last executing test programs: 14.62758041s ago: executing program 0 (id=1779): iopl(0x3) r0 = syz_open_procfs$userns(0x0, &(0x7f00000004c0)) mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000500)={0x10000a, 0x73, 0x40000, {r0}}, 0x20) 14.579783023s ago: executing program 0 (id=1780): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="05010000000000107d1e222e00000000000109022400010000000009040000020300020009210000000122020009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB="0000ba00000002"], 0x0, 0x0, 0x0, 0x0}, 0x0) 14.112474632s ago: executing program 3 (id=1792): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) mq_unlink(&(0x7f0000000340)='eth0\x00') 13.860098188s ago: executing program 3 (id=1794): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x514, &(0x7f0000006ec0)="$eJzs3UFvI1cdAPD/eOPE2abNtvQACGhoixa0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9pN8BiUqc4MgH4NwTdy4IblzKAalABGoqcTCa8Th1s3biNokdxb+fNJp5743n/17W8579vPYLYGItRMRhRExHxNsRMZ/nJ/kWb3S29LyPjx6vHR89Xkui3X7rX0lWnuZFz2NST+XXLEXET34Q8fPkybjN/YOt1VqtuttJzi626juLzf2D+5v11Y3qRnW7UllZXll67cGrlUtr6wv16fzo6x/+6fA7v0yrNZfn9Lbjs5LoU/2hdR5bPImTmoqIH13gmtfJrbw90+OuCF9IISKei4gXs/t/Pm5l/5oAwE3Wbs9He743DQDcdIVsDiwplPO5gLkoFMrlzhze83G7UGs0W/ceNfa21ztzZXeiWHi0Wasu5XOFd6KYpOnl7PjTdOVU+kFEPBsRv5qZzdLltUZtfZwvfABggj11avz/70xn/AcAbrjSuCsAAIyc8R8AJk/v+F8YYz0AgNHx/h8AJo/xHwAmj/EfACaP8R8AJsqP33wz3drH+e9fr7+zv7fVeOf+erW5Va7vrZXXGrs75Y1GYyP7zZ76ederNRo7y6/E3rt3vrvTbC029w8e1ht7262H2e96P6wWR9IqAOAsz77wwV+TiDh8fTbbomctB2M13Gy+7gOT69a4KwCMjdW+YHJd4D2+6QG4Ic5b47YUEbOnM9vtdvvqqgRcsbtf+Vzz/wujrR1wlXrm//0vYJgw5v9hcpn/h8nVbifDrvkfw54IAFxvPsQHBnz+/1y+/33+4cDP1k+f8f5V1goAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACut+76v+V8LfC5KBTK5YinI+JOFJNHm7XqUkQ8ExF/mSnOpOnlMdcZALiowj+SfP2vu/Mvz50unU4+mcn2EfGL37z163dXW63dP6f5/z7Jb72f51fGUX8A4DzdcTrb97yR//jo8Vp3G2V9Pvp+RJQ68Y+PpuP4JP5UTGX7UhQj4vZ/kjzdkfTMXVzE4XsR8eV+7U9iLpsD6ax8ejp+GvvpkcYvfCZ+ISvr7NO/xZcuoS4waT5I+583+t1/hVjI9v3v/1LWQ11c3v+ll1o7zvrAT+N3+79bA/q/hWFjvPLHH3aOZp8sey/iq1MR3djHPf1PN34y2z/+y0PG/9vXvvHioLL2byPuRv/4vbEWW/Wdxeb+wf3N+upGdaO6XamsLK8svfbg1cpiNke9OHg0+Ofr954ZVJa2//aA+KVu+wf8/b81ZPt/97+3f/rNM+J/+6V+8Qvx/Bnxiy8NGTwiVm//oTSoLI2/PqD9U2fET/PuDRn/w78fPLFsOAAwPs39g63VWq26e0kHH+XXPfPk7guJywrq4BofTF/o4cX8qZLnnPvUGuPB90YVazqGPnkmtlbb7S8Ua1CPcRmzbsB1cHLTR8Qn464MAAAAAAAAAAAAAADQ1yi+sTTuNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBz/T8AAP//q3jHtg==") symlink(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') truncate(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7) 13.454502917s ago: executing program 2 (id=1799): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x67, 0x5b, 0x8f, 0x40, 0x1039, 0x2121, 0x9eff, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xce, 0x25, 0xae}}]}}]}}, 0x0) syz_usb_disconnect(r0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[], 0x0) 13.326184074s ago: executing program 3 (id=1801): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x3a, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@generic={0xfe, 0x2}]}}}}}}}, 0x0) 12.64246205s ago: executing program 3 (id=1804): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0) 12.541838101s ago: executing program 0 (id=1806): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000580)={0x2c, &(0x7f00000001c0)={0x20, 0x11}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000340)={0x44, &(0x7f00000000c0)={0x20, 0x16, 0x25, "bde321feea16e71543d32d20b316852b0b04b081227ad15ce2d9251e54f17a3e34a98ccafe"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 12.14220144s ago: executing program 3 (id=1807): syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x1000000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA") r0 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0) ftruncate(r0, 0xffffffff) 10.425806059s ago: executing program 3 (id=1822): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400) ioctl$TUNSETOFFLOAD(r0, 0x40047440, 0x40b942b37d0000) 9.844209835s ago: executing program 0 (id=1812): r0 = syz_open_dev$vim2m(&(0x7f00000005c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000180)={0x4, 0x1, 0x1}) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000080)={0x2, @sliced={0x1267, [0x4, 0xb, 0x10, 0x5, 0x6b1, 0xfffe, 0x4, 0x5, 0x0, 0xfff9, 0x4, 0x8, 0x4006, 0x8000, 0xd, 0xd, 0x6, 0x3, 0xc, 0x2, 0xc, 0x0, 0x5, 0x6, 0x7, 0x4, 0x8, 0x2, 0x7, 0x2, 0xa825, 0x0, 0x3, 0x2, 0x7, 0x4fd, 0x1, 0xdfdb, 0x5, 0x4, 0x1, 0x5, 0x3ff, 0x7, 0x3, 0xc, 0xc74, 0x8], 0xe}}) 9.843965947s ago: executing program 2 (id=1813): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x2018886, &(0x7f00000001c0)={[{@numtail}, {@shortname_win95}, {@utf8no}, {@shortname_mixed}, {@rodir}, {@uni_xlateno}, {@fat=@nfs_nostale_ro}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@uni_xlateno}, {@utf8no}, {@shortname_winnt}]}, 0x4, 0x331, &(0x7f00000006c0)="$eJzs3U9oHGUUAPA3nWQ3BmpyEIqeVm+ChCbiQU8ppUIhB0UWFS8Gm/onuxayuJAi2e5JPCpeBD1560GPPYsHEW8evFpBquLF3ioWR3ZnsjOb3ZhWuimF3+8QHu97b+abyZDdQPL29fXYvjAfF2/evBELC0nMrZ9dj1tJLMeJSCN3JapOBADwYLuVZfFnlju6+uPF49gTADBbw9f/N0+Wifr93A0AcBzu8Pf/F6ZmL81sWwDADE28/j8xtlwbr54b/U0AAPDgeunVLMmjxkJE+4Nus9uM58r1Mxfj7WjFVpyOpbgdkb9RyN8tDL4+f37j3OnGwK/L0Rx0dJsR7V63mb9TOJMO++uxGkuxXPRno/500L867G9ExJXe8PzRTrrN+Vgszv/TYmzFWizFIxP9Eec3zq01igM02/v9vYh+LOxfxGD/K7EUP7wRl6IVF2LQW+5/b7XROJttjPV3r9aHdQAAAAAAAAAAAAAAAAAAAAAAMAsrjZHl0fybrJzfs7IyZX043yfvL+YD9fP5QFl9fzrPh+nB+UDj83m6zTmfJAgAAAAAAAAAAAAAAAAAAACFzm4tNlutrZ3O7uXtatCrZN797stvHoqDNe+kZSbm8sON1RS5qHSlMWrPRu1ZOlZTBGlEWXz12mjH1Zr66Com2gdBfWIpKfa02WqdfPyXz6Z1/VNm0pi4LeNBUpy/stR+OE/9R9fhwdoRNdezLDusfe/Tya5IIuYmvnH3Ivj2xluPPt059cww83Ux9OHJp5Zevv7JF79vb7aiuDWtVm2nczv73+dKK89PUtznZMqTMD3ol5n+Tmd3M/3xj1ce++j7A8Vp+ZDUikMPlrJqzXuHn+urg5laHiTFcY660vkpD//04LW/R0/vXd7M9+Pyqc/XN6/t/fzbnXZVfkgY1AEAAAAAAAAAAAAAAAAAAMei8r/id+HZF2e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4fuXn/1eCfiVTi7+y3HjNZFDvxeRSfWunc7+vEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/g0AAP//0u12xw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000ac0)=""/4096, 0x1000) 8.479739941s ago: executing program 0 (id=1819): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x14, &(0x7f0000000040), 0x50) 8.330232186s ago: executing program 2 (id=1820): msgget$private(0x0, 0x0) msgrcv(0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0) msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYRES32], 0x8, 0x0) 8.020962392s ago: executing program 0 (id=1821): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'dvmrp0\x00', 0xe43986f95b0e4309}) ioctl$TUNGETSNDBUF(r0, 0x400454dc, &(0x7f0000001700)) 7.070564148s ago: executing program 2 (id=1826): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 6.677231541s ago: executing program 5 (id=1828): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x18000000000002a0, 0xe80, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0xfffffdff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 6.550824214s ago: executing program 2 (id=1829): getpid() r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041) write$sndseq(r0, &(0x7f0000000040)=[{0x41, 0x0, 0x0, 0xfd, @tick, {}, {0xf}, @quote={{0x1}}}], 0x1c) 6.288478193s ago: executing program 5 (id=1831): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003240)=ANY=[@ANYRES32=0x0, @ANYRES8, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983c72c65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e800006a1c293100000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a1", @ANYRES16, @ANYRES64], 0x8, 0x2fd, &(0x7f0000000e40)="$eJzs3MtrE18UwPGTR9MkpU0XP36iIL3oRjdDG11Lg7QgBiy1ER8gTNuJhoxJyYRKRGwFwa34R7goXXZX0P4D3bjTjRt33Qgu7EIcyWQmafNobZpHtd8PlDnMuWdyb6Yp54YmO3ffPMmmLS2tF8UfVuITEdkVGRW/eHzu0e/EIdlrVS4Pff90/va9+zcTyeTUrFLTibkrcaXUyNj7p88j7rDNQdkefbjzLf51+//tszu/5h5nLJWxVC5fVLqaz38p6vOmoRYzVlZTasY0dMtQmZxlFCr5fCWfNvNLSyWl5xaHo0sFw7KUniuprFFSxbwqFkoq8EjP5JSmaWo4KjhMam12Vk+0WbzQ4cmgSwqFhB4QkUhDJrXWlwkBAIC+qu///aI62f+vX9gqDt3ZGHH7/81Qs/7/6ufKtfb1/2ERadr/e4/ftP/Xj9b/N3ZEp8ux+n+cDGOhhlO+WlhOFhJ61H39Ol4+WB93Avp/AAAAAAAAAAAAAAAAAAAAAAD+Bru2HbNtO+Yeg+7p2KCIhEXEdvMNhXbFSs9njE6qu//Vn+r9l9V+TxFdVPvgXnBExHy9nFpOVY7ugC0RMcWQcYnJz+rL3rbtcux98kiVjcoHc8WtX1lOBZxMIi0Zp35CYgNSX2/b0zeSUxOqYn/9gET31sclJv81r483rQ/JpYt76jWJyccFyYspi848avUvJpS6fitZVx9xxgEAAAAA8C/QVFXT/bumtcpX6qv76/r3BwK1/fV40/15UM4F+7t2AAAAAABOC6v0LKubplE4IIjI4WPaD4JdurK3wj+t8v6XoXsrPSDwHnxfKuye7PjT4jvC09Ii8Es7VWPl1ajjrsJ726jVGJmZ7P0ddIIzb9/96NwFr22ED1lp+0Hg4F+AgZ79AQIAAADQM7Wm3zsz2d8JAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABwCrX+hrBX9V9H13bQ7zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8XvAAAA///zVACC") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f00000006c0)=[{&(0x7f00000000c0)='u', 0x1}], 0x1, 0x100000, 0x0, 0x0) 5.742827711s ago: executing program 5 (id=1832): r0 = syz_open_dev$vim2m(&(0x7f00000005c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000180)={0x4, 0x1, 0x1}) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000080)={0x2, @sliced={0x1267, [0x4, 0xb, 0x10, 0x5, 0x6b1, 0xfffe, 0x4, 0x5, 0x0, 0xfff9, 0x4, 0x8, 0x4006, 0x8000, 0xd, 0xd, 0x6, 0x3, 0xc, 0x2, 0xc, 0x0, 0x5, 0x6, 0x7, 0x4, 0x8, 0x2, 0x7, 0x2, 0xa825, 0x0, 0x3, 0x2, 0x7, 0x4fd, 0x1, 0xdfdb, 0x5, 0x4, 0x1, 0x5, 0x3ff, 0x7, 0x3, 0xc, 0xc74, 0x8], 0xe}}) 5.722458564s ago: executing program 2 (id=1833): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_PKT_RATE_LOW={0x8}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8}]}, 0x3c}}, 0x0) 5.21105037s ago: executing program 4 (id=1835): r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x10000, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000200)={0x0, 0x20, 0x2, {0x1, @raw_data="4bbf622b20d2538e6e1f445b7795aa93c004bbb74ebdde873aa40cfdb8d06aefde8880cf4a22212c23b7c448cd514212f3419dcccde3ae9debb21b3ee10fdf63d3e7583e6702b0e9a49174a54c8fc2394f74d8c60dd96a7d41cebaaa10e0fe4fb36d1d8c9ff5984eea66eb54ff774e7af403c61eb7963e0bd5b1370d56b3a9efdaabcb8c2d20c39e64de366fce7e9c408b86db8a782f306a3e186d49e5f92e8a46d4ef2b353b7082844034eb36e4df5d2bf8b6635dd0f7a4d05bc0e9c33dffa2e74c75962dc70ea1"}}) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000300)={0x1, @sdr}) 4.695938759s ago: executing program 5 (id=1837): r0 = socket$rxrpc(0x21, 0x2, 0x2) connect$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24) setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, 0x0, 0x0) 4.381805773s ago: executing program 5 (id=1839): syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000300)={[{@noinline_xattr}, {@four_active_logs}, {@four_active_logs}, {@jqfmt_vfsv1}, {@noinline_data}, {@user_xattr}, {@checkpoint_diasble}, {@fastboot}, {@fsync_mode_strict}, {@discard_unit_section}]}, 0x21, 0x552d, &(0x7f000000abc0)="$eJzs3EtvG1UUAODjpOmbEiEW7DqoQkqk2qrTh2BXoBUP0aoqsGAFju1abmxPFDtOyIoFS8SCf4JAYsWS38CCNTvEAsQOCeS5E2gKlZDixKT5Pml85t65c+beURTpzFgO4NhazH77pRIX4kxEzEfE+Yhiv1JuhZspvBARFyNi7pGtUvb/1XEyIs5GxIVJ8pSzUh764vL40vWf3/712+9PnTj35Tc/zG7VwKy9FBH99bS/1U8x76T4sOxvjLtF7F8blzEd6K+V7TzFrfZqkWGrsTuuUcSrnTQ+X98cTuKDXqM5iZ3ug6J/fZAuOBx3dvMUJzxsbBTtVnu1iN1hXsTOTprX9k7637YzHKU8rTLfx0X6GI12Y+pvb7fTetbXitgcjMr+lDdvtbcncVzG8nLRzHutYh6r+7nT/2svvtMdbG5n4/bGsJsPsuu1+su1+o1qfSNvtUfta9VGv3XjWrbU6U2GVUftRv9mJ887vXatmfeXs6VOs1mt17OlW+3VbmOQ1eu1q7Ur1evL5d7l7I2772e9VrY0ia91B5ujbm+YPcg3snTGcrZSu/rKcnapnr1751527/7t23fuvffhrQ/uvnrnrdfLQf+YVra0cmVlpVq/Ul2pL+/vBhyp9X9aTnqK64d9qcx6AgBHj/ofmIWDq/837kccfP0f6v+pOFL173Gv/w9g/bAv6n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGPrx4Wv3ix2FlP7XNn/TNn1XNmuRMRcRPzxL+bj5J6c82WehSeMX3hsDt9VosgwucapcjsbETfL7fdnD/ouAAAAwNPr608ufp6q9fSxOOsJcZjSQ5u58x9NKV8lIhYWf5pStrnJx/NTSlb8fZ+I7SllKx5gnZ5SsvTI7cS0sv0n83vC6UdCJYW5x8+Y2moBAICZ2VsJHG4VAgAAwGH67IlH1g51HhyySuy+ytx9F1x88/7vl31nUturPwAAADi6KrOeAAAAAHDgivrf7/8BAADA0y39/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+ycy+5aQNxHID/NrjQl4qq7nuV7uAYPUKXXVYcoJfgCOQKuQBnILscIYIIj4NCRB7EY6xE3yfZgy3zmxkei5mRBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLV9VydvHv5/+2OZttO3l6AwAAAByzrpaz+sUkXX9u7n9tbn1vrouIKCPi2Nh9EB8OMgdNTvXI89WDNlxG1Am7OkbN8SkifqVjG9+6/hQAAADgXRruTqv5YppG6+k06btVtHbCd5gmbcovvzNVXURENbnOlFbu8n5kCqt/38P4mymtnsAaZwpLU27DXGkvUv/d97N243tFkYry6fdn6zsAAHBGg4PivKMQAAAAzulP3w2gCx+ffaKIu6XM/VLgKBXjgwiLfQAAAPB2FX03AAAAAOhcPf4/Zf+/6Gf/v7ix/x8AAAC8Wtr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC6tq+VsNV9M2+Zstu3k6Q0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7Ny/b9xUHADwZ/t8/QGII6AbghBIDLDQ67W0dEMMoIiBPwEpSq8l9MqPNgOtKqQsbChzFwQjQkigsPUfYOqG1EpdytbhhiKxsByyz845TSUuRLEvyecjPb/vOY7f99lSlK+fEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6bxon2aYzieNi373Ht1ay/v4TfebOxoPFrGVxVGfSB8Mr1Q9Rt7lEAAAAODqSsr4PITxMN5eyPu7k9X9aHpPV/N8/N4nLev7Jur/sy9o/a7/9+uilrYE6k3Gyk15aHQ5O70yltX+znG/P/+cRrfzK589ekvyGxB+uvzhK8+sZfXv37vvtPDxWR7YAwP9xquyLoPx9KOv7TSYGwJHRqhTeZf2fdJrNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAOo/XwTBlHIYTF1jTO3H98a+Vp/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8GkJoavR3i+lf+XiGg0No5PrsV/DPeDze1Xcdbz7nPQVxcbPnJZ+DETT4QwkAgEMpLVpW1z9MN5eyfdFCCOMfttf/b1TiMGP9/+iT8/eqY1Xr/35tM5x/vbWrX/Su37j51urV5cuDy4PP3j7Tf6d/9sK5cxd6+bOSnicmAAAA7E27aNX6P17Yuf5/shKHGev/L7/rfz0d6Y98q/7fabro13QmAAAAR9sLr/39V/SU/VG7Hb5aXlu71p9stz6fmWwbSHXXjhWtWv8nC01nBQAAANRhtB5tW/+/WInDjOv/z/748s/VcyYhhBPF+v+plc+HF+ubzlyr48+Jm54jAAAAzTpRtOr6f5q//x9vvfIQhxDefH0SF/8GcKb6P/ngm5+qYyWV9//P1jfFuRR3J9cj77shtLrbvvx7Y4kBAABwKB0vWlbs/5luLn36y8mP2t7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjbvwEAAP//E41CoA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="080000000100000008"], 0xffa1) 4.374159776s ago: executing program 1 (id=1840): r0 = syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000000140)='./bus\x00', 0x14000, &(0x7f0000000000)=ANY=[], 0x4, 0x293, &(0x7f0000000900)="$eJzs3c9q1FAUx/HfzcSaaqnpHxFEEKoFV9LWjbhRpFv3rkTtjFA6VNAK6qq6Fh/Ava/gQ7gSX6CuXPkABcHIvUnazDSZzJ9mMqPfD+ikMzk350zuNPcMlAjAf+v+5sHnWz/tPyM11JB0R/IkBZIv6aIuBa9297b32q1mr4EaLsKGmPjBPXba2m3lhdo4F2Hdk0L7k6+5o+dQmSCKoh91J4HauU9/Dk86m3w63evB2DOrxn7dCdTMHOpQrzVfdx4AgHol138vuc7PJet3z5NWk8v+P3X9P6w7gZplrv++dKDI2PN7wb103O+5Fs6u/by0SxzmWDOKZ1bHAtOUdZUuF2/22Xa7dXPrebvp6b3uJjK7LWtFUjOeuqlstu9ODr2S05ue1MgbbTDnXQ1nbA0bBfkv5cWN8m6XMV/NN/PIhPqk5tH6z4+MPU3uTIVdZyrOf614RFdlGO9VUOWCO8jl5AiJkiqD/I5E6YxaUOcXBGFZni5qsSsqrm69JGopN2qjJGq5O+p4NhdHVs18NA/Nin7pizYz63/Pvtur6ueTafdxeyYzo2c9vtszlPQnimn/Su6e3ghFYVAf9FS3Nf/yzdudJ+12KzLSvt14kT5jZLTT8cwAG1eHihp4wx8+w8nf8FXZIdJJMCGVjmNjVtIEpFHxhl2fn9KA9f56wngcn/R+Ix5UmxDGza67TNz/ZfqVNdci2f/CHuv0qGzwzIjrBb3BohvnXHEHlxEcDVvYwfXbc127IV0vP2IqdHlqtqzgKWE29V2P+f4fAAAAAAAAAAAAAAAAAABg2ozjzxLqrhEAAAAAAAAAAAAAAAAAAAAAgGn3O7kpy2nd/zcY9f6/6uf+vzODFQkg198AAAD///PAhLg=") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4443c, &(0x7f00000004c0)=ANY=[@ANYRES16, @ANYRESHEX, @ANYRES64=r0, @ANYBLOB="f1bcde2281a84392f4e66ff7ef22aa9af727ceae8a8ec95fc1b73083de2de825a0cb2b0be774fdb33650d7dace27c16bc23b2f7c7fb72585548939698f280d138aa9255a8a924008f8477e82ba11cdb11efd5ca2f1ab049ce2ccc415d2daf8dac725533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec0e822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4cb1a1fa962a8b0000dc2e319379ea1e5a07aeb3f9cd4e648df4dd18e6253e7b2310a78d63a232a2a40758027a472e7d263ef567a84166f26ee56e701c63a886378788a512f28edec086b1c0823c028840eeaf3f5d8769023c01218614f4fa40be9892e7a285ac63f7f97aaa5b8ecc86e28c6193bc21a2b833e5c9c703c4cfa063dd34c245706bde3d7ac373abe788a36ef25bad99be2aa924949558c800"/341, @ANYRES32, @ANYRESDEC, @ANYRESDEC=0x0, @ANYRES32=r1, @ANYRESOCT=r1, @ANYRESOCT=0x0, @ANYRES16=r1, @ANYRES8, @ANYBLOB="2026edcf7e52c453260c4c6a79f996557847e28286a656d03c54394159aac8ea80292bf26c3c5dd8048c9e89665922ee4d3624f9e7d9f8774f04ca68e4d640218cbcfde03173fe3002eac0f4c3a637fa7e7529b0b4c897689c3a5f264f877fbef4cb99b019aa20bd9b58bfdf91bf1230b33ce6e3c8af634216be4c9b9b6c1c9f672ac47cfb78c6289b62856874478459b705cce3f20c46f696a6ac69b11a9621a6440d2f0b0d2341440e2cdecf7d0eaa91807e2983e4ad4ca73e10a1cc52f7e523bf15de880c", @ANYRES64], 0x0, 0x0, &(0x7f0000000000)) 4.075077443s ago: executing program 4 (id=1841): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_DYNSET_FLAGS={0x8}, @NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_SREG_KEY={0x8}]}}}]}]}], {0x14}}, 0x90}}, 0x0) 3.946508408s ago: executing program 1 (id=1842): unshare(0x20000400) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[], 0xfe44, 0x0) 3.789573916s ago: executing program 4 (id=1843): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000500), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000006c0)={0x18, r1, 0x351d4d5b9375e359, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x4}]}, 0x18}}, 0x0) 3.636455645s ago: executing program 1 (id=1845): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) readv(r0, &(0x7f00000007c0)=[{&(0x7f00000002c0)=""/187, 0xbb}], 0x1) ioctl$SNDCTL_DSP_GETISPACE(r0, 0xc0045002, &(0x7f0000000000)) 3.502773738s ago: executing program 4 (id=1846): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={0x14, r1, 0x1}, 0x14}}, 0x0) 3.292350358s ago: executing program 4 (id=1847): r0 = socket(0x2b, 0x80801, 0x1) listen(r0, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x3, &(0x7f00000000c0), 0x4) 3.052008461s ago: executing program 4 (id=1848): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8}]}}]}, 0x3c}}, 0x2000400c) 2.740984028s ago: executing program 1 (id=1849): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000280)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='cmdline\x00') readv(r0, &(0x7f0000000280), 0x2) 2.557512008s ago: executing program 1 (id=1850): r0 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0x7005, 0x0) readv(r0, &(0x7f0000000000)=[{&(0x7f00000012c0)=""/191, 0x4}], 0x5) 23.029143ms ago: executing program 5 (id=1852): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) fstatfs(r0, &(0x7f00000000c0)=""/126) 0s ago: executing program 1 (id=1863): r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010", @ANYRES8=0x0, @ANYBLOB="ff"], 0x48}}, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0) kernel console output (not intermixed with test programs): 74.651593][ T6050] udevd[6050]: symlink '../../loop4' '/dev/disk/by-label/untitled.tmp-b7:4' failed: Read-only file system [ 174.667906][ T8243] loop3: detected capacity change from 0 to 32768 [ 174.702305][ T6050] udevd[6050]: symlink '../../loop4' '/dev/disk/by-uuid/c002970e-44c2-3eff-9630-c49fa665f579.tmp-b7:4' failed: Read-only file system [ 174.722202][ T8243] btrfs: Deprecated parameter 'usebackuproot' [ 174.750659][ T8243] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 174.799170][ T8243] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1089 (8243) [ 174.886079][ T5226] udevd[5226]: symlink '../../loop3' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:3' failed: Read-only file system [ 174.894983][ T8243] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 174.953429][ T8243] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 175.001510][ T8243] BTRFS info (device loop3): disk space caching is enabled [ 175.038531][ T8243] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 175.076752][ T5334] hid-thrustmaster 0003:044F:B65D.0022: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.2-1/input0 [ 