last executing test programs: 4.65079248s ago: executing program 1 (id=2164): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000280)='.\x00', 0x25000001) inotify_rm_watch(r0, r1) ppoll(&(0x7f0000000000)=[{r0, 0x4021}], 0x1, 0x0, 0x0, 0x0) 4.649793617s ago: executing program 5 (id=2166): syz_mount_image$f2fs(&(0x7f0000000780), &(0x7f0000000100)='./file0\x00', 0x2008410, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRESHEX=0x0], 0xfd, 0x5562, &(0x7f0000005a80)="$eJzs3EtvG2UXAOB3nCa994s+sWDXkSqkRKqtOJcKdgFacRGpIi4LVuDYjuXW9kSx45iskGCJWPBPEEisWPIbWLBmh1iA2CGBPDOmDW2qRnFs0j6PND4z74zPvGdkxTozkQPw3JqP//gtCtfCxRDCTAjhShTS9ShfUutZeDGEcD2EUHhoifLxfwbmQgiXQgjXhsmznFG+66ub/Rtrv779+/c/nj93+evvfppe1cC0vRRCaO9k6/vtLCaNLN7Lxyv9Zhrbq/08Zjva9/PtJIv79a00w35ldFwljSuN7PhkZ687jNutSnUYG83tdHynk52w22+M8qRvuFfZTbdr9a00NrtJGhsH2bwGB9nftoNuL8tTy/N9kqYPvd4oZuP1QT2rZ+d+GqudXj6e5U1q9cEw9vOYny5Uk1YtncfWSa70f9s7zc7eIO7Xd7vNpBOvlcovl8q3iuXdpFbv1VeLlXbt1mq80Gg1R19I640kabTqpWrSXowXGtVqsVyOF27Xt5qVTlwul1ZKS8W1xXztZvzG3Q/iVi1eGMbXmp29uWarG28nu3H2jsV4ubTyymJ8oxy/t7EZb757587G5vsf3f7w7qsbb72eH/TItOKF5aXl5WJ5qbhcXjyF+i/kOx+uv7M3KPbqlfbj6h9+7z5l/b2T1P95Pq9j1B+d7PLAk/mAARzbI/1/0P8Dp++s9/9hnP3/sKXS/z+5/x/2v4Uj+t9j9P8n6n8n1f8fVf9R/f8Zrh9ORP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDc+nn2mzfTlfls+3I+fjUf+n++HYUQCiGEvx5jJswdyjmT55k94vjZf83hhyikGYbnOJ8vl0II6/ny5/9O+yoAAADAs+vbT69/mXXr2cv8tCfEJGU3bQpXPh5TviiEMDv/y5iyFYYvL4wpWfr5PhcGY8qW3sC6MKZk2S23c+PK9lRmRuGzqw8G04KiLBQmOh0AAGAiZg6FyXYhAAAATNIX054A0xGF0aPM0bPg9D/vHzzavHhoHwAAAHAGRdOeAAAAAHDq0v7f7/8BAADAsy37/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mbnbm4TB+I4gI4NBvZLi1Z731b2BmWkhBxzS6CANEEJpIU0QA3klhJQHOEZITkBKRLjWEHvSR4zNvrNDOLyH0sGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSU7WeP9z9uz83p67r2/oMeVYDAAAAHLOt1vPmwzT2f6Trv9KlP6lfhBDKWOe/MwijVuYg5VQnvl+9mcNjCE3CfoxxOr6HEP6nY/e7618BAAAALtdmuZrFaj02074nxGeKmzblz6tMeUUIoZo+Z0or983fTGHN/3sYbjKlNRtYk0xhccttePzeKNcgbYPWKa1ksghhl7boym7GBQAA+tSuBE5UIQAAAFyA674nQD+KQ3N4zjiOp/RA8FurBwAAAHxBRd8TAAAAADp1qP29/w8AAAAuW3z/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF3aVuv5Zrmanbq/+GDOS32efCsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4JX9eUeBEAiDMNi7vjOZ+x9WGjQ0NqkC4eNvDAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAePO7v/yfmBpnkrnXxtLzSLJ2amydGnvnxtEfxtevAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvbnJQVCIAiiYM7430nf/7CSoGcQIQIaHlXUogEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+6He//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALnbunzeOIgoA+Nu9P4kDCGOQCwMKEgU0xL6EhJRQgCwKPgKS5ZyD4UIgcUEiC+QGKuQ6DYISISSQ6fIdUsdSmtClcGEkatDe7TrjxBDLSnYv9u8nzc7b82jnzd7J8vOsDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAla334pW8jFvFYXIUV6/d3l5dLPrNB/rCzfU7M0Ur4uxRE3337uNPfry9mp6cnE5Ovqk/GQAAAI6GVlXfR8TdzsZ80eeTw/q/U40pav4fnxvFVT3/YN2/ub16vPzSTFX///H7vZd2JpoczVNcdGl50J97OJX2E1ri2Hv+kSPawzs//N1La/iG5B+uvbjVGd7P7Ptbt97vDsNjdWQLABzEqaovg+rnoaLvNZkYAEdGOym8q/q/NdlsTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB12FqLZ6o4i4iZ9v24sLm9urhXf3P9zkzVzt24sZ5es7hEJyKWlgf9To1rGXdXr13/bGEw6F+pPzgZEc3NXgYf72NMxP+PKT+e0dwq/jvIxiONRoO8fH/GJZ/HGVSfvb3GTETEwa/c0DckAAAOrU7Zirr+bmdjvngtm4r456fd9f8bSRy76v5813la/9/75NztdK60/u/VtcCnwOzKpS9mr167/tbypYWL/Yv9z98+3Xund+b82bPnZ4t7NTe7FHl/ruk0AQAAeIp1y5bW//nUw/v/J5I49rn//+UPva/TuVrq/z3d3/RrOhMAAICjqLsTvfDa339le4zIut34amFl5UpvdNw5Pz061pruAR0rW1r/t6aazgoAAACow9Zatmv//0ISxz73/5/9+eVf02u2ImIi4nJE9E8tXh5cqG85Y62OP1QeTtRteqUAAAA0ZaJs6f5/Z/j8f77zyEMeEW++Poqr/3W1n/q/9cG3v6Rzpc//n6lvieMoj+nR/ciLfjqiPd10SgAAABxmx8uWZRF/djbmP/3txEddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3fAAAA//8BODTT") syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x7935b9abc50aa491, 0x0, 0xfa, 0x0, &(0x7f0000000000)) r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) fsync(r0) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) 4.396205808s ago: executing program 4 (id=2168): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x0, 0x2449}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000080)={{@host}, @host, 0x0, 0x0, 0x7, 0x4, 0x0, 0x3}) 4.31210188s ago: executing program 1 (id=2169): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvtap0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000240)={'wg2\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r2}, @IFLA_HSR_SLAVE2={0x8, 0x2, r3}, @IFLA_HSR_VERSION={0x5}]}}}]}, 0x48}}, 0x0) 3.954384621s ago: executing program 4 (id=2170): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'team_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000110000100000475000000000000", @ANYRES32=r1, @ANYBLOB="da"], 0x20}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="2000000010000104000000000000000000480000", @ANYRES32=r1, @ANYBLOB='+'], 0x20}}, 0x0) 3.610402927s ago: executing program 0 (id=2172): r0 = socket$inet6(0xa, 0x6, 0x0) listen(r0, 0x0) r1 = syz_io_uring_setup(0x2705, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000001440)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000001400)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r0, 0x0}) io_uring_enter(r1, 0xa3d, 0x0, 0x0, 0x0, 0x0) 3.609576266s ago: executing program 1 (id=2173): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-simd\x00'}, 0x58) r1 = accept(r0, 0x0, 0x0) sendmmsg$inet_sctp(r1, &(0x7f0000002040)=[{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000240)="4f0bdb33f06cf95c19f2ae0000000000", 0x10}, {&(0x7f00000002c0)="10e1d5957d4521f6425d20ed4cce6e96", 0x10}], 0x2}], 0x1, 0x8001) recvmmsg$unix(r1, &(0x7f0000001b40), 0x2, 0x0, 0x0) 3.524273761s ago: executing program 4 (id=2174): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000a40)=[@in6={0xa, 0x0, 0x0, @private2}], 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x4e20, 0x0, @local}], 0x2c) 3.37077185s ago: executing program 4 (id=2175): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000500)='mm_collapse_huge_page_isolate\x00', r1}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19) 3.31438133s ago: executing program 1 (id=2176): syz_mount_image$tmpfs(0x0, &(0x7f0000002340)='./file0\x00', 0x10000, 0x0, 0x3, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=2']) chdir(&(0x7f0000000140)='./file0\x00') mkdir(&(0x7f0000000400)='./file1\x00', 0x0) symlink(&(0x7f0000001000)='.\x00', &(0x7f0000000140)='./file0\x00') 2.979360009s ago: executing program 1 (id=2178): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0) memfd_create(0x0, 0x0) r0 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000)) ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f00001b8000/0x2000)=nil, &(0x7f000064f000/0x3000)=nil, 0x0, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x28}) listen(0xffffffffffffffff, 0xa0) 2.917207192s ago: executing program 4 (id=2180): r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000001200)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6, 0x24, 0x1a, 0x0, 0x3c}}}}}}]}}, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 2.777569148s ago: executing program 0 (id=2181): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0xf, {[@local=@item_012={0x1, 0x2, 0x0, "04"}, @global=@item_4={0x3, 0x1, 0x5, "3a76f1eb"}, @local=@item_012={0x2, 0x2, 0x2, "5fd3"}, @global=@item_4={0x3, 0x1, 0x3, "1ed4cec8"}]}}, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGREPORTINFO(r1, 0xc00c4809, &(0x7f0000000000)={0x2, 0x2, 0x6}) 2.651377229s ago: executing program 2 (id=2183): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000002200)=[{0x84, 0x77, 0x0, 0x0, @time, {}, {}, @raw32={[0x2]}}, {0x0, 0x0, 0x0, 0x0, @time={0x0, 0x7}, {}, {}, @note={0x81}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x54) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01) write$sndseq(r1, &(0x7f0000000080)=[{0x1e, 0x0, 0x0, 0xfd, @time, {}, {}, @result}], 0x1c) 2.607120708s ago: executing program 5 (id=2184): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045002, &(0x7f0000000400)) read$dsp(r0, &(0x7f0000001500)=""/4096, 0x1000) read$dsp(r0, &(0x7f00000000c0)=""/96, 0x60) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x4008031, 0xffffffffffffffff, 0x0) 2.356219936s ago: executing program 2 (id=2186): syz_read_part_table(0x609, &(0x7f0000000d40)="$eJzs1E9rXFUYB+DfnczMnSmGBC0oIjRQ6CrEhXQRcLBBVLppQ6niwp0gCHVhoWBXE9ouRYpbIW4qlFLIF9CNlLRQ3LgKLktxbxGhRDwy98aZli5cJBAtz7M45z3vPf8u59wb/tc6qcelVMOM/8n0+nvBS23VTymlTAdc//jyhWnj/VvHbyfra+fOJ0c2Pkqy9NoLycJ0rtlCd55etyzslgzzaDBLVZOim2QjyWcPbjRhdzbL4jObr/fx4jwXtkZf/Jjm3oyGGaSXb5LV79pn4w9efvPDTlXNbmF1ahr2Dmr97WPNxU2dnemcS8n8SvetJPf2MsuTTr+28Xb7rVVnnpyo01Zz7WfwtOEzmQPaPfu1NdpeuHrtYv/rbtN8+O3RB79c6eXEzUuvL7/YuzO+XrWHdyzJoD/5yVXNYc8d8r4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDnz9Zoe6G/F+98Xj9845PuXmux/FVKSVInmXQZtPkqw4UjZVJn42DWv3r/y2Hq0ac7j0sp5VRKOfvb5vxK724vZzf31l2uMn5i2OZuW/f3vwMOU3P+1y6+99Xl0R+329TgyuMzJwZVE9dNOUx+7w/GRy8l6czGDg9lxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf907755eWl87dz5J1R0k6Sze2J48OPlK26Ekr/5w8uaFe2urTXtlUvzZP13Xu+X+249uLf50/Oe7c1mv2+7fd5JSrc6n220TW03ZO4x349/9HQAA///wjWn4") creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x101482, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x42082, 0x0) 2.156764599s ago: executing program 2 (id=2187): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000040)={[{@bh}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4fb, &(0x7f0000000f80)="$eJzs3c9vG1kdAPCvnV9Omt1klz0AArYsCwVVdRJ3N1rtAcoJIVQJ0SNIbUjcKIodR7FTmtBD+j8gUYkTcOMP4NwTdy4IblzKAYkfEaipxMFoxpPUTewm2yR2FH8+0mjmzbPn+17dec/+uvULYGBdjYidiBiNiHsRMZWdz2Vb3GptyeOe7z5a3Nt9tJiLZvPOv3JpfXIu2p6TuJJdsxARP/pexE9zR+PWt7ZXFyqV8karOD7TqK7P1Le2b6xUF5bLy+W1Uml+bn72k5sfl86sr+9XR7OjLz/74863fp40azI7096Ps9Tq+shBnMRwRPzgPIL1wVDWn9F+N4Q3ko+IdyPig/T+n4qh9NUEAC6zZnMqmlPtZQDgssunObBcvpjlAiYjny8WWzm892IiX6nVG9fv1zbXllq5sukYyd9fqZRns1zhdIzkkvJcevyyXDpUvhkR70TEL8bG03JxsVZZ6ucbHwAYYFcOzf//HWvN/wDAJVfodwMAgJ47Ov9f6Us7AIDe8fkfAAaP+R8ABo/5HwAGj/kfAAaP+R8ABsoPb99OtuZe9vvXSw+2NldrD24sleurxermYnGxtrFeXK7VltPf7Kked71KrbY+91FsPpz+9nq9MVPf2r5brW2uNe6mv+t9tzzSk14BAK/zzvtP/5KLiJ1Px9Mt2tZyMFfD5ZbvdwOAvhnqdwOAvrHaFwyuU3zGlx6AS6LDEr2vKETE+OGTzWazeX5NAs7ZtS/I/8Ogasv/+1fAMGDk/2Fwyf/D4Go2cydd8z9O+kAA4GKT4we6fP//brb/XfblwE+WDj/iyXm2CgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC62/fV/i9la4JORzxeLEW9FxHSM5O6vVMqzEfF2RPx5bGQsKc/1uc0AwGnl/57L1v+6NvXh5OHa0dyLsXQfET/71Z1fPlxoNDb+lJz/98H5xpPsfKkf7QcAjrM/T6f7tg/yz3cfLe5vvWzPP74bEYVW/L3d0dg7iD8cw+m+ECMRMfGfXFZuybXlLk5j53FEfL5T/3MxmeZAWiufHo6fxH6rp/Hzr8TPp3WtffJn8bkzaAsMmqfJ+HOr0/2Xj6vpvvP9X0hHqNPLxr/kUot76Rj4Mv7++DfUZfy7etIYH/3h+62j8aN1jyO+OByxH3uvbfzZj5/rEv/DE8b/65e+8kG3uuavI65F5/jtsWYa1fWZ+tb2jZXqwnJ5ubxWKs3Pzc9+cvPj0kyao57pPhv889Prb3erS/o/0SV+4Zj+f/2E/f/N/+79+Kuvif/Nr3WKn4/3XhM/mRO/ccL4CxO/L3SrS+Ivden/ca//9W4XnfvtK8Vnf9s+smw4ANA/9a3t1YVKpbzRy4P9NxI9DergEhwkf2suQDM6HnynV7FG4zM9q9l8o1jdRoyzyLoBF8HBTR8RL/rdGAAAAAAAAAAAAAAAoKNe/I+lfvcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy+v/AQAA//8sBs+1") munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f00000009c0)=""/112, 0x70) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 1.740814421s ago: executing program 2 (id=2188): writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000000)="26eb6d12cb78af20c43504e686a3130f2b123c2587ebe03ac0cce7de9bdfe28a", 0x20}], 0x1) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/20]) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r0, 0x0) getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98) 1.343879312s ago: executing program 2 (id=2189): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1f, 0x5, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000007d00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000000000000850000002300000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.343692196s ago: executing program 1 (id=2190): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x2c004810) r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="002222030000002313839fea28c8931e8503e82a7031870600000083000000008249ba9393"], 0x0}, 0x0) 1.25650194s ago: executing program 2 (id=2192): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect$uac1(0x3, 0x71, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x9, 0x10, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x5, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x29, 0xe, 0xa0, {0x7, 0x25, 0x1, 0x80, 0x9, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x7, 0x7, 0x2, {0x7, 0x25, 0x1, 0x81, 0xfa, 0x5}}}}}}}]}}, 0x0) syz_usb_control_io(r1, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000000)={0x0, 0x0, 0x1, "02"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.008224939s ago: executing program 3 (id=2194): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)='\\', 0x1}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x12, 0x6, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r1}, &(0x7f0000000440), &(0x7f0000000480)=r0}, 0x20) bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000000c0)={r1, &(0x7f0000000100), 0x20000000}, 0x20) 970.154742ms ago: executing program 5 (id=2195): setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x4) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x84, &(0x7f00000000c0)={r2, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, &(0x7f00000001c0)=0x9c) 952.746574ms ago: executing program 3 (id=2196): prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x19, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r1}, 0x10) brk(0x20ffc004) 806.041198ms ago: executing program 0 (id=2197): bpf$PROG_LOAD(0x5, 0x0, 0x0) setrlimit(0x8, &(0x7f0000000080)) mlockall(0x7) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) 779.389135ms ago: executing program 5 (id=2198): r0 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0) fallocate(r0, 0x0, 0x0, 0x1000f8) sched_setscheduler(0x0, 0x5, &(0x7f0000000100)) ioprio_set$pid(0x1, 0x0, 0x0) sendfile(r0, r0, 0x0, 0x100000000) 700.61023ms ago: executing program 3 (id=2199): ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x0, 0x0, {}, {0xee01}, 0x0, 0xffffffffffff0000}) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000800000000000000000000000000000002"]) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_timeval(r0, 0x1, 0x2, 0x0, 0x0) getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98) 553.00703ms ago: executing program 3 (id=2200): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB='*'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x12, r0, 0x0) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000), 0x44, 0x0) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000000), 0x44, 0x0) 492.144295ms ago: executing program 0 (id=2201): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r1, &(0x7f0000003540)=[{{&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, &(0x7f0000000880)=[{&(0x7f0000000080)="93", 0x1}, {&(0x7f0000002400)="9917b1ad3d06a27855d01141e914353e8c663ed1065e32301b8acd1815ed897020c9092fe19ef95bd3c69397d675e3c19835f4c930a9bcbd49c4d872b7679a32e22015d7df39001b2d750fe2484101ef67cb628910e4cde2d8285b9017f55e84b67b72840813a8d080b71200f197d5b65f243ac4ac17d0cba3d08c98ceedf43365fc78aa0f52585ef7d8d525c049e1ae193a110f2dcfce4e6114b15de04b2720d6bd946506004cf479e742dcf73534e370150d97a55b559b5a1bedbc9290cbcac428f960e016fb88cfc21d86da2974ec3f2632992a27a4e5864623e05722eb07d27139b45171ec0cefa44e98f05dd4ff957056265edbacd81a611e4dfacb2b4879517e00c52e84728b1de1193bc88e509860ff143fc216c5100c41667a3ba5b157db616145a6d5ddb592e6b9589cdc93e3e8ef63da3cb4033d9f676cec3dcbb003ae54940e30203e1dc7b939c9c32029ad645b46ee269892e7a786bd36c2f7d962aad3b8d6e9d946adfa984a52cf7d35c5b2f492ab267c1ca948a5c0323d628364a612004c1c7feb2671a984f4dc05330a968e4b8cbe9200f111597c8ecc7ea7681ec281e168edbadc83d98de2b0dda7b187f509e487d63300932f3c76a1b66b4e01dffb07b4c80b5f5273a84b3cb0732b691738bba87517d53cf2b88b481cb325b8b912f54cee9d2546f2fdb96931bda2821eb66554abd4a21a8281c3c461df633a97f5cb3cf924fb324782399df0dc72d18d22b320e605dddf1123417dffc6452835a63fca230fbb002fd9c204b0819c56c4ce398423518b59dc8220bbf0c8b66f54c8009f1170f4c5582bfc703938bdf4d88ffe3eb87f4d2a62d442bb08ba405e11984c919fed63f9e86fd16c00843fa07cd9170919f4d07a12ad38db3f9effcfe1d631a48150e33ce07b3516fefab9587043a908dac8b0ffe361ec8e0fe7531f6d6d858cdabf7600f3a2bd90bce672cba7d366ae4ac6e33813f18340349422230cfe1d8c5757eb139321d44b57159089c68c13d7806cdbebeb42953f6f1670a313278a13076defab61b2016cf636ed37c7e7e1c49a4fb1d6a3d249e189087b37e724b6b24824bce4f77ab6f8a8d2f571d23c5120d75440e8eeda120467b5046b316e39aea9b6c7fa65eb4db56a3fed78c25fcde3afa956dee186fcad0b83f3d50a153f269113f5d9f1ccdff5ba86390c95b3a4ac782cd1121253f728b9b28a3cf59ebd82b0439d2f439e9cd00ca11a3f73515b6256b0faa56063ab761d5860a002c27fede7ce87b6336a4a146f2286ee32bb12e5a8bef04ba8cdb901c602a80eec7e74c947f88f6939ad240db8bc4baf655b941d1fc166fcbd2a64b5691e9145847ebc3ff5f8c07b8265c00176fa4617b6b7249aa801a090d4c65e36cfbbbca28913a892c3a7dd856fdf1f9a7279acfeee9fe51d14f87e4928f07f80145f54afb9a94fce7e76d38b64858327883b8f7141ccac8de649b7eb216d1b6c63f6d4d56dd9f11a2b36a6b3913917c378931e1ba3ec16aec67ef2bab2f1336a6990f7a78ab8acbc81d4ef49dc9bf02e6bae05118c706aeafa332e785ab59140d41ec0d00261ef9dd1735e19954cf1e8042b84185fa8bea4878e22ae53841b9c9752c950e5b21c7e7212b0297f22675cf8baae246e3c46a33e7228633954253add2592dbb7335b24569c834977a53ef23a84f7819deabd2c499422f23e7b682dc7f81b5d47b2ed330b83bb4f6c8f976539a8bf0d1f9b88d534c672d329ba41009f75c928ede7", 0x4e4}], 0x2}}, {{&(0x7f0000000740)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001a40)=[{&(0x7f0000000780)="e4", 0x1}], 0x1}}], 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000000), 0x4) ppoll(&(0x7f00000008c0)=[{r0}, {r1}], 0x2, 0x0, 0x0, 0x0) 415.441053ms ago: executing program 3 (id=2202): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000380)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x8, 0x0, 0x2, {[@window={0x9, 0x3}, @md5sig={0x13, 0x12, "0caf166524627aa7455500f6270f39e1"}]}}}}}}, 0x4e) 357.027044ms ago: executing program 0 (id=2203): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=@bridge_delvlan={0x18, 0x56, 0x1}, 0x18}}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, &(0x7f0000000840)=""/121, &(0x7f0000000900), &(0x7f0000000540), 0x6c, r0}, 0x38) 240.936036ms ago: executing program 5 (id=2204): prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5bbf91a1e7f99074, &(0x7f0000000000)) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00') shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil) shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff) read$FUSE(r0, &(0x7f0000002640)={0x2020}, 0x2020) 60.322731ms ago: executing program 4 (id=2205): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff00000000000109022d000100000000090400001503000000092140000001220f000905", @ANYRES32], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000580)={0x2c, &(0x7f0000000140)={0x0, 0x24, 0xf, {0xf, 0x9, "ac5648e0ccb99e5bd430cd2420"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f00000000c0)={0x3, 0x200, 0x5}) 58.350867ms ago: executing program 5 (id=2206): r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x0) acct(&(0x7f0000000040)='./file0\x00') creat(&(0x7f0000000300)='./file0\x00', 0x0) creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) 247.354µs ago: executing program 3 (id=2207): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) getrlimit(0x0, &(0x7f00000001c0)) 0s ago: executing program 0 (id=2208): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000040)={@in6={{0xa, 0x0, 0x0, @ipv4}}, 0x0, 0x0, 0x15, 0x0, "94ac873f1692ddbc702d69407eca10eedeb5dcd05446c2b07ec23159acd334e8058957bcee65a1721541ac7db2be2af67fd949859fc48a758e5d9ec2dc28f3fb330ea6b887a32239b1f039ba45bc1bc1"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x3d, 0x0, "2e52f463273974700fa6345b251d8975a34ce626db167dbf6e168d9e7f0000000000000043ff6a8a6123980b1d34d6932fac4bcaeba676b4b24488db18f9f12d733e613a3a1ff56300110b87c85d9831"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x19, 0x0, "41d2989d48db1764d991250db913d6dfbb2f5caa40b6ed2b6456aa8bb8a90f0c731f71573c64d277eeebae965ed6036a31420eb51c739e71e500c814c07f5659e1e1721bccc9b4894588115461cf0776"}, 0xd8) close(r0) kernel console output (not intermixed with test programs): unting filesystem 00000000-0000-0000-0000-000000000007. [ 226.442252][ T5294] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 226.463950][ T5294] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.497762][ C0] vkms_vblank_simulate: vblank timer overrun [ 226.546742][ T5294] usb 6-1: Product: syz [ 226.550954][ T5294] usb 6-1: Manufacturer: syz [ 226.555567][ T5294] usb 6-1: SerialNumber: syz [ 226.585949][ T5294] usb 6-1: config 0 descriptor?? [ 226.657678][ T9194] loop3: detected capacity change from 0 to 256 [ 226.684915][ T9194] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 226.711696][ T9194] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 226.884796][ T5244] em28xx 1-1:0.0: chip ID is em2750 [ 226.892822][ T9204] loop4: detected capacity change from 0 to 512 [ 226.918905][ T9] usb 6-1: USB disconnect, device number 7 [ 226.941848][ T9204] EXT4-fs: Ignoring removed oldalloc option [ 226.954377][ T9204] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 227.020395][ T9204] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 227.037852][ T9204] ext4 filesystem being mounted at /182/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 227.085661][ T5244] em28xx 1-1:0.0: Config register raw data: 0xfffffffb [ 227.097820][ T5244] em28xx 1-1:0.0: AC97 chip type couldn't be determined [ 227.104801][ T5244] em28xx 1-1:0.0: No AC97 audio processor [ 227.123468][ T5244] usb 1-1: USB disconnect, device number 7 [ 227.137370][ T5244] em28xx 1-1:0.0: Disconnecting em28xx [ 227.146225][ T5244] em28xx 1-1:0.0: Freeing device [ 227.216366][ T6501] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 227.549817][ T9205] loop2: detected capacity change from 0 to 32768 [ 227.558847][ T9205] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1315 (9205) [ 227.577140][ T1844] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 227.594952][ T9205] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 227.608957][ T9205] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 227.623146][ T9205] BTRFS info (device loop2): using free-space-tree [ 227.684794][ T9210] loop3: detected capacity change from 0 to 32768 [ 227.748118][ T9210] XFS (loop3): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 227.761417][ T1844] usb 2-1: config 0 has no interfaces? [ 227.783762][ T1844] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 227.797834][ T1844] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.863299][ T1844] usb 2-1: config 0 descriptor?? [ 227.935961][ T29] audit: type=1800 audit(1728587695.056:85): pid=9205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1315" name="file1" dev="loop2" ino=260 res=0 errno=0 [ 228.012747][ T9210] XFS (loop3): Ending clean mount [ 228.127419][ T46] usb 2-1: USB disconnect, device number 10 [ 228.203202][ T5232] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 228.314758][ T9228] loop0: detected capacity change from 0 to 32768 [ 228.416056][ T5240] XFS (loop3): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 228.424457][ T9260] loop5: detected capacity change from 0 to 1024 [ 228.440863][ T9228] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 228.482999][ T9260] Process accounting resumed [ 228.790242][ T9228] XFS (loop0): Ending clean mount [ 228.828086][ T9228] XFS (loop0): Quotacheck needed: Please wait. [ 228.895983][ T9269] wireguard0: entered promiscuous mode [ 228.896218][ T9228] XFS (loop0): Quotacheck: Done. [ 228.932163][ T9269] wireguard0: entered allmulticast mode [ 229.168336][ T9275] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1331'. [ 229.256961][ T5231] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 229.327149][ T9281] tap0: tun_chr_ioctl cmd 1074025677 [ 229.332658][ T9281] tap0: linktype set to 821 [ 229.499939][ T9285] loop1: detected capacity change from 0 to 128 [ 229.550411][ T9285] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 229.647450][ T9285] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 229.796869][ T29] audit: type=1326 audit(2000000001.549:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9289 comm="syz.0.1336" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa7a057dff9 code=0x0 [ 229.812039][ T9291] loop2: detected capacity change from 0 to 512 [ 229.884730][ T9291] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1340: corrupted in-inode xattr: invalid ea_ino [ 229.963059][ T9291] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.1340: couldn't read orphan inode 15 (err -117) [ 229.986707][ T9291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.098683][ T29] audit: type=1800 audit(2000000001.859:87): pid=9291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1340" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 230.124407][ T9280] loop3: detected capacity change from 0 to 32768 [ 230.225818][ T29] audit: type=1800 audit(2000000001.979:88): pid=9280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1335" name="bus" dev="loop3" ino=7 res=0 errno=0 [ 230.397794][ T5232] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.582152][ T9298] loop5: detected capacity change from 0 to 32768 [ 230.613392][ T9298] XFS: attr2 mount option is deprecated. [ 230.627554][ T9298] XFS: ikeep mount option is deprecated. [ 230.633260][ T9298] XFS: noikeep mount option is deprecated. [ 230.665690][ T9306] loop2: detected capacity change from 0 to 2048 [ 230.743181][ T9313] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 230.743395][ T9298] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 230.787372][ T5254] Bluetooth: hci3: command tx timeout [ 230.833639][ T9298] XFS (loop5): Ending clean mount [ 230.834186][ T9313] NILFS (loop2): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3) [ 230.850400][ T9313] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=2) [ 230.864797][ T9298] XFS (loop5): Quotacheck needed: Please wait. [ 230.885757][ T9313] Remounting filesystem read-only [ 231.010010][ T5232] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer [ 231.014220][ T9323] bridge_slave_0: default FDB implementation only supports local addresses [ 231.028628][ T9298] XFS (loop5): Quotacheck: Done. [ 231.181609][ T9325] loop2: detected capacity change from 0 to 4096 [ 231.198233][ T9327] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1350'. [ 231.479516][ T5719] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 231.733621][ T9321] loop3: detected capacity change from 0 to 32768 [ 231.767530][ T9321] XFS: noikeep mount option is deprecated. [ 231.852903][ T9321] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 231.898778][ T9343] loop5: detected capacity change from 0 to 128 [ 231.986857][ T9343] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 232.038443][ T9343] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 232.153972][ T9321] XFS (loop3): Ending clean mount [ 232.155454][ T5719] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 232.165158][ T9321] XFS (loop3): Quotacheck needed: Please wait. [ 232.293162][ T9321] XFS (loop3): Quotacheck: Done. [ 232.440109][ T9355] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1358'. [ 232.526953][ T5240] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 232.587994][ T9359] netlink: 'syz.1.1362': attribute type 29 has an invalid length. [ 232.615860][ T9359] netlink: 'syz.1.1362': attribute type 29 has an invalid length. [ 232.657053][ T9359] netlink: 'syz.1.1362': attribute type 29 has an invalid length. [ 232.685528][ T9361] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1363'. [ 233.019823][ T9373] loop5: detected capacity change from 0 to 8 [ 233.073599][ T9373] SQUASHFS error: lzo decompression failed, data probably corrupt [ 233.174409][ T9373] SQUASHFS error: Failed to read block 0x91: -5 [ 233.204386][ T9373] SQUASHFS error: Unable to read metadata cache entry [8f] [ 233.226120][ T9373] SQUASHFS error: Unable to read inode 0x11f [ 233.519790][ T9377] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1361'. [ 233.934072][ T9403] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 233.941647][ T9403] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 233.971262][ T9408] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(6) [ 233.977847][ T9408] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 234.010670][ T9403] vhci_hcd vhci_hcd.0: Device attached [ 234.031303][ T9408] vhci_hcd vhci_hcd.0: Device attached [ 234.133906][ T9403] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(5) [ 234.140503][ T9403] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 234.159736][ T9422] loop3: detected capacity change from 0 to 128 [ 234.178733][ T9408] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(10) [ 234.185400][ T9408] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 234.193659][ T5294] vhci_hcd: vhci_device speed not set [ 234.222282][ T9408] vhci_hcd vhci_hcd.0: Device attached [ 234.235329][ T9385] loop5: detected capacity change from 0 to 32768 [ 234.242534][ T9385] XFS: attr2 mount option is deprecated. [ 234.255361][ T9422] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 234.262540][ T9385] XFS: ikeep mount option is deprecated. [ 234.269231][ T5294] usb 13-1: new full-speed USB device number 2 using vhci_hcd [ 234.273153][ T9385] XFS: noikeep mount option is deprecated. [ 234.314473][ T9403] vhci_hcd vhci_hcd.0: Device attached [ 234.321129][ T9422] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 234.360504][ T9422] syz.3.1388 (pid 9422) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 234.364268][ T9409] vhci_hcd: connection closed [ 234.371056][ T9416] vhci_hcd: connection closed [ 234.382320][ T9406] vhci_hcd: connection reset by peer [ 234.388627][ T1048] vhci_hcd: stop threads [ 234.392575][ T9419] vhci_hcd: connection closed [ 234.417538][ T9385] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 234.435975][ T5240] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 234.461774][ T1048] vhci_hcd: release socket [ 234.474640][ T1048] vhci_hcd: disconnect device [ 234.486413][ T1048] vhci_hcd: stop threads [ 234.493617][ T1048] vhci_hcd: release socket [ 234.498589][ T1048] vhci_hcd: disconnect device [ 234.503846][ T1048] vhci_hcd: stop threads [ 234.508520][ T1048] vhci_hcd: release socket [ 234.514733][ T1048] vhci_hcd: disconnect device [ 234.521828][ T1048] vhci_hcd: stop threads [ 234.531492][ T1048] vhci_hcd: release socket [ 234.536655][ T1048] vhci_hcd: disconnect device [ 234.656833][ T9385] XFS (loop5): Ending clean mount [ 234.664269][ T9385] XFS (loop5): Quotacheck needed: Please wait. [ 234.772723][ T9385] XFS (loop5): Quotacheck: Done. [ 234.950990][ T5719] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 235.138830][ T5295] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 235.342702][ T5295] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 235.352131][ T5295] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.423304][ T5295] usb 2-1: config 0 descriptor?? [ 235.489186][ T5295] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 235.494307][ T9439] loop3: detected capacity change from 0 to 40427 [ 235.516115][ T9439] F2FS-fs (loop3): invalid crc value [ 235.527106][ T9456] loop2: detected capacity change from 0 to 2048 [ 235.575749][ T9456] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 235.590889][ T9439] F2FS-fs (loop3): Found nat_bits in checkpoint [ 235.630477][ T9456] syz.2.1401: attempt to access beyond end of device [ 235.630477][ T9456] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 235.656593][ T9460] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 235.724915][ T9456] syz.2.1401: attempt to access beyond end of device [ 235.724915][ T9456] loop2: rw=0, sector=9437254, nr_sectors = 2 limit=2048 [ 235.757759][ T9456] NILFS (loop2): I/O error reading meta-data file (ino=6, block-offset=0) [ 235.775742][ T9439] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 235.793099][ T9464] loop5: detected capacity change from 0 to 1024 [ 235.874620][ T5254] Bluetooth: hci4: unexpected event for opcode 0x2003 [ 235.927444][ T5295] cpia1 2-1:0.0: unexpected state after lo power cmd: 99 [ 235.941635][ T3020] hfsplus: b-tree write err: -5, ino 4 [ 236.046841][ T9472] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1407'. [ 236.056362][ T9472] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1407'. [ 236.427065][ T5295] gspca_cpia1: usb_control_msg 02, error -71 [ 236.433590][ T5295] gspca_cpia1: usb_control_msg 05, error -71 [ 236.451751][ T5295] cpia1 2-1:0.0: unexpected systemstate: 99 [ 236.471824][ T5295] usb 2-1: USB disconnect, device number 11 [ 236.519398][ T9480] loop3: detected capacity change from 0 to 4096 [ 236.559554][ T9480] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 236.940198][ T9468] loop0: detected capacity change from 0 to 32768 [ 237.104526][ T9468] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 237.151205][ T9504] loop1: detected capacity change from 0 to 4096 [ 237.176934][ T9504] NILFS (loop1): invalid segment: Checksum error in segment payload [ 237.185897][ T9504] NILFS (loop1): trying rollback from an earlier position [ 237.208675][ T9504] NILFS (loop1): recovery complete [ 237.224469][ T9510] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 237.307167][ T9512] sctp: [Deprecated]: syz.2.1421 (pid 9512) Use of struct sctp_assoc_value in delayed_ack socket option. [ 237.307167][ T9512] Use struct sctp_sack_info instead [ 237.413079][ T9468] XFS (loop0): Ending clean mount [ 237.623274][ T9519] loop2: detected capacity change from 0 to 1024 [ 237.633923][ T5231] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 237.662761][ T1097] hfsplus: b-tree write err: -5, ino 4 [ 237.677803][ T9519] hfsplus: bad catalog entry type [ 237.684795][ T9] kernel write not supported for file /66/net/xfrm_stat (pid: 9 comm: kworker/0:1) [ 237.814476][ T9495] loop5: detected capacity change from 0 to 32768 [ 237.821999][ T9495] XFS: noikeep mount option is deprecated. [ 237.902875][ T9495] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 237.991312][ T9495] XFS (loop5): Ending clean mount [ 238.068250][ T9534] rtc_cmos 00:00: Alarms can be up to one day in the future [ 238.104954][ T4618] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 238.117782][ T4618] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 238.125985][ T4618] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 238.135652][ T4618] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 238.144576][ T4618] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 238.153510][ T4618] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 238.248813][ T5295] rtc_cmos 00:00: Alarms can be up to one day in the future [ 238.256806][ T5295] rtc_cmos 00:00: Alarms can be up to one day in the future [ 238.264762][ T5295] rtc_cmos 00:00: Alarms can be up to one day in the future [ 238.272597][ T5295] rtc_cmos 00:00: Alarms can be up to one day in the future [ 238.280844][ T5295] rtc rtc0: __rtc_set_alarm: err=-22 [ 238.308792][ T9495] XFS (loop5): Quotacheck needed: Please wait. [ 238.341504][ T9544] loop0: detected capacity change from 0 to 256 [ 238.365565][ T9495] XFS (loop5): Quotacheck: Done. [ 238.501550][ T29] audit: type=1800 audit(2000000010.259:89): pid=9495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1417" name="bus" dev="loop5" ino=1067 res=0 errno=0 [ 238.652664][ T9544] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb75ad3fb, utbl_chksum : 0xe619d30d) [ 238.681995][ T9547] loop1: detected capacity change from 0 to 32768 [ 238.697365][ T9547] [ 238.697365][ T9547] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 238.697365][ T9547] [ 238.727700][ T9547] [ 238.727700][ T9547] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 238.727700][ T9547] [ 238.739110][ T9547] [ 238.739110][ T9547] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 238.739110][ T9547] [ 238.750167][ T9547] [ 238.750167][ T9547] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 238.750167][ T9547] [ 238.760791][ T9547] [ 238.760791][ T9547] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 238.760791][ T9547] [ 238.812903][ T111] [ 238.812903][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 238.812903][ T111] [ 238.832263][ T8733] [ 238.832263][ T8733] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 238.832263][ T8733] [ 238.849554][ T8733] [ 238.849554][ T8733] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 238.849554][ T8733] [ 238.851796][ T5719] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 239.080045][ T9527] chnl_net:caif_netlink_parms(): no params data found [ 239.104210][ T9560] loop2: detected capacity change from 0 to 512 [ 239.152288][ T9560] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 239.163953][ T9560] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e11c, mo2=0002] [ 239.172970][ T9560] EXT4-fs (loop2): orphan cleanup on readonly fs [ 239.343390][ T9560] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1438: bg 0: block 361: padding at end of block bitmap is not set [ 239.362407][ T9560] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 239.406246][ T9560] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.1438: attempt to clear invalid blocks 33619980 len 1 [ 239.427336][ T5294] vhci_hcd: vhci_device speed not set [ 239.466097][ T9560] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1438: invalid indirect mapped block 1811939328 (level 0) [ 239.635489][ T9560] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.1438: invalid indirect mapped block 2185560079 (level 1) [ 239.704546][ T9560] EXT4-fs (loop2): 1 truncate cleaned up [ 239.749507][ T9560] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 239.860559][ T9564] loop1: detected capacity change from 0 to 32768 [ 239.897642][ T4618] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 239.909478][ T4618] Bluetooth: hci4: Injecting HCI hardware error event [ 239.923004][ T4618] Bluetooth: hci4: hardware error 0x00 [ 239.941147][ T9527] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.948897][ T9527] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.956281][ T9527] bridge_slave_0: entered allmulticast mode [ 239.963771][ T9527] bridge_slave_0: entered promiscuous mode [ 239.972581][ T9527] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.979980][ T9527] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.987405][ T9527] bridge_slave_1: entered allmulticast mode [ 239.994636][ T9527] bridge_slave_1: entered promiscuous mode [ 240.001466][ T29] audit: type=1800 audit(2000000011.769:90): pid=9564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1436" name="bus" dev="loop1" ino=7 res=0 errno=0 [ 240.142068][ T5232] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 240.231993][ T5254] Bluetooth: hci6: command tx timeout [ 240.314505][ T9527] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 240.452607][ T9590] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave [ 240.466199][ T9590] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 240.527466][ T9592] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1449'. [ 240.559648][ T9527] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 240.809825][ T9527] team0: Port device team_slave_0 added [ 240.833497][ T9527] team0: Port device team_slave_1 added [ 241.051807][ T9527] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 241.081683][ T9527] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 241.135565][ T9616] loop1: detected capacity change from 0 to 512 [ 241.177258][ T9527] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 241.198597][ T9616] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 241.218177][ T9527] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 241.235990][ T9527] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 241.280016][ T9616] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e11c, mo2=0002] [ 241.288522][ T9616] EXT4-fs (loop1): orphan cleanup on readonly fs [ 241.305109][ T9616] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1457: bg 0: block 361: padding at end of block bitmap is not set [ 241.324255][ T9527] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 241.343609][ T9616] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 241.392014][ T9616] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #11: comm syz.1.1457: attempt to clear invalid blocks 33619980 len 1 [ 241.414386][ T9616] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1457: invalid indirect mapped block 1811939328 (level 0) [ 241.440768][ T9616] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1457: invalid indirect mapped block 2185560079 (level 1) [ 241.465356][ T9616] EXT4-fs (loop1): 1 truncate cleaned up [ 241.561694][ T9616] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 241.565288][ T9600] loop5: detected capacity change from 0 to 32768 [ 241.693351][ T9527] hsr_slave_0: entered promiscuous mode [ 241.753506][ T9527] hsr_slave_1: entered promiscuous mode [ 241.793661][ T9527] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 241.812127][ T9527] Cannot create hsr debugfs directory [ 241.981325][ T9629] sch_fq: defrate 9 ignored. [ 241.987708][ T4618] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 242.002910][ T9607] loop0: detected capacity change from 0 to 32768 [ 242.052123][ T9607] (syz.0.1455,9607,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 242.066660][ T9607] (syz.0.1455,9607,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 242.223401][ T9607] JBD2: Ignoring recovery information on journal [ 242.272516][ T9607] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 242.297066][ T5254] Bluetooth: hci6: command tx timeout [ 242.645027][ T9643] loop5: detected capacity change from 0 to 32768 [ 242.660982][ T9643] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1470 (9643) [ 242.706598][ T9643] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 242.727446][ T9643] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 242.735939][ T9643] BTRFS info (device loop5): using free-space-tree [ 242.794376][ T9527] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.836328][ T1168] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 242.890920][ T5231] ocfs2: Unmounting device (7,0) on (node local) [ 243.186600][ T9645] loop3: detected capacity change from 0 to 40427 [ 243.208914][ T9645] F2FS-fs (loop3): invalid crc value [ 243.229838][ T9527] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.244790][ T1168] usb 3-1: Using ep0 maxpacket: 16 [ 243.255563][ T1168] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.260696][ T9645] F2FS-fs (loop3): Found nat_bits in checkpoint [ 243.267009][ T1168] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.282855][ T1168] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 243.292146][ T1168] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.321283][ T1168] usb 3-1: config 0 descriptor?? [ 243.489260][ T741] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared) [ 243.527313][ T9645] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 243.561296][ T9527] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.585216][ T8733] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 243.767590][ T5240] syz-executor: attempt to access beyond end of device [ 243.767590][ T5240] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 243.783822][ T5719] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 243.785020][ T9635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 243.837697][ T5295] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 243.853299][ T5240] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 243.885429][ T9635] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 243.961657][ T1168] hid (null): bogus close delimiter [ 243.976625][ T9527] bond0: (slave netdevsim0): Releasing backup interface [ 244.024347][ T9527] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.038787][ T5295] usb 1-1: Using ep0 maxpacket: 8 [ 244.117107][ T46] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 244.130821][ T5295] usb 1-1: New USB device found, idVendor=0ccd, idProduct=10a5, bcdDevice=23.a2 [ 244.174781][ T5295] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 244.180809][ T1168] usb 3-1: string descriptor 0 read error: -71 [ 244.193477][ T5295] usb 1-1: Product: syz [ 244.199933][ T5295] usb 1-1: Manufacturer: syz [ 244.213729][ T5295] usb 1-1: SerialNumber: syz [ 244.223084][ T1168] usb 3-1: Max retries (5) exceeded reading string descriptor 200 [ 244.231473][ T1168] letsketch 0003:6161:4D15.0008: probe with driver letsketch failed with error -32 [ 244.252829][ T5295] usb 1-1: config 0 descriptor?? [ 244.254906][ T1168] usb 3-1: USB disconnect, device number 9 [ 244.308222][ T5295] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 244.346664][ T46] usb 2-1: Using ep0 maxpacket: 8 [ 244.399530][ T5254] Bluetooth: hci6: command tx timeout [ 244.412963][ T5295] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 244.419677][ T5295] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 244.439268][ T46] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 244.448549][ T46] usb 2-1: config 179 has no interface number 0 [ 244.454870][ T46] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 244.467127][ T46] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 244.478626][ T46] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 244.489906][ T46] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 244.501505][ T46] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 244.514864][ T46] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 244.524083][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.589217][ T9527] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 244.596326][ T5295] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 244.613777][ T5295] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 244.622301][ T9672] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22 [ 244.625545][ T9527] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 244.676711][ T5295] usb 1-1: dvb_usb_v2: found a 'Terratec H7 Rev.4' in warm state [ 244.708610][ T9527] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 244.735353][ T9527] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 244.748175][ T5295] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 244.760876][ T5295] dvbdev: DVB: registering new adapter (Terratec H7 Rev.4) [ 244.802232][ T5295] usb 1-1: media controller created [ 244.809513][ T5295] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 244.817301][ T5295] usb 1-1: dvb_usb_v2: MAC address: 00:00:00:00:00:00 [ 244.891578][ T5295] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 244.984998][ T9527] 8021q: adding VLAN 0 to HW filter on device bond0 [ 245.025563][ T9527] 8021q: adding VLAN 0 to HW filter on device team0 [ 245.058465][ T1048] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.065655][ T1048] bridge0: port 1(bridge_slave_0) entered forwarding state [ 245.101738][ T9682] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1476'. [ 245.108502][ T1048] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.117904][ T1048] bridge0: port 2(bridge_slave_1) entered forwarding state [ 245.145875][ T9682] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1476'. [ 245.163922][ T46] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input18 [ 245.579911][ T5295] usb 2-1: USB disconnect, device number 12 [ 245.586017][ C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 245.586074][ C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 245.635740][ T5295] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 245.669062][ T9691] 8021q: VLANs not supported on bridge0 [ 245.839678][ T9527] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 246.187784][ T9707] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1484'. [ 246.407404][ T46] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 246.418556][ T46] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 246.433234][ T9527] veth0_vlan: entered promiscuous mode [ 246.457956][ T4618] Bluetooth: hci6: command tx timeout [ 246.473380][ T46] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz1 [ 246.484866][ T9527] veth1_vlan: entered promiscuous mode [ 246.517427][ T9527] veth0_macvtap: entered promiscuous mode [ 246.550002][ T5294] usb 1-1: USB disconnect, device number 8 [ 246.564788][ T9527] veth1_macvtap: entered promiscuous mode [ 246.645059][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.683831][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.704157][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.725034][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.745249][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.745278][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.745312][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.745328][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.745348][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.745364][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.745386][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.745402][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.748860][ T9527] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 246.753036][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.753062][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.753078][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.753095][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.753109][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.753126][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.753151][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.753168][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.753185][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.753203][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.753221][ T9527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.753241][ T9527] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.754828][ T9527] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 246.998251][ T9726] loop0: detected capacity change from 0 to 32768 [ 247.003714][ T9527] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.003756][ T9527] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.003790][ T9527] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.003823][ T9527] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.014954][ T9726] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1492 (9726) [ 247.020296][ T9726] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 247.020393][ T9726] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 247.020448][ T9726] BTRFS info (device loop0): using free-space-tree [ 247.302897][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 247.302980][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 247.347365][ T1048] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 247.347416][ T1048] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 247.403732][ T5235] kernel write not supported for file task/580/attr/prev (pid: 5235 comm: kworker/1:3) [ 247.750758][ T9760] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1501'. [ 247.844730][ T9755] loop5: detected capacity change from 0 to 32768 [ 247.933455][ T9749] loop2: detected capacity change from 0 to 32768 [ 247.999243][ T9763] program syz.3.1502 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 248.081134][ T9749] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 248.093036][ T9755] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 248.098168][ T29] audit: type=1800 audit(2000000019.849:91): pid=9726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1492" name="file1" dev="loop0" ino=260 res=0 errno=0 [ 248.235366][ T9749] XFS (loop2): Ending clean mount [ 248.307198][ T29] audit: type=1800 audit(2000000020.059:92): pid=9749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1497" name="file1" dev="loop2" ino=6150 res=0 errno=0 [ 248.360634][ T9755] XFS (loop5): Ending clean mount [ 248.366718][ T5235] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 248.372079][ T9755] XFS (loop5): Quotacheck needed: Please wait. [ 248.408082][ T5231] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 248.530443][ T5295] XFS (loop2): Metadata CRC error detected at xfs_rmapbt_read_verify+0x41/0xd0, xfs_rmapbt block 0x14 [ 248.533952][ T9755] XFS (loop5): Quotacheck: Done. [ 248.587205][ T5235] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 248.611805][ T5295] XFS (loop2): Unmount and run xfs_repair [ 248.624240][ T5235] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 248.638268][ T5295] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 248.647439][ T5235] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 248.657296][ T5295] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 248.674112][ T5235] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.682404][ T5295] 00000010: 00 00 00 00 00 00 00 14 00 00 00 01 00 00 00 10 ................ [ 248.695907][ T5235] usb 5-1: config 0 descriptor?? [ 248.701277][ T5295] 00000020: ed 37 bf 6e 74 ea 4e 01 af ba 5f ee 27 4b 0f 3a .7.nt.N..._.'K.: [ 248.713903][ T5295] 00000030: 00 00 00 00 05 1b 0d e2 00 00 00 00 00 00 00 01 ................ [ 248.725796][ T5295] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 248.735109][ T5295] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 248.744332][ T5295] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 248.755064][ T5295] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 248.769852][ T9749] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x14 len 4 error 74 [ 248.975794][ T5719] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 249.007219][ T9749] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 249.029704][ T9749] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 249.172785][ T5232] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 249.293641][ T5235] cp2112 0003:10C4:EA90.000A: unknown main item tag 0x0 [ 249.316620][ T5235] cp2112 0003:10C4:EA90.000A: unknown main item tag 0x0 [ 249.344193][ T5235] cp2112 0003:10C4:EA90.000A: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0 [ 249.490842][ T5235] cp2112 0003:10C4:EA90.000A: Part Number: 0x82 Device Version: 0xFE [ 249.720265][ T5235] cp2112 0003:10C4:EA90.000A: error requesting SMBus config [ 249.739416][ T9811] netlink: 'syz.2.1512': attribute type 1 has an invalid length. [ 249.772470][ T5235] cp2112 0003:10C4:EA90.000A: probe with driver cp2112 failed with error -71 [ 249.861458][ T5235] usb 5-1: USB disconnect, device number 9 [ 250.096626][ T5244] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 250.212707][ T9805] loop1: detected capacity change from 0 to 32768 [ 250.256724][ T5244] usb 4-1: Using ep0 maxpacket: 16 [ 250.256732][ T9805] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 250.269745][ T5244] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 250.284726][ T5244] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 250.295881][ T5244] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 250.316612][ T5244] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 250.325977][ T5244] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.336221][ T5244] usb 4-1: config 0 descriptor?? [ 250.507840][ T9833] loop0: detected capacity change from 0 to 128 [ 250.520994][ T9828] loop2: detected capacity change from 0 to 2048 [ 250.545499][ T8733] ocfs2: Unmounting device (7,1) on (node local) [ 250.570394][ T9833] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 250.677929][ T9833] ext4 filesystem being mounted at /273/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 250.688607][ T9828] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 250.801229][ T5244] microsoft 0003:045E:07DA.000B: unknown main item tag 0x0 [ 250.905391][ T5244] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.000B/input/input20 [ 250.996926][ T5244] microsoft 0003:045E:07DA.000B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 251.024722][ T29] audit: type=1800 audit(2000000022.779:93): pid=9842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1528" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 251.126668][ T5244] usb 4-1: USB disconnect, device number 9 [ 251.188669][ T5231] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 252.058735][ T9873] loop3: detected capacity change from 0 to 256 [ 252.066357][ T9873] exfat: Deprecated parameter 'namecase' [ 252.083640][ T9873] exfat: Deprecated parameter 'utf8' [ 252.267981][ T9855] loop0: detected capacity change from 0 to 32768 [ 252.425290][ T9855] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 252.496309][ T9873] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 252.567010][ T5244] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 252.725049][ T9905] loop3: detected capacity change from 0 to 2048 [ 252.731813][ T5244] usb 3-1: Using ep0 maxpacket: 16 [ 252.747765][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 252.759060][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 252.769203][ T5244] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 252.782730][ T5244] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 252.792415][ T5244] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.798974][ T9900] loop4: detected capacity change from 0 to 32768 [ 252.805863][ T5244] usb 3-1: config 0 descriptor?? [ 252.893012][ T9910] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 252.903865][ T29] audit: type=1800 audit(2000000024.649:94): pid=9900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1551" name="file1" dev="loop4" ino=4 res=0 errno=0 [ 252.966176][ T9855] XFS (loop0): Ending clean mount [ 253.245296][ T5244] microsoft 0003:045E:07DA.000C: unknown main item tag 0x0 [ 253.266050][ T5244] microsoft 0003:045E:07DA.000C: ignoring exceeding usage max [ 253.299863][ T5244] microsoft 0003:045E:07DA.000C: No inputs registered, leaving [ 253.317258][ T5244] microsoft 0003:045E:07DA.000C: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 253.354153][ T5231] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 253.386680][ T5244] microsoft 0003:045E:07DA.000C: no inputs found [ 253.393095][ T5244] microsoft 0003:045E:07DA.000C: could not initialize ff, continuing anyway [ 253.415086][ T9914] loop5: detected capacity change from 0 to 4096 [ 253.711183][ T1168] usb 3-1: USB disconnect, device number 10 [ 254.077679][ T9926] loop3: detected capacity change from 0 to 4096 [ 254.093895][ T9926] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 254.125812][ T9926] ntfs3(loop3): Failed to load $Extend (-22). [ 254.132318][ T9926] ntfs3(loop3): Failed to initialize $Extend. [ 254.517189][ T9945] netlink: 'syz.5.1571': attribute type 1 has an invalid length. [ 254.525212][ T9945] netlink: 71 bytes leftover after parsing attributes in process `syz.5.1571'. [ 254.566637][ T9945] openvswitch: netlink: Actions may not be safe on all matching packets [ 255.089496][ T9938] loop1: detected capacity change from 0 to 32768 [ 255.104007][ T9938] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1565 (9938) [ 255.124963][ T9938] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 255.143662][ T9938] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 255.152663][ T9938] BTRFS info (device loop1): using free-space-tree [ 255.292412][ T9988] sctp: [Deprecated]: syz.5.1584 (pid 9988) Use of int in maxseg socket option. [ 255.292412][ T9988] Use struct sctp_assoc_value instead [ 255.433857][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.468365][ T29] audit: type=1800 audit(2000000027.219:95): pid=9938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1565" name="bus" dev="loop1" ino=263 res=0 errno=0 [ 255.584807][ T9995] loop2: detected capacity change from 0 to 2048 [ 255.631821][T10000] loop4: detected capacity change from 0 to 512 [ 255.664677][ T8733] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 255.695200][T10004] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 255.762446][T10003] loop5: detected capacity change from 0 to 2048 [ 255.770074][ T9995] NILFS (loop2): error -2 truncating bmap (ino=16) [ 255.776334][T10003] EXT4-fs: Ignoring removed mblk_io_submit option [ 255.793294][T10000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 255.806764][T10000] ext4 filesystem being mounted at /18/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 255.821641][T10004] NILFS (loop2): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 255.842218][T10004] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=16) [ 255.886670][T10003] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.889131][T10012] loop3: detected capacity change from 0 to 512 [ 255.939372][T10012] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 255.949140][T10004] Remounting filesystem read-only [ 256.125659][T10018] loop1: detected capacity change from 0 to 2048 [ 256.196527][T10003] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1590: bg 0: block 234: padding at end of block bitmap is not set [ 256.314286][T10003] EXT4-fs (loop5): Remounting filesystem read-only [ 256.328062][T10018] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 256.344497][ T5232] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer [ 256.397085][T10012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 256.446979][T10012] ext4 filesystem being mounted at /273/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 256.497164][ T5719] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.531567][ T9527] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.787606][ T5240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 256.931125][T10032] loop4: detected capacity change from 0 to 256 [ 256.974643][T10032] exfat: Deprecated parameter 'utf8' [ 257.020904][T10032] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 257.712367][T10024] loop2: detected capacity change from 0 to 32768 [ 257.798933][T10024] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 257.845220][T10066] netlink: 'syz.3.1612': attribute type 10 has an invalid length. [ 258.059059][T10024] XFS (loop2): Ending clean mount [ 258.234517][ T5232] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 258.399416][T10079] loop4: detected capacity change from 0 to 512 [ 258.461183][T10048] loop1: detected capacity change from 0 to 40427 [ 258.527095][T10079] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #15: comm syz.4.1617: casefold flag without casefold feature [ 258.641942][T10079] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1617: couldn't read orphan inode 15 (err -117) [ 258.697714][T10048] F2FS-fs (loop1): Found nat_bits in checkpoint [ 258.698989][T10063] loop5: detected capacity change from 0 to 32768 [ 258.815741][T10079] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.891876][T10079] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #2: comm syz.4.1617: directory missing '.' [ 258.927037][T10048] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 258.946808][T10063] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 259.047572][ T9527] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.200099][ T8733] syz-executor: attempt to access beyond end of device [ 259.200099][ T8733] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 259.236297][ T8733] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 259.316246][T10063] XFS (loop5): Ending clean mount [ 259.393323][T10063] XFS (loop5): Quotacheck needed: Please wait. [ 259.668650][T10063] XFS (loop5): Quotacheck: Done. [ 259.854304][T10091] loop3: detected capacity change from 0 to 32768 [ 259.865083][T10091] XFS: ikeep mount option is deprecated. [ 259.905389][T10123] netlink: 189888 bytes leftover after parsing attributes in process `syz.4.1630'. [ 259.927180][T10123] netlink: zone id is out of range [ 259.932344][T10123] netlink: zone id is out of range [ 259.946887][T10123] netlink: zone id is out of range [ 259.954777][T10123] netlink: zone id is out of range [ 259.966779][T10123] netlink: zone id is out of range [ 259.972030][T10123] netlink: zone id is out of range [ 259.977592][T10123] netlink: zone id is out of range [ 259.982982][T10123] netlink: zone id is out of range [ 259.988273][T10123] netlink: zone id is out of range [ 259.993484][T10123] netlink: zone id is out of range [ 260.003110][ T5719] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 260.044682][T10091] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 260.237904][T10091] XFS (loop3): Ending clean mount [ 260.268622][T10091] XFS (loop3): Quotacheck needed: Please wait. [ 260.423045][T10142] netlink: 'syz.1.1635': attribute type 1 has an invalid length. [ 260.424184][T10091] XFS (loop3): Quotacheck: Done. [ 260.577297][ T5240] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 260.589858][T10145] loop2: detected capacity change from 0 to 4096 [ 261.112646][T10148] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 261.247243][T10145] NILFS (loop2): bad btree node (ino=3, blocknr=41): level = 31, flags = 0xe0, nchildren = 0 [ 261.301738][T10145] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=3) [ 261.402242][T10145] Remounting filesystem read-only [ 261.970323][T10161] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 262.038602][T10169] loop2: detected capacity change from 0 to 2048 [ 262.041518][T10147] loop1: detected capacity change from 0 to 32768 [ 262.103312][T10147] XFS: ikeep mount option is deprecated. [ 262.115006][T10169] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 262.126626][T10147] XFS: noikeep mount option is deprecated. [ 262.191753][T10147] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 262.206338][T10179] loop4: detected capacity change from 0 to 512 [ 262.278816][T10179] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1651: corrupted in-inode xattr: invalid ea_ino [ 262.338122][T10180] loop5: detected capacity change from 0 to 1024 [ 262.358227][T10179] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1651: couldn't read orphan inode 15 (err -117) [ 262.360247][T10147] XFS (loop1): Ending clean mount [ 262.392269][T10180] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 262.405814][T10179] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.421157][ T5244] kernel write not supported for file /688/projid_map (pid: 5244 comm: kworker/1:4) [ 262.494113][T10147] XFS (loop1): Quotacheck needed: Please wait. [ 262.658018][ T9527] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.682840][T10147] XFS (loop1): Quotacheck: Done. [ 262.807727][T10190] loop4: detected capacity change from 0 to 128 [ 262.965976][ T8733] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 262.975951][T10171] loop3: detected capacity change from 0 to 40427 [ 263.035439][T10171] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff [ 263.147326][T10171] F2FS-fs (loop3): invalid crc value [ 263.160288][T10171] F2FS-fs (loop3): Found nat_bits in checkpoint [ 263.373181][ C1] vkms_vblank_simulate: vblank timer overrun [ 263.375867][T10171] F2FS-fs (loop3): Start checkpoint disabled! [ 263.548933][T10171] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 263.665835][T10171] F2FS-fs (loop3): inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0x14d/0x1220 [ 263.937466][ T11] kworker/u8:0: attempt to access beyond end of device [ 263.937466][ T11] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 263.976634][ T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 263.999806][ T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 264.009377][ T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 264.303432][T10202] loop4: detected capacity change from 0 to 32768 [ 264.685897][T10215] loop0: detected capacity change from 0 to 32768 [ 264.730913][T10215] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1664 (10215) [ 264.872787][T10234] loop3: detected capacity change from 0 to 32768 [ 264.904262][T10215] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 264.907887][T10234] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1667 (10234) [ 264.916108][T10202] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 264.973831][T10215] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 265.022612][T10215] BTRFS info (device loop0): using free-space-tree [ 265.046653][T10234] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 265.094936][T10234] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 265.128326][T10202] XFS (loop4): Ending clean mount [ 265.157498][T10202] XFS (loop4): Quotacheck needed: Please wait. [ 265.157616][T10234] BTRFS info (device loop3): using free-space-tree [ 265.370065][T10202] XFS (loop4): Quotacheck: Done. [ 265.466702][T10215] BTRFS info (device loop0): rebuilding free space tree [ 265.526272][T10283] tap0: tun_chr_ioctl cmd 1074025677 [ 265.546616][ T5295] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 265.567056][T10283] tap0: linktype set to 0 [ 265.706634][ T5295] usb 3-1: Using ep0 maxpacket: 32 [ 265.731903][ T5295] usb 3-1: config 0 has an invalid interface number: 126 but max is 0 [ 265.760931][ T5295] usb 3-1: config 0 has no interface number 0 [ 265.794833][ T5295] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 265.815803][ T5240] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 265.835076][ T5295] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 265.856152][ T5295] usb 3-1: config 0 interface 126 has no altsetting 0 [ 265.927619][ T5295] usb 3-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 265.946344][ T5295] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.960407][ T5295] usb 3-1: Product: syz [ 265.972924][ T5295] usb 3-1: Manufacturer: syz [ 265.975884][ T9527] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 265.997738][ T5295] usb 3-1: SerialNumber: syz [ 266.004462][ T5295] usb 3-1: config 0 descriptor?? [ 266.011417][T10268] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 266.030922][T10268] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 266.053517][T10255] loop5: detected capacity change from 0 to 32768 [ 266.084952][T10255] BTRFS: device /dev/loop5 (7:5) using temp-fsid 30eea912-fa9e-4875-b993-c23353893de9 [ 266.099162][T10255] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1674 (10255) [ 266.137118][ T5231] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 266.180464][T10255] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 266.191647][T10255] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 266.201864][T10255] BTRFS info (device loop5): using free-space-tree [ 266.630447][ T5295] ir_usb 3-1:0.126: IR Dongle converter detected [ 266.739127][T10319] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1680'. [ 266.763069][ T29] audit: type=1800 audit(2000000038.519:96): pid=10255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1674" name="bus" dev="loop5" ino=263 res=0 errno=0 [ 266.835727][ T5295] usb 3-1: IRDA class descriptor not found, device not bound [ 266.853901][ T29] audit: type=1800 audit(2000000038.549:97): pid=10255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1674" name="bus" dev="loop5" ino=263 res=0 errno=0 [ 266.874329][ C1] vkms_vblank_simulate: vblank timer overrun [ 267.005021][T10323] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1686'. [ 267.021729][ T5719] BTRFS info (device loop5): last unmount of filesystem 30eea912-fa9e-4875-b993-c23353893de9 [ 267.045122][ T9] usb 3-1: USB disconnect, device number 11 [ 267.387117][T10333] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1692'. [ 267.629969][T10339] hugetlbfs: syz.3.1694 (10339): Using mlock ulimits for SHM_HUGETLB is obsolete [ 267.943874][T10349] loop3: detected capacity change from 0 to 8192 [ 268.647071][T10344] loop1: detected capacity change from 0 to 40427 [ 268.676943][T10344] F2FS-fs (loop1): Wrong NAT boundary, start(2560) end(462336) blocks(1024) [ 268.685972][T10344] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 268.866114][T10341] loop0: detected capacity change from 0 to 32768 [ 268.898555][T10344] F2FS-fs (loop1): Found nat_bits in checkpoint [ 268.991075][T10341] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 269.101490][T10344] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 269.150581][T10344] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 269.204617][ T5231] ocfs2: Unmounting device (7,0) on (node local) [ 269.248020][T10347] loop5: detected capacity change from 0 to 32768 [ 269.304933][T10347] XFS: ikeep mount option is deprecated. [ 269.421292][T10347] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 269.587237][T10347] XFS (loop5): Ending clean mount [ 269.594819][T10347] XFS (loop5): Quotacheck needed: Please wait. [ 269.706038][T10352] loop3: detected capacity change from 0 to 32768 [ 269.812309][T10352] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 269.812309][T10352] [ 269.827483][T10352] xtLookup: xtSearch returned -5 [ 269.837410][T10352] free_index: error reading directory table [ 269.995153][T10347] XFS (loop5): Quotacheck: Done. [ 270.469668][T10388] input: syz1 as /devices/virtual/input/input22 [ 270.570022][ T29] audit: type=1326 audit(2000000042.329:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10391 comm="syz.1.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05b457dff9 code=0x7ffc0000 [ 270.592659][ T29] audit: type=1326 audit(2000000042.329:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10391 comm="syz.1.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05b457dff9 code=0x7ffc0000 [ 270.654612][ T29] audit: type=1326 audit(2000000042.379:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10391 comm="syz.1.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05b457dff9 code=0x7ffc0000 [ 270.678134][ T29] audit: type=1326 audit(2000000042.409:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10391 comm="syz.1.