last executing test programs: 8.598157748s ago: executing program 0 (id=451): unshare(0x2c020400) r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000080), 0x4) 8.283326495s ago: executing program 0 (id=455): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10) syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\f\n5', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 8.148920424s ago: executing program 0 (id=458): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000042003303"], 0x14}, 0x1, 0x0, 0x0, 0x4015}, 0x24040004) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000019c0)=""/4094, 0xffe}, {&(0x7f0000000000)=""/162, 0xa2}, {&(0x7f0000000900)=""/168, 0xa8}, {&(0x7f0000000280)=""/161, 0xa1}, {&(0x7f00000000c0)=""/53, 0x35}, {&(0x7f00000003c0)=""/248, 0xf8}, {&(0x7f00000004c0)=""/148, 0x94}], 0x7}, 0x100) 7.809167848s ago: executing program 0 (id=464): syz_mount_image$nilfs2(&(0x7f0000000480), &(0x7f0000000f00)='./file1\x00', 0x208800, &(0x7f0000003100)=ANY=[], 0x1, 0xeec, &(0x7f0000001e40)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgoh4Rl96D8odGMWnU0ANRIKYHRCVEkSJOFQcqLpRKKVKRQJWqqKe2p1a99YR6oVKVSkE9tJESV1m/We8+e7rrsT1r7/5+0rdv37zZ+b7xRs7MePZtAIZWrfl4+PBsFsJ7n1859trJ7NM7yx5prbGv+ZjFXiOEUG/rZ8n2vogLbt24dGKtNgsHm495Pzx/vfXayRDCYtgXroVG+Hh+4auP3n9u/ydvTtz3zsWzr2/R7rek+wEAAIPo6p8W/vbEP/741MzNq3uPhvHW8pXj9WWT8bj/QFyQL6+Fzn7WFu3GkvVGYtSS9UaS9UaTPKMF+erJduoF6411yTfStmyt/QQAAICdKD+vbYSsNtfRr9Xm5pbP++/4Ynosmzt3ZuH0hT4VCgAAAJT278vNm26FEEIIIYQQQggxwLE03e8rEAAAAMCwSecLW2Vxc2fqam2t0Vv+68/W1n49bIKq//3Lv7Pyf/iG3zgAAJQ3qEeT+X7lx9H5PAbpPIIjyevWe/xfS7Yzus46i+YV7Fiebd+3qaj+9Oe6XRXVv973sV+K6k/nw9yuiupP5+ncrorqH6+4jrKK6p+ouI6yiurfVXEdZRXVv7viOsoqqn+y4jrKKqp/quI6yiqq/66K6yirqP49FddRVlH9O+W22qL6GxXXUVZR/TMV11FWUf13V1xHWUX131NxHWUV1X9vxXX0y8OxzX8Oe5Px9vPn9Jxup5zjAQAAwLD7r/n/hBBCiFXRvA9iG9QhxGBHtg1qEEKI4YnL/b4AAQAAAPRd/rmA/APoS1E+PtJlfLR9fGJlhXy83uX1Y13Gx7uMAwAAACH89q3TD7ybrXzOf6Pz4eXzRu0Kn94OJeYxSie6W2/+jc57ttH865i3zPQJAAAAVCb73rXbTx774JWZm1f3Hm07+70dz3fzeUBH4wnrZ7Gf3xcwlfSz/Bz6aGeeWsF66fWBu4q298IGdxQAAACGWH7+3ghZba7tvLsRarW5uZXz8dlQz06fWTh1IPbz72f5w3R9/M7yZyquGwAAAOjdyvn+2uf/+ff4zoaxbO7cmYXTF5b7U63l9Vr7dYHpleVZ+3WBRrL8YMHyQ7Gff3/nD6Z3NZfPnfjhwsnN3nkAAAAYEhdevXj2xYWFUz/yxBNPPGk96fdvJgAAYLN9+eWV+o8PTf1u+fP/K/Pf5Z//3xf7jTi335/jCvl9AvnnAFZ9Xv94Z57povXOd67XSNYbiTGe1D3Rtp3QnG+w83UzRfkandsZK8g3meSbSvKl8xSMJuvn+fYky9P5CfP1ppPl6eSAo0mOLMn/aAAAAIBi86+8fH7+wqsXnz7z8osvnXrp1LlDB49898iRA89855n55n398+139wMAAAA70cpNv/2uBAAAAAAAAAAAAAAAAAAAAIZXFV8n1u99BAAAgGH3r8shhEUhhCgdS+P9r0GILjG2DWoQQgghhFiO5ne7V5+31u/rDwAAAMDwuXXj0on2dpXFbFPztbbWWG5ux7x5O/X0X2fuRL7a9WdHOl6/e1OrYdhV/e9f/p2V/8M3Njf/RP6k599/ySXjo+XyPj7/y9n2/A+O9pg/3f8XyuXfn+R/PPSWf+mDJP/xcvmfSPLv7jH/qv0/Xy7/kzH/bOzvf6zX/J3v/3hs8/3Y1WP+byf7fzL0mj/Z/0aPCRNPxfwAMIwG9QaA/CghP46ejP18f+PhZhhJXrfe4/9asp3RDVfeud38OOj+2M+Pl6aSvLn11j+ZbO+uknWm0rq2q6L6N+t93GpF9dcrrqOsovrHKq6jrKL6xyuuo6yi+icqrqOsovp7PQ/tt6L6d8p15aL6Jyuuo6yi+qcqrqOsovrX+/94vxTVv6fiOsoqqn+64jrKKqq/5GW1yhXVP1NxHWUV1X93xXWUVVT/PRXXUVZR/fdWXEe/PBTbovPh/PxzOo7l/UbSH1/jZzmo1xYAAABgp/mn+f+EEEIIIUpF836ZbVBHf6Ltbrm+1yI2I/6ztKzfdQghti6Wlvp48YG+29pPMwOwXfn9P9y8/8PN+z/cvP/8P/k9/FnSz410GR/tMl7vMj6WjKf/Xse7jN+TbHcpv64Z3dtl/Gtdxvd0Gb+/y/hsl/EHuow/2GX8oS7jAAAADIf7Yuv8EAAAAAbXa7/67O3fPH78xszNq3uPhrFV884fiP3x+Lf1t2I/nfc+V49/8/9J7P8itr+P7d+T9d1/AgAAAFsv/54Yf/8HAACAwZV/T6nzfwAAABhcM7F1/g8AAACD6+7YOv8HAACAAZZNrL04tvl1gUdj2+u8fgDA9vf12D4c272xfSS234htfhzwWGy/WVF9AMDm+fn3f3rk3Wxlvv9DyfituDxvV1lcvlKQ1Tpn8t8V292x/VaP9aTfB9Br/tyeHvNsVf7pDeYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZHrfl4+PBsFsJ7n1859rOxt/9yZ9kjrTX2NR+z2GuEEOqt1+WjK/1fxxVv3bh0or29HdssHAxZyFrLw/PXW5kmQwiLYV+4Fhrh4/mFrz56/7n9n7w5cd87F8++voU/go79AwAAgEH0vwAAAP//cFQjcg==") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 7.18546069s ago: executing program 0 (id=470): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000001a0001000000000000000a0080", @ANYRES32=0x0, @ANYRESDEC], 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) 5.491941524s ago: executing program 0 (id=484): mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0) 4.741323595s ago: executing program 32 (id=484): mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0) 4.722732824s ago: executing program 1 (id=486): syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa04710, &(0x7f0000000440)={[{@user_xattr}, {@block_validity}, {@noblock_validity}, {@bh}, {@mblk_io_submit}, {@data_err_ignore}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@noblock_validity}, {@test_dummy_encryption}, {@nouid32}]}, 0x1, 0x453, &(0x7f0000000c40)="$eJzs281vFOUfAPDvzLbw+/HWivgColbR2PjS0oLKwYtGEw+amOgBj7UtBFmooTUR0mg1Bo+GxLvxaOJf4EkvRj2ZeNW7ISHaC+hpzczOlO2yu7R06xb280kGnmfm2T7Pt888O8/MMw2gb41k/yQRuyLit4gYqmdXFxip/3dteXH67+XF6SRqtTf/TPJyV5cXp8ui5ed2FpnRNCL9NCkqWW3+/IXTU9Xq7LkiP75w5r3x+fMXnjl1Zurk7MnZs5PHjh09MvH8c5PPrj2YJGl7aHfW1gMfzh3c/+rbl16fPn7pnZ++yUrvKo43xrERaUN6JAv8r1quudzj3ahsC9ndkE4Gbl6GraESEVl3Debjfygqcb3zhuKVT3raOGBTZdem7e0PL9VaqbTcC9x2kuh1C4DeKC/02f1vuf1HU48t4cqL9Rugq8ni9LXl+lY/MrByLz+4ifeuIxFxfOmfL7MtuvgcAgCgne+y+c/TreZ/adzbUG5PsTY0HBF3RcTeiLg7IvZFxD0Redn7IuL+G2pIO9bfvDR04/wnvXzLwa1BNv97oVjbWj3/W2n3cKXI7c7jH0xOnKrOHi5+J6MxuD3LT3So4/uXf/283bHG+V+2ZfWXc8GiHZcHmh7QzUwtTOWT0i648nHEgYFW8ScrKwFJROyPiAPr+9F7ysSpJ78+2K7QzePvoM0603rUvop4Iuv/WrIUTfGXks7rk+P/i+rs4fHyrLjRz79cfKNd/RuKvwuy/t+x+vxvLjKcNK7Xzq+/jou/f9b2nuZWz/9tyVt5v2wr9n0wtbBwbiJiW/Janl+1f/L6Z8t8WT6Lf/RQ6/G/t/hMVs8DEZGdxA9GxEMR8XDR9kci4tGIONQh/h9feuzdW49/c2Xxz7T8/ls5/5v6f/2Jyukfvm1X/9r6/2ieGi325N9/N7HWBm7kdwcAAAC3izR/Bz5Jx1bSaTo2Vn+Hf1/sSKtz8wtPnZh7/+xM/V354RhMyyddQw3PQyeSpeIn1vOTxbPi8viR4rnxF5X/5/mx6bnqTI9jh363s834z/xR6XXrgE3XhXU04DbVPP47v7IB3Elc/6F/Gf/Qv4x/6F+txv9HTXlrAXBncv2H/mX8Q/8y/qF/Gf/Qlzbyd/0S/ZyIdEs0Y5MSQ1ujGT1M9PqbCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+DQAA//82merZ") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000180)={0x31, 0x8, 0x9, 0xffffffffffffffff, 0x401, 0x5}) 4.34192263s ago: executing program 2 (id=490): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r0}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)=@generic={0x0, r1}, 0x18) 3.895359518s ago: executing program 1 (id=491): r0 = gettid() r1 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r1, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f00000002c0)={0x10, 0x38, 0x2, 0x70bd2b, 0x25dfdbfd}, 0x10}], 0x1, &(0x7f0000001e80)=[@cred={{0x1c, 0x1, 0x2, {r0, 0xee01}}}], 0x20, 0x40}, 0x200004d0) 3.849697379s ago: executing program 3 (id=492): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x20, r1, 0x50dc85624ea6cf59, 0x0, 0x1, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x400c081}, 0x90) 3.800737388s ago: executing program 2 (id=493): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x7, 0x9, 0x1, 0xffffffffffffffff, 0x2}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f00000004c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 3.613210664s ago: executing program 4 (id=494): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@getchain={0x24, 0x66, 0xfcd66a900070b359, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r1, {0xa, 0x8}, {0xe}, {0xc, 0x1}}}, 0x24}}, 0x45020) 3.539405688s ago: executing program 3 (id=495): openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000020000100505a1a4400000000101090244000101000000090400001602020000052406000005240000000d240f01000000000000000000090581034000000000090582020000000000090503024002"], 0x0) 3.496138339s ago: executing program 2 (id=496): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r0, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) 3.374692887s ago: executing program 1 (id=497): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a98000000060a0b040000000000000000020000000900020073797a32000000006c000480680001800b00010074617267657400005800028040000300cd4b6abe42030763d02899c7e9ee2bcc9b6a37b458a8056dd9a87f963d140d7a9d3ac869f3a860917523679abf4579f9cd65080000000000000000000a000100484d41524b00000008000240000000000900010073797a30"], 0xc0}, 0x1, 0x0, 0x0, 0x20040000}, 0x0) 2.843568088s ago: executing program 1 (id=499): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x48, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x80}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x48}}, 0x0) 2.826962588s ago: executing program 2 (id=500): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00') fchdir(r0) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00', 0x0, 0x10}, 0x18) 2.414592451s ago: executing program 2 (id=501): syz_mount_image$f2fs(&(0x7f0000000780), &(0x7f0000000000)='./file2\x00', 0x18000, &(0x7f0000000080)=ANY=[], 0x1, 