175.140479][ T5249] Bluetooth: hci0: command 0x0c1a tx timeout [ 175.221894][ T8243] BTRFS info (device loop3): rebuilding free space tree [ 175.360218][ T5334] hid-thrustmaster 0003:044F:B65D.0022: setup data couldn't be sent [ 175.379339][ C1] hid-thrustmaster 0003:044F:B65D.0022: URB to get model id failed with error -71 [ 175.468648][ T5334] usb 3-1: USB disconnect, device number 11 [ 175.475672][ T8243] BTRFS info (device loop3): disabling free space tree [ 175.483586][ T8243] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 175.547739][ T8243] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 175.646262][ T8310] usb usb7: usbfs: process 8310 (syz.0.1114) did not claim interface 0 before use [ 175.675757][ T6050] udevd[6050]: symlink '../../loop3' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:3' failed: Read-only file system [ 175.896254][ T5232] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 175.931093][ T8317] loop0: detected capacity change from 0 to 1024 [ 175.960499][ T5343] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 176.015851][ T5608] udevd[5608]: symlink '../../loop0' '/dev/disk/by-label/untitled.tmp-b7:0' failed: Read-only file system [ 176.047908][ T8315] loop5: detected capacity change from 0 to 4096 [ 176.084690][ T8315] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 176.092053][ T5608] udevd[5608]: symlink '../../loop0' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:0' failed: Read-only file system [ 176.129813][ T5343] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.166510][ T5343] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.203960][ T8320] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 176.232365][ T5343] usb 2-1: New USB device found, idVendor=0853, idProduct=0146, bcdDevice= 0.00 [ 176.236284][ T8319] netdevsim netdevsim3 netdevsim0: left promiscuous mode [ 176.251358][ T8315] ntfs3(loop5): Failed to initialize $Extend/$ObjId. [ 176.259541][ T5226] udevd[5226]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system [ 176.278630][ T5343] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.311544][ T5226] udevd[5226]: symlink '../../loop5' '/dev/disk/by-uuid/4C6CE0A9116F2120.tmp-b7:5' failed: Read-only file system [ 176.336149][ T5343] usb 2-1: config 0 descriptor?? [ 176.815309][ T8332] loop0: detected capacity change from 0 to 2048 [ 176.830816][ T5343] topre 0003:0853:0146.0023: hidraw0: USB HID v0.00 Device [HID 0853:0146] on usb-dummy_hcd.1-1/input0 [ 176.921248][ T5302] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 176.933382][ T5608] udevd[5608]: symlink '../../loop0' '/dev/disk/by-label/LinuxUDF.tmp-b7:0' failed: Read-only file system [ 176.949880][ T8332] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 176.954786][ T8336] loop5: detected capacity change from 0 to 1024 [ 176.982444][ T5608] udevd[5608]: symlink '../../loop0' '/dev/disk/by-uuid/1234567812345678.tmp-b7:0' failed: Read-only file system [ 177.018755][ T5343] usb 2-1: USB disconnect, device number 13 [ 177.049646][ T8336] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 177.154991][ T8342] loop2: detected capacity change from 0 to 1024 [ 177.214296][ T8342] hfsplus: bad catalog entry type [ 177.394724][ T53] hfsplus: b-tree write err: -5, ino 4 [ 177.411497][ T5233] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.597225][ T8276] syz.4.1106: vmalloc error: size 3633152, failed to allocated page array size 7096, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 177.615562][ T8276] CPU: 0 UID: 0 PID: 8276 Comm: syz.4.1106 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 177.626268][ T8276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 177.636348][ T8276] Call Trace: [ 177.639642][ T8276] [ 177.642592][ T8276] dump_stack_lvl+0x241/0x360 [ 177.647304][ T8276] ? __pfx_dump_stack_lvl+0x10/0x10 [ 177.652527][ T8276] ? __pfx__printk+0x10/0x10 [ 177.657160][ T8276] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 177.663604][ T8276] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.669261][ T8276] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 177.675798][ T8276] warn_alloc+0x278/0x410 [ 177.680159][ T8276] ? __pfx_warn_alloc+0x10/0x10 [ 177.685036][ T8276] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 177.691218][ T8276] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.696874][ T8276] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.702527][ T8276] ? __get_vm_area_node+0x23d/0x270 [ 177.707766][ T8276] __vmalloc_node_range_noprof+0x691/0x13f0 [ 177.713712][ T8276] ? __kmalloc_cache_node_noprof+0x1d3/0x300 [ 177.719729][ T8276] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 177.726086][ T8276] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 177.732268][ T8276] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.737933][ T8276] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.743596][ T8276] ? __get_vm_area_node+0x23d/0x270 [ 177.748838][ T8276] __vmalloc_node_range_noprof+0x59c/0x13f0 [ 177.754753][ T8276] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 177.760937][ T8276] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 177.766711][ T8276] ? rcu_is_watching+0x15/0xb0 [ 177.771499][ T8276] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 177.777847][ T8276] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.783506][ T8276] ? rcu_is_watching+0x15/0xb0 [ 177.788294][ T8276] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.793954][ T8276] ? __kmalloc_node_noprof+0x247/0x440 [ 177.799444][ T8276] ? __kvmalloc_node_noprof+0x72/0x190 [ 177.805017][ T8276] __kvmalloc_node_noprof+0x142/0x190 [ 177.810411][ T8276] ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 177.816596][ T8276] __v4l2_ctrl_modify_dimensions+0x43b/0xb60 [ 177.822617][ T8276] ? tpg_update_mv_step+0x361/0x4f0 [ 177.827871][ T8276] vivid_update_format_cap+0x133c/0x2090 [ 177.833545][ T8276] ? __pfx_vivid_update_format_cap+0x10/0x10 [ 177.839549][ T8276] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.845211][ T8276] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.850876][ T8276] vivid_vid_cap_s_dv_timings+0x535/0x1230 [ 177.856734][ T8276] __video_do_ioctl+0xc25/0xdd0 [ 177.861636][ T8276] ? __pfx___video_do_ioctl+0x10/0x10 [ 177.867050][ T8276] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.872707][ T8276] ? __might_fault+0xc6/0x120 [ 177.877412][ T8276] video_usercopy+0x89d/0x1180 [ 177.882221][ T8276] ? __pfx___video_do_ioctl+0x10/0x10 [ 177.887630][ T8276] ? __pfx_video_usercopy+0x10/0x10 [ 177.892877][ T8276] ? __fget_files+0x29/0x470 [ 177.897493][ T8276] ? __fget_files+0x3f3/0x470 [ 177.902201][ T8276] v4l2_ioctl+0x18b/0x1e0 [ 177.905360][ T8347] loop2: detected capacity change from 0 to 32768 [ 177.906539][ T8276] ? __pfx_v4l2_ioctl+0x10/0x10 [ 177.917812][ T8276] __se_sys_ioctl+0xfb/0x170 [ 177.922448][ T8276] do_syscall_64+0xf3/0x230 [ 177.926988][ T8276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.932919][ T8276] RIP: 0033:0x7f54ea97dff9 [ 177.937341][ T8276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.956954][ T8276] RSP: 002b:00007f54eb78b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 177.965406][ T8276] RAX: ffffffffffffffda RBX: 00007f54eab35f80 RCX: 00007f54ea97dff9 [ 177.973385][ T8276] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003 [ 177.981359][ T8276] RBP: 00007f54ea9f0296 R08: 0000000000000000 R09: 0000000000000000 [ 177.989332][ T8276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.997311][ T8276] R13: 0000000000000000 R14: 00007f54eab35f80 R15: 00007ffd32e70c58 [ 178.005393][ T8276] [ 178.008526][ C0] vkms_vblank_simulate: vblank timer overrun [ 178.009276][ T8347] (syz.2.1131,8347,1):ocfs2_verify_volume:2369 ERROR: Superblock slots found greater than file system maximum: found 65535, max 255 [ 178.014907][ T8276] Mem-Info: [ 178.030234][ T8347] (syz.2.1131,8347,1):ocfs2_verify_volume:2378 ERROR: status = -22 [ 178.033631][ T8276] active_anon:9528 inactive_anon:0 isolated_anon:0 [ 178.033631][ T8276] active_file:1769 inactive_file:3104 isolated_file:0 [ 178.033631][ T8276] unevictable:768 dirty:429 writeback:0 [ 178.033631][ T8276] slab_reclaimable:9259 slab_unreclaimable:100229 [ 178.033631][ T8276] mapped:25526 shmem:5459 pagetables:881 [ 178.033631][ T8276] sec_pagetables:0 bounce:0 [ 178.033631][ T8276] kernel_misc_reclaimable:0 [ 178.033631][ T8276] free:1316973 free_pcp:3954 free_cma:0 [ 178.041096][ T8347] (syz.2.1131,8347,1):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 178.085986][ C0] vkms_vblank_simulate: vblank timer overrun [ 178.098662][ T5302] usb 4-1: Using ep0 maxpacket: 16 [ 178.100785][ T8347] (syz.2.1131,8347,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 178.154303][ T8276] Node 0 active_anon:31420kB inactive_anon:0kB active_file:7076kB inactive_file:12480kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:102120kB dirty:1768kB writeback:0kB shmem:13732kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10680kB pagetables:3564kB sec_pagetables:0kB all_unreclaimable? no [ 178.186611][ C0] vkms_vblank_simulate: vblank timer overrun [ 178.235498][ T8276] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 178.267863][ T5302] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 178.279321][ T5302] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 178.289190][ T5302] usb 4-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00 [ 178.298394][ T5302] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.320154][ T8276] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 178.347300][ C0] vkms_vblank_simulate: vblank timer overrun [ 178.355680][ T5302] usb 4-1: config 0 descriptor?? [ 178.360937][ T8276] lowmem_reserve[]: 0 2465 2466 0 0 [ 178.366471][ T8276] Node 0 DMA32 free:1336052kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:21576kB inactive_anon:0kB active_file:7000kB inactive_file:11888kB unevictable:1536kB writepending:1728kB present:3129332kB managed:2552500kB mlocked:0kB bounce:0kB free_pcp:17016kB local_pcp:4kB free_cma:0kB [ 178.396693][ C0] vkms_vblank_simulate: vblank timer overrun [ 178.403739][ T8276] lowmem_reserve[]: 0 0 0 0 0 [ 178.408881][ T8276] Node 0 Normal free:20kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:204kB inactive_anon:0kB active_file:76kB inactive_file:516kB unevictable:0kB writepending:28kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:48kB local_pcp:36kB free_cma:0kB [ 178.436206][ C0] vkms_vblank_simulate: vblank timer overrun [ 178.443740][ T8276] lowmem_reserve[]: 0 0 0 0 0 [ 178.448609][ T8276] Node 1 Normal free:3931360kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 178.481392][ T8276] lowmem_reserve[]: 0 0 0 0 0 [ 178.486274][ T8276] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 178.499209][ T8276] Node 0 DMA32: 606*4kB (UME) 551*8kB (UME) 377*16kB (UME) 270*32kB (UME) 121*64kB (UME) 84*128kB (UME) 45*256kB (UME) 25*512kB (ME) 19*1024kB (UME) 10*2048kB (UM) 305*4096kB (M) = 1353536kB [ 178.518680][ T8276] Node 0 Normal: 2*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 178.531109][ T8276] Node 1 Normal: 198*4kB (UME) 59*8kB (UME) 39*16kB (UME) 164*32kB (UME) 78*64kB (UME) 33*128kB (UME) 17*256kB (UME) 8*512kB (UME) 5*1024kB (UME) 3*2048kB (UE) 951*4096kB (M) = 3931360kB [ 178.550174][ T8276] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 178.560069][ T8276] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 178.569495][ T8276] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 178.579194][ T8276] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 178.589120][ T8276] 6112 total pagecache pages [ 178.594199][ T8276] 0 pages in swap cache [ 178.598718][ T8276] Free swap = 124984kB [ 178.602996][ T8276] Total swap = 124996kB [ 178.607234][ T8276] 2097051 pages RAM [ 178.611457][ T8276] 0 pages HighMem/MovableOnly [ 178.616510][ T8276] 427076 pages reserved [ 178.620918][ T8276] 0 pages cma reserved [ 178.868961][ T8361] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1137'. [ 178.916163][ T8361] netlink: 'syz.0.1137': attribute type 3 has an invalid length. [ 179.288278][ T8372] loop0: detected capacity change from 0 to 2048 [ 179.319935][ T8372] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 179.350734][ T8372] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 180.120782][ T8382] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1145'. [ 180.420809][ T8385] openvswitch: netlink: Duplicate or invalid key (type 0). [ 180.474574][ T8385] openvswitch: netlink: Actions may not be safe on all matching packets [ 180.536895][ T8388] loop1: detected capacity change from 0 to 256 [ 180.845165][ T8390] loop4: detected capacity change from 0 to 512 [ 180.893989][ T8390] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 180.995652][ T6050] udevd[6050]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 181.214890][ T8363] loop5: detected capacity change from 0 to 32768 [ 181.461985][ T8363] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 181.477645][ T8363] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 181.690246][ T8390] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.733192][ T8363] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 181.794137][ T5334] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 181.811974][ T5334] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 182.012820][ T7429] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.072085][ T5302] usbhid 4-1:0.0: can't add hid device: -71 [ 182.078166][ T5302] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 182.088040][ T5302] usb 4-1: USB disconnect, device number 13 [ 182.103083][ T8378] loop0: detected capacity change from 0 to 32768 [ 182.144412][ T5334] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 332ms [ 182.154345][ T5334] gfs2: fsid=syz:syz.0: jid=0: Done [ 182.170108][ T8363] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 182.201784][ T8378] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 182.209362][ T8378] CPU: 1 UID: 0 PID: 8378 Comm: syz.0.1142 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 182.220076][ T8378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 182.230141][ T8378] Call Trace: [ 182.233425][ T8378] [ 182.236358][ T8378] dump_stack_lvl+0x241/0x360 [ 182.241055][ T8378] ? __pfx_dump_stack_lvl+0x10/0x10 [ 182.246268][ T8378] ? __pfx__printk+0x10/0x10 [ 182.250878][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.256522][ T8378] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 182.261828][ T8378] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 182.267399][ T8378] sysfs_create_dir_ns+0x2ce/0x3a0 [ 182.272532][ T8378] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 182.278180][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.283835][ T8378] kobject_add_internal+0x435/0x8d0 [ 182.289056][ T8378] kobject_init_and_add+0x124/0x190 [ 182.294268][ T8378] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 182.300110][ T8378] ? __pfx_kobject_init_and_add+0x10/0x10 [ 182.305841][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.311491][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.317133][ T8378] ? __init_swait_queue_head+0xae/0x150 [ 182.322706][ T8378] gfs2_sys_fs_add+0x23b/0x4a0 [ 182.327498][ T8378] ? __pfx_gfs2_sys_fs_add+0x10/0x10 [ 182.332817][ T8378] ? __pfx_alloc_workqueue+0x10/0x10 [ 182.338119][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.343767][ T8378] ? read_word_at_a_time+0xe/0x20 [ 182.348801][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.354445][ T8378] ? sized_strscpy+0x8d/0x220 [ 182.359133][ T8378] gfs2_fill_super+0x11ee/0x24d0 [ 182.364106][ T8378] ? __pfx_gfs2_fill_super+0x10/0x10 [ 182.369400][ T8378] ? snprintf+0xda/0x120 [ 182.373659][ T8378] ? __pfx_lock_release+0x10/0x10 [ 182.378790][ T8378] ? do_raw_spin_lock+0x14f/0x370 [ 182.383835][ T8378] ? __pfx_snprintf+0x10/0x10 [ 182.388526][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.394176][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.399838][ T8378] ? sb_set_blocksize+0x98/0xf0 [ 182.404703][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.410351][ T8378] ? setup_bdev_super+0x4e6/0x5d0 [ 182.415398][ T8378] get_tree_bdev+0x3f9/0x570 [ 182.419999][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.425646][ T8378] ? __pfx_gfs2_fill_super+0x10/0x10 [ 182.430953][ T8378] ? __pfx_get_tree_bdev+0x10/0x10 [ 182.436084][ T8378] gfs2_get_tree+0x54/0x220 [ 182.440604][ T8378] vfs_get_tree+0x92/0x2b0 [ 182.445036][ T8378] do_new_mount+0x2be/0xb40 [ 182.449639][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.455294][ T8378] ? __pfx_do_new_mount+0x10/0x10 [ 182.460353][ T8378] __se_sys_mount+0x2d6/0x3c0 [ 182.465057][ T8378] ? __pfx___se_sys_mount+0x10/0x10 [ 182.470276][ T8378] ? exc_page_fault+0x590/0x8c0 [ 182.475181][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.480844][ T8378] ? srso_alias_return_thunk+0x5/0xfbef5 [ 182.486486][ T8378] ? __x64_sys_mount+0x20/0xc0 [ 182.491265][ T8378] do_syscall_64+0xf3/0x230 [ 182.495786][ T8378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.501702][ T8378] RIP: 0033:0x7fedcb97f79a [ 182.506122][ T8378] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.525734][ T8378] RSP: 002b:00007fedcc714e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 182.534163][ T8378] RAX: ffffffffffffffda RBX: 00007fedcc714ef0 RCX: 00007fedcb97f79a [ 182.542140][ T8378] RDX: 00000000200002c0 RSI: 0000000020000100 RDI: 00007fedcc714eb0 [ 182.550123][ T8378] RBP: 00000000200002c0 R08: 00007fedcc714ef0 R09: 0000000000008c9b [ 182.558098][ T8378] R10: 0000000000008c9b R11: 0000000000000246 R12: 0000000020000100 [ 182.566077][ T8378] R13: 00007fedcc714eb0 R14: 000000000001279f R15: 00000000200013c0 [ 182.574072][ T8378] [ 182.598824][ T8378] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 182.718699][ T8378] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 182.766545][ T5302] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 183.039441][ T5302] usb 4-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 183.051935][ T5302] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.094903][ T5302] usb 4-1: Product: syz [ 183.130590][ T1751] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 183.149180][ T5302] usb 4-1: Manufacturer: syz [ 183.200233][ T5302] usb 4-1: SerialNumber: syz [ 183.212758][ T8431] netlink: 240 bytes leftover after parsing attributes in process `syz.5.1164'. [ 183.218827][ T5302] usb 4-1: config 0 descriptor?? [ 183.250257][ T8431] NCSI netlink: No device for ifindex 33554690 [ 183.273710][ T5302] i2c-tiny-usb 4-1:0.0: version 6d.cc found at bus 004 address 014 [ 183.315874][ T1751] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 183.335100][ T1751] usb 5-1: New USB device found, idVendor=1110, idProduct=9001, bcdDevice=b2.a9 [ 183.346202][ T1751] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.391356][ T5302] (null): failure setting delay to 10us [ 183.397755][ T1751] usb 5-1: Product: syz [ 183.410824][ T1751] usb 5-1: Manufacturer: syz [ 183.412562][ T5302] i2c-tiny-usb 