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05b457dff9 code=0x7ffc0000 [ 270.701410][ T29] audit: type=1326 audit(2000000042.409:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10391 comm="syz.1.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05b457dff9 code=0x7ffc0000 [ 270.733612][ T29] audit: type=1326 audit(2000000042.489:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10391 comm="syz.1.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f05b457dff9 code=0x7ffc0000 [ 270.756229][ T29] audit: type=1326 audit(2000000042.489:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10391 comm="syz.1.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05b457dff9 code=0x7ffc0000 [ 270.781574][ T29] audit: type=1326 audit(2000000042.489:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10391 comm="syz.1.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05b457dff9 code=0x7ffc0000 [ 271.059770][ T5719] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 271.174117][T10402] serio: Serial port ptm0 [ 271.877840][T10426] sctp: [Deprecated]: syz.2.1727 (pid 10426) Use of int in maxseg socket option. [ 271.877840][T10426] Use struct sctp_assoc_value instead [ 271.949105][T10429] loop3: detected capacity change from 0 to 2048 [ 272.001805][T10429] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.016722][T10429] ext4 filesystem being mounted at /298/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 272.036884][T10441] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 272.074687][T10429] fs-verity: sha256 using implementation "sha256-ni" [ 272.109272][T10429] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1728: bg 0: block 345: padding at end of block bitmap is not set [ 272.172016][T10429] fs-verity (loop3, inode 13): Error -117 writing Merkle tree block 0 [ 272.196767][T10429] fs-verity (loop3, inode 13): Error -117 building Merkle tree [ 272.358109][T10429] syz.3.1728 (10429) used greatest stack depth: 17776 bytes left [ 272.412087][ T5240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.551420][T10448] loop4: detected capacity change from 0 to 32768 [ 272.578069][T10448] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1735 (10448) [ 272.645218][T10448] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 272.652651][T10461] loop2: detected capacity change from 0 to 128 [ 272.659611][T10448] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 272.670399][T10448] BTRFS info (device loop4): using free-space-tree [ 272.678018][T10461] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 272.978457][T10461] Process accounting resumed [ 272.990743][ T9527] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 273.210146][T10484] loop3: detected capacity change from 0 to 32768 [ 273.256666][T10484] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1745 (10484) [ 273.354359][T10484] BTRFS info (device loop3): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 273.388114][T10484] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 273.536958][T10484] BTRFS info (device loop3): using free-space-tree [ 273.968321][T10512] ptrace attach of "./syz-executor exec"[10515] was attempted by ""[10512] [ 274.012849][T10468] loop1: detected capacity change from 0 to 40427 [ 274.039358][T10468] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x7 [ 274.188891][T10468] F2FS-fs (loop1): invalid crc value [ 274.318557][T10468] F2FS-fs (loop1): Found nat_bits in checkpoint [ 274.338884][T10525] netlink: 'syz.4.1755': attribute type 9 has an invalid length. [ 274.382050][T10525] netlink: 134660 bytes leftover after parsing attributes in process `syz.4.1755'. [ 274.653219][T10468] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 274.729198][T10491] loop2: detected capacity change from 0 to 40427 [ 274.764650][ T5240] BTRFS info (device loop3): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 274.782009][T10491] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff [ 274.794800][T10491] F2FS-fs (loop2): Image doesn't support compression [ 274.829825][T10491] F2FS-fs (loop2): Image doesn't support compression [ 274.847211][ T8733] syz-executor: attempt to access beyond end of device [ 274.847211][ T8733] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 274.873751][T10491] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x4 [ 274.909517][ T8733] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 274.919328][T10491] F2FS-fs (loop2): invalid crc value [ 274.955782][T10541] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1761'. [ 275.006724][T10491] F2FS-fs (loop2): Found nat_bits in checkpoint [ 275.274163][T10491] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 275.390709][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 275.390737][ T29] audit: type=1800 audit(2000000047.139:111): pid=10491 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1748" name="file1" dev="loop2" ino=10 res=0 errno=0 [ 275.534995][T10548] loop4: detected capacity change from 0 to 4096 [ 275.553225][T10491] syz.2.1748: attempt to access beyond end of device [ 275.553225][T10491] loop2: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 275.678837][T10548] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 275.694522][ T5232] syz-executor: attempt to access beyond end of device [ 275.694522][ T5232] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 275.786648][ T5232] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 276.068719][ C0] vkms_vblank_simulate: vblank timer overrun [ 276.553921][T10546] loop0: detected capacity change from 0 to 32768 [ 276.611189][T10546] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 276.855396][T10546] XFS (loop0): Ending clean mount [ 276.861434][T10556] loop1: detected capacity change from 0 to 32768 [ 276.872556][T10546] XFS (loop0): Quotacheck needed: Please wait. [ 277.039307][T10546] XFS (loop0): Quotacheck: Done. [ 277.351334][ T5231] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 277.732889][T10606] loop5: detected capacity change from 0 to 256 [ 277.807544][T10606] exfat: Deprecated parameter 'namecase' [ 277.813271][T10606] exfat: Deprecated parameter 'namecase' [ 277.897142][T10606] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 277.914124][T10614] loop3: detected capacity change from 0 to 256 [ 279.016689][T10627] loop3: detected capacity change from 0 to 40427 [ 279.161219][T10627] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 279.263936][T10627] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 279.398795][T10640] loop1: detected capacity change from 0 to 128 [ 279.445202][T10640] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 279.478510][T10622] loop0: detected capacity change from 0 to 40427 [ 279.524936][T10622] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 279.533762][T10622] F2FS-fs (loop0): Image doesn't support compression [ 279.533974][T10640] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 279.540819][T10622] F2FS-fs (loop0): Image doesn't support compression [ 279.603262][T10622] F2FS-fs (loop0): invalid crc value [ 279.609783][T10627] F2FS-fs (loop3): Found nat_bits in checkpoint [ 279.632613][T10648] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 279.693515][T10622] F2FS-fs (loop0): Found nat_bits in checkpoint [ 279.711951][T10627] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 279.743043][T10627] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 279.778811][T10643] loop5: detected capacity change from 0 to 4096 [ 279.822056][T10627] syz.3.1793: attempt to access beyond end of device [ 279.822056][T10627] loop3: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 279.834757][T10622] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 279.941506][ T5231] syz-executor: attempt to access beyond end of device [ 279.941506][ T5231] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 279.976695][ T5231] F2FS-fs (loop0): inject write IO error in f2fs_write_end_io of __submit_merged_bio+0x28c/0x700 [ 279.991481][ T5231] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 280.078911][T10655] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1801'. [ 280.269204][T10619] loop4: detected capacity change from 0 to 32768 [ 280.333357][T10619] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1790 (10619) [ 280.555209][T10619] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 280.648547][T10619] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 280.693365][T10619] BTRFS info (device loop4): using free-space-tree [ 281.058475][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR [ 281.069019][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR [ 281.089077][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 281.107970][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 281.123975][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 281.133380][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 281.142614][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 281.151792][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 281.161467][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 281.170493][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 281.180715][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 281.191441][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 281.201554][T10619] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 281.212642][T10619] BTRFS error (device loop4): open_ctree failed [ 282.141377][T10696] loop2: detected capacity change from 0 to 256 [ 282.160046][T10697] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1815'. [ 282.277869][T10696] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xadbf5ead, utbl_chksum : 0xe619d30d) [ 282.302102][T10702] netlink: 'syz.1.1817': attribute type 9 has an invalid length. [ 282.321268][T10702] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.1817'. [ 282.523428][T10712] bridge0: port 3(macvlan2) entered blocking state [ 282.566942][T10712] bridge0: port 3(macvlan2) entered disabled state [ 282.583434][T10712] macvlan2: entered allmulticast mode [ 282.595696][T10712] macvlan2: entered promiscuous mode [ 282.681667][ T5293] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 282.724450][T10722] netlink: 'syz.3.1825': attribute type 29 has an invalid length. [ 282.797654][T10723] netlink: 'syz.3.1825': attribute type 29 has an invalid length. [ 282.845931][T10722] netlink: 500 bytes leftover after parsing attributes in process `syz.3.1825'. [ 282.860618][ T5293] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 282.872760][T10725] loop1: detected capacity change from 0 to 512 [ 282.886581][ T5293] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 282.914668][ T5293] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 282.937874][ T5293] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 282.964271][ T5293] usb 1-1: Product: syz [ 282.977273][ T5293] usb 1-1: Manufacturer: syz [ 282.982291][ T5293] usb 1-1: SerialNumber: syz [ 282.997523][ T5293] usb 1-1: config 0 descriptor?? [ 283.011262][T10707] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 283.019763][T10707] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 283.048246][T10725] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.1826: Parent and EA inode have the same ino 15 [ 283.157218][T10725] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.1826: Parent and EA inode have the same ino 15 [ 283.240058][T10725] EXT4-fs (loop1): 1 orphan inode deleted [ 283.258972][T10707] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 283.270919][T10725] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.292443][T10707] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 283.425322][T10715] loop5: detected capacity change from 0 to 32768 [ 283.507318][ T8733] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.527330][T10715] XFS (loop5): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 283.584977][T10740] loop3: detected capacity change from 0 to 4096 [ 283.678161][T10709] loop4: detected capacity change from 0 to 40427 [ 283.686082][T10709] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 283.694517][T10709] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 283.710294][T10715] XFS (loop5): Ending clean mount [ 283.719041][T10715] XFS (loop5): Quotacheck needed: Please wait. [ 283.764969][T10709] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x1fffff [ 283.783840][T10715] XFS (loop5): Quotacheck: Done. [ 283.789467][T10709] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x1f8 [ 283.801341][T10709] F2FS-fs (loop4): invalid crc value [ 283.823493][T10709] F2FS-fs (loop4): Found nat_bits in checkpoint [ 284.033125][ T5719] XFS (loop5): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 284.128508][T10709] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 284.153480][T10709] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 284.179605][ T5293] dm9601 1-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL [ 284.210385][ T5293] usb 1-1: USB disconnect, device number 9 [ 284.334846][ C0] vkms_vblank_simulate: vblank timer overrun [ 284.456329][T10709] syz.4.1820: attempt to access beyond end of device [ 284.456329][T10709] loop4: rw=2049, sector=54096, nr_sectors = 848 limit=40427 [ 284.664265][T10769] loop5: detected capacity change from 0 to 1024 [ 284.667849][ T9527] syz-executor: attempt to access beyond end of device [ 284.667849][ T9527] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 284.667928][ T9527] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 284.760485][T10769] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 284.760601][T10769] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 285.040005][T10779] input: syz0 as /devices/virtual/input/input23 [ 285.296634][ T5719] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 285.521494][T10788] loop4: detected capacity change from 0 to 64 [ 285.526903][T10786] unknown channel width for channel at 909000KHz? [ 285.556190][ T29] audit: type=1800 audit(2000000057.309:112): pid=10788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1841" name="file0" dev="loop4" ino=21 res=0 errno=0 [ 285.577404][T10786] unknown channel width for channel at 909000KHz? [ 285.594250][T10786] unknown channel width for channel at 909000KHz? [ 285.616623][ T29] audit: type=1804 audit(2000000057.319:113): pid=10788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1841" name="/newroot/56/file0/file0" dev="loop4" ino=21 res=1 errno=0 [ 285.767931][ T9527] hfs: node 4:3 still has 1 user(s)! [ 285.906676][ T1168] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 286.070945][T10807] loop1: detected capacity change from 0 to 1024 [ 286.080627][ T1168] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 286.101668][ T1168] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 286.123358][T10807] EXT4-fs: Ignoring removed orlov option [ 286.138866][T10807] EXT4-fs: Ignoring removed nomblk_io_submit option [ 286.150349][ T1168] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 286.176055][ T1168] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 286.192202][ T1168] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 286.207457][ T1168] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.220845][T10807] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c118, mo2=0002] [ 286.249963][ T1168] usb 6-1: config 0 descriptor?? [ 286.264376][T10807] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 286.288310][T10790] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 286.506852][ T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 286.566403][ T8733] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.696624][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 286.736399][ T9] usb 1-1: config 0 interface 0 altsetting 252 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 286.774650][ T1168] plantronics 0003:047F:FFFF.000D: unknown main item tag 0xd [ 286.783127][ T9] usb 1-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0 [ 286.810744][ T1168] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 286.823658][ T9] usb 1-1: config 0 interface 0 altsetting 252 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 286.875674][ T1168] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 286.890079][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 286.906660][ T9] usb 1-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00 [ 286.931641][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.978320][ T9] usb 1-1: config 0 descriptor?? [ 287.082634][ T1168] usb 6-1: USB disconnect, device number 8 [ 287.183944][T10828] loop1: detected capacity change from 0 to 1024 [ 287.206521][ T9] usbhid 1-1:0.0: can't add hid device: -71 [ 287.219275][ T9] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 287.238482][ T9] usb 1-1: USB disconnect, device number 10 [ 287.276406][T10828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 287.639001][ T8733] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.866018][T10837] loop1: detected capacity change from 0 to 64 [ 288.009791][T10837] Trying to free block not in datazone [ 288.041331][T10837] Trying to free block not in datazone [ 288.235043][T10732] syz.2.1829 (10732): drop_caches: 1 [ 288.381412][T10837] Trying to free block not in datazone [ 288.422700][T10837] Trying to free block not in datazone [ 288.480597][T10837] minix_free_block (loop1:6): bit already cleared [ 288.488834][T10837] Trying to free block not in datazone [ 288.504778][T10837] Trying to free block not in datazone [ 289.043868][T10843] loop3: detected capacity change from 0 to 32768 [ 289.066606][T10843] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1868 (10843) [ 289.102422][T10843] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 289.131083][T10843] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 289.158655][T10843] BTRFS info (device loop3): using free-space-tree [ 289.252244][T10842] loop0: detected capacity change from 0 to 32768 [ 289.252418][T10877] loop5: detected capacity change from 0 to 1764 [ 289.365715][T10842] (syz.0.1867,10842,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 289.417806][T10842] (syz.0.1867,10842,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 289.473664][T10886] loop2: detected capacity change from 0 to 1024 [ 289.480986][T10886] EXT4-fs: Ignoring removed oldalloc option [ 289.487157][T10886] EXT4-fs: Ignoring removed nobh option [ 289.615154][T10842] JBD2: Ignoring recovery information on journal [ 289.640426][T10886] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 