0x556e, &(0x7f0000004000)="$eJzs3M2LG/UbAPBnst2+//pbxIO3DpTCLjSh2b6gt6otvmBLqXrwpNkkDWmTzLJJ03VB8OBRPPifiIInj/4NHjx7Ew+KN6GSmYl21YIvedm2nw9Mnplvvnnm+YZl4JlZEsBTay39+cckTsWxiFiJiJMRk/0HSUQk00lXivBcRJyOiMpDW1KO/zZwOCKOR8SpSfIiZ1K+9em58ZlLP7z+01ffHDl04rMvv13eqoFlOzu5QJTu94uYdYp4Z7uIjXE3j/2L4zIWb/TvlsdZEe+3t/IM9xvTeY08XugU87Pte8NJvN1rNCex072dj28PihMOx51pnvwDdxo7+XGrvZXH7jDLY2evqGt3r7i27Q1HRZ5Wme/9PH2MRtNYjLd328V6tu/msTkYleNF3qzV3p3EcRmn195m1mvldWz922/54HujO7i3m47bO8NuNkgv1erP1+qXq/WdrNUetS9WG/3W5Yvpeqc3mVYdtRv9K50s6/TatWbW30jXO81mtV5P16+2t7qNQVqv1y7UzlcvbZR759JXbryd9lrp+iS+1B3cG3V7w/R2tpMWn9hIN2sXXthIz9TTN6/fTG/eunbt+s233r36zo0Xr7/2cjnpT2Wl65vnNzer9fPVzfrGU7T+j8qiZ7h++E+SZRcA8Ph5RP8f+n9gns5O+vSyz59t/79zK2L+/X/Msf8vT6f/P2j97wz7/86Jha+/Egdo/TAT/7T//2BOdQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsHDfrX7+ar6zVhyfKMf/Vw49Ux4nEVGJiAd/YSUO78u5UuZZfcT81T/U8HUSeYbJOY6U2/GIuFJuv/x/3t8CAAAAPLm++PD0J0W3XrysLbsgFqm4aVM5+d6M8iURsbr2/YyyVSYvz84oWf73fSh2Z5Qtv4F1dEbJiltuh2aV7W9Z2ReOPhSSIlQWWg4AALAQ+zuBxXYhAAAALNLHyy6A5Uhi+ihz+iw4/8/73x8IHtt3BAAAADyGkmUXAAAAAMxd3v/7/T8AAAB4shW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArO/eTq0QMxwH8N/Ne3+P5JxLj3qu4g1MYj+DSpeEAXoKV6/EKXoAzYNx4Aw1jmCkEjKCGDgTz+SRD6TB8aQkL2kIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAY0pfUTD+9f/nh1JxV295FRPsHD4euKdMbAAAA4HeWqZl2d8Z9/XE+/zSfep7rVUTUBwbvN3G3kzja5qQD16eb/TZ8jugS1q9xn49HEfEqHz+eDf42AAAAwH9rMZtPIrrBeHczvnSDOKd+0qZ+8qZQXhURafytUFq9zntRKKz7fN/Gu0JpKbbzXAV0U263pdL+Sj8Bt5m1G+0UVV/Ux59frO8AAMAZ5aX4/H3/H0ch3/1sHwAA4Hq8vXQDGMjr4w9XsVnK3C4F3vdFXt572KsBAAAAV6i6dAMAAACAwXXj/2VqPn6NUcH9//r/FBzd/++Xhtj/DwAAAIbT7/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkJapmS5m88mpOav2NGV6AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2Z9XHIBBIAyD23frCPc/bPM3QVZjZsTmCwsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh3fHPJWEdsiVZVe07buNWr6swqcWWVuLNOPHnQ5/4GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgZX9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPim3/3yf2JqnEnmThtLxyPJ2lVj66qx96Bx9GC8/RsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYuf+feMmwwAAv2ffXWkBEQLKEAaQGGCh6bW0dAMGUMTAn4AUpdcSeuVHm4FWFSgLG2TugsqIEBIobJ1ZO7dSl7B1yFAkJLZD9tmJQxPlQlP7aJ5H+u57bfk+v5+vavL68wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNLGu1txmr1MjeKk2HfnwfXFrL/7rz5za/XebNayeFhn0v8PR6sbrZnmEgEAAOBwaBW1fVpsr3fW5rM+mcrr/055XFbz33x26z2xQ91f9mXtn7Xffr3/4ubJpkbnyQY9vzTon3g4nfbjm+lke27PI9r5lc/vvaT5B5J8sPLCRie/nq1vb99+r5uHR+rIFgDY1XD3H8bHR936zSIofx/K+l5N6QFwuLUrhXdZ/6dTzeYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUIeNlXi6jFsRMdveijN3H1xf3Km/tXpvtmxnbtxYrY6ZDdGJiPNLg/6JGucy6a5cvXZxYTDoX94r6Mbex+wveDkiDnTAfQRvF9O/+NEYB0eMN/Lfw+EwjTjwCyV4tCApPuxJyWcU/P7f3z4s//U+pgzfiYhBQ/8hAQDwxOoULavr1ztr89m+1nTE8Ift9f9rlTjGrP/vf3zmTn7wd8m282X1f6++KU68ueVLn89duXrtjaVLCxf6F/qfvnmy91bv1NnTp8/O5fdK5twxAQAA4NF0i1at/5Pph9f/j1XiGLP+/+L73lfVc6Xq/x1tLfo1nQkAAMDh9vwrf/3Z2mF/q9uNLxeWly/3Rq+b2ydHrw2kum9Hilat/9PpprMCAAAA6rCx0tq2/n+uEseY6//P/PjSz9Ux04g4Wqz/H1/8bHCuvulMtIP88vDXu3xPvuk5AgAA0KyjRauu/3fy5/+TzUcekoh4/dVRXPwZwLHq//T9b36qnqv6/P+p+qY4kZKZ0fXI+5mI9kzTGQEAAPAke6poWbH/R2dt/pNfjn3Y9fw/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+CQAA//+K6TmR") mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) mount$9p_rdma(0x0, &(0x7f0000000080)='./file2\x00', 0x0, 0x20110a0, 0x0) 2.347265336s ago: executing program 1 (id=502): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000500), r0) sendmsg$NFC_CMD_SE_IO(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 2.165530205s ago: executing program 1 (id=503): r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001a77aa4094225b4210a20102030109022400010000000009040000029233500009050602ff030000000905ba3e79"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="40010400000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000280)={0x40}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x20, 0x85, 0x3, "b1e7e3"}}) 1.842762206s ago: executing program 5 (id=504): r0 = socket$nl_route(0x10, 0x3, 0x0) unshare(0x22020600) getsockopt$netlink(r0, 0x10e, 0x7, 0x0, 0x0) 1.675223998s ago: executing program 4 (id=505): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002ebd7000000000001400000018000180140002006e657464657673696d3000000000000005000b000100000008000d000d000000080009000900000008000a"], 0x4c}}, 0x0) 1.644347826s ago: executing program 5 (id=506): r0 = socket$inet(0x2, 0x2, 0x1) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000100)={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000000600)=[{&(0x7f00000001c0)="08001efbb07d586e", 0x8}], 0x1, 0x0, 0x0, 0x60000000}, 0x4000800) 1.407058929s ago: executing program 3 (id=507): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000001c0)=0x3) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000100)) 1.371258723s ago: executing program 5 (id=508): r0 = io_uring_setup(0x115c, &(0x7f0000000440)={0x0, 0x8270, 0x40, 0x3, 0x117}) recvmmsg(0xffffffffffffffff, &(0x7f0000003c80)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000280)=""/220, 0xdc}], 0x1}, 0x3}], 0x1, 0x40010041, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x24, &(0x7f0000000640), 0x0) 1.318677503s ago: executing program 4 (id=509): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x64}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3400000040000701fcffffff00000100017c0000040042800c0001800600060065580000100002800c0008"], 0x34}}, 0x400c010) 1.117739921s ago: executing program 5 (id=510): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) pwritev2(r0, &(0x7f0000000500)=[{&(0x7f0000000000)='d', 0x200200}, {0x0, 0x7fdfee00}, {&(0x7f0000000140)="d9", 0x98}], 0x2, 0x0, 0x0, 0x3) 943.308653ms ago: executing program 4 (id=511): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), r0) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000001c0)={0x2c, r1, 0x1, 0x70bd26, 0x0, {0x25}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880) 807.616547ms ago: executing program 3 (id=512): getsockname$packet(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0) syz_emit_ethernet(0x52, &(0x7f0000000340)={@broadcast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "1927f2", 0x1c, 0x2c, 0x0, @remote, @local, {[@routing={0x8, 0x0, 0x0, 0xe}], {{0x8000, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6}}}}}}}, 0x0) 682.335873ms ago: executing program 5 (id=513): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x5, 0x2}, {0x0, 0xe}}}, 0x24}}, 0x0) 539.8704ms ago: executing program 3 (id=514): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f00000000c0)={0xf0f045}) write(r0, &(0x7f00000003c0), 0x0) 363.01532ms ago: executing program 4 (id=515): r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r0, &(0x7f0000000580)='1\x00', 0x2) write$sysctl(r0, &(0x7f00000000c0)='2\x00', 0x2) 313.997642ms ago: executing program 5 (id=516): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x319c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000300)={0x2c, &(0x7f0000000340)=ANY=[@ANYBLOB="20218700000087"], 0x0, 0x0, 0x0, 0x0}, 0x0) 178.583149ms ago: executing program 3 (id=517): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000280), r0) sendmsg$SMC_PNETID_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x9df36cc7d1878f77, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4080) 114.497681ms ago: executing program 4 (id=518): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)={0x2c, r1, 0xacf5e67dd0b583a1, 0x0, 0x0, {{0x5}, {@val={0x8}, @void}}, [@NL80211_ATTR_HE_OBSS_PD={0x10, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x1}]}]}, 0x2c}}, 0x0) 0s ago: executing program 2 (id=519): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x44, r1, 0x1, 0x170bd2c, 0x8000, {0x34}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x73}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x20}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}}, 0x20000000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.232' (ED25519) to the list of known hosts. [ 81.484293][ T5813] cgroup: Unknown subsys name 'net' [ 81.633583][ T5813] cgroup: Unknown subsys name 'cpuset' [ 81.643161][ T5813] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.196290][ T5813] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.347043][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.355272][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.363571][ T5840] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.371107][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.378979][ T5840] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.386330][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.393639][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.400018][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.402992][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.415045][ T5840] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.419601][ T5848] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.423320][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.437276][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.444546][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.459874][ T5848] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.469648][ T5853] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.483545][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.488170][ T5851] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 87.499066][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.499214][ T5853] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.507378][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.521722][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.528988][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.536832][ T5849] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.538838][ T5853] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 87.557260][ T5849] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 87.557383][ T5853] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.570475][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.572519][ T5853] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 87.586731][ T5853] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 88.267940][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 88.359166][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 88.521528][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 88.610561][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 88.723677][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 88.902189][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.911404][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.919748][ T5839] bridge_slave_0: entered allmulticast mode [ 88.927111][ T5839] bridge_slave_0: entered promiscuous mode [ 88.941095][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.948211][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.955492][ T5829] bridge_slave_0: entered allmulticast mode [ 88.963109][ T5829] bridge_slave_0: entered promiscuous mode [ 89.016118][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.023284][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.030604][ T5839] bridge_slave_1: entered allmulticast mode [ 89.037917][ T5839] bridge_slave_1: entered promiscuous mode [ 89.045214][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 89.056881][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.064083][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.071397][ T5829] bridge_slave_1: entered allmulticast mode [ 89.078948][ T5829] bridge_slave_1: entered promiscuous mode [ 89.091357][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.098460][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.105752][ T5828] bridge_slave_0: entered allmulticast mode [ 89.113143][ T5828] bridge_slave_0: entered promiscuous mode [ 89.121369][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.128443][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.135709][ T5828] bridge_slave_1: entered allmulticast mode [ 89.143831][ T5828] bridge_slave_1: entered promiscuous mode [ 89.236617][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.243869][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.251053][ T5837] bridge_slave_0: entered allmulticast mode [ 89.258445][ T5837] bridge_slave_0: entered promiscuous mode [ 89.266728][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.273963][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.281829][ T5837] bridge_slave_1: entered allmulticast mode [ 89.289129][ T5837] bridge_slave_1: entered promiscuous mode [ 89.339309][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.352632][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.380508][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.406911][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.459258][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.484367][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.513879][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.521435][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.528602][ T5827] bridge_slave_0: entered allmulticast mode [ 89.536678][ T5827] bridge_slave_0: entered promiscuous mode [ 89.544625][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.551821][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.558972][ T5827] bridge_slave_1: entered allmulticast mode [ 89.560650][ T5844] Bluetooth: hci0: command tx timeout [ 89.565025][ T5853] Bluetooth: hci1: command tx timeout [ 89.572792][ T5827] bridge_slave_1: entered promiscuous mode [ 89.599822][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.630119][ T5829] team0: Port device team_slave_0 added [ 89.640214][ T5844] Bluetooth: hci5: command tx timeout [ 89.645794][ T5844] Bluetooth: hci4: command tx timeout [ 89.651739][ T5842] Bluetooth: hci2: command tx timeout [ 89.657270][ T5853] Bluetooth: hci3: command tx timeout [ 89.680398][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.724179][ T5829] team0: Port device team_slave_1 added [ 89.745533][ T5828] team0: Port device team_slave_0 added [ 89.766769][ T5839] team0: Port device team_slave_0 added [ 89.802768][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.814538][ T5828] team0: Port device team_slave_1 added [ 89.822773][ T5837] team0: Port device team_slave_0 added [ 89.843329][ T5839] team0: Port device team_slave_1 added [ 89.892718][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.904157][ T5837] team0: Port device team_slave_1 added [ 89.924528][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.931808][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.958045][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.969948][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.977063][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.984385][ T5830] bridge_slave_0: entered allmulticast mode [ 89.991787][ T5830] bridge_slave_0: entered promiscuous mode [ 90.000968][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.007901][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.034749][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.086988][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.094318][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.120727][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.132239][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.139346][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.147522][ T5830] bridge_slave_1: entered allmulticast mode [ 90.155113][ T5830] bridge_slave_1: entered promiscuous mode [ 90.162572][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.169608][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.195705][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.235122][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.242197][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.268553][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.309729][ T5827] team0: Port device team_slave_0 added [ 90.316275][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.323548][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.349804][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.371637][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.378563][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.404788][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.434492][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.447034][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.458833][ T5827] team0: Port device team_slave_1 added [ 90.465832][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.473362][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.499636][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.681309][ T5828] hsr_slave_0: entered promiscuous mode [ 90.687806][ T5828] hsr_slave_1: entered promiscuous mode [ 90.710560][ T5830] team0: Port device team_slave_0 added [ 90.717304][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.724565][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.751718][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.782215][ T5837] hsr_slave_0: entered promiscuous mode [ 90.788764][ T5837] hsr_slave_1: entered promiscuous mode [ 90.806832][ T5837] debugfs: 'hsr0' already exists in 'hsr' [ 90.826983][ T5837] Cannot create hsr debugfs directory [ 90.844193][ T5829] hsr_slave_0: entered promiscuous mode [ 90.853210][ T5829] hsr_slave_1: entered promiscuous mode [ 90.859326][ T5829] debugfs: 'hsr0' already exists in 'hsr' [ 90.865153][ T5829] Cannot create hsr debugfs directory [ 90.872726][ T5830] team0: Port device team_slave_1 added [ 