20 [ 1066.365889][ T29] ? load_image+0x400/0x400 [ 1066.370433][ T29] nmi_cpu_backtrace+0x3a6/0x3e0 [ 1066.375433][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 1066.381636][ T29] ? _printk+0xde/0x130 [ 1066.385838][ T29] ? load_image+0x400/0x400 [ 1066.390371][ T29] ? load_image+0x400/0x400 [ 1066.394929][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 1066.401033][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 1066.407147][ T29] watchdog+0xf3d/0xf80 [ 1066.411347][ T29] ? watchdog+0x1e1/0xf80 [ 1066.415734][ T29] kthread+0x2fa/0x390 [ 1066.419829][ T29] ? hungtask_pm_notify+0x90/0x90 [ 1066.424878][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1066.429491][ T29] ret_from_fork+0x48/0x80 [ 1066.433946][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1066.438566][ T29] ret_from_fork_asm+0x11/0x20 [ 1066.443376][ T29] [ 1066.447961][ T29] Sending NMI from CPU 1 to CPUs 0: [ 1066.453237][ C0] NMI backtrace for cpu 0 [ 1066.453248][ C0] CPU: 0 PID: 15195 Comm: kworker/u4:1 Not tainted syzkaller #0 [ 1066.453265][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1066.453276][ C0] Workqueue: events_unbound nsim_dev_trap_report_work [ 1066.453296][ C0] RIP: 0010:filter_irq_stacks+0x6/0x90 [ 1066.453321][ C0] Code: 80 e1 07 80 c1 03 38 c1 0f 8c 68 ff ff ff 4c 89 f7 e8 9e 75 69 00 e9 5b ff ff ff e8 04 46 0e 09 0f 1f 40 00 f3 0f 1e fa 41 57 <41> 56 41 55 41 54 53 85 f6 74 70 49 89 fe 41 89 f4 31 db 49 bd 00 [ 1066.453335][ C0] RSP: 0018:ffffc9001a36f688 EFLAGS: 00000282 [ 1066.453349][ C0] RAX: 000000000000000d RBX: ffffc9001a36f6f0 RCX: 0000000000000001 [ 1066.453361][ C0] RDX: 0000000000000000 RSI: 000000000000000d RDI: ffffc9001a36f6f0 [ 1066.453372][ C0] RBP: 0000000000000000 R08: ffff8880228b0000 R09: 0000000000000002 [ 1066.453395][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 1066.453405][ C0] R13: ffffc9001a36f9d0 R14: ffff888024b66008 R15: 0000000000000001 [ 1066.453419][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 1066.453432][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1066.453444][ C0] CR2: 00007f74df7bf6c8 CR3: 000000000cf32000 CR4: 00000000003506f0 [ 1066.453460][ C0] Call Trace: [ 1066.453465][ C0] [ 1066.453472][ C0] __stack_depot_save+0x1f/0x630 [ 1066.453495][ C0] kasan_set_track+0x5f/0x70 [ 1066.453513][ C0] ? kasan_set_track+0x4e/0x70 [ 1066.453530][ C0] ? kasan_save_free_info+0x2e/0x50 [ 1066.453550][ C0] ? ____kasan_slab_free+0x126/0x1e0 [ 1066.453568][ C0] ? slab_free_freelist_hook+0x130/0x1a0 [ 1066.453584][ C0] ? __kmem_cache_free+0xba/0x1e0 [ 1066.453606][ C0] ? skb_release_data+0x634/0x800 [ 1066.453631][ C0] ? consume_skb+0xb2/0x110 [ 1066.453654][ C0] ? nsim_dev_trap_report_work+0x76f/0xb00 [ 1066.453669][ C0] ? process_scheduled_works+0xa5d/0x15d0 [ 1066.453690][ C0] ? worker_thread+0xa55/0xfc0 [ 1066.453709][ C0] ? kthread+0x2fa/0x390 [ 1066.453723][ C0] ? ret_from_fork+0x48/0x80 [ 1066.453743][ C0] ? ret_from_fork_asm+0x11/0x20 [ 1066.453785][ C0] ? __kmem_cache_free+0xba/0x1e0 [ 1066.453808][ C0] kasan_save_free_info+0x2e/0x50 [ 1066.453830][ C0] ____kasan_slab_free+0x126/0x1e0 [ 1066.453850][ C0] slab_free_freelist_hook+0x130/0x1a0 [ 1066.453866][ C0] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 1066.453905][ C0] ? skb_release_data+0x634/0x800 [ 1066.453930][ C0] __kmem_cache_free+0xba/0x1e0 [ 1066.453958][ C0] skb_release_data+0x634/0x800 [ 1066.453990][ C0] consume_skb+0xb2/0x110 [ 1066.454016][ C0] nsim_dev_trap_report_work+0x76f/0xb00 [ 1066.454042][ C0] ? process_scheduled_works+0x96f/0x15d0 [ 1066.454064][ C0] process_scheduled_works+0xa5d/0x15d0 [ 1066.454100][ C0] ? assign_work+0x430/0x430 [ 1066.454123][ C0] ? assign_work+0x3d0/0x430 [ 1066.454147][ C0] worker_thread+0xa55/0xfc0 [ 1066.454176][ C0] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 1066.454195][ C0] ? _raw_spin_unlock+0x40/0x40 [ 1066.454211][ C0] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 1066.454250][ C0] kthread+0x2fa/0x390 [ 1066.454265][ C0] ? pr_cont_work+0x560/0x560 [ 1066.454285][ C0] ? kthread_blkcg+0xd0/0xd0 [ 1066.454301][ C0] ret_from_fork+0x48/0x80 [ 1066.454321][ C0] ? kthread_blkcg+0xd0/0xd0 [ 1066.454337][ C0] ret_from_fork_asm+0x11/0x20 [ 1066.454377][ C0] [ 1066.812918][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 1066.819825][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 1066.827077][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1066.837163][ T29] Call Trace: [ 1066.840463][ T29] [ 1066.843402][ T29] dump_stack_lvl+0x18c/0x250 [ 1066.848094][ T29] ? show_regs_print_info+0x20/0x20 [ 1066.853310][ T29] ? load_image+0x400/0x400 [ 1066.857829][ T29] panic+0x2dc/0x730 [ 1066.861730][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 1066.867403][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 1066.871956][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 1066.877560][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 1066.883805][ T29] watchdog+0xf7c/0xf80 [ 1066.887994][ T29] ? watchdog+0x1e1/0xf80 [ 1066.892355][ T29] kthread+0x2fa/0x390 [ 1066.896450][ T29] ? hungtask_pm_notify+0x90/0x90 [ 1066.901503][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1066.906096][ T29] ret_from_fork+0x48/0x80 [ 1066.910532][ T29] ? kthread_blkcg+0xd0/0xd0 [ 1066.915128][ T29] ret_from_fork_asm+0x11/0x20 [ 1066.919932][ T29] [ 1066.923564][ T29] Kernel Offset: disabled [ 1066.927921][ T29] Rebooting in 86400 seconds..