4-1:0.0: probe with driver i2c-tiny-usb failed with error -5 [ 183.415473][ T1751] usb 5-1: SerialNumber: syz [ 183.455191][ T1751] usb 5-1: config 0 descriptor?? [ 183.482258][ T1751] usb 5-1: [ueagle-atm] ADSL device founded vid (0X1110) pid (0X9001) Rev (0XB2A9): ADI930 [ 183.547796][ T5302] usb 4-1: USB disconnect, device number 14 [ 183.598390][ T8440] loop5: detected capacity change from 0 to 1024 [ 183.652356][ T8440] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 183.721133][ T8440] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.723517][ T1751] usb 5-1: reset high-speed USB device number 9 using dummy_hcd [ 183.744384][ T6050] udevd[6050]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system [ 183.774675][ T8449] loop2: detected capacity change from 0 to 128 [ 183.800267][ T8449] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 183.816335][ T8449] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 184.008049][ T5233] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.183712][ T8458] loop3: detected capacity change from 0 to 512 [ 184.198892][ T8462] loop5: detected capacity change from 0 to 64 [ 184.217007][ T8458] EXT4-fs: Ignoring removed nobh option [ 184.249417][ T8464] loop0: detected capacity change from 0 to 128 [ 184.294783][ T8458] fscrypt (loop3, inode 2): Error -61 getting encryption context [ 184.313007][ T8458] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61 [ 184.336132][ T8464] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 184.336785][ T6030] udevd[6030]: symlink '../../loop0' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:0' failed: Read-only file system [ 184.349542][ T8458] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #13: comm syz.3.1177: casefold flag without casefold feature [ 184.387756][ T5226] udevd[5226]: symlink '../../loop0' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:0' failed: Read-only file system [ 184.404463][ T6050] udevd[6050]: symlink '../../loop5' '/dev/disk/by-label/untitled.tmp-b7:5' failed: Read-only file system [ 184.438868][ T6050] udevd[6050]: symlink '../../loop5' '/dev/disk/by-label/untitled.tmp-b7:5' failed: Read-only file system [ 184.504659][ T6050] udevd[6050]: symlink '../../loop5' '/dev/disk/by-label/untitled.tmp-b7:5' failed: Read-only file system [ 184.545072][ T8458] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.1177: couldn't read orphan inode 13 (err -117) [ 184.584455][ T5251] udevd[5251]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 184.599853][ T8458] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.617633][ T8461] loop2: detected capacity change from 0 to 32768 [ 184.632942][ T8461] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 184.647465][ T8462] hfs: keylen 94 too large [ 184.662013][ T8461] JBD2: Ignoring recovery information on journal [ 184.686180][ T5226] udevd[5226]: symlink '../../loop2' '/dev/disk/by-uuid/03e7aa51-a951-448e-b9eb-6dd609435e20.tmp-b7:2' failed: Read-only file system [ 184.776356][ T5240] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 184.777736][ T8461] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 184.837122][ T1751] usb 5-1: [ueagle-atm] pre-firmware device, uploading firmware [ 184.851925][ T1751] usb 5-1: [ueagle-atm] loading firmware ueagle-atm/adi930.fw [ 184.853108][ T5232] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.885925][ T1751] usb 5-1: USB disconnect, device number 9 [ 184.941872][ T5343] usb 5-1: Direct firmware load for ueagle-atm/adi930.fw failed with error -2 [ 185.015055][ T5343] usb 5-1: Falling back to sysfs fallback for: ueagle-atm/adi930.fw [ 185.070615][ T5343] kobject: kobject_add_internal failed for firmware (error: -2 parent: 5-1) [ 185.091705][ T5343] firmware ueagle-atm!adi930.fw: fw_load_sysfs_fallback: device_register failed [ 185.125308][ T5343] usb 5-1: [UEAGLE-ATM] firmware is not available [ 185.158874][ T5234] ocfs2: Unmounting device (7,2) on (node local) [ 185.613233][ T8454] loop1: detected capacity change from 0 to 32768 [ 185.683777][ T8454] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 185.708468][ T6050] udevd[6050]: symlink '../../loop1' '/dev/disk/by-uuid/bfdc47fc-10d8-4eed-a562-11a831b3f791.tmp-b7:1' failed: Read-only file system [ 185.783054][ T8492] loop5: detected capacity change from 0 to 256 [ 185.946723][ T8478] loop0: detected capacity change from 0 to 32768 [ 185.986121][ T8478] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 186.058525][ T8492] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 186.177316][ T8510] program syz.2.1194 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 186.248173][ T8512] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 186.267145][ T5240] ocfs2: Unmounting device (7,0) on (node local) [ 186.364167][ T6050] udevd[6050]: symlink '../../loop0' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:0' failed: Read-only file system [ 186.390880][ C1] sd 0:0:1:0: [sda] tag#2397 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 186.401373][ C1] sd 0:0:1:0: [sda] tag#2397 CDB: Read(6) 08 00 00 00 00 00 [ 186.411255][ T47] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 186.431909][ T8520] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1198'. [ 186.569372][ T8454] XFS (loop1): Ending clean mount [ 186.594050][ T47] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 186.632326][ T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.684999][ T8454] XFS (loop1): Quotacheck needed: Please wait. [ 186.694104][ T47] usb 4-1: config 0 descriptor?? [ 186.726406][ T8454] XFS (loop1): Quotacheck: Done. [ 186.764469][ T47] cp210x 4-1:0.0: cp210x converter detected [ 186.951860][ T5225] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 187.103918][ T8526] loop4: detected capacity change from 0 to 32768 [ 187.111817][ T8526] XFS: attr2 mount option is deprecated. [ 187.117498][ T8526] XFS: ikeep mount option is deprecated. [ 187.123305][ T8526] XFS: noikeep mount option is deprecated. [ 187.248705][ T8541] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.1208'. [ 187.294938][ T5608] udevd[5608]: symlink '../../loop4' '/dev/disk/by-uuid/a2f82aab-77f8-4286-afd4-a8f747a74bab.tmp-b7:4' failed: Read-only file system [ 187.320665][ T8526] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 187.370562][ T8541] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes. [ 187.382252][ T47] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 187.390005][ T47] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 187.408392][ T47] usb 4-1: cp210x converter now attached to ttyUSB0 [ 187.608322][ T47] usb 4-1: USB disconnect, device number 15 [ 187.674308][ T47] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 187.682862][ T47] cp210x 4-1:0.0: device disconnected [ 187.833353][ T8526] XFS (loop4): Ending clean mount [ 187.853934][ T8526] XFS (loop4): Quotacheck needed: Please wait. [ 187.935997][ T8569] netlink: 'syz.0.1219': attribute type 10 has an invalid length. [ 187.954096][ T8571] loop1: detected capacity change from 0 to 512 [ 187.982685][ T8571] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 188.013865][ T6050] udevd[6050]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 188.035993][ T8526] XFS (loop4): Quotacheck: Done. [ 188.065481][ T8571] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2002c02c, mo2=0002] [ 188.086298][ T8571] System zones: 1-12 [ 188.123795][ T8571] EXT4-fs (loop1): 1 truncate cleaned up [ 188.157949][ T7429] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 188.180857][ T5343] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 188.200607][ T8571] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.340791][ T5343] usb 3-1: Using ep0 maxpacket: 8 [ 188.489814][ T8589] loop4: detected capacity change from 0 to 24 [ 188.496574][ T5343] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.500924][ T5225] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.508817][ T5343] usb 3-1: New USB device found, idVendor=044e, idProduct=121e, bcdDevice= 0.00 [ 188.523470][ T8589] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 188.525869][ T5343] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.542303][ T5343] usb 3-1: config 0 descriptor?? [ 188.553211][ T6050] udevd[6050]: symlink '../../loop4' '/dev/disk/by-label/rom\x20637cf1fa.tmp-b7:4' failed: Read-only file system [ 188.588332][ T8589] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 188.973656][ T5343] hid-alps 0003:044E:121E.0024: hidraw0: USB HID v0.00 Device [HID 044e:121e] on usb-dummy_hcd.2-1/input0 [ 188.997310][ T8599] loop4: detected capacity change from 0 to 1024 [ 189.079971][ T8599] hfsplus: keylen 65060 too large [ 189.087228][ T8599] hfsplus: keylen 65060 too large [ 189.091397][ T6030] udevd[6030]: symlink '../../loop4' '/dev/disk/by-label/untitled.tmp-b7:4' failed: Read-only file system [ 189.127281][ T6030] udevd[6030]: symlink '../../loop4' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:4' failed: Read-only file system [ 189.289204][ T1751] usb 3-1: USB disconnect, device number 12 [ 189.395684][ T8617] syz.1.1239 (8617): attempted to duplicate a private mapping with mremap. This is not supported. [ 189.399348][ T8618] loop5: detected capacity change from 0 to 256 [ 190.125839][ T8641] loop1: detected capacity change from 0 to 1024 [ 190.210590][ T8650] loop2: detected capacity change from 0 to 512 [ 190.233881][ T6050] udevd[6050]: symlink '../../loop1' '/dev/disk/by-label/untitled.tmp-b7:1' failed: Read-only file system [ 190.251118][ T8650] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 190.258813][ T6050] udevd[6050]: symlink '../../loop1' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:1' failed: Read-only file system [ 190.330830][ T5308] hfsplus: b-tree write err: -5, ino 4 [ 190.362066][ T8654] openvswitch: netlink: Actions may not be safe on all matching packets [ 190.423524][ T8657] loop5: detected capacity change from 0 to 2048 [ 190.549487][ T5608] udevd[5608]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system [ 190.631658][ T8650] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.714635][ T8671] loop3: detected capacity change from 0 to 512 [ 190.737758][ T8657] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 190.739317][ T8671] EXT4-fs error (device loop3): __ext4_iget:4952: inode #11: block 16: comm syz.3.1265: invalid block [ 190.750323][ T5236] udevd[5236]: symlink '../../loop5' '/dev/disk/by-label/LinuxUDF.tmp-b7:5' failed: Read-only file system [ 190.782305][ T5234] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.814264][ T8657] cifs: Unknown parameter 'anchor' [ 190.831152][ T1751] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 190.869824][ T8671] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.1265: couldn't read orphan inode 11 (err -117) [ 190.917189][ T8671] EXT4-fs (loop3): 1 truncate cleaned up [ 190.941954][ T8671] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.958826][ T8676] loop5: detected capacity change from 0 to 256 [ 191.019043][ T8671] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1265: bg 0: block 16: invalid block bitmap [ 191.182263][ T8684] loop4: detected capacity change from 0 to 512 [ 191.222698][ T8686] loop2: detected capacity change from 0 to 512 [ 191.229249][ T1751] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 191.251799][ T5232] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.275677][ T8686] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 191.295104][ T1751] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 191.321782][ T8684] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c11c, mo2=0002] [ 191.330670][ T8686] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 191.370632][ T1751] usb 1-1: New USB device found, idVendor=056a, idProduct=0027, bcdDevice= 0.00 [ 191.379866][ T1751] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.380676][ T8684] System zones: 0-2, 18-18, 34-34 [ 191.419144][ T8684] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1273: bg 0: block 248: padding at end of block bitmap is not set [ 191.438703][ T8684] Quota error (device loop4): write_blk: dquota write failed [ 191.445286][ T8686] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 191.447786][ T8684] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 191.464746][ T8684] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.1273: Failed to acquire dquot type 1 [ 191.495428][ T1751] usb 1-1: config 0 descriptor?? [ 191.504982][ T8684] EXT4-fs (loop4): 1 truncate cleaned up [ 191.514242][ T8684] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 191.542330][ T8686] System zones: 0-2, 18-18, 34-34 [ 191.550040][ T8686] EXT4-fs (loop2): orphan cleanup on readonly fs [ 191.562225][ T8686] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 191.633476][ T8686] EXT4-fs (loop2): 1 truncate cleaned up [ 191.672539][ T8686] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 191.696615][ T7429] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.734091][ T11] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5 [ 191.753033][ T11] EXT4-fs error (device loop4): ext4_release_dquot:6902: comm kworker/u8:0: Failed to release dquot type 1 [ 191.894776][ T5234] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.922974][ T8703] netlink: 'syz.5.1279': attribute type 12 has an invalid length. [ 191.949130][ T6050] udevd[6050]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 191.966759][ T8703] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1279'. [ 191.978955][ T1751] wacom 0003:056A:0027.0025: Unknown device_type for 'HID 056a:0027'. Assuming pen. [ 192.001837][ T1751] wacom 0003:056A:0027.0025: hidraw0: USB HID v0.00 Device [HID 056a:0027] on usb-dummy_hcd.0-1/input0 [ 192.032322][ T1751] input: Wacom Intuos5 touch M Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0027.0025/input/input16 [ 192.103618][ T8711] loop4: detected capacity change from 0 to 512 [ 192.137409][ T8711] EXT4-fs (loop4): Test dummy encryption mode enabled [ 192.157653][ T8711] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 192.181432][ T1751] usb 1-1: USB disconnect, device number 11 [ 192.211312][ T8711] EXT4-fs (loop4): 1 truncate cleaned up [ 192.246497][ T8711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 192.307858][ T5251] udevd[5251]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 192.377689][ T8711] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.4.1278: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=16, rec_len=0, size=1024 fake=0 [ 192.413727][ T8711] EXT4-fs (loop4): Remounting filesystem read-only [ 192.491926][ T5343] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 192.497558][ T7429] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.650489][ T5343] usb 2-1: Using ep0 maxpacket: 32 [ 192.658590][ T5343] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 192.700458][ T5343] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 192.721356][ T5343] usb 2-1: New USB device found, idVendor=057e, idProduct=201e, bcdDevice= 0.00 [ 192.736577][ T5343] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.791549][ T5343] usb 2-1: config 0 descriptor?? [ 192.953737][ T8738] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1296'. [ 192.980641][ T8738] netlink: 280 bytes leftover after parsing attributes in process `syz.0.1296'. [ 193.242902][ T5343] nintendo 0003:057E:201E.0026: unknown main item tag 0x0 [ 193.273935][ T5343] nintendo 0003:057E:201E.0026: unknown main item tag 0x0 [ 193.315388][ T5343] nintendo 0003:057E:201E.0026: unknown main item tag 0x0 [ 193.386479][ T5343] nintendo 0003:057E:201E.0026: collection stack underflow [ 193.420499][ T5343] nintendo 0003:057E:201E.0026: item 0 1 0 12 parsing failed [ 193.428426][ T5343] nintendo 0003:057E:201E.0026: HID parse failed [ 193.551691][ T5343] nintendo 0003:057E:201E.0026: probe - fail = -22 [ 193.558328][ T5343] nintendo 0003:057E:201E.0026: probe with driver nintendo failed with error -22 [ 193.601146][ T5343] usb 2-1: USB disconnect, device number 14 [ 193.640746][ T8733] loop3: detected capacity change from 0 to 32768 [ 193.648645][ T8733] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1293 (8733) [ 193.692706][ T8747] loop0: detected capacity change from 0 to 4096 [ 193.699274][ T8733] BTRFS info (device loop3): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 193.720638][ T8733] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 193.735274][ T8747] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 193.760779][ T8733] BTRFS info (device loop3): using free-space-tree [ 193.786972][ T1259] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.795792][ T1259] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.813084][ T5608] udevd[5608]: symlink '../../loop3' '/dev/disk/by-uuid/5e4b7888-5e56-43f0-8345-635ad0fd87c6.tmp-b7:3' failed: Read-only file system [ 193.856731][ T8747] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 193.866489][ T8720] udevd[8720]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 193.931295][ T8720] udevd[8720]: symlink '../../loop0' '/dev/disk/by-uuid/68CE0ED73BAA5F78.tmp-b7:0' failed: Read-only file system [ 194.306421][ T5232] BTRFS info (device loop3): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 194.326299][ T5608] udevd[5608]: symlink '../../loop3' '/dev/disk/by-uuid/5e4b7888-5e56-43f0-8345-635ad0fd87c6.tmp-b7:3' failed: Read-only file system [ 194.706527][ T8736] loop2: detected capacity change from 0 to 32768 [ 194.808996][ T29] audit: type=1800 audit(194.776:41): pid=8736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1295" name="file1" dev="loop2" ino=4 res=0 errno=0 [ 194.849391][ T8778] infiniband syz1: set down [ 194.855884][ T8778] infiniband syz1: added ipvlan1 [ 194.866529][ T8736] syz.2.1295: attempt to access beyond end of device [ 194.866529][ T8736] loop2: rw=34817, sector=2621792, nr_sectors = 24 limit=32768 [ 194.951912][ T8778] RDS/IB: syz1: added [ 194.956584][ T8778] smc: adding ib device syz1 with port count 1 [ 194.962947][ T8778] smc: ib device syz1 port 1 has pnetid [ 194.964020][ T6030] udevd[6030]: symlink '../../loop2' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:2' failed: Read-only file system [ 194.970328][ T111] blkno = 5002c, nblocks = 3 [ 194.987466][ T111] ERROR: (device loop2): dbFree: block to be freed is outside the map [ 194.987466][ T111] [ 194.990917][ T5343] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 195.015958][ T111] ERROR: (device loop2): remounting filesystem as read-only [ 195.242575][ T5343] usb 6-1: config 0 has an invalid interface number: 4 but max is 0 [ 195.258895][ T5343] usb 6-1: config 0 has no interface number 0 [ 195.271121][ T5343] usb 6-1: config 0 interface 4 has no altsetting 0 [ 195.284655][ T5343] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 195.297740][ T5343] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.324254][ T5343] usb 6-1: config 0 descriptor?? [ 195.343400][ T5343] cp210x 6-1:0.4: cp210x converter detected [ 195.634198][ T8813] loop1: detected capacity change