90.880194][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.887127][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.913576][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.930577][ T5839] hsr_slave_0: entered promiscuous mode [ 90.936957][ T5839] hsr_slave_1: entered promiscuous mode [ 90.943257][ T5839] debugfs: 'hsr0' already exists in 'hsr' [ 90.948969][ T5839] Cannot create hsr debugfs directory [ 91.076778][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.084250][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.110861][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.123487][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.131045][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.156965][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.176531][ T43] cfg80211: failed to load regulatory.db [ 91.292516][ T5827] hsr_slave_0: entered promiscuous mode [ 91.299003][ T5827] hsr_slave_1: entered promiscuous mode [ 91.305417][ T5827] debugfs: 'hsr0' already exists in 'hsr' [ 91.311153][ T5827] Cannot create hsr debugfs directory [ 91.520814][ T5830] hsr_slave_0: entered promiscuous mode [ 91.527417][ T5830] hsr_slave_1: entered promiscuous mode [ 91.533805][ T5830] debugfs: 'hsr0' already exists in 'hsr' [ 91.539742][ T5830] Cannot create hsr debugfs directory [ 91.639819][ T5853] Bluetooth: hci0: command tx timeout [ 91.639993][ T5844] Bluetooth: hci1: command tx timeout [ 91.719485][ T5844] Bluetooth: hci3: command tx timeout [ 91.719617][ T5853] Bluetooth: hci2: command tx timeout [ 91.730501][ T5853] Bluetooth: hci4: command tx timeout [ 91.735654][ T5844] Bluetooth: hci5: command tx timeout [ 91.962918][ T5837] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 91.974907][ T5837] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 92.003652][ T5837] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 92.014377][ T5837] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 92.064546][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 92.088684][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 92.123935][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 92.134244][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 92.192193][ T5827] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 92.207548][ T5827] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 92.223875][ T5827] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 92.236829][ T5827] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 92.338011][ T5829] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 92.351311][ T5829] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 92.364518][ T5829] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 92.389963][ T5829] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 92.472871][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.528341][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.545691][ T5839] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 92.565043][ T5839] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 92.580415][ T5839] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 92.598927][ T3524] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.606137][ T3524] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.627690][ T5839] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 92.647844][ T3524] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.654974][ T3524] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.675819][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.774245][ T5830] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 92.787333][ T5830] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 92.799312][ T5830] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 92.815368][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.837068][ T5830] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 92.861605][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.868687][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.912577][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.933217][ T3524] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.940351][ T3524] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.053228][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.091401][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.098555][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.113110][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.120296][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.199201][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.297397][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.348001][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.372421][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.393377][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.433752][ T3556] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.440944][ T3556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.454867][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.486450][ T3556] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.493648][ T3556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.548377][ T3556] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.555594][ T3556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.575750][ T3556] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.582910][ T3556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.665099][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.708826][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.721778][ T5844] Bluetooth: hci0: command tx timeout [ 93.723731][ T5853] Bluetooth: hci1: command tx timeout [ 93.750049][ T3556] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.757185][ T3556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.793881][ T3556] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.801051][ T3556] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.809587][ T5853] Bluetooth: hci4: command tx timeout [ 93.814989][ T5853] Bluetooth: hci2: command tx timeout [ 93.820528][ T5844] Bluetooth: hci5: command tx timeout [ 93.820572][ T5844] Bluetooth: hci3: command tx timeout [ 94.025282][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.154184][ T5828] veth0_vlan: entered promiscuous mode [ 94.226931][ T5828] veth1_vlan: entered promiscuous mode [ 94.346722][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.360948][ T5837] veth0_vlan: entered promiscuous mode [ 94.370991][ T5827] veth0_vlan: entered promiscuous mode [ 94.406962][ T5837] veth1_vlan: entered promiscuous mode [ 94.456181][ T5827] veth1_vlan: entered promiscuous mode [ 94.473314][ T5828] veth0_macvtap: entered promiscuous mode [ 94.485339][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.514665][ T5828] veth1_macvtap: entered promiscuous mode [ 94.560231][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.588452][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.625679][ T3524] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.635796][ T5839] veth0_vlan: entered promiscuous mode [ 94.647220][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.658114][ T3524] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.668055][ T3524] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.681660][ T5837] veth0_macvtap: entered promiscuous mode [ 94.702642][ T3524] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.715546][ T5837] veth1_macvtap: entered promiscuous mode [ 94.727934][ T5839] veth1_vlan: entered promiscuous mode [ 94.784483][ T5827] veth0_macvtap: entered promiscuous mode [ 94.807070][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.821098][ T5827] veth1_macvtap: entered promiscuous mode [ 94.852638][ T5829] veth0_vlan: entered promiscuous mode [ 94.877046][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.911159][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.941185][ T5829] veth1_vlan: entered promiscuous mode [ 94.964059][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.993724][ T3524] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.035553][ T3524] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.044449][ T3524] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.059815][ T3524] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.067712][ T3524] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.098556][ T36] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.110788][ T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.130924][ T5839] veth0_macvtap: entered promiscuous mode [ 95.156542][ T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.167802][ T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.190840][ T3426] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.199002][ T3426] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.201476][ T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.223621][ T5839] veth1_macvtap: entered promiscuous mode [ 95.289316][ T5830] veth0_vlan: entered promiscuous mode [ 95.312045][ T5829] veth0_macvtap: entered promiscuous mode [ 95.343645][ T5829] veth1_macvtap: entered promiscuous mode [ 95.353177][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 95.362180][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.376854][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.388557][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.428398][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.464115][ T5830] veth1_vlan: entered promiscuous mode [ 95.485285][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.504600][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.572454][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.586587][ T3491] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.596497][ T36] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.622562][ T3491] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.652611][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.661934][ T5977] loop0: detected capacity change from 0 to 1024 [ 95.681231][ T5977] ======================================================= [ 95.681231][ T5977] WARNING: The mand mount option has been deprecated and [ 95.681231][ T5977] and is ignored by this kernel. Remove the mand [ 95.681231][ T5977] option from the mount to silence this warning. [ 95.681231][ T5977] ======================================================= [ 95.698821][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.716805][ T5977] EXT4-fs: Ignoring removed nobh option [ 95.739030][ T5977] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 95.751113][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.756249][ T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.767275][ T5977] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.7: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 95.767754][ T5977] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7: couldn't read orphan inode 11 (err -117) [ 95.788577][ T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.809102][ T5842] Bluetooth: hci1: command tx timeout [ 95.811977][ T5977] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.814838][ T5844] Bluetooth: hci0: command tx timeout [ 95.838838][ T36] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.879900][ T5844] Bluetooth: hci3: command tx timeout [ 95.880656][ T3556] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.885695][ T5842] Bluetooth: hci2: command tx timeout [ 95.894244][ T5853] Bluetooth: hci5: command tx timeout [ 95.899558][ T5844] Bluetooth: hci4: command tx timeout [ 95.912425][ T5977] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.7: Invalid block bitmap block 0 in block_group 0 [ 95.927980][ T5977] Quota error (device loop0): write_blk: dquota write failed [ 95.936122][ T5977] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 95.953694][ T5977] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.7: Failed to acquire dquot type 0 [ 96.014462][ T3556] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.046568][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.060775][ T60] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-8 [ 96.070067][ T3556] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.078783][ T3556] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.099234][ T60] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:4: Failed to release dquot type 0 [ 96.286822][ T5830] veth0_macvtap: entered promiscuous mode [ 96.326069][ T5985] loop3: detected capacity change from 0 to 1024 [ 96.342303][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.361621][ T5985] EXT4-fs: Ignoring removed bh option [ 96.370419][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.418252][ T5830] veth1_macvtap: entered promiscuous mode [ 96.463958][ T5985] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.484131][ T3491] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.505328][ T3491] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.659825][ T3491] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.673875][ T3491] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.723977][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.734391][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.787264][ T5995] capability: warning: `syz.0.11' uses deprecated v2 capabilities in a way that may be insecure [ 96.834261][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.841892][ T3556] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.861398][ T3556] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.940532][ T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.064304][ T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.091445][ T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.135386][ T60] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.286714][ T6009] loop2: detected capacity change from 0 to 1024 [ 97.347087][ T6009] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 97.436069][ T6009] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 97.556767][ T6021] loop3: detected capacity change from 0 to 64 [ 97.575085][ T6018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17'. [ 97.628844][ T6018] sch_tbf: burst 274 is lower than device lo mtu (65550) ! [ 97.674244][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.688120][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.718410][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.845315][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.909952][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.070459][ T6030] loop3: detected capacity change from 0 to 512 [ 98.139980][ T6030] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 98.191496][ T6030] EXT4-fs (loop3): orphan cleanup on readonly fs [ 98.204979][ T6035] loop1: detected capacity change from 0 to 512 [ 98.231546][ T6030] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.21: Block bitmap for bg 0 marked uninitialized [ 98.350467][ T6039] loop0: detected capacity change from 0 to 2048 [ 98.367570][ T6035] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.369704][ T6030] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 98.403117][ T6030] EXT4-fs (loop3): 1 orphan inode deleted [ 98.411516][ T6030] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 98.447418][ T6035] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 98.490092][ T6030] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 98.509728][ T6035] EXT4-fs warning (device loop1): verify_group_input:156: Last group not full [ 98.556282][ T6030] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 98.564878][ T6045] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 98.597330][ T6039] NILFS (loop0): failed to count free inodes: err=-34 [ 98.626509][ T6030] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.21: Block bitmap for bg 0 marked uninitialized [ 98.700836][ T6030] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.21: Block bitmap for bg 0 marked uninitialized [ 98.719527][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.789728][ T6030] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.21: Block bitmap for bg 0 marked uninitialized [ 98.870098][ T6048] netlink: 'syz.5.28': attribute type 4 has an invalid length. [ 98.904916][ T6030] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.21: Block bitmap for bg 0 marked uninitialized [ 98.909444][ T6048] netlink: 17 bytes leftover after parsing attributes in process `syz.5.28'. [ 99.017041][ T6030] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.21: Block bitmap for bg 0 marked uninitialized [ 99.063330][ T5828] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 99.085303][ T6030] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.21: Block bitmap for bg 0 marked uninitialized [ 99.110727][ T6053] loop4: detected capacity change from 0 to 2048 [ 99.120063][ T5828] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=16) [ 99.185642][ T5828] Remounting filesystem read-only [ 99.195104][ T5828] NILFS (loop0): error -5 truncating bmap (ino=16) [ 99.226997][ T6053] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 99.292837][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.310578][ T5828] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 99.311737][ T6053] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 99.472332][ T5844] Bluetooth: hci4: connection err: -111 [ 99.478098][ T5844] Bluetooth: hci4: unexpected Set CIG Parameters response data [ 99.540608][ T30] audit: type=1800 audit(1761987144.802:2): pid=6053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.29" name="file1" dev="loop4" ino=1346 res=0 errno=0 [ 99.908873][ T6067] Bluetooth: MGMT ver 1.23 [ 99.914924][ T6041] loop2: detected capacity change from 0 to 40427 [ 99.940669][ T6041] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 99.974405][ T6041] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 100.010956][ T6041] F2FS-fs (loop2): build fault injection rate: 17008 [ 100.049781][ T6041] F2FS-fs (loop2): build fault injection type: 0x1f8 [ 100.090627][ T6041] F2FS-fs (loop2): invalid crc value [ 100.300915][ T6051] loop1: detected capacity change from 0 to 32768 [ 100.300966][ T6041] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 100.369905][ T6051] [ 100.369905][ T6051] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 100.369905][ T6051] [ 100.382357][ T6041] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 100.397690][ T6041] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 100.448909][ T6081] loop5: detected capacity change from 0 to 1024 [ 100.471680][ T6079] sp0: Synchronizing with TNC [ 100.488582][ T6051] [ 100.488582][ T6051] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 100.488582][ T6051] [ 100.501665][ T6081] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 100.530354][ T6082] sp0: Found TNC [ 100.548569][ T6081] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 100.571156][ T6051] [ 100.571156][ T6051] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 100.571156][ T6051] [ 100.594569][ T6081] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 100.648445][ T6081] EXT4-fs error (device loop5): ext4_get_journal_inode:5808: inode #5: comm syz.5.40: unexpected bad inode w/o EXT4_IGET_BAD [ 100.673435][ T5829] syz-executor: attempt to access beyond end of device [ 100.673435][ T5829] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 100.696456][ T6081] EXT4-fs (loop5): no journal found [ 100.703779][ T6081] EXT4-fs (loop5): can't get journal size [ 100.708644][ T6051] [ 100.708644][ T6051] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 100.708644][ T6051] [ 100.712592][ T6085] loop3: detected capacity change from 0 to 128 [ 100.724033][ T6081] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 100.754964][ T6085] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 100.767270][ T5829] CPU: 0 UID: 0 PID: 5829 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 100.767298][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 100.767315][ T5829] Call Trace: [ 100.767325][ T5829] [ 100.767335][ T5829] dump_stack_lvl+0x189/0x250 [ 100.767377][ T5829] ? __pfx_dump_stack_lvl+0x10/0x10 [ 100.767410][ T5829] ? __pfx_queue_work_on+0x10/0x10 [ 100.767437][ T5829] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 100.767467][ T5829] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 100.767515][ T5829] f2fs_handle_critical_error+0x37c/0x540 [ 100.767562][ T5829] f2fs_write_end_io+0x886/0xb60 [ 100.767614][ T5829] __submit_merged_bio+0x27a/0x6a0 [ 100.767647][ T5829] ? up_write+0x1c4/0x420 [ 100.767687][ T5829] __submit_merged_write_cond+0x44c/0x530 [ 100.767735][ T5829] f2fs_sync_node_pages+0x1479/0x15e0 [ 100.767799][ T5829] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 100.767875][ T5829] ? f2fs_write_checkpoint+0xdad/0x2440 [ 100.767910][ T5829] ? up_write+0x1c4/0x420 [ 100.767950][ T5829] f2fs_write_checkpoint+0xdde/0x2440 [ 100.767974][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 100.768001][ T5829] ? __lock_acquire+0xab9/0xd20 [ 100.768067][ T5829] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 100.768175][ T5829] kill_f2fs_super+0x2cc/0x6d0 [ 100.768201][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 100.768248][ T5829] ? __pfx_kill_f2fs_super+0x10/0x10 [ 100.768301][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 100.768327][ T5829] ? shrinker_free+0x2ce/0x3e0 [ 100.768360][ T5829] deactivate_locked_super+0xbc/0x130 [ 100.768396][ T5829] cleanup_mnt+0x425/0x4c0 [ 100.768423][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 100.768449][ T5829] ? lockdep_hardirqs_on+0x9c/0x150 [ 100.768487][ T5829] task_work_run+0x1d4/0x260 [ 100.768528][ T5829] ? __pfx_task_work_run+0x10/0x10 [ 100.768560][ T5829] ? __x64_sys_umount+0x122/0x160 [ 100.768600][ T5829] ? exit_to_user_mode_loop+0x40/0x130 [ 100.768629][ T5829] exit_to_user_mode_loop+0xe9/0x130 [ 100.768654][ T5829] do_syscall_64+0x2bd/0xfa0 [ 100.768685][ T5829] ? lockdep_hardirqs_on+0x9c/0x150 [ 100.768717][ T5829] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.768739][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 100.768766][ T5829] ? exc_page_fault+0xab/0x100 [ 100.768801][ T5829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.768824][ T5829] RIP: 0033:0x7fbc80d902f7 [ 100.768845][ T5829] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 100.768864][ T5829] RSP: 002b:00007ffc006a60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 100.768887][ T5829] RAX: 0000000000000000 RBX: 00007fbc80e11d7d RCX: 00007fbc80d902f7 [ 100.768903][ T5829] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc006a61a0 [ 100.768918][ T5829] RBP: 00007ffc006a61a0 R08: 0000000000000000 R09: 0000000000000000 [ 100.768932][ T5829] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc006a7230 [ 100.768948][ T5829] R13: 00007fbc80e11d7d R14: 00000000000188ae R15: 00007ffc006a7270 [ 100.768993][ T5829] [ 100.769003][ T5829] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 100.861684][ T6051] [ 100.861684][ T6051] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 100.861684][ T6051] [ 100.868622][ T5829] CPU: 0 UID: 0 PID: 5829 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 100.868650][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 100.868664][ T5829] Call Trace: [ 100.868674][ T5829] [ 100.868684][ T5829] dump_stack_lvl+0x189/0x250 [ 100.868729][ T5829] ? __pfx_dump_stack_lvl+0x10/0x10 [ 100.868766][ T5829] ? __pfx_queue_work_on+0x10/0x10 [ 100.868792][ T5829] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 100.868824][ T5829] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 100.868872][ T5829] f2fs_handle_critical_error+0x37c/0x540 [ 100.868919][ T5829] f2fs_write_end_io+0x886/0xb60 [ 100.868972][ T5829] __submit_merged_bio+0x27a/0x6a0 [ 100.869006][ T5829] ? up_write+0x1c4/0x420 [ 100.869046][ T5829] __submit_merged_write_cond+0x44c/0x530 [ 100.869092][ T5829] f2fs_sync_node_pages+0x1479/0x15e0 [ 100.869156][ T5829] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 100.869239][ T5829] ? f2fs_write_checkpoint+0xdad/0x2440 [ 100.869273][ T5829] ? up_write+0x1c4/0x420 [ 100.869312][ T5829] f2fs_write_checkpoint+0xdde/0x2440 [ 100.869337][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 100.869366][ T5829] ? __lock_acquire+0xab9/0xd20 [ 100.869433][ T5829] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 100.869541][ T5829] kill_f2fs_super+0x2cc/0x6d0 [ 100.869567][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 100.869603][ T5829] ? __pfx_kill_f2fs_super+0x10/0x10 [ 100.869654][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 100.869681][ T5829] ? shrinker_free+0x2ce/0x3e0 [ 100.869715][ T5829] deactivate_locked_super+0xbc/0x130 [ 100.869750][ T5829] cleanup_mnt+0x425/0x4c0 [ 100.869777][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 100.869804][ T5829] ? lockdep_hardirqs_on+0x9c/0x150 [ 100.869844][ T5829] task_work_run+0x1d4/0x260 [ 100.869885][ T5829] ? __pfx_task_work_run+0x10/0x10 [ 100.869917][ T5829] ? __x64_sys_umount+0x122/0x160 [ 100.869957][ T5829] ? exit_to_user_mode_loop+0x40/0x130 [ 100.869987][ T5829] exit_to_user_mode_loop+0xe9/0x130 [ 100.870011][ T5829] do_syscall_64+0x2bd/0xfa0 [ 100.870043][ T5829] ? lockdep_hardirqs_on+0x9c/0x150 [ 100.870075][ T5829] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.870097][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 100.870123][ T5829] ? exc_page_fault+0xab/0x100 [ 100.870159][ T5829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.870182][ T5829] RIP: 0033:0x7fbc80d902f7 [ 100.870203][ T5829] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 100.870228][ T5829] RSP: 002b:00007ffc006a60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 100.870252][ T5829] RAX: 0000000000000000 RBX: 00007fbc80e11d7d RCX: 00007fbc80d902f7 [ 100.870268][ T5829] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc006a61a0 [ 100.870283][ T5829] RBP: 00007ffc006a61a0 R08: 0000000000000000 R09: 0000000000000000 [ 100.870298][ T5829] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc006a7230 [ 100.870314][ T5829] R13: 00007fbc80e11d7d R14: 00000000000188ae R15: 00007ffc006a7270 [ 100.870359][ T5829] [ 