289.675904][T10895] loop1: detected capacity change from 0 to 512 [ 289.749106][ T5240] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 289.899691][T10889] loop5: detected capacity change from 0 to 8192 [ 289.952393][ C0] vkms_vblank_simulate: vblank timer overrun [ 289.953213][T10842] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 289.985818][ T5232] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.009123][T10895] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 290.037203][T10895] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.502192][T10910] loop4: detected capacity change from 0 to 2048 [ 290.523662][ T8733] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 290.860487][T10910] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 290.997124][ T5231] ocfs2: Unmounting device (7,0) on (node local) [ 291.426817][T10942] loop3: detected capacity change from 0 to 512 [ 291.434879][ T9527] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.607999][T10942] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.647532][T10942] ext4 filesystem being mounted at /331/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 291.842214][ T29] audit: type=1800 audit(2000000063.599:114): pid=10942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1898" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 291.862792][ C0] vkms_vblank_simulate: vblank timer overrun [ 291.986204][ T5240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.021699][T10958] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1900'. [ 292.212880][T10965] loop4: detected capacity change from 0 to 1024 [ 292.396837][T10974] loop3: detected capacity change from 0 to 256 [ 292.437411][T10974] exfat: Deprecated parameter 'utf8' [ 292.442837][T10974] exfat: Deprecated parameter 'utf8' [ 292.444315][T10965] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 292.497003][T10965] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 292.549710][T10974] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x3e996bda, utbl_chksum : 0xe619d30d) [ 292.706903][ T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 292.786709][ T1168] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 292.827599][T10982] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 292.887379][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 292.916537][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 292.926352][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 292.966570][ T1168] usb 6-1: Using ep0 maxpacket: 32 [ 292.971900][ T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 292.996859][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.008544][ T1168] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 293.010879][T10984] loop3: detected capacity change from 0 to 1024 [ 293.027030][ T1168] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.036219][ T1168] usb 6-1: Product: syz [ 293.041414][ T9] usb 3-1: config 0 descriptor?? [ 293.048862][ T9527] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.058716][ T1168] usb 6-1: Manufacturer: syz [ 293.074872][ T1168] usb 6-1: SerialNumber: syz [ 293.090098][ T1168] usb 6-1: config 0 descriptor?? [ 293.123550][ T1168] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 293.161395][T10960] loop1: detected capacity change from 0 to 32768 [ 293.211046][T10986] loop0: detected capacity change from 0 to 1024 [ 293.253871][T10986] EXT4-fs: Ignoring removed orlov option [ 293.271192][T10991] hfsplus: xattr searching failed [ 293.277725][T10986] EXT4-fs (loop0): Test dummy encryption mode enabled [ 293.299941][T10960] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 293.313827][T10986] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 293.329113][T10984] hfsplus: catalog searching failed [ 293.404131][T10986] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 293.422094][T10960] syz.1.1902 (10960) used greatest stack depth: 17048 bytes left [ 293.452705][ T35] hfsplus: b-tree write err: -5, ino 3 [ 293.483524][ T9] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0 [ 293.491217][ T9] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0 [ 293.500081][ T9] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving [ 293.503434][ T5240] hfsplus: node 4:3 still has 1 user(s)! [ 293.523387][ T9] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 293.552188][T10986] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 293.579104][T10990] block device autoloading is deprecated and will be removed. [ 293.589942][T10990] syz.4.1912: attempt to access beyond end of device [ 293.589942][T10990] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 293.693098][ T8733] ocfs2: Unmounting device (7,1) on (node local) [ 293.807498][T10986] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 293.823619][ T9] usb 3-1: USB disconnect, device number 12 [ 293.945345][T11002] Process accounting resumed [ 294.079102][ T5231] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.172303][ T1168] gspca_ov534_9: reg_w failed -71 [ 294.208098][T11010] loop3: detected capacity change from 0 to 1024 [ 294.240725][T11010] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 294.486082][ T5240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.506799][ T1168] gspca_ov534_9: Unknown sensor 0000 [ 294.506888][ T1168] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22 [ 294.534730][ T1168] usb 6-1: USB disconnect, device number 9 [ 294.588103][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 294.766772][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 294.781944][ T9] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x5E, changing to 0xE [ 294.827782][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7 [ 294.857905][T11031] ALSA: mixer_oss: invalid OSS volume '' [ 294.966775][ T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 294.989934][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.054718][ T9] usb 5-1: Product: syz [ 295.067260][ T9] usb 5-1: Manufacturer: syz [ 295.085336][ T9] usb 5-1: SerialNumber: syz [ 295.164603][T11041] syz.1.1931 uses obsolete (PF_INET,SOCK_PACKET) [ 296.040391][T11070] loop3: detected capacity change from 0 to 256 [ 296.222924][T11082] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1949'. [ 296.308349][ T9] cdc_ncm 5-1:1.0: bind() failure [ 296.324351][ T9] cdc_ncm 5-1:1.1: probe with driver cdc_ncm failed with error -71 [ 296.335352][ T9] cdc_mbim 5-1:1.1: probe with driver cdc_mbim failed with error -71 [ 296.375752][ T9] usbtest 5-1:1.1: probe with driver usbtest failed with error -71 [ 296.430344][ T9] usb 5-1: USB disconnect, device number 10 [ 296.556374][T11093] loop1: detected capacity change from 0 to 1024 [ 296.643916][T11093] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 296.699056][T11098] netlink: 172 bytes leftover after parsing attributes in process `syz.0.1956'. [ 296.704340][T11089] loop3: detected capacity change from 0 to 8192 [ 296.774916][T11089] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 296.778850][T11093] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 296.823875][T11093] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 23 with max blocks 1 with error 28 [ 296.889753][T11093] EXT4-fs (loop1): This should not happen!! Data will be lost [ 296.889753][T11093] [ 296.930946][T11105] loop5: detected capacity change from 0 to 128 [ 296.954377][T11093] EXT4-fs (loop1): Total free blocks count 0 [ 296.972353][T11093] EXT4-fs (loop1): Free/Dirty block details [ 297.000028][T11093] EXT4-fs (loop1): free_blocks=68451041280 [ 297.005613][T11105] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 297.036062][T11105] ext4 filesystem being mounted at /272/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 297.063749][T11093] EXT4-fs (loop1): dirty_blocks=16 [ 297.093607][T11063] loop2: detected capacity change from 0 to 32768 [ 297.101360][T11093] EXT4-fs (loop1): Block reservation details [ 297.143007][T11093] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 297.193882][T11101] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 24 with error 28 [ 297.209579][T11063] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1942 (11063) [ 297.236735][ T5719] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 297.258248][T11063] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 297.268713][T11063] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 297.277677][T11063] BTRFS info (device loop2): using free-space-tree [ 297.639160][ T5232] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 298.155591][T11155] netlink: 'syz.5.1972': attribute type 21 has an invalid length. [ 298.190510][T11158] loop2: detected capacity change from 0 to 256 [ 298.748501][T11167] loop2: detected capacity change from 0 to 4096 [ 298.748782][T11177] loop4: detected capacity change from 0 to 64 [ 298.804546][T11138] loop0: detected capacity change from 0 to 40427 [ 298.847864][T11138] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 298.858473][T11176] loop3: detected capacity change from 0 to 4096 [ 298.865488][T11138] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 298.893949][T11176] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 298.926213][T11138] F2FS-fs (loop0): invalid crc value [ 298.963017][T11138] F2FS-fs (loop0): Found nat_bits in checkpoint [ 299.166632][T11138] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 299.196678][T11138] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 299.255978][T11195] batadv_slave_1: entered promiscuous mode [ 299.264462][T11193] batadv_slave_1: left promiscuous mode [ 299.304636][T11138] syz.0.1967: attempt to access beyond end of device [ 299.304636][T11138] loop0: rw=2049, sector=45096, nr_sectors = 112 limit=40427 [ 299.467881][T11204] loop5: detected capacity change from 0 to 512 [ 299.555272][T11204] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 299.607870][T11204] EXT4-fs (loop5): invalid journal inode [ 299.621251][T11204] EXT4-fs (loop5): can't get journal size [ 299.735509][T11204] EXT4-fs (loop5): 1 truncate cleaned up [ 299.753224][T11204] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 300.269806][T11228] loop0: detected capacity change from 0 to 64 [ 300.295197][T11229] loop4: detected capacity change from 0 to 16 [ 300.304428][T11229] erofs: (device loop4): mounted with root inode @ nid 36. [ 300.310501][ T5719] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.320374][T11228] hfs: filesystem is marked locked, mounting read-only. [ 300.321506][ T1168] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 300.348831][T11229] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 300.404307][T11229] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -23 in[64, 4032] out[1851] [ 300.450516][T11229] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 300.536698][ T1168] usb 3-1: Using ep0 maxpacket: 32 [ 300.565840][ T1168] usb 3-1: config index 0 descriptor too short (expected 29220, got 36) [ 300.594749][ T1168] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 300.599455][T11236] loop0: detected capacity change from 0 to 128 [ 300.629497][ T1168] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 300.653892][ T1168] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 300.671955][T11236] Process accounting resumed [ 300.684414][ T1168] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 300.691277][T11236] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 300.716533][ T1168] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 300.720492][T11233] loop1: detected capacity change from 0 to 4096 [ 300.745232][T11236] FAT-fs (loop0): Filesystem has been set read-only [ 300.750551][ T1168] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 300.769970][T11233] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 300.781305][ T1168] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.784871][T11236] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 300.818803][ T1168] usb 3-1: config 0 descriptor?? [ 300.876646][T11233] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 300.886767][ T5295] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 301.017490][ T11] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22. [ 301.033719][ T1168] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 301.045291][ T8733] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 301.053268][T11223] loop3: detected capacity change from 0 to 32768 [ 301.060694][ T8733] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 301.069161][ T5295] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 301.076380][ T8733] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 301.086891][ T741] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22. [ 301.125455][ T5295] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 301.154923][T11223] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 301.156657][ T5295] usb 6-1: config 1 has no interface number 0 [ 301.223501][ T5295] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 301.243488][ T1168] usb 3-1: USB disconnect, device number 13 [ 301.256312][ T1168] usblp0: removed [ 301.282055][ T5295] usb 6-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 301.315604][ T5295] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 301.371543][ T5295] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 301.394193][ T5295] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.407653][ T5295] usb 6-1: Product: syz [ 301.411878][ T5295] usb 6-1: Manufacturer: syz [ 301.427786][ T5295] usb 6-1: SerialNumber: syz [ 301.462839][T11223] XFS (loop3): Ending clean mount [ 301.621966][ T5240] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 301.628737][T11267] netlink: 160 bytes leftover after parsing attributes in process `syz.4.2018'. [ 301.664410][T11267] netlink: 160 bytes leftover after parsing attributes in process `syz.4.2018'. [ 301.979035][T11274] loop4: detected capacity change from 0 to 256 [ 302.001670][T11274] exfat: Deprecated parameter 'utf8' [ 302.035915][T11274] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x0ec8ca35, utbl_chksum : 0xe619d30d) [ 302.053509][T11263] loop1: detected capacity change from 0 to 32768 [ 302.265026][ T5295] cdc_ncm 6-1:1.1: bind() failure [ 302.355694][T11276] loop4: detected capacity change from 0 to 256 [ 302.382594][T11276] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0xb9626cac, utbl_chksum : 0xe619d30d) [ 302.520673][ T1168] usb 6-1: USB disconnect, device number 10 [ 302.606871][T11272] loop2: detected capacity change from 0 to 32768 [ 302.809782][T11285] find_entry called with index = 0 [ 302.879222][T11285] read_mapping_page failed! [ 302.926611][ T5244] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 302.928148][T11285] ERROR: (device loop2): txCommit: [ 302.928148][T11285] [ 303.096910][ T5244] usb 5-1: Using ep0 maxpacket: 16 [ 303.145249][ T5244] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 303.179666][ T5244] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 303.207082][ T5232] ERROR: (device loop2): diFree: wmap shows inode already free [ 303.207082][ T5232] [ 303.266943][ T5244] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 303.306798][ T5244] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 303.337032][ T5244] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 303.346337][ T5244] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.362858][ T5244] usb 5-1: Product: syz [ 303.372409][ T5244] usb 5-1: Manufacturer: syz [ 303.392734][ T5244] usb 5-1: SerialNumber: syz [ 303.649922][ T5244] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 303.696880][ T5244] usb 5-1: MIDIStreaming interface descriptor not found [ 303.711107][T11293] loop3: detected capacity change from 0 to 32768 [ 303.813953][T11280] loop0: detected capacity change from 0 to 32768 [ 303.834976][T11280] XFS: noikeep mount option is deprecated. [ 303.955281][T11302] loop1: detected capacity change from 0 to 1024 [ 303.998335][ T5244] usb 5-1: USB disconnect, device number 11 [ 304.042321][T11280] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 304.222318][T11280] XFS (loop0): Ending clean mount [ 304.237967][T11280] XFS (loop0): Quotacheck needed: Please wait. [ 304.283295][ T1048] hfsplus: b-tree write err: -5, ino 4 [ 304.419739][T11280] XFS (loop0): Quotacheck: Done. [ 304.502371][T11318] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2039'. [ 304.523691][T11321] netlink: 'syz.2.2040': attribute type 10 has an invalid length. [ 304.573939][ T5231] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 304.611301][T11321] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 304.670998][T11321] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 304.699141][T11322] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.2038'. [ 304.725147][T11325] loop3: detected capacity change from 0 to 256 [ 304.744348][T11325] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 304.753554][T11322] netlink: 6328 bytes leftover after parsing attributes in process `syz.1.2038'. [ 304.768465][T11325] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 304.801021][T11322] tc_dump_action: action bad kind [ 304.920094][T11323] bond0: entered promiscuous mode [ 304.925213][T11323] bond_slave_0: entered promiscuous mode [ 304.962239][T11323] bond_slave_1: entered promiscuous mode [ 304.982589][T11323] dummy0: entered promiscuous mode [ 305.005618][T11323] batadv0: entered promiscuous mode [ 305.046848][T11298] loop5: detected capacity change from 0 to 40427 [ 305.106626][T11298] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 305.135367][T11298] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 305.194620][T11298] F2FS-fs (loop5): Found nat_bits in checkpoint [ 305.326217][T11329] loop1: detected capacity change from 0 to 4096 [ 305.531724][T11349] loop3: detected capacity change from 0 to 64 [ 305.543718][T11298] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 305.559930][T11298] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 305.728692][T11356] loop4: detected capacity change from 0 to 8 [ 306.411358][T11384] loop2: detected capacity change from 0 to 128 [ 306.469389][T11384] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 306.530151][T11384] ext4 filesystem being mounted at /375/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 306.731452][ T5244] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 306.769597][T11400] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 