from 0 to 1024 [ 195.743456][ T5343] cp210x 6-1:0.4: failed to get vendor val 0x000e size 3: -71 [ 195.755052][ T5343] usb 6-1: cp210x converter now attached to ttyUSB0 [ 195.775343][ T8720] udevd[8720]: symlink '../../loop1' '/dev/disk/by-label/untitled.tmp-b7:1' failed: Read-only file system [ 195.808750][ T5343] usb 6-1: USB disconnect, device number 13 [ 195.830071][ T8720] udevd[8720]: symlink '../../loop1' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:1' failed: Read-only file system [ 195.849022][ T11] hfsplus: b-tree write err: -5, ino 4 [ 195.882820][ T5343] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 195.920618][ T5343] cp210x 6-1:0.4: device disconnected [ 196.420124][ T8811] loop3: detected capacity change from 0 to 32768 [ 196.460714][ T29] audit: type=1800 audit(196.436:42): pid=8811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1322" name="file1" dev="loop3" ino=4 res=0 errno=0 [ 196.584485][ T8720] udevd[8720]: symlink '../../loop3' '/dev/disk/by-uuid/f30b150f-ecac-472d-98b2-96cb299d2b2c.tmp-b7:3' failed: Read-only file system [ 196.893277][ T8822] loop1: detected capacity change from 0 to 32768 [ 196.921820][ T8822] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1325 (8822) [ 196.973273][ T8720] udevd[8720]: symlink '../../loop1' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:1' failed: Read-only file system [ 196.997216][ T8822] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 197.026566][ T8822] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 197.080576][ T8822] BTRFS info (device loop1): using free-space-tree [ 197.106272][ T8835] loop5: detected capacity change from 0 to 512 [ 197.165980][ T6050] udevd[6050]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system [ 197.208835][ T8835] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 197.280792][ T8835] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it [ 197.309542][ T8835] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1333: Corrupt directory, running e2fsck is recommended [ 197.362694][ T8835] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 197.371495][ T5225] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 197.387580][ T8835] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.1333: corrupted in-inode xattr: invalid ea_ino [ 197.403112][ T8835] EXT4-fs (loop5): Remounting filesystem read-only [ 197.419510][ T8835] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.618638][ T8818] lo speed is unknown, defaulting to 1000 [ 197.670560][ T8818] lo speed is unknown, defaulting to 1000 [ 197.677670][ T8818] lo speed is unknown, defaulting to 1000 [ 197.687888][ T5233] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.747242][ T8818] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 197.909441][ T8818] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 197.925401][ T8841] loop3: detected capacity change from 0 to 32768 [ 198.044463][ T8818] lo speed is unknown, defaulting to 1000 [ 198.044463][ T8841] XFS (loop3): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 198.133277][ T6030] udevd[6030]: symlink '../../loop3' '/dev/disk/by-uuid/ca7e2101-b8f1-4838-8e2d-7637b90620e6.tmp-b7:3' failed: Read-only file system [ 198.135099][ T8866] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1338'. [ 198.157601][ T8818] lo speed is unknown, defaulting to 1000 [ 198.167522][ T8818] lo speed is unknown, defaulting to 1000 [ 198.178318][ T8818] lo speed is unknown, defaulting to 1000 [ 198.187250][ T8818] lo speed is unknown, defaulting to 1000 [ 198.194760][ T8818] lo speed is unknown, defaulting to 1000 [ 198.519148][ T8841] XFS (loop3): Ending clean mount [ 198.527595][ T8841] XFS (loop3): Quotacheck needed: Please wait. [ 198.586783][ T8885] netlink: 168 bytes leftover after parsing attributes in process `syz.5.1344'. [ 198.609282][ T8841] XFS (loop3): Quotacheck: Done. [ 198.720700][ T47] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 198.772757][ T5232] XFS (loop3): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 198.872301][ T47] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 198.914940][ T47] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 198.944685][ T47] usb 2-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00 [ 198.980621][ T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.006393][ T47] usb 2-1: config 0 descriptor?? [ 200.359185][ T8934] loop2: detected capacity change from 0 to 4096 [ 200.628221][ T8720] udevd[8720]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system [ 200.690957][ T47] chicony 0003:04F2:1236.0027: unbalanced collection at end of report description [ 200.699895][ T8720] udevd[8720]: symlink '../../loop2' '/dev/disk/by-uuid/0B506D495F2D248F.tmp-b7:2' failed: Read-only file system [ 200.700857][ T47] chicony 0003:04F2:1236.0027: Chicony hid parse failed: -22 [ 200.719590][ T47] chicony 0003:04F2:1236.0027: probe with driver chicony failed with error -22 [ 200.731627][ T47] usb 2-1: USB disconnect, device number 15 [ 200.837516][ T8934] ntfs3(loop2): failed to convert "0000" to iso8859-15 [ 200.880526][ T5302] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 200.923383][ T8920] loop4: detected capacity change from 0 to 131072 [ 200.934359][ T8920] F2FS-fs (loop4): Test dummy encryption mode enabled [ 200.946231][ T8920] F2FS-fs (loop4): invalid crc value [ 200.961569][ T8920] F2FS-fs (loop4): Invalid segment type: 16, segno: 21 [ 200.978454][ T8920] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-117) [ 201.029372][ T8934] ntfs3(loop2): failed to convert name for inode 1e. [ 201.075554][ T1751] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 201.126396][ T5226] udevd[5226]: symlink '../../loop4' '/dev/disk/by-uuid/36fde3fc-a519-493c-8baa-e32931e9a89c.tmp-b7:4' failed: Read-only file system [ 201.153083][ T5302] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 201.162810][ T5302] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.223250][ T5302] usb 4-1: config 0 descriptor?? [ 201.261310][ T1751] usb 6-1: Using ep0 maxpacket: 32 [ 201.308218][ T8952] loop1: detected capacity change from 0 to 128 [ 201.525828][ T8720] udevd[8720]: symlink '../../loop1' '/dev/disk/by-uuid/8AF2-7630.tmp-b7:1' failed: Read-only file system [ 201.600676][ T8956] mkiss: ax0: crc mode is auto. [ 201.717176][ T1751] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.728486][ T1751] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.738500][ T1751] usb 6-1: New USB device found, idVendor=044f, idProduct=b320, bcdDevice= 0.00 [ 201.747632][ T1751] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.781596][ T1751] usb 6-1: config 0 descriptor?? [ 201.960077][ T5302] usb 4-1: Cannot set autoneg [ 201.970190][ T5302] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 202.058625][ T5302] usb 4-1: USB disconnect, device number 16 [ 202.258125][ T8975] loop2: detected capacity change from 0 to 512 [ 202.267163][ T8975] EXT4-fs: Ignoring removed oldalloc option [ 202.309543][ T1751] thrustmaster 0003:044F:B320.0028: unknown main item tag 0x0 [ 202.318296][ T8969] loop1: detected capacity change from 0 to 4096 [ 202.325153][ T1751] thrustmaster 0003:044F:B320.0028: unknown main item tag 0x0 [ 202.335973][ T6050] udevd[6050]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system [ 202.369337][ T8975] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1384: Parent and EA inode have the same ino 15 [ 202.383580][ T1751] thrustmaster 0003:044F:B320.0028: unknown main item tag 0x0 [ 202.413740][ T8969] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 202.440546][ T1751] thrustmaster 0003:044F:B320.0028: unknown main item tag 0x0 [ 202.448080][ T1751] thrustmaster 0003:044F:B320.0028: unknown main item tag 0x0 [ 202.466405][ T8975] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1384: Parent and EA inode have the same ino 15 [ 202.476440][ T8720] udevd[8720]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 202.511972][ T8720] udevd[8720]: symlink '../../loop1' '/dev/disk/by-uuid/5EB3BBC71C8702BB.tmp-b7:1' failed: Read-only file system [ 202.513078][ T1751] thrustmaster 0003:044F:B320.0028: hidraw0: USB HID v0.00 Device [HID 044f:b320] on usb-dummy_hcd.5-1/input0 [ 202.544992][ T8975] EXT4-fs (loop2): 1 orphan inode deleted [ 202.555123][ T8969] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 202.565861][ T8975] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 202.630726][ T1751] thrustmaster 0003:044F:B320.0028: no inputs found [ 202.711573][ T8987] netlink: 'syz.3.1389': attribute type 30 has an invalid length. [ 202.758218][ T1751] usb 6-1: USB disconnect, device number 14 [ 202.787534][ T5234] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.874471][ T6050] udevd[6050]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system [ 203.287321][ T9008] netlink: 'syz.1.1397': attribute type 4 has an invalid length. [ 203.337458][ T9008] netlink: 'syz.1.1397': attribute type 1 has an invalid length. [ 203.359435][ T9008] netlink: 88156 bytes leftover after parsing attributes in process `syz.1.1397'. [ 203.553463][ T9012] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1400'. [ 203.604388][ T8994] loop2: detected capacity change from 0 to 32768 [ 203.617987][ T8994] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1391 (8994) [ 203.644351][ T8994] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 203.649828][ T9014] loop1: detected capacity change from 0 to 512 [ 203.654926][ T8994] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 203.671506][ T8994] BTRFS info (device loop2): using free-space-tree [ 203.701737][ T6050] udevd[6050]: symlink '../../loop2' '/dev/disk/by-uuid/5e4b7888-5e56-43f0-8345-635ad0fd87c6.tmp-b7:2' failed: Read-only file system [ 203.761585][ T9014] EXT4-fs error (device loop1): ext4_orphan_get:1388: inode #15: comm syz.1.1401: casefold flag without casefold feature [ 203.814056][ T9014] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1401: couldn't read orphan inode 15 (err -117) [ 203.920260][ T8720] udevd[8720]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 203.943774][ T9014] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.162035][ T5225] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.201319][ T5234] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 204.682476][ T9037] loop3: detected capacity change from 0 to 32768 [ 204.784842][ T9010] loop5: detected capacity change from 0 to 40427 [ 204.942441][ T9037] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 204.969115][ T9035] lo speed is unknown, defaulting to 1000 [ 204.991052][ T9052] netlink: 'syz.0.1409': attribute type 29 has an invalid length. [ 205.000254][ T9052] netlink: 'syz.0.1409': attribute type 29 has an invalid length. [ 205.019762][ T6050] udevd[6050]: symlink '../../loop5' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:5' failed: Read-only file system [ 205.040542][ T9010] F2FS-fs (loop5): Found nat_bits in checkpoint [ 205.061116][ T8720] udevd[8720]: symlink '../../loop3' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:3' failed: Read-only file system [ 205.186834][ T9059] tipc: Started in network mode [ 205.192201][ T9059] tipc: Node identity 5f5f2eaa, cluster identity 4711 [ 205.199016][ T9059] tipc: Enabling of bearer rejected, failed to enable media [ 205.241813][ T9037] OCFS2: ERROR (device loop3): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 205.277924][ T9010] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 205.317144][ T9037] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 205.373775][ T9037] OCFS2: File system is now read-only. [ 205.379292][ T9037] (syz.3.1405,9037,0):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 205.460547][ T9053] OCFS2: ERROR (device loop3): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 205.483580][ T9053] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 205.493926][ T9053] (syz.3.1405,9053,0):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 205.533247][ T5233] syz-executor: attempt to access beyond end of device [ 205.533247][ T5233] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 205.548364][ T5233] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 205.680450][ T47] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 205.706114][ T5232] ocfs2: Unmounting device (7,3) on (node local) [ 205.710314][ T9069] loop4: detected capacity change from 0 to 1024 [ 205.799542][ T8720] udevd[8720]: symlink '../../loop4' '/dev/disk/by-label/untitled.tmp-b7:4' failed: Read-only file system [ 205.822590][ T8720] udevd[8720]: symlink '../../loop4' '/dev/disk/by-uuid/633376ef-8cf1-3af8-8e63-958bd31d0aa8.tmp-b7:4' failed: Read-only file system [ 205.880461][ T47] usb 2-1: New USB device found, idVendor=1039, idProduct=2121, bcdDevice=9e.ff [ 205.907802][ T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.929938][ T47] usb 2-1: Product: syz [ 205.981891][ T47] usb 2-1: Manufacturer: syz [ 205.996841][ T47] usb 2-1: SerialNumber: syz [ 206.038495][ T47] usb 2-1: config 0 descriptor?? [ 206.056671][ T47] usb 2-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2121) Rev (0X9EFF): Eagle II [ 206.210529][ T47] usb 2-1: reset high-speed USB device number 16 using dummy_hcd [ 206.264922][ T5249] Bluetooth: hci1: command tx timeout [ 206.411596][ T9077] loop3: detected capacity change from 0 to 256 [ 206.473347][ T9077] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 206.507624][ T9066] loop2: detected capacity change from 0 to 32768 [ 206.596501][ T9082] 9pnet_rdma: rdma_create_trans (9082): problem binding to privport: 13 [ 206.600665][ T9066] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 206.813022][ T9066] JBD2: Ignoring recovery information on journal [ 206.866740][ T9089] loop4: detected capacity change from 0 to 2048 [ 206.887822][ T9066] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 206.924751][ T29] audit: type=1800 audit(206.896:43): pid=9066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1406" name="file1" dev="loop2" ino=16946 res=0 errno=0 [ 206.997895][ T9089] loop4: p1 < > p3 p4 < > [ 207.007852][ T9089] loop4: p3 start 4284289 is beyond EOD, truncated [ 207.020491][ T47] usb 2-1: device descriptor read/64, error -71 [ 207.029708][ T4677] loop4: p1 < > p3 p4 < > [ 207.041194][ T5234] ocfs2: Unmounting device (7,2) on (node local) [ 207.046075][ T4677] loop4: p3 start 4284289 is beyond EOD, truncated [ 207.291693][ C1] sd 0:0:1:0: [sda] tag#2404 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 207.302207][ C1] sd 0:0:1:0: [sda] tag#2404 CDB: Read(6) 08 00 00 00 00 00 [ 207.393827][ T8720] udevd[8720]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 207.412755][ T5608] udevd[5608]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 207.538101][ T47] usb 2-1: reset high-speed USB device number 16 using dummy_hcd [ 207.661424][ T9089] loop4: detected capacity change from 0 to 128 [ 207.767832][ T9121] sp0: Synchronizing with TNC [ 207.892515][ T47] usb 2-1: [ueagle-atm] pre-firmware device, uploading firmware [ 207.902592][ T47] usb 2-1: [ueagle-atm] loading firmware ueagle-atm/eagleII.fw [ 207.912705][ T5343] usb 2-1: Direct firmware load for ueagle-atm/eagleII.fw failed with error -2 [ 207.972029][ T5343] usb 2-1: Falling back to sysfs fallback for: ueagle-atm/eagleII.fw [ 208.038536][ T1751] usb 6-1: new low-speed USB device number 15 using dummy_hcd [ 208.104304][ T47] usb 2-1: USB disconnect, device number 16 [ 208.197044][ T1751] usb 6-1: config index 0 descriptor too short (expected 6427, got 27) [ 208.221490][ T1751] usb 6-1: config 0 has an invalid interface number: 21 but max is 0 [ 208.226634][ T9126] loop2: detected capacity change from 0 to 32768 [ 208.250875][ T9126] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1441 (9126) [ 208.265988][ T1751] usb 6-1: config 0 has no interface number 0 [ 208.273984][ T9128] loop0: detected capacity change from 0 to 2048 [ 208.293350][ T1751] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 208.330509][ T9126] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 208.342155][ T9126] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 208.346381][ T8720] udevd[8720]: symlink '../../loop2' '/dev/disk/by-uuid/395ef67a-297e-477c-816d-cd80a5b93e5d.tmp-b7:2' failed: Read-only file system [ 208.350892][ T9126] BTRFS info (device loop2): using free-space-tree [ 208.380098][ T9132] loop3: detected capacity change from 0 to 2048 [ 208.386754][ T1751] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 208.392863][ T9128] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 208.410578][ T1751] usb 6-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 208.419665][ T1751] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.453680][ T5608] Alternate GPT is invalid, using primary GPT. [ 208.471981][ T5226] udevd[5226]: symlink '../../loop0' '/dev/disk/by-label/LinuxUDF.tmp-b7:0' failed: Read-only file system [ 208.515178][ T1751] usb 6-1: config 0 descriptor?? [ 208.528150][ T5608] loop3: p1 p2 p3 [ 208.551213][ T5226] udevd[5226]: symlink '../../loop0' '/dev/disk/by-uuid/1234567812345678.tmp-b7:0' failed: Read-only file system [ 208.586409][ T9146] netlink: 'syz.0.1445': attribute type 178 has an invalid length. [ 208.635294][ T9132] Alternate GPT is invalid, using primary GPT. [ 208.680659][ T9132] loop3: p1 p2 p3 [ 208.722739][ T9126] BTRFS error (device loop2): balance: invalid convert metadata profile raid1 [ 208.864700][ T5234] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 208.880666][ T6030] udevd[6030]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 208.895793][ T6050] udevd[6050]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 208.913003][ T5226] udevd[5226]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 209.055312][ T9160] loop3: detected capacity change from 0 to 1024 [ 209.076030][ T9160] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 209.129781][ T8720] udevd[8720]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 209.144857][ T9160] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 209.201664][ T9160] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 209.213023][ T1751] usb 6-1: USB disconnect, device number 15 [ 209.239764][ T8720] udevd[8720]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 209.300222][ T9160] EXT4-fs error (device loop3): ext4_get_journal_inode:5762: inode #5: comm syz.3.1450: unexpected bad inode w/o EXT4_IGET_BAD [ 209.353472][ T9160] EXT4-fs (loop3): no journal found [ 209.390502][ T9160] EXT4-fs (loop3): can't get journal size [ 209.446170][ T9160] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 209.580474][ T9160] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1450: bg 0: block 32: padding at end of block bitmap is not set [ 209.740492][ T5294] usb 1-1: new full-speed USB device number 12 using dummy_hcd [ 209.793001][ T5232] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.923245][ T5294] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 209.940962][ T5294] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 209.987663][ T5294] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 210.023486][ T5294] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 210.037317][ T5294] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.061479][ T9192] loop5: detected capacity change from 0 to 128 [ 210.088169][ T5294] usb 1-1: Product: syz [ 210.128664][ T5294] usb 1-1: Manufacturer: syz [ 210.159148][ T5294] usb 1-1: SerialNumber: syz [ 210.733956][ T9206] loop2: detected capacity change from 0 to 4096 [ 210.747510][ T5294] usb 1-1: 0:2 : does not exist [ 210.756067][ T9186] loop4: detected capacity change from 0 to 32768 [ 210.767118][ T9211] loop5: detected capacity change from 0 to 512 [ 210.781757][ T9211] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 210.781788][ T9186] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1459 (9186) [ 210.828930][ T9186] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 210.841803][ T9186] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 210.856463][ T9186] BTRFS info (device loop4): using free-space-tree [ 210.881616][ T9211] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2002c02c, mo2=0002] [ 210.893071][ T9206] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 210.904421][ T1751] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 210.940699][ T9211] System zones: 1-12 [ 210.958821][ T9211] EXT4-fs (loop5): 1 truncate cleaned up [ 210.968625][ T47] usb 1-1: USB disconnect, device number 12 [ 210.972458][ T9211] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.081830][ T1751] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.126347][ T1751] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.170513][ T1751] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 211.200553][ T1751] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.231104][ T1751] usb 2-1: config 0 descriptor?? [ 211.266646][ T9234] loop2: detected capacity change from 0 to 64 [ 211.267319][ T5233] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.308899][ T7429] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 211.344006][ T9234] minix_free_block (loop2:21): bit already cleared [ 211.567564][ T9240] loop3: detected capacity change from 0 to 512 [ 211.634229][ T9240] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 211.783488][ T1751] cp2112 0003:10C4:EA90.0029: unknown main item tag 0x0 [ 211.859272][ T1751] cp2112 0003:10C4:EA90.0029: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0 [ 211.862513][ T9240] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.1480: invalid indirect mapped block 83886080 (level 1) [ 211.953299][ T9240] EXT4-fs (loop3): 1 orphan inode deleted [ 211.959092][ T9240] EXT4-fs (loop3): 1 truncate cleaned up [ 211.987089][ T1751] cp2112 0003:10C4:EA90.0029: error requesting version [ 212.029073][ T1751] cp2112 0003:10C4:EA90.0029: probe with driver cp2112 failed with error -71 [ 212.048178][ T9240] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 212.090556][ T9254] sp0: Synchronizing with TNC [ 212.102392][ T1751] usb 2-1: USB disconnect, device number 17 [ 212.114532][ T9240] EXT4-fs warning (device loop3): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed [ 212.329204][ T5232] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.414574][ T9263] program syz.4.1491 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 212.497942][ T9267] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1490'. [ 212.573523][ T9261] loop2: detected capacity change from 0 to 4096 [ 212.800432][ T5294] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 212.842297][ T5226] udevd[5226]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system [ 212.862830][ T5226] udevd[5226]: symlink '../../loop2' '/dev/disk/by-uuid/399AA58E54924951.tmp-b7:2' failed: Read-only file system [ 212.981551][ T5294] usb 4-1: config index 0 descriptor too short (expected 23569, got 27) [ 213.006239][ T5294] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.067223][ T5294] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 213.102868][ T5294] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 213.132881][ T5294] usb 4-1: Manufacturer: syz [ 213.206810][ T5294] usb 4-1: config 0 descriptor?? [ 213.214757][ T9275] loop0: detected capacity change from 0 to 32768 [ 213.350445][ T5294] rc_core: IR keymap rc-hauppauge not found [ 213.357625][ T5294] Registered IR keymap rc-empty [ 213.365151][ T5294] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 213.376928][ T5294] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input20 [ 213.382151][ T9275] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 213.457867][ T8720] udevd[8720]: symlink '../../loop0' '/dev/disk/by-uuid/bfdc47fc-10d8-4eed-a562-11a831b3f791.tmp-b7:0' failed: Read-only file system [ 213.668193][ T9309] loop4: detected capacity change from 0 to 1024 [ 213.696565][ T9313] loop5: detected capacity change from 0 to 512 [ 213.757142][ T9313] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 213.826786][ T29] audit: type=1326 audit(213.796:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559cd7dff9 code=0x7ffc0000 [ 213.942093][ T9275] XFS (loop0): Ending clean mount [ 213.943696][ T29] audit: type=1326 audit(213.796:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559cd7dff9 code=0x7ffc0000 [ 213.978988][ C0] igorplugusb 4-1:0.0: receive overflow, at least 33 lost [ 214.016431][ T8720] udevd[8720]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system [ 214.021777][ T6050] udevd[6050]: symlink '../../loop4' '/dev/disk/by-label/untitled.tmp-b7:4' failed: Read-only file system [ 214.056066][ T9313] EXT4-fs: Cannot specify journal on remount [ 214.062563][ T29] audit: type=1326 audit(213.846:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f559cd7dff9 code=0x7ffc0000 [ 214.097373][ T6050] udevd[6050]: symlink '../../loop4' '/dev/disk/by-uuid/06db47fa-2d76-30cf-a5fe-21149ac7af4a.tmp-b7:4' failed: Read-only file system [ 214.147801][ T12] hfsplus: b-tree write err: -5, ino 4 [ 214.151917][ T29] audit: type=1326 audit(213.846:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559cd7dff9 code=0x7ffc0000 [ 214.200585][ T29] audit: type=1326 audit(213.846:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559cd7dff9 code=0x7ffc0000 [ 214.223278][ T29] audit: type=1326 audit(213.846:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f559cd7dff9 code=0x7ffc0000 [ 214.244979][ T29] audit: type=1326 audit(213.846:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559cd7dff9 code=0x7ffc0000 [ 214.248921][ T5294] usb 4-1: USB disconnect, device number 17 [ 214.268864][ T29] audit: type=1326 audit(213.846:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9318 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f559cd7dff9 code=0x7ffc0000 [ 214.331969][ T5240] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 214.342367][ T9331] netlink: 'syz.1.1509': attribute type 4 has an invalid length. [ 214.365754][ T5233] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.140679][ T9355] netlink: 'syz.4.1518': attribute type 1 has an invalid length. [ 215.278968][ T9342] loop1: detected capacity change from 0 to 32768 [ 215.362211][ T9342] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1514 (9342) [ 215.458626][ T9342] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 215.517103][ T9342] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 215.607138][ T9342] BTRFS info (device loop1): using free-space-tree [ 215.614848][ T5608] udevd[5608]: symlink '../../loop1' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:1' failed: Read-only file system [ 215.724345][ T9348] loop5: detected capacity change from 0 to 32768 [ 215.878302][ T8720] udevd[8720]: symlink '../../loop5' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:5' failed: Read-only file system [ 215.906093][ T9348] [ 215.906093][ T9348] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 215.906093][ T9348] [ 216.048868][ T9348] [ 216.048868][ T9348] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.048868][ T9348] [ 216.059761][ T9348] [ 216.059761][ T9348] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.059761][ T9348] [ 216.070503][ T9348] [ 216.070503][ T9348] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.070503][ T9348] [ 216.081100][ T9348] [ 216.081100][ T9348] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.081100][ T9348] [ 216.097196][ T9348] ialloc: diAlloc returned -5! [ 216.147032][ T111] [ 216.147032][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.147032][ T111] [ 216.305215][ T5233] [ 216.305215][ T5233] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.305215][ T5233] [ 216.315845][ T5233] [ 216.315845][ T5233] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 216.315845][ T5233] [ 216.320632][ T29] audit: type=1800 audit(216.266:52): pid=9342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1514" name="file1" dev="loop1" ino=260 res=0 errno=0 [ 216.630591][ T5225] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 216.706705][ T9396] loop2: detected capacity change from 0 to 32768 [ 216.767195][ T9396] XFS (loop2): DAX unsupported by block device. Turning off DAX. [ 216.789170][ T8720] udevd[8720]: symlink '../../loop2' '/dev/disk/by-uuid/c496e05e-540d-4c72-b591-04d79d8b4eeb.tmp-b7:2' failed: Read-only file system [ 216.891231][ T9396] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 217.180474][ T9396] XFS (loop2): Ending clean mount [ 217.249136][ T9397] loop4: detected capacity change from 0 to 32768 [ 217.406928][ T9404] loop3: detected capacity change from 0 to 32768 [ 217.455850][ T9404] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1530 (9404) [ 217.519030][ T9396] XFS (loop2): Quotacheck needed: Please wait. [ 217.559191][ T9396] XFS (loop2): Quotacheck: Done. [ 217.639966][ T6050] udevd[6050]: symlink '../../loop4' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:4' failed: Read-only file system [ 217.743069][ T5234] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 217.761933][ T5302] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 217.850225][ T9425] loop1: detected capacity change from 0 to 65536 [ 217.870515][ T6030] udevd[6030]: symlink '../../loop3' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:3' failed: Read-only file system [ 217.934331][ T5302] usb 6-1: Using ep0 maxpacket: 32 [ 217.940709][ T9404] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 217.963711][ T5302] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 217.970629][ T9404] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 217.981137][ T9404] BTRFS info (device loop3): using free-space-tree [ 217.981187][ T5302] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 218.019819][ T5302] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 218.044482][ T5302] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 218.070050][ T8720] udevd[8720]: symlink '../../loop1' '/dev/disk/by-uuid/4194cad6-cad4-4798-ac4c-c2118f686eb1.tmp-b7:1' failed: Read-only file system [ 218.092484][ T9425] XFS (loop1): Mounting V5 Filesystem 4194cad6-cad4-4798-ac4c-c2118f686eb1 [ 218.143590][ T5302] usb 6-1: config 0 interface 0 has no altsetting 0 [ 218.162042][ T5302] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 218.180714][ T5302] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 218.192977][ T5302] usb 6-1: Product: syz [ 218.197273][ T5302] usb 6-1: Manufacturer: syz [ 218.202198][ T5302] usb 6-1: SerialNumber: syz [ 218.208969][ T5302] usb 6-1: config 0 descriptor?? [ 218.218766][ T5302] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 218.266856][ T5302] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 218.437993][ T9425] XFS (loop1): Ending clean mount [ 218.749192][ T5225] XFS (loop1): Unmounting Filesystem 4194cad6-cad4-4798-ac4c-c2118f686eb1 [ 218.838221][ T5294] usb 6-1: USB disconnect, device number 16 [ 218.850274][ T5294] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 218.961145][ T6050] udevd[6050]: symlink '../../loop3' '/dev/disk/by-uuid/c9fe44da-de57-406a-8241-57ec7d4412cf.tmp-b7:3' failed: Read-only file system [ 219.200969][ T5232] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 219.220157][ T9462] loop2: detected capacity change from 0 to 32768 [ 219.379383][ T9482] loop4: detected capacity change from 0 to 1024 [ 219.506751][ T9485] loop0: detected capacity change from 0 to 512 [ 219.543101][ T8720] udevd[8720]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 219.552355][ T9482] EXT4-fs: Ignoring removed nomblk_io_submit option [ 219.556663][ T5226] udevd[5226]: symlink '../../loop2' '/dev/disk/by-uuid/bc2378ed-6193-40d5-9d59-7ebcb787b415.tmp-b7:2' failed: Read-only file system [ 219.570660][ T9462] XFS (loop2): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 219.587363][ T6050] udevd[6050]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 219.657845][ T9485] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 219.679613][ T9492] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1552'. [ 219.687682][ T9485] EXT4-fs (loop0): orphan cleanup on readonly fs [ 219.749557][ T9485] Quota error (device loop0): v2_read_file_info: Block with free entry 1 out of range (1, 6). [ 219.767795][ T9485] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 219.799645][ T9485] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 219.827391][ T9485] EXT4-fs error (device loop0): ext4_orphan_get:1388: inode #16: comm syz.0.1550: casefold flag without casefold feature [ 219.867765][ T9485] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.1550: couldn't read orphan inode 16 (err -117) [ 219.898527][ T9485] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 220.056252][ T9482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 220.159582][ T29] audit: type=1800 audit(220.066:53): pid=9485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1550" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 220.416702][ T5240] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.455082][ T9503] loop5: detected capacity change from 0 to 40427 [ 220.470966][ T9503] F2FS-fs (loop5): invalid crc value [ 220.473463][ T9462] XFS (loop2): Ending clean mount [ 220.549968][ T6050] udevd[6050]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 220.553384][ T9503] F2FS-fs (loop5): Found nat_bits in checkpoint [ 220.592481][ T8720] udevd[8720]: symlink '../../loop5' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:5' failed: Read-only file system [ 220.675985][ T7429] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.699889][ T9521] loop0: detected capacity change from 0 to 256 [ 220.757679][ T9521] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 220.784464][ T5234] XFS (loop2): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 220.793468][ T9503] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 220.846772][ T29] audit: type=1800 audit(220.816:54): pid=9503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1555" name="file0" dev="loop5" ino=10 res=0 errno=0 [ 220.941838][ T9528] loop3: detected capacity change from 0 to 512 [ 220.961032][ T5233] syz-executor: attempt to access beyond end of device [ 220.961032][ T5233] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 220.995798][ T5233] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 221.031196][ T9528] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 221.051528][ T8720] udevd[8720]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 221.325447][ T5232] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.962398][ T9562] loop3: detected capacity change from 0 to 24 [ 221.999928][ T9562] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 222.026250][ T9562] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 222.456242][ T9574] loop2: detected capacity change from 0 to 512 [ 222.492355][ T9574] ext4: Bad value for 'min_batch_time' [ 222.780578][ T25] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 222.851578][ T9547] loop4: detected capacity change from 0 to 32768 [ 222.927847][ T9547] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 222.971183][ T25] usb 4-1: Using ep0 maxpacket: 32 [ 223.006955][ T25] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 223.027743][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.081359][ T25] usb 4-1: config 0 descriptor?? [ 223.098198][ T9548] loop1: detected capacity change from 0 to 40427 [ 223.151587][ T9587] loop2: detected capacity change from 0 to 4096 [ 223.162520][ T25] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 223.199641][ T9548] F2FS-fs (loop1): invalid crc value [ 223.218570][ T9548] F2FS-fs (loop1): Found nat_bits in checkpoint [ 223.302241][ T9547] XFS (loop4): Ending clean mount [ 223.331612][ T9547] XFS (loop4): Quotacheck needed: Please wait. [ 223.480055][ T9602] loop5: detected capacity change from 0 to 64 [ 223.482474][ T9548] F2FS-fs (loop1): Start checkpoint disabled! [ 223.566174][ T9548] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 223.601575][ T9547] XFS (loop4): Quotacheck: Done. [ 223.688653][ T9548] F2FS-fs (loop1): Stopped filesystem due to reason: 0 [ 223.800906][ T25] gspca_nw80x: reg_w err -71 [ 223.805696][ T25] nw80x 4-1:0.0: probe with driver nw80x failed with error -71 [ 223.816062][ T25] usb 4-1: USB disconnect, device number 18 [ 223.972320][ T7429] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 223.990149][ T9620] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1602'. [ 224.478630][ T9626] loop0: detected capacity change from 0 to 32768 [ 224.543658][ T9626] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 224.640472][ T5302] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 224.813604][ T9626] XFS (loop0): Ending clean mount [ 224.854978][ T9626] XFS (loop0): Quotacheck needed: Please wait. [ 224.980731][ T5302] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 224.990967][ T5302] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 225.000455][ T5302] usb 6-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 225.009512][ T5302] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.059530][ T9628] loop2: detected capacity change from 0 to 32768 [ 225.118197][ T5302] usb 6-1: config 0 descriptor?? [ 225.169555][ T9626] XFS (loop0): Quotacheck: Done. [ 225.249054][ T9628] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 225.260720][ T5240] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 225.395738][ T9665] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1614'. [ 225.410622][ T9666] loop3: detected capacity change from 0 to 4096 [ 225.508019][ T9628] XFS (loop2): Ending clean mount [ 225.569373][ T9669] loop4: detected capacity change from 0 to 256 [ 225.591821][ T9668] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 225.657364][ T9669] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 225.701877][ T5234] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 225.750530][ T5302] Bluetooth: Can't get version to change to load ram patch err [ 225.758133][ T5302] Bluetooth: Loading sysconfig file failed [ 225.780417][ T5302] ath3k 6-1:0.0: probe with driver ath3k failed