100.870473][ T5829] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 100.955966][ T6081] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1314: inode #12: block 16: comm syz.5.40: path /8/file0/file0: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0 [ 101.033273][ T6085] hpfs: filesystem error: improperly stopped [ 101.118419][ T111] [ 101.118419][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 101.118419][ T111] [ 101.141530][ T6085] [ 101.235622][ T5839] [ 101.235622][ T5839] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 101.235622][ T5839] [ 101.245416][ T6085] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 101.265292][ T6090] loop4: detected capacity change from 0 to 512 [ 101.343282][ T5839] [ 101.343282][ T5839] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 101.343282][ T5839] [ 101.379444][ T6085] [ 101.458401][ T6090] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.45: iget: bad i_size value: 38620345925642 [ 101.540569][ T6090] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.45: couldn't read orphan inode 15 (err -117) [ 101.554401][ T6085] hpfs: You really don't want any checks? You are crazy... [ 101.566163][ T6085] hpfs: hpfs_map_sector(): read error [ 101.572486][ T6085] hpfs: code page support is disabled [ 101.578586][ T6085] hpfs: hpfs_map_4sectors(): unaligned read [ 101.584945][ T6085] hpfs: hpfs_map_4sectors(): unaligned read [ 101.591214][ T6085] hpfs: filesystem error: unable to find root dir [ 101.602292][ T6090] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.666591][ T6090] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.45: bg 0: block 5: invalid block bitmap [ 101.685549][ T5837] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.731390][ T6090] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 101.905943][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.285311][ T6109] loop0: detected capacity change from 0 to 8 [ 102.413204][ T6117] capability: warning: `syz.2.42' uses 32-bit capabilities (legacy support in use) [ 102.747971][ T30] audit: type=1326 audit(1761987148.032:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6128 comm="syz.3.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1d138efc9 code=0x7ffc0000 [ 102.859493][ T30] audit: type=1326 audit(1761987148.032:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6128 comm="syz.3.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1d138efc9 code=0x7ffc0000 [ 102.958062][ T30] audit: type=1326 audit(1761987148.082:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6128 comm="syz.3.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fe1d138efc9 code=0x7ffc0000 [ 103.049497][ T30] audit: type=1326 audit(1761987148.082:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6128 comm="syz.3.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1d138efc9 code=0x7ffc0000 [ 103.090338][ T6141] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 103.135618][ T30] audit: type=1326 audit(1761987148.082:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6128 comm="syz.3.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1d138efc9 code=0x7ffc0000 [ 103.157551][ C0] vkms_vblank_simulate: vblank timer overrun [ 103.249518][ T30] audit: type=1326 audit(1761987148.082:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6128 comm="syz.3.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe1d138efc9 code=0x7ffc0000 [ 103.361370][ T30] audit: type=1326 audit(1761987148.082:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6128 comm="syz.3.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1d138efc9 code=0x7ffc0000 [ 103.571422][ T5844] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 103.580109][ T5844] Bluetooth: hci4: Injecting HCI hardware error event [ 103.588354][ T5842] Bluetooth: hci4: hardware error 0x00 [ 103.851515][ T6121] mmap: syz.1.56 (6121) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 104.254087][ T6181] netlink: 'syz.5.85': attribute type 5 has an invalid length. [ 104.326233][ T6177] loop0: detected capacity change from 0 to 2048 [ 104.404076][ T6177] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.557677][ T6198] loop4: detected capacity change from 0 to 64 [ 104.559805][ T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 104.698086][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.799508][ T10] usb 2-1: Using ep0 maxpacket: 8 [ 104.827301][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 104.894442][ T10] usb 2-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00 [ 104.959039][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.009046][ T10] usb 2-1: config 0 descriptor?? [ 105.451285][ T10] hid-steam 0003:28DE:1102.0001: unknown main item tag 0x0 [ 105.471213][ T10] hid-steam 0003:28DE:1102.0001: unknown main item tag 0x4 [ 105.478641][ T10] hid-steam 0003:28DE:1102.0001: item fetching failed at offset 4/5 [ 105.492054][ T10] hid-steam 0003:28DE:1102.0001: steam_probe:parse of hid interface failed [ 105.503319][ T10] hid-steam 0003:28DE:1102.0001: probe with driver hid-steam failed with error -22 [ 105.644004][ T10] usb 2-1: USB disconnect, device number 2 [ 105.719645][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 105.779569][ T6224] netlink: 48 bytes leftover after parsing attributes in process `syz.0.106'. [ 105.823327][ T5930] IPVS: starting estimator thread 0... [ 105.831328][ T6225] netlink: 8 bytes leftover after parsing attributes in process `syz.2.105'. [ 105.949607][ T6228] IPVS: using max 24 ests per chain, 57600 per kthread [ 106.021057][ T6201] loop5: detected capacity change from 0 to 32768 [ 106.159827][ T6201] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 106.312168][ T6201] XFS (loop5): Ending clean mount [ 106.529493][ T5837] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 106.532020][ T5921] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 106.721313][ T5921] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 106.758469][ T5921] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 106.782648][ T5921] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 106.823508][ T5921] usb 1-1: config 220 has no interface number 2 [ 106.843743][ T5921] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 106.877307][ T5921] usb 1-1: config 220 interface 0 has no altsetting 0 [ 106.899401][ T5921] usb 1-1: config 220 interface 76 has no altsetting 0 [ 106.906264][ T5921] usb 1-1: config 220 interface 1 has no altsetting 0 [ 106.946074][ T5921] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 106.969447][ T5921] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.997707][ T5921] usb 1-1: Product: syz [ 107.007990][ T5921] usb 1-1: Manufacturer: syz [ 107.022831][ T5921] usb 1-1: SerialNumber: syz [ 107.203305][ T6267] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 107.203305][ T6267] The task syz.5.120 (6267) triggered the difference, watch for misbehavior. [ 107.282792][ T5921] uvcvideo 1-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 107.301781][ T5921] uvcvideo 1-1:220.0: No valid video chain found. [ 107.308289][ T5921] usb 1-1: selecting invalid altsetting 0 [ 107.366375][ T5921] usb 1-1: selecting invalid altsetting 0 [ 107.374197][ T6256] loop2: detected capacity change from 0 to 32768 [ 107.381075][ T5921] usbtest 1-1:220.1: probe with driver usbtest failed with error -22 [ 107.400816][ T6256] BTRFS warning: excessive commit interval 2147483648, use with care [ 107.434444][ T5921] usb 1-1: USB disconnect, device number 2 [ 107.450140][ T6256] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.117 (6256) [ 107.492967][ T6258] loop1: detected capacity change from 0 to 32768 [ 107.562716][ T6258] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 107.562716][ T6258] [ 107.572043][ T6256] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 107.599486][ T6256] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm [ 107.614844][ T6258] xtLookup: xtSearch returned -5 [ 107.623558][ T6262] loop4: detected capacity change from 0 to 32768 [ 107.640944][ T6258] add_index: get/read_metapage failed! [ 107.665049][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 107.665049][ T6268] [ 107.696617][ T6268] xtLookup: xtSearch returned -5 [ 107.703084][ T6268] free_index: error reading directory table [ 107.713659][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 107.713659][ T6268] [ 107.724563][ T6268] xtLookup: xtSearch returned -5 [ 107.725910][ T3556] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 107.730291][ T6268] free_index: error reading directory table [ 107.751806][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 107.751806][ T6268] [ 107.762023][ T6268] xtLookup: xtSearch returned -5 [ 