306.879733][ T5232] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 306.907034][ T5244] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 306.937156][ T5244] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 306.989416][ T5244] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 307.032334][T11411] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2072'. [ 307.046624][ T5244] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 307.081870][ T5244] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 307.095814][T11413] loop2: detected capacity change from 0 to 1024 [ 307.116398][ T5244] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.154829][ T5244] usb 4-1: config 0 descriptor?? [ 307.188510][T11389] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 307.253460][T11419] hfsplus: filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. leaving read-only. [ 307.341210][ T9] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 307.465581][T11427] loop2: detected capacity change from 0 to 64 [ 307.514680][ T9] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 307.534668][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.561861][ T9] usb 6-1: Product: syz [ 307.566200][ T9] usb 6-1: Manufacturer: syz [ 307.580712][ T9] usb 6-1: SerialNumber: syz [ 307.590628][ T9] usb 6-1: config 0 descriptor?? [ 307.629644][ T5244] plantronics 0003:047F:FFFF.000F: unknown main item tag 0xd [ 307.655118][ T5244] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving [ 307.677931][ T5244] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 307.809724][ T9] usb 6-1: USB disconnect, device number 11 [ 307.917544][ T5244] usb 4-1: USB disconnect, device number 10 [ 308.036785][ T1168] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 308.168961][T11444] loop4: detected capacity change from 0 to 256 [ 308.184621][T11444] exfat: Deprecated parameter 'utf8' [ 308.192123][T11444] exfat: Deprecated parameter 'utf8' [ 308.211940][T11444] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x4954cfbc, utbl_chksum : 0xe619d30d) [ 308.225771][ T1168] usb 1-1: Using ep0 maxpacket: 8 [ 308.232954][ T1168] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 308.248165][ T1168] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 308.273737][ T1168] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 308.296160][ T1168] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 308.323025][ T1168] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 308.338285][ T1168] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 308.355932][ T1168] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 308.559750][T11454] loop1: detected capacity change from 0 to 128 [ 308.606602][ T1168] usb 1-1: GET_CAPABILITIES returned 0 [ 308.612280][ T1168] usbtmc 1-1:16.0: can't read capabilities [ 308.648512][T11454] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 308.748047][T11454] ext4 filesystem being mounted at /153/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 308.827893][ T1168] usb 1-1: USB disconnect, device number 11 [ 308.838634][T11470] loop2: detected capacity change from 0 to 64 [ 309.026651][ T5244] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 309.161876][ T8733] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 309.208637][ T5244] usb 6-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config [ 309.219165][ T5244] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 309.228369][ T5244] usb 6-1: config 1 has no interface number 0 [ 309.234819][ T5244] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 309.245842][ T5244] usb 6-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 309.255008][ T5244] usb 6-1: too many endpoints for config 1 interface 1 altsetting 1: 97, using maximum allowed: 30 [ 309.266579][ T5244] usb 6-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 97 [ 309.445266][T11466] loop3: detected capacity change from 0 to 40427 [ 309.470806][T11466] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff [ 309.479735][ T5244] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 309.489196][ T5244] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.501044][T11466] F2FS-fs (loop3): Image doesn't support compression [ 309.509174][ T5244] usb 6-1: Product: syz [ 309.516391][ T5244] usb 6-1: Manufacturer: syz [ 309.522724][T11466] F2FS-fs (loop3): Image doesn't support compression [ 309.530068][ T5244] usb 6-1: SerialNumber: syz [ 309.558614][T11466] F2FS-fs (loop3): invalid crc value [ 309.579114][T11466] F2FS-fs (loop3): Found nat_bits in checkpoint [ 309.737548][T11466] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 309.817010][ T5295] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 309.857116][T11466] F2FS-fs (loop3): inject dquot initialize in f2fs_dquot_initialize of f2fs_new_inode+0x58c/0x1220 [ 309.996851][ T5240] syz-executor: attempt to access beyond end of device [ 309.996851][ T5240] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 310.041014][ T5240] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 310.085752][T11475] loop2: detected capacity change from 0 to 40427 [ 310.090842][ T5295] usb 2-1: Using ep0 maxpacket: 32 [ 310.116768][T11475] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x1fffff [ 310.146673][ T5295] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 310.157355][ T5295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.165936][T11475] F2FS-fs (loop2): invalid crc value [ 310.175717][ T5295] usb 2-1: Product: syz [ 310.183640][ T5295] usb 2-1: Manufacturer: syz [ 310.189926][T11475] F2FS-fs (loop2): Found nat_bits in checkpoint [ 310.206679][ T5295] usb 2-1: SerialNumber: syz [ 310.237868][ T5295] usb 2-1: config 0 descriptor?? [ 310.372008][T11475] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 310.372074][ T5244] cdc_ncm 6-1:1.1: failed GET_NTB_PARAMETERS [ 310.386685][ T5244] cdc_ncm 6-1:1.1: bind() failure [ 310.400984][ T5244] usb 6-1: USB disconnect, device number 12 [ 310.551807][ T5232] syz-executor: attempt to access beyond end of device [ 310.551807][ T5232] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 310.576703][ T5232] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 310.699231][ T5295] airspy 2-1:0.0: Board ID: 00 [ 310.706376][ T5295] airspy 2-1:0.0: Firmware version: [ 311.330898][ T5295] airspy 2-1:0.0: usb_control_msg() failed -71 request 12 [ 311.348133][ T5295] airspy 2-1:0.0: Registered as swradio16 [ 311.366802][ T5295] airspy 2-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 311.394681][ T5295] usb 2-1: USB disconnect, device number 13 [ 311.659906][T11523] loop2: detected capacity change from 0 to 4096 [ 311.682329][T11523] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 311.755681][T11523] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 311.769375][T11515] loop3: detected capacity change from 0 to 32768 [ 311.789143][T11523] ntfs3(loop2): Failed to load $Extend (-22). [ 311.795499][T11515] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2117 (11515) [ 311.809096][T11523] ntfs3(loop2): Failed to initialize $Extend. [ 311.834584][T11515] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 311.853553][T11515] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 311.883119][T11515] BTRFS info (device loop3): using free-space-tree [ 312.317251][T11527] loop5: detected capacity change from 0 to 32768 [ 312.325503][T11527] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2123 (11527) [ 312.336617][ T5240] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 312.357634][T11560] loop0: detected capacity change from 0 to 128 [ 312.358548][T11527] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 312.374596][T11527] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 312.383848][T11527] BTRFS info (device loop5): using free-space-tree [ 312.456163][T11560] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 312.503861][T11560] ext4 filesystem being mounted at /361/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 312.549542][T11557] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:406: inode #2: comm syz.0.2130: No space for directory leaf checksum. Please run e2fsck -D. [ 312.569872][T11557] EXT4-fs error (device loop0): __ext4_find_entry:1652: inode #2: comm syz.0.2130: checksumming directory block 0 [ 312.784441][ T5231] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 313.019664][ T4618] Bluetooth: hci7: command 0x1003 tx timeout [ 313.046567][ T5254] Bluetooth: hci7: Opcode 0x1003 failed: -110 [ 313.274058][ C0] vkms_vblank_simulate: vblank timer overrun [ 313.391365][T11588] loop0: detected capacity change from 0 to 40427 [ 313.409085][T11588] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 313.417010][T11588] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 313.451839][ T5719] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 313.496691][T11588] F2FS-fs (loop0): invalid crc value [ 313.584940][T11588] F2FS-fs (loop0): Found nat_bits in checkpoint [ 313.722826][T11598] loop1: detected capacity change from 0 to 4096 [ 313.826520][T11606] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 313.927284][T11588] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 313.934384][T11588] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 314.223039][ T5231] syz-executor: attempt to access beyond end of device [ 314.223039][ T5231] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 314.246749][ T5231] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 314.445750][T11594] loop4: detected capacity change from 0 to 32768 [ 314.494805][ C0] vkms_vblank_simulate: vblank timer overrun [ 314.556190][ C0] vkms_vblank_simulate: vblank timer overrun [ 314.608873][T11594] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 314.613833][ T741] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 314.628939][ T741] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 314.755018][T11594] XFS (loop4): Starting recovery (logdev: internal) [ 314.795839][ C0] vkms_vblank_simulate: vblank timer overrun [ 315.005403][T11634] loop1: detected capacity change from 0 to 164 [ 315.071323][T11636] input: syz0 as /devices/virtual/input/input26 [ 315.086810][T11594] XFS (loop4): Ending recovery (logdev: internal) [ 315.303715][T11648] loop5: detected capacity change from 0 to 256 [ 315.311584][T11648] exfat: Deprecated parameter 'utf8' [ 315.317542][T11648] exfat: Deprecated parameter 'namecase' [ 315.323340][T11648] exfat: Deprecated parameter 'utf8' [ 315.332840][T11649] ISOFS: unable to read i-node block [ 315.417943][T11648] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 315.505994][T11640] loop2: detected capacity change from 0 to 40427 [ 315.528731][T11640] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 315.546824][T11640] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 315.564782][T11640] F2FS-fs (loop2): invalid crc value [ 315.608169][T11640] F2FS-fs (loop2): Found nat_bits in checkpoint [ 315.635133][ T9527] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 315.734963][T11657] No such timeout policy "syz0" [ 315.773051][ C0] vkms_vblank_simulate: vblank timer overrun [ 315.861637][T11640] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 315.879264][T11640] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 315.953965][T11640] syz.2.2154: attempt to access beyond end of device [ 315.953965][T11640] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 316.254550][T11671] loop3: detected capacity change from 0 to 2048 [ 316.353683][T11676] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 316.408706][ C0] vkms_vblank_simulate: vblank timer overrun [ 316.528883][T11663] loop0: detected capacity change from 0 to 32768 [ 316.582767][ T29] audit: type=1800 audit(2000000088.339:115): pid=11679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2165" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 316.624207][ T29] audit: type=1800 audit(2000000088.379:116): pid=11671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2165" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 316.658733][T11663] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 316.695856][T11683] macvtap0: entered promiscuous mode [ 316.742009][T11683] macvtap0: left promiscuous mode [ 316.877225][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.899601][T11663] XFS (loop0): Ending clean mount [ 317.053692][T11672] loop5: detected capacity change from 0 to 40427 [ 317.062631][T11672] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 317.070499][T11672] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 317.151783][ T5231] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 317.224145][T11672] F2FS-fs (loop5): Found nat_bits in checkpoint [ 317.434822][T11672] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 317.475643][T11702] loop2: detected capacity change from 0 to 2048 [ 317.479504][T11672] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 317.552423][T11702] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 317.559979][T11672] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 317.585645][T11672] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 318.217497][ C0] vkms_vblank_simulate: vblank timer overrun [ 318.296849][ T5295] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 318.298389][ T5294] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 318.437191][T11727] loop2: detected capacity change from 0 to 2048 [ 318.458560][ T5295] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 318.475980][T11727] loop2: p2 < > [ 318.480959][ T5295] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 318.511756][ T5295] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 318.517961][ T5294] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 318.549758][ T5295] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 318.556984][ T5294] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 318.585406][ T5295] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 318.603989][ T5295] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.606575][ T5294] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 318.616256][ T5295] usb 1-1: config 0 descriptor?? [ 318.647998][ T5294] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 318.674889][ T5294] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 318.707302][ T5294] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 318.747546][ T5294] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 318.753061][T11734] loop2: detected capacity change from 0 to 512 [ 318.759474][ T5294] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.781836][ T5294] usb 5-1: Product: syz [ 318.783902][T11734] EXT4-fs: Ignoring removed bh option [ 318.786051][ T5294] usb 5-1: Manufacturer: syz [ 318.820756][ T5294] usb 5-1: SerialNumber: syz [ 318.837609][T11734] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 318.866991][T11734] ext4 filesystem being mounted at /403/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 319.012157][ T5232] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.065584][ C0] vkms_vblank_simulate: vblank timer overrun [ 319.102341][ T5295] plantronics 0003:047F:FFFF.0010: ignoring exceeding usage max [ 319.156890][ T5295] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving [ 319.277546][ T5295] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 319.388404][ T5295] usb 1-1: USB disconnect, device number 12 [ 319.666756][ T5235] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 319.810003][ T46] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 319.819501][ T5235] usb 2-1: Using ep0 maxpacket: 16 [ 319.827852][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 319.839306][ T5235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 319.850564][ T5235] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 319.864795][ T5235] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 319.874487][ T5235] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 319.885622][ T5235] usb 2-1: config 0 descriptor?? [ 319.974403][ T5294] cdc_ncm 5-1:1.0: bind() failure [ 319.999507][ T5294] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 320.009051][ T46] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 320.012636][ T5294] cdc_ncm 5-1:1.1: bind() failure [ 320.032541][ T5294] usb 5-1: USB disconnect, device number 12 [ 320.043742][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.101377][ T46] usb 3-1: config 0 descriptor?? [ 320.109754][ T46] cp210x 3-1:0.0: cp210x converter detected [ 320.314038][ T46] cp210x 3-1:0.0: failed to get vendor val 0x370b size 1: -71 [ 320.322735][ T46] cp210x 3-1:0.0: querying part number failed [ 320.333834][ T46] usb 3-1: cp210x converter now attached to ttyUSB0 [ 320.351152][ T5235] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0 [ 320.366785][ T46] usb 3-1: USB disconnect, device number 14 [ 320.373069][ T5235] microsoft 0003:045E:07DA.0011: unknown main item tag 0x2 [ 320.391114][ T46] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 320.401606][ T5235] microsoft 0003:045E:07DA.0011: ignoring exceeding usage max [ 320.409762][ T46] cp210x 3-1:0.0: device disconnected [ 320.421664][ T5235] microsoft 0003:045E:07DA.0011: No inputs registered, leaving [ 320.434072][ T5235] microsoft 0003:045E:07DA.0011: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 320.450919][ T5235] microsoft 0003:045E:07DA.0011: no inputs found [ 320.457943][ T5235] microsoft 0003:045E:07DA.0011: could not initialize ff, continuing anyway [ 320.547426][ C0] vkms_vblank_simulate: vblank timer overrun [ 320.587240][ T5235] usb 2-1: USB disconnect, device number 14 [ 320.757959][T11782] [ 320.760336][T11782] ===================================================== [ 320.767286][T11782] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 320.774753][T11782] 6.12.0-rc2-syzkaller-00100-geb952c47d154 #0 Not tainted [ 320.781955][T11782] ----------------------------------------------------- [ 320.789066][T11782] syz.5.2206/11782 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 320.796807][T11782] ffff88802d317720 (&f_owner->lock){....}-{2:2}, at: send_sigio+0x37/0x390 [ 320.805503][T11782] [ 320.805503][T11782] and this task is already holding: [ 320.812883][T11782] ffff88802ece6168 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x199/0x4f0 [ 320.821746][T11782] which would create a new lock dependency: [ 320.827654][T11782] (&new->fa_lock){....}-{2:2} -> (&f_owner->lock){....