with error -71 [ 225.800771][ T5302] usb 6-1: USB disconnect, device number 17 [ 226.023205][ T9677] vivid-000: disconnect [ 226.035743][ T9674] vivid-000: reconnect [ 226.468746][ T9685] loop1: detected capacity change from 0 to 4096 [ 226.535172][ T9685] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 226.597224][ T9685] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 226.610829][ T9697] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1627'. [ 227.266814][ T9693] loop4: detected capacity change from 0 to 40427 [ 227.306945][ T9711] loop1: detected capacity change from 0 to 512 [ 227.383573][ T9713] loop5: detected capacity change from 0 to 64 [ 227.401662][ T9693] F2FS-fs (loop4): invalid crc_offset: 16 [ 227.408204][ T5294] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 227.549977][ T9693] F2FS-fs (loop4): Found nat_bits in checkpoint [ 227.566667][ T9691] loop3: detected capacity change from 0 to 40427 [ 227.620133][ T9711] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 227.660446][ T5294] usb 1-1: Using ep0 maxpacket: 8 [ 227.681472][ T5294] usb 1-1: New USB device found, idVendor=0c45, idProduct=6128, bcdDevice=c4.6d [ 227.690782][ T5294] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 227.692192][ T9691] F2FS-fs (loop3): Found nat_bits in checkpoint [ 227.698879][ T5294] usb 1-1: Product: syz [ 227.698908][ T5294] usb 1-1: Manufacturer: syz [ 227.698927][ T5294] usb 1-1: SerialNumber: syz [ 227.712210][ T5294] usb 1-1: config 0 descriptor?? [ 227.727229][ T9695] loop2: detected capacity change from 0 to 32768 [ 227.879340][ T5294] gspca_main: sonixj-2.14.0 probing 0c45:6128 [ 227.900569][ T9691] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 227.918857][ T9693] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 227.988352][ T9693] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=400000, run fsck to fix. [ 227.996545][ T5225] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 228.054646][ T9731] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=400000, run fsck to fix. [ 228.071835][ T5232] syz-executor: attempt to access beyond end of device [ 228.071835][ T5232] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 228.126764][ T5232] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 228.413496][ T5294] gspca_sonixj: reg_w1 err -71 [ 228.428365][ T5294] sonixj 1-1:0.0: probe with driver sonixj failed with error -71 [ 228.476069][ T5294] usb 1-1: USB disconnect, device number 13 [ 228.662893][ T9745] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 228.674579][ T9745] overlayfs: missing 'lowerdir' [ 228.957359][ T9753] overlayfs: missing 'lowerdir' [ 228.962967][ T9758] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1653'. [ 229.320436][ T47] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 229.385023][ T29] audit: type=1326 audit(229.356:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.3.1661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fdf37dff9 code=0x7ffc0000 [ 229.480506][ T47] usb 6-1: Using ep0 maxpacket: 32 [ 229.503912][ T29] audit: type=1326 audit(229.356:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.3.1661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fdf37dff9 code=0x7ffc0000 [ 229.514750][ T47] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 229.580509][ T29] audit: type=1326 audit(229.356:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.3.1661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f1fdf37dff9 code=0x7ffc0000 [ 229.589066][ T47] usb 6-1: config 0 has no interface number 0 [ 229.662892][ T47] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 229.691066][ T29] audit: type=1326 audit(229.356:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.3.1661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fdf37dff9 code=0x7ffc0000 [ 229.692156][ T47] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.735213][ T9787] netlink: 'syz.4.1666': attribute type 1 has an invalid length. [ 229.806784][ T47] usb 6-1: Product: syz [ 229.811522][ T47] usb 6-1: Manufacturer: syz [ 229.817510][ T47] usb 6-1: SerialNumber: syz [ 229.827992][ T29] audit: type=1326 audit(229.356:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.3.1661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fdf37dff9 code=0x7ffc0000 [ 229.876115][ T47] usb 6-1: config 0 descriptor?? [ 229.892096][ T47] smsc95xx v2.0.0 [ 229.971410][ T9794] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1670'. [ 230.472144][ T9817] loop1: detected capacity change from 0 to 512 [ 230.519498][ T9817] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.541547][ T47] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71 [ 230.554512][ T47] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 230.569750][ T47] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 230.581169][ T47] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71 [ 230.680551][ T47] usb 6-1: USB disconnect, device number 18 [ 230.842103][ T5225] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.972669][ T9790] loop0: detected capacity change from 0 to 32768 [ 231.155515][ T9839] loop1: detected capacity change from 0 to 512 [ 231.346733][ T9849] syz_tun: entered allmulticast mode [ 231.425848][ T9839] EXT4-fs warning (device loop1): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 231.449552][ T9839] EXT4-fs warning (device loop1): dx_probe:881: Enable large directory feature to access it [ 231.491988][ T9839] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1684: Corrupt directory, running e2fsck is recommended [ 231.502142][ T5294] kernel write not supported for file /snd/seq (pid: 5294 comm: kworker/0:6) [ 231.514298][ T9839] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 231.514430][ T9839] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1684: corrupted in-inode xattr: invalid ea_ino [ 231.564473][ T9839] EXT4-fs (loop1): Remounting filesystem read-only [ 231.646602][ T9839] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 231.928612][ T5225] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.092798][ T9867] loop3: detected capacity change from 0 to 1024 [ 232.100043][ T9867] EXT4-fs: Ignoring removed orlov option [ 232.118522][ T9867] EXT4-fs: Ignoring removed nomblk_io_submit option [ 232.223412][ T9873] loop2: detected capacity change from 0 to 128 [ 232.328580][ T9893] netlink: 'syz.5.1712': attribute type 30 has an invalid length. [ 232.349043][ T9867] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 232.447963][ T9886] xt_CT: No such helper "netbios-ns" [ 232.623177][ T5232] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.729082][ T9899] loop5: detected capacity change from 0 to 4096 [ 232.854191][ T9899] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 233.026502][ T9884] loop1: detected capacity change from 0 to 32768 [ 233.349986][ T9903] loop0: detected capacity change from 0 to 32768 [ 233.367930][ T9903] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1714 (9903) [ 233.397060][ T9884] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 233.415504][ T9918] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1721'. [ 233.425711][ T9903] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 233.441688][ T9903] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 233.450261][ T9903] BTRFS info (device loop0): using free-space-tree [ 233.488762][ T9922] syz.5.1722 uses old SIOCAX25GETINFO [ 233.587519][ T9935] loop5: detected capacity change from 0 to 1024 [ 233.619157][ T9884] JBD2: Ignoring recovery information on journal [ 233.800641][ T9939] loop3: detected capacity change from 0 to 1024 [ 233.838806][ T9939] UBIFS error (pid: 9939): cannot open "", error -22 [ 233.946407][ T9913] loop2: detected capacity change from 0 to 40427 [ 233.974685][ T9884] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 234.005899][ T9913] F2FS-fs (loop2): Found nat_bits in checkpoint [ 234.175314][ T29] audit: type=1800 audit(234.146:60): pid=9884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1709" name="file1" dev="loop1" ino=16946 res=0 errno=0 [ 234.205724][ T9913] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 234.217862][ T9957] siw: device registration error -23 [ 234.371184][ T5225] ocfs2: Unmounting device (7,1) on (node local) [ 234.667359][ T5234] syz-executor: attempt to access beyond end of device [ 234.667359][ T5234] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 234.696678][ T5234] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 234.790636][ T5240] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 235.545665][ T9977] loop4: detected capacity change from 0 to 32768 [ 235.603679][ T5294] usb 1-1: new full-speed USB device number 14 using dummy_hcd [ 235.756822][ T9977] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 235.792940][ T9977] OCFS2: ERROR (device loop4): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 235.821490][ T9977] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 235.855001][ T9977] OCFS2: File system is now read-only. [ 235.862545][ T9977] (syz.4.1740,9977,0):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 235.910303][ T5294] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 235.919791][ T5294] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.956649][ T5294] usb 1-1: config 0 descriptor?? [ 235.960492][T10008] OCFS2: ERROR (device loop4): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature  [ 235.972305][ T5294] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 236.006448][T10008] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 236.046154][T10008] (syz.4.1740,10008,1):ocfs2_find_entry_dx:1029 ERROR: status = -30 [ 236.174809][T10015] loop3: detected capacity change from 0 to 256 [ 236.298609][ T9985] loop1: detected capacity change from 0 to 32768 [ 236.350451][ T7429] ocfs2: Unmounting device (7,4) on (node local) [ 236.411816][ T5294] gp8psk: usb out operation failed. [ 236.417609][ T5294] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 236.436902][ T5294] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 236.448008][ T5294] usb 1-1: USB disconnect, device number 14 [ 236.466641][ T9985] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 236.641248][ T9985] XFS (loop1): Ending clean mount [ 236.871847][ T47] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 236.981471][ T5225] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 237.104277][ T47] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 237.154043][ T47] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 237.164124][ T47] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 237.171507][T10052] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1768'. [ 237.173354][ T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.195663][T10029] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 237.222626][ T47] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 237.695185][ T47] usb 3-1: USB disconnect, device number 13 [ 237.760943][T10066] netlink: 64126 bytes leftover after parsing attributes in process `syz.3.1774'. [ 238.142314][T10084] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_bridge, syncid = 0, id = 0 [ 238.310702][ T25] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 238.470531][ T25] usb 1-1: Using ep0 maxpacket: 16 [ 238.493589][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 238.524899][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 238.558535][ T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 238.570244][T10097] loop5: detected capacity change from 0 to 4096 [ 238.630557][ T25] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 238.648732][T10097] NILFS (loop5): invalid segment: Checksum error in segment payload [ 238.660067][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.674835][T10097] NILFS (loop5): trying rollback from an earlier position [ 238.710899][ T25] usb 1-1: config 0 descriptor?? [ 238.765151][T10097] NILFS (loop5): recovery complete [ 238.774383][T10106] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 238.866048][T10108] loop3: detected capacity change from 0 to 512 [ 238.920023][T10110] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 238.976618][T10108] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 239.140128][ T25] koneplus 0003:1E7D:2E22.002A: item fetching failed at offset 0/2 [ 239.170239][ T25] koneplus 0003:1E7D:2E22.002A: parse failed [ 239.199097][ T25] koneplus 0003:1E7D:2E22.002A: probe with driver koneplus failed with error -22 [ 239.287856][ T5232] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.342365][ T1751] usb 1-1: USB disconnect, device number 15 [ 239.512736][T10127] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1802'. [ 239.521951][ T25] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 239.707512][ T25] usb 3-1: New USB device found, idVendor=1039, idProduct=2121, bcdDevice=9e.ff [ 239.740439][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.814312][ T25] usb 3-1: Product: syz [ 239.834666][ T25] usb 3-1: Manufacturer: syz [ 239.839315][ T25] usb 3-1: SerialNumber: syz [ 239.847880][T10098] loop4: detected capacity change from 0 to 32768 [ 239.946238][T10098] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1790 (10098) [ 239.970846][ T25] usb 3-1: config 0 descriptor?? [ 240.029594][ T25] usb 3-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2121) Rev (0X9EFF): Eagle II [ 240.216943][T10136] loop5: detected capacity change from 0 to 256 [ 240.258523][ T25] usb 3-1: reset high-speed USB device number 14 using dummy_hcd [ 240.430569][ T47] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 240.630197][T10138] loop3: detected capacity change from 0 to 128 [ 240.651194][ T47] usb 1-1: config index 0 descriptor too short (expected 23569, got 27) [ 240.680208][ T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 240.701582][T10138] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 240.754497][T10098] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 240.785148][ T47] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 240.800592][T10140] netlink: 'syz.5.1808': attribute type 1 has an invalid length. [ 240.830070][T10138] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 240.851426][T10098] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 240.859915][T10098] BTRFS info (device loop4): using free-space-tree [ 240.868677][ T47] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 240.928701][ T47] usb 1-1: Manufacturer: syz [ 240.933686][ T25] usb 3-1: device descriptor read/64, error -71 [ 240.987500][ T47] usb 1-1: config 0 descriptor?? [ 241.210567][ T25] usb 3-1: reset high-speed USB device number 14 using dummy_hcd [ 241.310108][T10159] loop5: detected capacity change from 0 to 64 [ 241.340970][ T47] rc_core: IR keymap rc-hauppauge not found [ 241.369702][ T47] Registered IR keymap rc-empty [ 241.421877][ T47] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 241.480617][T10159] minix_free_block (loop5:21): bit already cleared [ 241.489701][ T25] usb 3-1: [ueagle-atm] pre-firmware device, uploading firmware [ 241.518520][ T47] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input22 [ 241.550565][ T25] usb 3-1: [ueagle-atm] loading firmware ueagle-atm/eagleII.fw [ 241.573882][T10098] BTRFS info (device loop4): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 241.702970][ C1] igorplugusb 1-1:0.0: receive overflow, at least 33 lost [ 241.796996][ T47] usb 3-1: USB disconnect, device number 14 [ 241.893530][T10121] loop1: detected capacity change from 0 to 32768 [ 242.004771][ T25] usb 1-1: USB disconnect, device number 16 [ 242.035727][T10121] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 242.094631][T10121] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 242.239059][T10121] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 242.288861][ T47] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 242.321483][ T7429] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 242.344482][ T47] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 242.713690][ T47] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 369ms [ 242.810140][ T47] gfs2: fsid=syz:syz.0: jid=0: Done [ 242.850512][T10121] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 242.965779][T10170] loop2: detected capacity change from 0 to 256 [ 243.130104][T10170] FAT-fs (loop2): Directory bread(block 64) failed [ 243.186019][T10170] FAT-fs (loop2): Directory bread(block 65) failed [ 243.240643][T10170] FAT-fs (loop2): Directory bread(block 66) failed [ 243.310631][T10170] FAT-fs (loop2): Directory bread(block 67) failed [ 243.377363][T10170] FAT-fs (loop2): Directory bread(block 68) failed [ 243.431097][T10170] FAT-fs (loop2): Directory bread(block 69) failed [ 243.508993][T10170] FAT-fs (loop2): Directory bread(block 70) failed [ 243.578836][T10170] FAT-fs (loop2): Directory bread(block 71) failed [ 243.619491][T10170] FAT-fs (loop2): Directory bread(block 72) failed [ 243.694782][T10170] FAT-fs (loop2): Directory bread(block 73) failed [ 245.617605][T10198] loop1: detected capacity change from 0 to 8192 [ 246.265272][T10184] loop4: detected capacity change from 0 to 32768 [ 246.333047][T10184] btrfs: Deprecated parameter 'usebackuproot' [ 246.390984][T10184] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 246.444920][T10184] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1818 (10184) [ 246.483896][T10212] loop5: detected capacity change from 0 to 128 [ 246.580493][T10184] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 246.594888][T10212] FAT-fs (loop5): error, invalid access to FAT (entry 0x0f000000) [ 246.650608][T10184] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 246.659733][T10212] FAT-fs (loop5): Filesystem has been set read-only [ 246.691668][T10212] FAT-fs (loop5): error, invalid access to FAT (entry 0x0f000000) [ 246.701372][T10184] BTRFS info (device loop4): disk space caching is enabled [ 246.708596][T10184] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 246.868551][T10184] BTRFS info (device loop4): rebuilding free space tree [ 247.010671][T10184] BTRFS info (device loop4): disabling free space tree [ 247.056256][T10184] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 247.111282][T10184] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 247.340805][ T7429] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 247.696346][T10239] openvswitch: netlink: Actions may not be safe on all matching packets [ 248.359914][T10248] loop1: detected capacity change from 0 to 64 [ 248.407970][T10248] hfs: unable to locate alternate MDB [ 248.430488][T10248] hfs: continuing without an alternate MDB [ 249.480358][ C0] sched: DL replenish lagged too much [ 249.963959][T10249] loop5: detected capacity change from 0 to 40427 [ 249.987688][T10249] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504) [ 250.026459][T10249] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 250.091687][T10249] F2FS-fs (loop5): invalid crc value [ 250.146244][T10249] F2FS-fs (loop5): Found nat_bits in checkpoint [ 250.337058][T10249] F2FS-fs (loop5): Start checkpoint disabled! [ 250.354833][T10249] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 250.368093][T10249] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 250.413728][T10249] F2FS-fs (loop5): access invalid blkaddr:3355443200 [ 250.430098][T10249] CPU: 1 UID: 0 PID: 10249 Comm: syz.5.1839 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 250.440897][T10249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 250.450971][T10249] Call Trace: [ 250.454265][T10249] [ 250.457214][T10249] dump_stack_lvl+0x241/0x360 [ 250.461929][T10249] ? __pfx_dump_stack_lvl+0x10/0x10 [ 250.467166][T10249] ? filemap_dirty_folio+0xae/0x360 [ 250.472403][T10249] ? srso_alias_return_thunk+0x5/0xfbef5 [ 250.478062][T10249] ? f2fs_dirty_node_folio+0x510/0xaf0 [ 250.483643][T10249] __f2fs_is_valid_blkaddr+0xe16/0x1460 [ 250.489232][T10249] f2fs_truncate_data_blocks_range+0x658/0x1000 [ 250.495516][T10249] ? srso_alias_return_thunk+0x5/0xfbef5 [ 250.501189][T10249] ? f2fs_do_truncate_blocks+0x6e3/0x1180 [ 250.506952][T10249] f2fs_do_truncate_blocks+0x6e3/0x1180 [ 250.512550][T10249] ? __pfx_f2fs_do_truncate_blocks+0x10/0x10 [ 250.518572][T10249] ? __pfx___dquot_initialize+0x10/0x10 [ 250.524174][T10249] f2fs_truncate_blocks+0x10d/0x300 [ 250.529411][T10249] ? f2fs_setattr+0xc08/0x12d0 [ 250.534218][T10249] f2fs_truncate+0x407/0x700 [ 250.538843][T10249] ? srso_alias_return_thunk+0x5/0xfbef5 [ 250.544505][T10249] ? truncate_setsize+0xcf/0xf0 [ 250.549395][T10249] f2fs_setattr+0xc08/0x12d0 [ 250.554034][T10249] ? __pfx_f2fs_setattr+0x10/0x10 [ 250.559108][T10249] notify_change+0xbcc/0xe90 [ 250.563754][T10249] do_truncate+0x220/0x310 [ 250.568381][T10249] ? __pfx_do_truncate+0x10/0x10 [ 250.573346][T10249] ? apparmor_file_truncate+0x297/0x350 [ 250.579043][T10249] path_openat+0x2e1e/0x3590 [ 250.583724][T10249] ? __pfx_path_openat+0x10/0x10 [ 250.588709][T10249] ? srso_alias_return_thunk+0x5/0xfbef5 [ 250.594371][T10249] ? rcu_is_watching+0x15/0xb0 [ 250.599166][T10249] ? srso_alias_return_thunk+0x5/0xfbef5 [ 250.604825][T10249] ? getname_kernel+0x140/0x2f0 [ 250.609711][T10249] ? srso_alias_return_thunk+0x5/0xfbef5 [ 250.615372][T10249] ? do_file_open_root+0x4e3/0x680 [ 250.620539][T10249] do_file_open_root+0x356/0x680 [ 250.625530][T10249] ? __pfx_do_file_open_root+0x10/0x10 [ 250.631067][T10249] ? alloc_fd+0x5a1/0x640 [ 250.635425][T10249] ? build_open_flags+0x448/0x5b0 [ 250.640490][T10249] file_open_root+0x247/0x2a0 [ 250.645209][T10249] ? __pfx_file_open_root+0x10/0x10 [ 250.650446][T10249] ? srso_alias_return_thunk+0x5/0xfbef5 [ 250.656123][T10249] do_handle_open+0x861/0x9a0 [ 250.660850][T10249] ? __pfx_do_handle_open+0x10/0x10 [ 250.666089][T10249] ? srso_alias_return_thunk+0x5/0xfbef5 [ 250.671749][T10249] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 250.677861][T10249] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 250.684320][T10249] ? do_syscall_64+0x100/0x230 [ 250.689122][T10249] ? do_syscall_64+0xb6/0x230 [ 250.693828][T10249] do_syscall_64+0xf3/0x230 [ 250.698363][T10249] ? srso_alias_return_thunk+0x5/0xfbef5 [ 250.704030][T10249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.709965][T10249] RIP: 0033:0x7f64d857dff9 [ 250.714404][T10249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.734207][T10249] RSP: 002b:00007f64d939b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 250.742654][T10249] RAX: ffffffffffffffda RBX: 00007f64d8735f80 RCX: 00007f64d857dff9 [ 250.750649][T10249] RDX: 000000000000ffa1 RSI: 00000000200005c0 RDI: 0000000000000004 [ 250.758680][T10249] RBP: 00007f64d85f0296 R08: 0000000000000000 R09: 0000000000000000 [ 250.766760][T10249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 250.774754][T10249] R13: 0000000000000000 R14: 00007f64d8735f80 R15: 00007fffd27e9ae8 [ 250.782768][T10249] [ 253.032518][ T5248] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 253.043386][ T5248] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 253.054866][ T5248] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 253.063641][ T5248] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 253.072946][ T5248] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 253.083890][ T5248] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 255.140579][ T5248] Bluetooth: hci6: command tx timeout [ 255.223342][ T1259] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.234592][ T1259] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.411632][ T5249] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 255.423296][ T5249] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 255.431661][ T5249] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 255.442315][ T5249] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 255.450008][ T5249] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 255.461951][ T5249] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 257.220956][ T5249] Bluetooth: hci6: command tx timeout [ 257.407732][ T5248] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 257.418247][ T5248] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 257.429204][ T5248] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 257.438621][ T5248] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 257.449851][ T5248] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 257.457620][ T5248] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 257.540792][ T5248] Bluetooth: hci7: command tx timeout [ 259.300558][ T5248] Bluetooth: hci6: command tx timeout [ 259.540669][ T5248] Bluetooth: hci8: command tx timeout [ 259.620610][ T5248] Bluetooth: hci7: command tx timeout [ 260.698054][ T5249] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 260.708239][ T5249] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 260.716639][ T5249] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 260.736228][ T5249] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 260.744243][ T5249] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 260.757352][ T5249] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 261.387267][ T5248] Bluetooth: hci6: command tx timeout [ 261.620671][ T5248] Bluetooth: hci8: command tx timeout [ 261.700542][ T5248] Bluetooth: hci7: command tx timeout [ 262.820754][ T5248] Bluetooth: hci9: command tx timeout [ 263.681737][ T5249] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 263.692036][ T5249] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 263.699796][ T5249] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 263.707011][ T5241] Bluetooth: hci8: command tx timeout [ 263.721626][ T5249] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 263.733420][ T5249] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 263.741864][ T5249] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 263.780556][ T5249] Bluetooth: hci7: command tx timeout [ 263.814063][ T5248] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 263.824068][ T5248] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 263.834898][ T5248] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 263.848027][ T5248] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 263.858163][ T5248] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 263.865998][ T5248] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 264.900655][ T5248] Bluetooth: hci9: command tx timeout [ 265.780566][ T5249] Bluetooth: hci8: command tx timeout [ 265.786088][ T5248] Bluetooth: hci10: command tx timeout [ 265.940566][ T5248] Bluetooth: hci11: command tx timeout [ 266.980700][ T5248] Bluetooth: hci9: command tx timeout [ 267.860604][ T5248] Bluetooth: hci10: command tx timeout [ 268.020567][ T5248] Bluetooth: hci11: command tx timeout [ 269.060735][ T5248] Bluetooth: hci9: command tx timeout [ 269.940561][ T5248] Bluetooth: hci10: command tx timeout [ 270.101659][ T5249] Bluetooth: hci11: command tx timeout [ 270.595820][ T1751] usb 3-1: [UEAGLE-ATM] firmware is not available [ 270.621375][ T5343] usb 2-1: [UEAGLE-ATM] firmware is not available [ 272.024535][ T5249] Bluetooth: hci10: command tx timeout [ 272.180623][ T5249] Bluetooth: hci11: command tx timeout [ 314.995991][ T5248] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 315.005347][ T5248] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 315.013521][ T5248] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 315.021422][ T5248] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 315.029022][ T5248] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 315.037998][ T5248] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 315.521160][ T5249] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 315.532225][ T5249] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 315.540171][ T5249] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 315.556121][ T5249] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 315.567998][ T5249] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 315.576383][ T5249] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 316.667307][ T1259] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.680558][ T1259] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.140617][ T5249] Bluetooth: hci3: command tx timeout [ 317.626395][ T5249] Bluetooth: hci12: command tx timeout [ 317.934803][ T5248] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 317.951011][ T5248] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 317.964089][ T5248] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 317.973746][ T5248] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 317.982498][ T5248] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 317.995513][ T5248] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 319.220556][ T5248] Bluetooth: hci3: command tx timeout [ 319.700480][ T5248] Bluetooth: hci12: command tx timeout [ 320.020591][ T5248] Bluetooth: hci13: command tx timeout [ 320.926062][ T5249] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 320.935470][ T5249] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 320.943661][ T5249] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 320.954485][ T5249] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 320.963390][ T5249] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 320.972546][ T5249] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 321.306294][ T5249] Bluetooth: hci3: command tx timeout [ 321.787833][ T5248] Bluetooth: hci12: command tx timeout [ 322.100575][ T5249] Bluetooth: hci13: command tx timeout [ 323.060545][ T5249] Bluetooth: hci14: command tx timeout [ 323.380632][ T5249] Bluetooth: hci3: command tx timeout [ 323.479799][ T5241] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 323.489533][ T5241] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 323.498473][ T5241] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 323.506957][ T5241] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 323.517209][ T5241] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 323.525494][ T5241] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 323.869506][ T5241] Bluetooth: hci1: command 0x0406 tx timeout [ 323.876544][ T5249] Bluetooth: hci12: command tx timeout [ 323.971401][ T5249] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 323.991330][ T5249] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 323.999382][ T5249] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 324.016466][ T5249] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 324.027864][ T5249] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 324.041731][ T5249] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 324.180503][ T5248] Bluetooth: hci13: command tx timeout [ 325.140515][ T5248] Bluetooth: hci14: command tx timeout [ 325.620812][ T5248] Bluetooth: hci15: command tx timeout [ 326.100707][ T5248] Bluetooth: hci16: command tx timeout [ 326.260845][ T5248] Bluetooth: hci13: command tx timeout [ 327.220513][ T5249] Bluetooth: hci14: command tx timeout [ 327.700652][ T5249] Bluetooth: hci15: command tx timeout [ 328.180598][ T5249] Bluetooth: hci16: command tx timeout [ 329.300501][ T5249] Bluetooth: hci14: command tx timeout [ 329.787219][ T5249] Bluetooth: hci15: command tx timeout [ 330.260490][ T5249] Bluetooth: hci16: command tx timeout [ 331.860596][ T5249] Bluetooth: hci15: command tx timeout [ 332.341445][ T5249] Bluetooth: hci16: command tx timeout [ 374.862924][ T5248] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 374.877933][ T5248] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 374.887982][ T5248] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 374.899421][ T5248] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 374.907542][ T5248] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 374.915285][ T5248] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 376.084607][ T5248] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 376.096189][ T5248] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 376.110732][ T5248] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 376.120178][ T5248] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 376.130676][ T5248] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 376.138370][ T5248] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 376.980545][ T5248] Bluetooth: hci17: command tx timeout [ 378.068258][ T5249] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 378.078623][ T5249] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 378.087965][ T5249] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 378.100704][ T5249] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 378.108508][ T1259] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.123591][ T1259] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.156433][T10336] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3 [ 378.164083][T10336] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 378.184036][ T5248] Bluetooth: hci18: command tx timeout [ 379.062261][ T5248] Bluetooth: hci17: command tx timeout [ 380.213087][T10336] Bluetooth: hci7: command 0x0406 tx timeout [ 380.219187][T10336] Bluetooth: hci8: command 0x0406 tx timeout [ 380.230748][ T5248] Bluetooth: hci6: command 0x0406 tx timeout [ 380.264320][T10336] Bluetooth: hci19: command tx timeout [ 380.270628][ T5248] Bluetooth: hci18: command tx timeout [ 381.030722][T10335] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1 [ 381.048300][T10335] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9 [ 381.057315][T10335] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9 [ 381.065772][T10335] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4 [ 381.075226][T10335] Bluetooth: hci20: unexpected cc 0x0c25 length: 249 > 3 [ 381.085880][T10335] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2 [ 381.140637][T10335] Bluetooth: hci17: command tx timeout [ 382.340730][T10335] Bluetooth: hci19: command tx timeout [ 382.346273][T10335] Bluetooth: hci18: command tx timeout [ 383.150453][T10335] Bluetooth: hci20: command tx timeout [ 383.223003][ T5241] Bluetooth: hci17: command tx timeout [ 384.039708][ T5249] Bluetooth: hci21: unexpected cc 0x0c03 length: 249 > 1 [ 384.059013][ T5249] Bluetooth: hci21: unexpected cc 0x1003 length: 249 > 9 [ 384.067281][ T5249] Bluetooth: hci21: unexpected cc 0x1001 length: 249 > 9 [ 384.075630][ T5249] Bluetooth: hci21: unexpected cc 0x0c23 length: 249 > 4 [ 384.083821][ T5249] Bluetooth: hci21: unexpected cc 0x0c25 length: 249 > 3 [ 384.091662][ T5249] Bluetooth: hci21: unexpected cc 0x0c38 length: 249 > 2 [ 384.427610][ T5249] Bluetooth: hci18: command tx timeout [ 384.433571][T10335] Bluetooth: hci19: command tx timeout [ 384.614865][T10335] Bluetooth: hci22: unexpected cc 0x0c03 length: 249 > 1 [ 384.624357][T10335] Bluetooth: hci22: unexpected cc 0x1003 length: 249 > 9 [ 384.635264][T10335] Bluetooth: hci22: unexpected cc 0x1001 length: 249 > 9 [ 384.643584][T10335] Bluetooth: hci22: unexpected cc 0x0c23 length: 249 > 4 [ 384.659636][T10335] Bluetooth: hci22: unexpected cc 0x0c25 length: 249 > 3 [ 384.673968][T10335] Bluetooth: hci22: unexpected cc 0x0c38 length: 249 > 2 [ 385.220753][T10335] Bluetooth: hci20: command tx timeout [ 385.300729][T10335] Bluetooth: hci9: command 0x0406 tx timeout [ 386.180726][ T5241] Bluetooth: hci21: command tx timeout [ 386.500707][ T5241] Bluetooth: hci19: command tx timeout [ 386.741990][ T5241] Bluetooth: hci22: command tx timeout [ 387.300567][ T5241] Bluetooth: hci20: command tx timeout [ 387.700825][ T30] INFO: task syz.3.1822:10165 blocked for more than 143 seconds. [ 387.708628][ T30] Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 387.732471][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 387.759212][ T30] task:syz.3.1822 state:D stack:23808 pid:10165 tgid:10165 ppid:5232 flags:0x00004004 [ 387.769909][ T30] Call Trace: [ 387.799287][ T30] [ 387.802921][ T30] __schedule+0x1895/0x4b30 [ 387.807509][ T30] ? __pfx___schedule+0x10/0x10 [ 387.890504][ T30] ? __pfx_lock_release+0x10/0x10 [ 387.895640][ T30] ? schedule+0x90/0x320 [ 387.899924][ T30] schedule+0x14b/0x320 [ 388.001536][ T30] schedule_timeout+0xb0/0x310 [ 388.006391][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 388.020386][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 388.026450][ T30] ? wait_for_completion+0x2fe/0x620 [ 388.039837][ T30] ? wait_for_completion+0x2fe/0x620 [ 388.048357][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 388.060691][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 388.066541][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 388.079604][ T30] ? wait_for_completion+0x2fe/0x620 [ 388.086671][ T30] wait_for_completion+0x355/0x620 [ 388.097904][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 388.105749][ T30] ? __pfx_wait_for_completion+0x10/0x10 [ 388.117924][ T30] ? __flush_work+0xe7/0xc50 [ 388.124436][ T30] __flush_work+0xa37/0xc50 [ 388.129012][ T30] ? __flush_work+0xe7/0xc50 [ 388.141631][ T30] ? __pfx___flush_work+0x10/0x10 [ 388.149693][ T30] ? __pfx_wq_barrier_func+0x10/0x10 [ 388.161289][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 388.167676][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 388.181513][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 388.186787][ T30] unregister_netdevice_many_notify+0x87b/0x1da0 [ 388.202533][ T30] ? __mutex_trylock_common+0x183/0x2e0 [ 388.208146][ T30] ? __pfx___might_resched+0x10/0x10 [ 388.218970][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 388.228461][ T30] ? __pfx___mutex_trylock_common+0x10/0x10 [ 388.239317][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 388.252251][ T30] ? rcu_is_watching+0x15/0xb0 [ 388.257065][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 388.264832][ T5241] Bluetooth: hci21: command tx timeout [ 388.278937][ T30] ? trace_contention_end+0x3c/0x120 [ 388.284660][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 388.290608][ T30] ? __mutex_lock+0x2ef/0xd70 [ 388.295329][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 388.310298][ T30] ? __asan_memset+0x23/0x50 [ 388.315221][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 388.327889][ T30] unregister_netdevice_queue+0x303/0x370 [ 388.333941][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 388.340228][ T30] ppp_release+0xed/0x1f0 [ 388.370061][ T30] ? __pfx_ppp_release+0x10/0x10 [ 388.376513][ T30] __fput+0x241/0x880 [ 388.410461][ T30] task_work_run+0x251/0x310 [ 388.415191][ T30] ? __pfx_task_work_run+0x10/0x10 [ 388.436605][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 388.445018][ T30] syscall_exit_to_user_mode+0x168/0x370 [ 388.458422][ T30] do_syscall_64+0x100/0x230 [ 388.465877][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.477514][ T30] RIP: 0033:0x7f1fdf37dff9 [ 388.486384][ T30] RSP: 002b:00007ffdd80ef198 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 388.498437][ T30] RAX: 0000000000000000 RBX: 000000000003b24b RCX: 00007f1fdf37dff9 [ 388.510237][ T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 388.525871][ T30] RBP: 00007f1fdf537a80 R08: 0000000000000001 R09: 00007ffdd80ef48f [ 388.536791][ T30] R10: 00007f1fdf200000 R11: 0000000000000246 R12: 000000000003b2e2 [ 388.550396][ T30] R13: 00007ffdd80ef2a0 R14: 0000000000000032 R15: ffffffffffffffff [ 388.567968][ T30] [ 388.571365][ T30] [ 388.571365][ T30] Showing all locks held in the system: [ 388.579271][ T30] 1 lock held by khungtaskd/30: [ 388.590398][ T30] #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 388.607182][ T30] 3 locks held by kworker/u8:3/53: [ 388.612621][ T30] #0: ffff88802dca5148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 388.628563][ T30] #1: ffffc90000be7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 388.652051][ T30] #2: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 388.670403][ T30] 3 locks held by kworker/1:2/1751: [ 388.675747][ T30] #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 388.693910][ T30] #1: ffffc900050ffd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 388.708890][ T30] #2: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 388.729648][ T30] 2 locks held by getty/4984: [ 388.736974][ T30] #0: ffff88802eb750a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 388.753275][ T30] #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 388.775266][ T30] 1 lock held by syz-executor/5233: [ 388.784309][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 388.797050][ T30] 3 locks held by kworker/u9:5/5241: [ 388.806066][ T30] #0: ffff888012281948 ((wq_completion)hci11){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 388.822972][ T30] #1: ffffc9000341fd00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 388.835901][T10336] Bluetooth: hci22: command tx timeout [ 388.848731][ T30] #2: ffff88802f564d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 388.859341][ T30] 3 locks held by kworker/0:5/5293: [ 388.876602][ T30] 2 locks held by syz.3.1822/10165: [ 388.884549][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: ppp_release+0x87/0x1f0 [ 388.898249][ T30] #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 388.914951][ T30] 1 lock held by syz.0.1821/10193: [ 388.920099][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48c/0x2400 [ 388.935873][ T30] 1 lock held by syz.0.1821/10194: [ 388.943807][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x48c/0x2400 [ 388.957282][ T30] 2 locks held by syz.2.1833/10232: [ 388.968726][ T30] #0: ffffffff8fd37e30 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 388.980687][ T30] #1: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0x394/0x910 [ 388.999073][ T30] 1 lock held by syz.4.1848/10264: [ 389.005771][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.020631][ T30] 1 lock held by syz.1.1863/10274: [ 389.025776][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.042934][ T30] 1 lock held by syz-executor/10275: [ 389.048251][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.063974][ T30] 1 lock held by syz-executor/10278: [ 389.079506][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.092052][ T30] 1 lock held by syz-executor/10281: [ 389.097374][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.114784][ T30] 1 lock held by syz-executor/10284: [ 389.120106][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.135106][ T30] 1 lock held by syz-executor/10290: [ 389.143480][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.158188][ T30] 1 lock held by syz-executor/10292: [ 389.171566][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.187611][ T30] 1 lock held by syz-executor/10297: [ 389.194521][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.208886][ T30] 1 lock held by syz-executor/10303: [ 389.217363][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.237426][ T30] 1 lock held by syz-executor/10306: [ 389.243272][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.259864][ T30] 1 lock held by syz-executor/10309: [ 389.265825][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.287362][ T30] 1 lock held by syz-executor/10312: [ 389.294477][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.312326][ T30] 1 lock held by syz-executor/10315: [ 389.317682][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.338681][ T30] 1 lock held by syz-executor/10324: [ 389.345261][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.362271][ T30] 1 lock held by syz-executor/10330: [ 389.367971][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.380727][T10336] Bluetooth: hci20: command tx timeout [ 389.390485][ T30] 1 lock held by syz-executor/10333: [ 389.400523][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.410080][ T30] 3 locks held by kworker/u9:0/10335: [ 389.428317][ T30] #0: ffff88805014a948 ((wq_completion)hci10){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 389.439890][ T30] #1: ffffc900054e7d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 389.460389][ T30] #2: ffff88807e698d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400 [ 389.472203][ T30] 1 lock held by syz-executor/10340: [ 389.487362][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.497366][ T30] 1 lock held by syz-executor/10344: [ 389.509898][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.527496][ T30] 1 lock held by syz-executor/10346: [ 389.533060][ T30] #0: ffffffff8fcd20c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 389.550419][ T30] [ 389.552764][ T30] ============================================= [ 389.552764][ T30] [ 389.568238][ T30] NMI backtrace for cpu 1 [ 389.572594][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 389.583112][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 389.593179][ T30] Call Trace: [ 389.596470][ T30] [ 389.599413][ T30] dump_stack_lvl+0x241/0x360 [ 389.604120][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 389.609344][ T30] ? __pfx__printk+0x10/0x10 [ 389.613989][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 389.618967][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 389.624458][ T30] ? _printk+0xd5/0x120 [ 389.628653][ T30] ? __pfx__printk+0x10/0x10 [ 389.633368][ T30] ? __wake_up_klogd+0xcc/0x110 [ 389.638252][ T30] ? __pfx__printk+0x10/0x10 [ 389.642898][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.648554][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 389.653615][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 389.659630][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 389.665645][ T30] watchdog+0xff4/0x1040 [ 389.669923][ T30] ? watchdog+0x1ea/0x1040 [ 389.674377][ T30] ? __pfx_watchdog+0x10/0x10 [ 389.679089][ T30] kthread+0x2f2/0x390 [ 389.683185][ T30] ? __pfx_watchdog+0x10/0x10 [ 389.687894][ T30] ? __pfx_kthread+0x10/0x10 [ 389.692507][ T30] ret_from_fork+0x4d/0x80 [ 389.696958][ T30] ? __pfx_kthread+0x10/0x10 [ 389.701572][ T30] ret_from_fork_asm+0x1a/0x30 [ 389.706387][ T30] [ 389.710840][ T30] Sending NMI from CPU 1 to CPUs 0: [ 389.716075][ C0] NMI backtrace for cpu 0 [ 389.716090][ C0] CPU: 0 UID: 0 PID: 5293 Comm: kworker/0:5 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 389.716117][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 389.716133][ C0] Workqueue: events nsim_dev_trap_report_work [ 389.716165][ C0] RIP: 0010:arch_stack_walk+0x100/0x150 [ 389.716194][ C0] Code: 70 ff ff ff 4c 89 e6 4c 89 fa e8 5b c6 09 00 83 bd 70 ff ff ff 00 74 37 48 8d 9d 70 ff ff ff 48 89 df e8 03 9d 09 00 48 85 c0 <74> 23 4c 89 f7 48 89 c6 4d 89 eb e8 90 d2 97 0a 84 c0 74 11 48 89 [ 389.716213][ C0] RSP: 0018:ffffc90000006b00 EFLAGS: 00000282 [ 389.716232][ C0] RAX: ffffffff8157903b RBX: ffffc90000006b00 RCX: ffffffff917bb000 [ 389.716250][ C0] RDX: ffffffff91968501 RSI: ffffc90000000000 RDI: ffffffff8157903b [ 389.716268][ C0] RBP: ffffc90000006b90 R08: ffffc90000007fe8 R09: ffffc90000006b50 [ 389.716286][ C0] R10: dffffc0000000000 R11: fffff52000000d6c R12: ffff88801bb0bc00 [ 389.716304][ C0] R13: ffffffff8180a0e0 R14: ffffc90000006be0 R15: 0000000000000000 [ 389.716325][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 389.716345][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 389.716361][ C0] CR2: 0000001b32817ff8 CR3: 000000000e734000 CR4: 0000000000350ef0 [ 389.716380][ C0] Call Trace: [ 389.716388][ C0] [ 389.716397][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 389.716427][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 389.716466][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 389.716494][ C0] ? nmi_handle+0x2a/0x5a0 [ 389.716535][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 389.716567][ C0] ? nmi_handle+0x151/0x5a0 [ 389.716591][ C0] ? nmi_handle+0x2a/0x5a0 [ 389.716617][ C0] ? arch_stack_walk+0x100/0x150 [ 389.716642][ C0] ? default_do_nmi+0x63/0x160 [ 389.716673][ C0] ? exc_nmi+0x123/0x1f0 [ 389.716701][ C0] ? end_repeat_nmi+0xf/0x53 [ 389.716725][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 389.716757][ C0] ? do_softirq+0x11b/0x1e0 [ 389.716788][ C0] ? __init_begin+0x41000/0x41000 [ 389.716813][ C0] ? __pfx_use_tpause_delay+0x1/0x10 [ 389.716849][ C0] ? do_softirq+0x11b/0x1e0 [ 389.716878][ C0] ? arch_stack_walk+0x100/0x150 [ 389.716903][ C0] ? arch_stack_walk+0x100/0x150 [ 389.716931][ C0] ? __pfx_use_tpause_delay+0x1/0x10 [ 389.716964][ C0] ? arch_stack_walk+0x100/0x150 [ 389.716989][ C0] [ 389.716996][ C0] [ 389.717009][ C0] ? do_softirq+0x11b/0x1e0 [ 389.717042][ C0] stack_trace_save+0x118/0x1d0 [ 389.717072][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 389.717098][ C0] ? stack_trace_save+0x118/0x1d0 [ 389.717128][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 389.717160][ C0] kasan_save_track+0x3f/0x80 [ 389.717183][ C0] ? kasan_save_track+0x3f/0x80 [ 389.717205][ C0] ? __kasan_kmalloc+0x98/0xb0 [ 389.717228][ C0] ? __kmalloc_node_track_caller_noprof+0x225/0x440 [ 389.717262][ C0] ? kmalloc_reserve+0x111/0x2a0 [ 389.717285][ C0] ? __alloc_skb+0x1f3/0x440 [ 389.717305][ C0] ? synproxy_send_client_synack+0x1ba/0xf30 [ 389.717337][ C0] ? nft_synproxy_eval_v4+0x3ca/0x610 [ 389.717371][ C0] ? nft_synproxy_do_eval+0x362/0xa60 [ 389.717404][ C0] ? nft_do_chain+0x4af/0x1da0 [ 389.717439][ C0] ? nft_do_chain_inet+0x418/0x6b0 [ 389.717472][ C0] ? nf_hook_slow+0xc5/0x220 [ 389.717502][ C0] ? NF_HOOK+0x29e/0x450 [ 389.717532][ C0] ? NF_HOOK+0x3a6/0x450 [ 389.717555][ C0] ? __netif_receive_skb+0x2bf/0x650 [ 389.717583][ C0] ? process_backlog+0x662/0x15b0 [ 389.717613][ C0] ? __napi_poll+0xcd/0x490 [ 389.717640][ C0] ? net_rx_action+0x89b/0x1240 [ 389.717669][ C0] ? handle_softirqs+0x2c7/0x980 [ 389.717725][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.717752][ C0] __kasan_kmalloc+0x98/0xb0 [ 389.717779][ C0] __kmalloc_node_track_caller_noprof+0x225/0x440 [ 389.717812][ C0] ? __alloc_skb+0x1f3/0x440 [ 389.717835][ C0] ? __alloc_skb+0x1f3/0x440 [ 389.717856][ C0] kmalloc_reserve+0x111/0x2a0 [ 389.717880][ C0] __alloc_skb+0x1f3/0x440 [ 389.717905][ C0] ? __pfx___alloc_skb+0x10/0x10 [ 389.717928][ C0] ? __entry_text_end+0x1020c5/0x1020c9 [ 389.717958][ C0] synproxy_send_client_synack+0x1ba/0xf30 [ 389.717995][ C0] ? kasan_quarantine_put+0xdc/0x230 [ 389.718018][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 389.718056][ C0] ? __pfx_synproxy_send_client_synack+0x10/0x10 [ 389.718088][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.718116][ C0] ? synproxy_pernet+0x45/0x270 [ 389.718149][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.718177][ C0] nft_synproxy_eval_v4+0x3ca/0x610 [ 389.718216][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 389.718253][ C0] ? nf_ip_checksum+0x13a/0x500 [ 389.718292][ C0] nft_synproxy_do_eval+0x362/0xa60 [ 389.718331][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 389.718371][ C0] ? __pfx_validate_chain+0x10/0x10 [ 389.718399][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.718428][ C0] nft_do_chain+0x4af/0x1da0 [ 389.718473][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 389.718508][ C0] ? __local_bh_enable_ip+0x168/0x200 [ 389.718548][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.718586][ C0] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 389.718615][ C0] nft_do_chain_inet+0x418/0x6b0 [ 389.718652][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 389.718685][ C0] ? ipt_do_table+0x312/0x1860 [ 389.718733][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 389.718766][ C0] nf_hook_slow+0xc5/0x220 [ 389.718797][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 389.718824][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 389.718851][ C0] NF_HOOK+0x29e/0x450 [ 389.718875][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.718903][ C0] ? NF_HOOK+0x9a/0x450 [ 389.718927][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 389.718955][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 389.718987][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.719011][ C0] ? ip_rcv_finish+0x406/0x560 [ 389.719039][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 389.719065][ C0] NF_HOOK+0x3a6/0x450 [ 389.719093][ C0] ? NF_HOOK+0x9a/0x450 [ 389.719118][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 389.719143][ C0] ? ip_rcv_core+0x801/0xd10 [ 389.719171][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 389.719203][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 389.719229][ C0] __netif_receive_skb+0x2bf/0x650 [ 389.719260][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 389.719296][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 389.719324][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 389.719359][ C0] ? __pfx_lock_release+0x10/0x10 [ 389.719395][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 389.719438][ C0] process_backlog+0x662/0x15b0 [ 389.719472][ C0] ? process_backlog+0x33b/0x15b0 [ 389.719513][ C0] ? __pfx_process_backlog+0x10/0x10 [ 389.719544][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 389.719581][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 389.719619][ C0] __napi_poll+0xcd/0x490 [ 389.719650][ C0] net_rx_action+0x89b/0x1240 [ 389.719696][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 389.719729][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.719755][ C0] ? sched_clock+0x4a/0x70 [ 389.719796][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 389.719839][ C0] handle_softirqs+0x2c7/0x980 [ 389.719874][ C0] ? do_softirq+0x11b/0x1e0 [ 389.719907][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 389.719941][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.719970][ C0] do_softirq+0x11b/0x1e0 [ 389.719998][ C0] [ 389.720007][ C0] [ 389.720015][ C0] ? __pfx_do_softirq+0x10/0x10 [ 389.720046][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 389.720095][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.720122][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.720147][ C0] ? rcu_is_watching+0x15/0xb0 [ 389.720174][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 389.720206][ C0] ? nsim_dev_trap_report_work+0x75d/0xaa0 [ 389.720233][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 389.720266][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 389.720297][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.720322][ C0] ? nsim_dev_trap_report_work+0x6a7/0xaa0 [ 389.720358][ C0] nsim_dev_trap_report_work+0x75d/0xaa0 [ 389.720400][ C0] ? process_scheduled_works+0x976/0x1850 [ 389.720437][ C0] process_scheduled_works+0xa65/0x1850 [ 389.720492][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 389.720542][ C0] ? assign_work+0x364/0x3d0 [ 389.720580][ C0] worker_thread+0x870/0xd30 [ 389.720618][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.720648][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 389.720675][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 389.720715][ C0] ? __kthread_parkme+0x169/0x1d0 [ 389.720755][ C0] ? __pfx_worker_thread+0x10/0x10 [ 389.720790][ C0] kthread+0x2f2/0x390 [ 389.720815][ C0] ? __pfx_worker_thread+0x10/0x10 [ 389.720850][ C0] ? __pfx_kthread+0x10/0x10 [ 389.720876][ C0] ret_from_fork+0x4d/0x80 [ 389.720912][ C0] ? __pfx_kthread+0x10/0x10 [ 389.720937][ C0] ret_from_fork_asm+0x1a/0x30 [ 389.720984][ C0] [ 390.661035][T10336] Bluetooth: hci21: command tx timeout [ 390.666603][T10336] Bluetooth: hci10: command 0x0406 tx timeout [ 390.680427][ T5249] Bluetooth: hci11: command 0x0406 tx timeout [ 390.735094][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 390.742024][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0 [ 390.752579][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 390.762762][ T30] Call Trace: [ 390.766075][ T30] [ 390.769040][ T30] dump_stack_lvl+0x241/0x360 [ 390.773774][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 390.779122][ T30] ? __pfx__printk+0x10/0x10 [ 390.783760][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 390.789797][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.795468][ T30] ? vscnprintf+0x5d/0x90 [ 390.799832][ T30] panic+0x349/0x880 [ 390.803765][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.809425][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 390.815613][ T30] ? __pfx_panic+0x10/0x10 [ 390.820073][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 390.825471][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.831126][ T30] ? __irq_work_queue_local+0x137/0x410 [ 390.836705][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.842361][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 390.847793][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 390.853973][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 390.860159][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 390.865831][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 390.872036][ T30] watchdog+0x1033/0x1040 [ 390.876407][ T30] ? watchdog+0x1ea/0x1040 [ 390.880868][ T30] ? __pfx_watchdog+0x10/0x10 [ 390.885579][ T30] kthread+0x2f2/0x390 [ 390.889675][ T30] ? __pfx_watchdog+0x10/0x10 [ 390.894388][ T30] ? __pfx_kthread+0x10/0x10 [ 390.899003][ T30] ret_from_fork+0x4d/0x80 [ 390.903462][ T30] ? __pfx_kthread+0x10/0x10 [ 390.908082][ T30] ret_from_fork_asm+0x1a/0x30 [ 390.912901][ T30] [ 390.916145][ T30] Kernel Offset: disabled [ 390.920496][ T30] Rebooting in 86400 seconds..