}-{2:2} [ 320.835302][T11782] [ 320.835302][T11782] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 320.844774][T11782] (&dev->event_lock#2){..-.}-{2:2} [ 320.844836][T11782] [ 320.844836][T11782] ... which became SOFTIRQ-irq-safe at: [ 320.857751][T11782] lock_acquire+0x1ed/0x550 [ 320.862380][T11782] _raw_spin_lock_irqsave+0xd5/0x120 [ 320.867797][T11782] input_inject_event+0xc5/0x340 [ 320.872868][T11782] led_trigger_event+0x138/0x210 [ 320.877919][T11782] kbd_bh+0x1b5/0x290 [ 320.882035][T11782] tasklet_action_common+0x323/0x4d0 [ 320.887452][T11782] handle_softirqs+0x2c7/0x980 [ 320.892346][T11782] run_ksoftirqd+0xca/0x130 [ 320.897110][T11782] smpboot_thread_fn+0x546/0xa30 [ 320.902177][T11782] kthread+0x2f2/0x390 [ 320.906360][T11782] ret_from_fork+0x4d/0x80 [ 320.910901][T11782] ret_from_fork_asm+0x1a/0x30 [ 320.915796][T11782] [ 320.915796][T11782] to a SOFTIRQ-irq-unsafe lock: [ 320.922825][T11782] (tasklist_lock){.+.+}-{2:2} [ 320.922872][T11782] [ 320.922872][T11782] ... which became SOFTIRQ-irq-unsafe at: [ 320.935676][T11782] ... [ 320.935691][T11782] lock_acquire+0x1ed/0x550 [ 320.942880][T11782] _raw_read_lock+0x36/0x50 [ 320.947501][T11782] __do_wait+0x12d/0x850 [ 320.951846][T11782] do_wait+0x1e9/0x560 [ 320.956014][T11782] kernel_wait+0xe9/0x240 [ 320.960448][T11782] call_usermodehelper_exec_work+0xbd/0x230 [ 320.966541][T11782] process_scheduled_works+0xa65/0x1850 [ 320.972195][T11782] worker_thread+0x870/0xd30 [ 320.976898][T11782] kthread+0x2f2/0x390 [ 320.981068][T11782] ret_from_fork+0x4d/0x80 [ 320.985599][T11782] ret_from_fork_asm+0x1a/0x30 [ 320.990472][T11782] [ 320.990472][T11782] other info that might help us debug this: [ 320.990472][T11782] [ 321.000701][T11782] Chain exists of: [ 321.000701][T11782] &dev->event_lock#2 --> &new->fa_lock --> tasklist_lock [ 321.000701][T11782] [ 321.013712][T11782] Possible interrupt unsafe locking scenario: [ 321.013712][T11782] [ 321.022034][T11782] CPU0 CPU1 [ 321.027403][T11782] ---- ---- [ 321.032783][T11782] lock(tasklist_lock); [ 321.037031][T11782] local_irq_disable(); [ 321.043774][T11782] lock(&dev->event_lock#2); [ 321.050973][T11782] lock(&new->fa_lock); [ 321.057750][T11782] [ 321.061189][T11782] lock(&dev->event_lock#2); [ 321.066040][T11782] [ 321.066040][T11782] *** DEADLOCK *** [ 321.066040][T11782] [ 321.074165][T11782] 5 locks held by syz.5.2206/11782: [ 321.079344][T11782] #0: ffffffff8e967ae8 (acct_on_mutex){+.+.}-{3:3}, at: __se_sys_acct+0xca/0x760 [ 321.088598][T11782] #1: ffffffff8eaa3f70 (file_rwsem){.+.+}-{0:0}, at: __break_lease+0x3b3/0x1820 [ 321.097774][T11782] #2: ffff888027e386f8 (&ctx->flc_lock){+.+.}-{2:2}, at: __break_lease+0x3c0/0x1820 [ 321.107279][T11782] #3: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x54/0x4f0 [ 321.116363][T11782] #4: ffff88802ece6168 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x199/0x4f0 [ 321.125532][T11782] [ 321.125532][T11782] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 321.136006][T11782] -> (&dev->event_lock#2){..-.}-{2:2} { [ 321.141663][T11782] IN-SOFTIRQ-W at: [ 321.145719][T11782] lock_acquire+0x1ed/0x550 [ 321.152046][T11782] _raw_spin_lock_irqsave+0xd5/0x120 [ 321.159425][T11782] input_inject_event+0xc5/0x340 [ 321.166188][T11782] led_trigger_event+0x138/0x210 [ 321.172940][T11782] kbd_bh+0x1b5/0x290 [ 321.178748][T11782] tasklet_action_common+0x323/0x4d0 [ 321.185868][T11782] handle_softirqs+0x2c7/0x980 [ 321.192474][T11782] run_ksoftirqd+0xca/0x130 [ 321.198990][T11782] smpboot_thread_fn+0x546/0xa30 [ 321.205760][T11782] kthread+0x2f2/0x390 [ 321.211649][T11782] ret_from_fork+0x4d/0x80 [ 321.217890][T11782] ret_from_fork_asm+0x1a/0x30 [ 321.224485][T11782] INITIAL USE at: [ 321.228458][T11782] lock_acquire+0x1ed/0x550 [ 321.234698][T11782] _raw_spin_lock_irqsave+0xd5/0x120 [ 321.241806][T11782] input_inject_event+0xc5/0x340 [ 321.248481][T11782] kbd_led_trigger_activate+0xb8/0x100 [ 321.255681][T11782] led_trigger_set+0x584/0x9c0 [ 321.262177][T11782] led_trigger_set_default+0x229/0x260 [ 321.269366][T11782] led_classdev_register_ext+0x6e6/0x8a0 [ 321.276737][T11782] input_leds_connect+0x489/0x630 [ 321.283674][T11782] input_register_device+0xd3d/0x1110 [ 321.290800][T11782] atkbd_connect+0x752/0xa00 [ 321.297119][T11782] serio_driver_probe+0x81/0xa0 [ 321.303714][T11782] really_probe+0x2ba/0xad0 [ 321.309942][T11782] __driver_probe_device+0x1a2/0x390 [ 321.316957][T11782] driver_probe_device+0x50/0x430 [ 321.323717][T11782] __driver_attach+0x45f/0x710 [ 321.330205][T11782] bus_for_each_dev+0x23b/0x2b0 [ 321.336788][T11782] serio_handle_event+0x1c7/0x920 [ 321.343544][T11782] process_scheduled_works+0xa65/0x1850 [ 321.350825][T11782] worker_thread+0x870/0xd30 [ 321.357159][T11782] kthread+0x2f2/0x390 [ 321.362972][T11782] ret_from_fork+0x4d/0x80 [ 321.369127][T11782] ret_from_fork_asm+0x1a/0x30 [ 321.375628][T11782] } [ 321.378197][T11782] ... key at: [] input_allocate_device.__key.5+0x0/0x20 [ 321.387311][T11782] -> (&new->fa_lock){....}-{2:2} { [ 321.392437][T11782] INITIAL USE at: [ 321.396322][T11782] lock_acquire+0x1ed/0x550 [ 321.402390][T11782] _raw_write_lock_irq+0xd3/0x120 [ 321.408979][T11782] fasync_remove_entry+0xff/0x1d0 [ 321.415568][T11782] __fput+0x71d/0x880 [ 321.421112][T11782] task_work_run+0x251/0x310 [ 321.427262][T11782] syscall_exit_to_user_mode+0x168/0x370 [ 321.434465][T11782] do_syscall_64+0x100/0x230 [ 321.440605][T11782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.448067][T11782] INITIAL READ USE at: [ 321.452387][T11782] lock_acquire+0x1ed/0x550 [ 321.458894][T11782] _raw_read_lock_irqsave+0xdd/0x130 [ 321.466174][T11782] kill_fasync+0x199/0x4f0 [ 321.472583][T11782] mousedev_notify_readers+0x719/0xc80 [ 321.480041][T11782] mousedev_event+0x5d9/0x1390 [ 321.486802][T11782] input_handler_events_default+0x109/0x1c0 [ 321.494817][T11782] input_pass_values+0x288/0x860 [ 321.501777][T11782] input_event_dispose+0x30f/0x600 [ 321.508890][T11782] input_handle_event+0xa71/0xbe0 [ 321.515996][T11782] input_inject_event+0x22f/0x340 [ 321.523017][T11782] evdev_write+0x5fd/0x790 [ 321.529423][T11782] vfs_write+0x29e/0xc90 [ 321.535650][T11782] ksys_write+0x183/0x2b0 [ 321.541964][T11782] do_syscall_64+0xf3/0x230 [ 321.548456][T11782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.556355][T11782] } [ 321.558839][T11782] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 321.567512][T11782] ... acquired at: [ 321.571320][T11782] lock_acquire+0x1ed/0x550 [ 321.576000][T11782] _raw_read_lock_irqsave+0xdd/0x130 [ 321.581459][T11782] kill_fasync+0x199/0x4f0 [ 321.586064][T11782] mousedev_notify_readers+0x719/0xc80 [ 321.591701][T11782] mousedev_event+0x5d9/0x1390 [ 321.596644][T11782] input_handler_events_default+0x109/0x1c0 [ 321.602737][T11782] input_pass_values+0x288/0x860 [ 321.607850][T11782] input_event_dispose+0x30f/0x600 [ 321.613136][T11782] input_handle_event+0xa71/0xbe0 [ 321.618358][T11782] input_inject_event+0x22f/0x340 [ 321.623554][T11782] evdev_write+0x5fd/0x790 [ 321.628133][T11782] vfs_write+0x29e/0xc90 [ 321.632538][T11782] ksys_write+0x183/0x2b0 [ 321.637123][T11782] do_syscall_64+0xf3/0x230 [ 321.641795][T11782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.647949][T11782] [ 321.650257][T11782] [ 321.650257][T11782] the dependencies between the lock to be acquired [ 321.650269][T11782] and SOFTIRQ-irq-unsafe lock: [ 321.664011][T11782] -> (tasklist_lock){.+.+}-{2:2} { [ 321.669240][T11782] HARDIRQ-ON-R at: [ 321.673297][T11782] lock_acquire+0x1ed/0x550 [ 321.679627][T11782] _raw_read_lock+0x36/0x50 [ 321.685951][T11782] __do_wait+0x12d/0x850 [ 321.692013][T11782] do_wait+0x1e9/0x560 [ 321.697902][T11782] kernel_wait+0xe9/0x240 [ 321.704049][T11782] call_usermodehelper_exec_work+0xbd/0x230 [ 321.711771][T11782] process_scheduled_works+0xa65/0x1850 [ 321.719139][T11782] worker_thread+0x870/0xd30 [ 321.725566][T11782] kthread+0x2f2/0x390 [ 321.731465][T11782] ret_from_fork+0x4d/0x80 [ 321.737709][T11782] ret_from_fork_asm+0x1a/0x30 [ 321.744300][T11782] SOFTIRQ-ON-R at: [ 321.748368][T11782] lock_acquire+0x1ed/0x550 [ 321.754693][T11782] _raw_read_lock+0x36/0x50 [ 321.761017][T11782] __do_wait+0x12d/0x850 [ 321.767087][T11782] do_wait+0x1e9/0x560 [ 321.772977][T11782] kernel_wait+0xe9/0x240 [ 321.779119][T11782] call_usermodehelper_exec_work+0xbd/0x230 [ 321.786836][T11782] process_scheduled_works+0xa65/0x1850 [ 321.794217][T11782] worker_thread+0x870/0xd30 [ 321.800642][T11782] kthread+0x2f2/0x390 [ 321.806532][T11782] ret_from_fork+0x4d/0x80 [ 321.812779][T11782] ret_from_fork_asm+0x1a/0x30 [ 321.819373][T11782] INITIAL USE at: [ 321.823347][T11782] lock_acquire+0x1ed/0x550 [ 321.829592][T11782] _raw_write_lock_irq+0xd3/0x120 [ 321.836352][T11782] copy_process+0x2267/0x3d50 [ 321.842761][T11782] kernel_clone+0x226/0x8f0 [ 321.849000][T11782] user_mode_thread+0x132/0x1a0 [ 321.855586][T11782] rest_init+0x23/0x300 [ 321.861476][T11782] start_kernel+0x47f/0x500 [ 321.867709][T11782] x86_64_start_reservations+0x2a/0x30 [ 321.874913][T11782] x86_64_start_kernel+0x9f/0xa0 [ 321.881785][T11782] common_startup_64+0x13e/0x147 [ 321.888477][T11782] INITIAL READ USE at: [ 321.892888][T11782] lock_acquire+0x1ed/0x550 [ 321.899567][T11782] _raw_read_lock+0x36/0x50 [ 321.906248][T11782] __do_wait+0x12d/0x850 [ 321.912717][T11782] do_wait+0x1e9/0x560 [ 321.918962][T11782] kernel_wait+0xe9/0x240 [ 321.925459][T11782] call_usermodehelper_exec_work+0xbd/0x230 [ 321.933549][T11782] process_scheduled_works+0xa65/0x1850 [ 321.941362][T11782] worker_thread+0x870/0xd30 [ 321.948130][T11782] kthread+0x2f2/0x390 [ 321.954532][T11782] ret_from_fork+0x4d/0x80 [ 321.961121][T11782] ret_from_fork_asm+0x1a/0x30 [ 321.968064][T11782] } [ 321.970645][T11782] ... key at: [] tasklist_lock+0x18/0x40 [ 321.978445][T11782] ... acquired at: [ 321.982319][T11782] lock_acquire+0x1ed/0x550 [ 321.987002][T11782] _raw_read_lock+0x36/0x50 [ 321.991699][T11782] send_sigio+0x108/0x390 [ 321.996207][T11782] dnotify_handle_event+0x157/0x460 [ 322.001569][T11782] fsnotify+0x1946/0x1f60 [ 322.006078][T11782] path_openat+0x1686/0x3590 [ 322.010853][T11782] do_filp_open+0x235/0x490 [ 322.015547][T11782] do_sys_openat2+0x13e/0x1d0 [ 322.020395][T11782] __x64_sys_openat+0x247/0x2a0 [ 322.025419][T11782] do_syscall_64+0xf3/0x230 [ 322.030096][T11782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.036248][T11782] [ 322.038560][T11782] -> (&f_owner->lock){....}-{2:2} { [ 322.043781][T11782] INITIAL USE at: [ 322.047662][T11782] lock_acquire+0x1ed/0x550 [ 322.053725][T11782] _raw_write_lock_irq+0xd3/0x120 [ 322.060312][T11782] __f_setown+0x6b/0x380 [ 322.066114][T11782] fcntl_dirnotify+0x4cf/0x790 [ 322.072439][T11782] do_fcntl+0x7e2/0x1a60 [ 322.078249][T11782] __se_sys_fcntl+0xd2/0x1e0 [ 322.084397][T11782] do_syscall_64+0xf3/0x230 [ 322.090453][T11782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.097917][T11782] INITIAL READ USE at: [ 322.102247][T11782] lock_acquire+0x1ed/0x550 [ 322.108756][T11782] _raw_read_lock_irqsave+0xdd/0x130 [ 322.116039][T11782] send_sigio+0x37/0x390 [ 322.122309][T11782] dnotify_handle_event+0x157/0x460 [ 322.129502][T11782] fsnotify+0x17d3/0x1f60 [ 322.135830][T11782] __fsnotify_parent+0x4f5/0x5e0 [ 322.142763][T11782] vfs_read+0x6ee/0xbc0 [ 322.148919][T11782] ksys_read+0x183/0x2b0 [ 322.155149][T11782] do_syscall_64+0xf3/0x230 [ 322.161662][T11782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.169563][T11782] } [ 322.172074][T11782] ... key at: [] file_f_owner_allocate.__key+0x0/0x20 [ 322.180942][T11782] ... acquired at: [ 322.184731][T11782] lock_acquire+0x1ed/0x550 [ 322.189442][T11782] _raw_read_lock_irqsave+0xdd/0x130 [ 322.194909][T11782] send_sigio+0x37/0x390 [ 322.199355][T11782] kill_fasync+0x256/0x4f0 [ 322.203950][T11782] lease_break_callback+0x26/0x30 [ 322.209178][T11782] __break_lease+0x6d7/0x1820 [ 322.214039][T11782] do_dentry_open+0x8d4/0x1460 [ 322.218978][T11782] vfs_open+0x3e/0x330 [ 322.223222][T11782] path_openat+0x2c84/0x3590 [ 322.227991][T11782] do_filp_open+0x235/0x490 [ 322.232668][T11782] file_open_name+0x246/0x2a0 [ 322.237517][T11782] __se_sys_acct+0x130/0x760 [ 322.242279][T11782] do_syscall_64+0xf3/0x230 [ 322.246947][T11782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.253018][T11782] [ 322.255329][T11782] [ 322.255329][T11782] stack backtrace: [ 322.261238][T11782] CPU: 1 UID: 0 PID: 11782 Comm: syz.5.2206 Not tainted 6.12.0-rc2-syzkaller-00100-geb952c47d154 #0 [ 322.271991][T11782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 322.282040][T11782] Call Trace: [ 322.285307][T11782] [ 322.288233][T11782] dump_stack_lvl+0x241/0x360 [ 322.292911][T11782] ? __pfx_dump_stack_lvl+0x10/0x10 [ 322.298122][T11782] ? __pfx__printk+0x10/0x10 [ 322.302731][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.308360][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.313981][T11782] ? print_shortest_lock_dependencies+0xf2/0x160 [ 322.320310][T11782] validate_chain+0x4ebd/0x5920 [ 322.325155][T11782] ? add_lock_to_list+0x1e8/0x2f0 [ 322.330356][T11782] ? __pfx_validate_chain+0x10/0x10 [ 322.335546][T11782] ? __pfx_validate_chain+0x10/0x10 [ 322.340745][T11782] ? __pfx_validate_chain+0x10/0x10 [ 322.345939][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.351564][T11782] ? register_lock_class+0x102/0x980 [ 322.356858][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.362490][T11782] ? mark_lock+0x9a/0x360 [ 322.366815][T11782] ? __pfx_register_lock_class+0x10/0x10 [ 322.372461][T11782] __lock_acquire+0x1384/0x2050 [ 322.377325][T11782] lock_acquire+0x1ed/0x550 [ 322.381831][T11782] ? send_sigio+0x37/0x390 [ 322.386255][T11782] ? __pfx_lock_acquire+0x10/0x10 [ 322.391302][T11782] ? __pfx_lock_acquire+0x10/0x10 [ 322.396339][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.401986][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.407668][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.413307][T11782] _raw_read_lock_irqsave+0xdd/0x130 [ 322.418605][T11782] ? send_sigio+0x37/0x390 [ 322.423028][T11782] ? __pfx__raw_read_lock_irqsave+0x10/0x10 [ 322.428931][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.434560][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.440185][T11782] ? _raw_read_lock_irqsave+0xe9/0x130 [ 322.445649][T11782] ? __pfx__raw_read_lock_irqsave+0x10/0x10 [ 322.451575][T11782] send_sigio+0x37/0x390 [ 322.455858][T11782] kill_fasync+0x256/0x4f0 [ 322.460294][T11782] ? kill_fasync+0x54/0x4f0 [ 322.464804][T11782] lease_break_callback+0x26/0x30 [ 322.469835][T11782] __break_lease+0x6d7/0x1820 [ 322.474518][T11782] ? __pfx___break_lease+0x10/0x10 [ 322.479627][T11782] ? __pfx_apparmor_file_open+0x10/0x10 [ 322.485181][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.490835][T11782] ? tomoyo_file_open+0x165/0x220 [ 322.495861][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.501515][T11782] ? security_file_open+0x513/0x990 [ 322.506710][T11782] do_dentry_open+0x8d4/0x1460 [ 322.511483][T11782] vfs_open+0x3e/0x330 [ 322.515545][T11782] path_openat+0x2c84/0x3590 [ 322.520168][T11782] ? is_bpf_text_address+0x26/0x2a0 [ 322.525385][T11782] ? kernel_text_address+0xa7/0xe0 [ 322.530496][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.536122][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.541751][T11782] ? __pfx_path_openat+0x10/0x10 [ 322.546704][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.552340][T11782] ? stack_trace_save+0x118/0x1d0 [ 322.557366][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.562990][T11782] ? __lock_acquire+0x1384/0x2050 [ 322.568021][T11782] ? __pfx_stack_trace_save+0x10/0x10 [ 322.573391][T11782] do_filp_open+0x235/0x490 [ 322.577906][T11782] ? __pfx_do_filp_open+0x10/0x10 [ 322.582945][T11782] ? build_open_flags+0x448/0x5b0 [ 322.587973][T11782] file_open_name+0x246/0x2a0 [ 322.592653][T11782] ? __pfx_file_open_name+0x10/0x10 [ 322.597851][T11782] ? srso_alias_return_thunk+0x5/0xfbef5 [ 322.603475][T11782] ? __kasan_kmalloc+0x98/0xb0 [ 322.608242][T11782] ? __se_sys_acct+0x119/0x760 [ 322.613009][T11782] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 322.618557][T11782] __se_sys_acct+0x130/0x760 [ 322.623144][T11782] ? do_syscall_64+0xb6/0x230 [ 322.627901][T11782] do_syscall_64+0xf3/0x230 [ 322.632408][T11782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.638313][T11782] RIP: 0033:0x7f24d537dff9 [ 322.642726][T11782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.662412][T11782] RSP: 002b:00007f24d6239038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 322.670822][T11782] RAX: ffffffffffffffda RBX: 00007f24d5535f80 RCX: 00007f24d537dff9 [ 322.678789][T11782] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000040 [ 322.686782][T11782] RBP: 00007f24d53f0296 R08: 0000000000000000 R09: 0000000000000000 [ 322.694752][T11782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 322.702713][T11782] R13: 0000000000000000 R14: 00007f24d5535f80 R15: 00007fff4bf36f48 [ 322.710686][T11782] [ 322.724496][ T9] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 322.816760][ T1168] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 322.958006][T11792] Process accounting resumed [ 323.011437][T11790] loop0: detected capacity change from 0 to 32768 [ 323.021706][T11790] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 323.068555][T11790] XFS (loop0): Ending clean mount [ 323.086699][ T9] usb 3-1: device not accepting address 15, error -71 [ 323.098776][ T1168] usb 5-1: config index 0 descriptor too short (expected 45, got 36) [ 323.107097][ T1168] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 323.108578][ T5231] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 323.118895][ T1168] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 323.138529][ T1168] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 323.149934][ T1168] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 323.163655][ T1168] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 323.172791][ T1168] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 323.183604][ T1168] usb 5-1: config 0 descriptor?? [ 323.191549][T11777] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 323.609289][ T1168] plantronics 0003:047F:FFFF.0012: unknown main item tag 0xe [ 323.616917][ T1168] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x2 [ 323.624669][ T1168] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving [ 323.634905][ T1168] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 323.908628][ T5235] usb 5-1: USB disconnect, device number 13