107.766974][ T6268] free_index: error reading directory table [ 107.773001][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 107.773001][ T6268] [ 107.783163][ T6268] xtLookup: xtSearch returned -5 [ 107.783604][ T6262] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 107.788107][ T6268] free_index: error reading directory table [ 107.788122][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 107.788122][ T6268] [ 107.788150][ T6268] xtLookup: xtSearch returned -5 [ 107.788160][ T6268] free_index: error reading directory table [ 107.845486][ T6256] BTRFS error (device loop2): failed to load root extent [ 107.857468][ T6256] BTRFS warning (device loop2): try to load backup roots slot 1 [ 107.880120][ T6268] find_entry called with index = 0 [ 107.885313][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 107.885313][ T6268] [ 107.901646][ T36] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 107.923810][ T6264] loop3: detected capacity change from 0 to 32768 [ 107.969524][ T6256] BTRFS warning (device loop2): couldn't read tree root [ 107.985388][ T6256] BTRFS warning (device loop2): try to load backup roots slot 2 [ 108.001532][ T6268] xtLookup: xtSearch returned -5 [ 108.007154][ T6268] add_index: get/read_metapage failed! [ 108.045164][ T12] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 108.079177][ T6264] XFS (loop3): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 108.103556][ T6256] BTRFS warning (device loop2): couldn't read tree root [ 108.119697][ T6256] BTRFS warning (device loop2): try to load backup roots slot 3 [ 108.124431][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 108.124431][ T6268] [ 108.139777][ T6268] xtLookup: xtSearch returned -5 [ 108.144727][ T6268] free_index: error reading directory table [ 108.190080][ T5830] ocfs2: Unmounting device (7,4) on (node local) [ 108.201975][ T6256] BTRFS info (device loop2): checking UUID tree [ 108.246216][ T6256] BTRFS info (device loop2): setting nodatasum [ 108.263612][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 108.263612][ T6268] [ 108.301822][ T6296] loop0: detected capacity change from 0 to 2048 [ 108.308413][ T6264] XFS (loop3): Ending clean mount [ 108.320674][ T6256] BTRFS info (device loop2): setting nodatacow [ 108.326856][ T6256] BTRFS info (device loop2): enabling ssd optimizations [ 108.360869][ T6268] xtLookup: xtSearch returned -5 [ 108.365858][ T6268] free_index: error reading directory table [ 108.394087][ T6296] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.423792][ T6256] BTRFS info (device loop2): turning on flush-on-commit [ 108.500146][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 108.500146][ T6268] [ 108.513717][ T6256] BTRFS info (device loop2): turning on async discard [ 108.569952][ T6256] BTRFS info (device loop2): enabling free space tree [ 108.599416][ T6268] xtLookup: xtSearch returned -5 [ 108.615011][ T6256] BTRFS info (device loop2): enabling auto defrag [ 108.623423][ T5827] XFS (loop3): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 108.629438][ T6268] free_index: error reading directory table [ 108.658592][ T6256] BTRFS info (device loop2): trying to use backup root at mount time [ 108.668705][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 108.668705][ T6268] [ 108.730605][ T6268] xtLookup: xtSearch returned -5 [ 108.771351][ T6268] free_index: error reading directory table [ 108.804911][ T6268] ERROR: (device loop1): xtSearch: xt_getpage: xtree page corrupt [ 108.804911][ T6268] [ 108.841336][ T30] audit: type=1800 audit(1761987154.132:10): pid=6256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.117" name="file2" dev="loop2" ino=257 res=0 errno=0 [ 108.851418][ T6268] xtLookup: xtSearch returned -5 [ 108.934937][ T6268] free_index: error reading directory table [ 108.968698][ T6268] find_entry called with index = 0 [ 109.122137][ T5829] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 109.219595][ T5930] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 109.412970][ T5930] usb 4-1: Using ep0 maxpacket: 16 [ 109.460800][ T5930] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 109.506436][ T5930] usb 4-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 109.545600][ T3556] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 109.576151][ T5930] usb 4-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 109.600314][ T5930] usb 4-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 109.619718][ T3556] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 109.663889][ T5930] usb 4-1: config 7 interface 0 has no altsetting 0 [ 109.679486][ T3556] EXT4-fs (loop0): This should not happen!! Data will be lost [ 109.679486][ T3556] [ 109.692636][ T5930] usb 4-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 109.709498][ T3556] EXT4-fs (loop0): Total free blocks count 0 [ 109.722415][ T5930] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.738363][ T3556] EXT4-fs (loop0): Free/Dirty block details [ 109.759624][ T3556] EXT4-fs (loop0): free_blocks=66060288 [ 109.768042][ T3556] EXT4-fs (loop0): dirty_blocks=1456 [ 109.791675][ T3556] EXT4-fs (loop0): Block reservation details [ 109.813688][ T3556] EXT4-fs (loop0): i_reserved_data_blocks=91 [ 109.844215][ T3556] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 1451 with error 28 [ 109.869713][ T6299] loop5: detected capacity change from 0 to 32768 [ 109.931128][ T6299] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 109.991805][ T6299] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 110.214021][ T5837] ocfs2: Unmounting device (7,5) on (node local) [ 110.222492][ T5895] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 110.237621][ T5930] input: HID 0458:5010 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:7.0/0003:0458:5010.0002/input/input6 [ 110.424626][ T5930] kye 0003:0458:5010.0002: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.3-1/input0 [ 110.456123][ T5895] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 110.488267][ T6331] loop1: detected capacity change from 0 to 4096 [ 110.494733][ T5895] usb 5-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 110.510463][ T5930] usb 4-1: USB disconnect, device number 2 [ 110.537744][ T5895] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.585298][ T5895] usb 5-1: config 0 descriptor?? [ 110.621629][ T6340] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 110.641695][ T6331] NILFS error (device loop1): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 110.689279][ T6331] NILFS (loop1): mounting fs with errors [ 110.899285][ T6335] fido_id[6335]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 111.117080][ T5895] waterforce 0003:1044:7A4D.0003: item fetching failed at offset 0/3 [ 111.184044][ T5895] waterforce 0003:1044:7A4D.0003: hid parse failed with -22 [ 111.237911][ T5895] waterforce 0003:1044:7A4D.0003: probe with driver waterforce failed with error -22 [ 111.311638][ T5895] usb 5-1: USB disconnect, device number 2 [ 111.343768][ T6357] IPVS: sync thread started: state = MASTER, mcast_ifn = vcan0, syncid = 0, id = 0 [ 112.172004][ T6352] loop0: detected capacity change from 0 to 32768 [ 112.228824][ T6348] loop2: detected capacity change from 0 to 32768 [ 112.253568][ T6352] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 112.374605][ T6348] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 112.389578][ T6352] XFS (loop0): Ending clean mount [ 112.526545][ T6364] loop3: detected capacity change from 0 to 32768 [ 112.536165][ T5828] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 112.563799][ T6348] XFS (loop2): Ending clean mount [ 112.601748][ T6364] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 112.714585][ T6364] XFS (loop3): Ending clean mount [ 112.768346][ T6364] XFS (loop3): Quotacheck needed: Please wait. [ 112.817077][ T5829] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 112.865078][ T6364] XFS (loop3): Quotacheck: Done. [ 113.210049][ T30] audit: type=1326 audit(1761987158.492:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6394 comm="syz.4.157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91fdb8efc9 code=0x7fc00000 [ 113.236800][ T5827] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 113.585740][ T6427] loop2: detected capacity change from 0 to 64 [ 113.645182][ T6427] minix_free_block (loop2:21): bit already cleared [ 113.659121][ T6427] Trying to free block not in datazone [ 114.104004][ T30] audit: type=1326 audit(1761987159.382:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6442 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc80d8efc9 code=0x7ffc0000 [ 114.199223][ T6449] netlink: 60 bytes leftover after parsing attributes in process `syz.1.177'. [ 114.219843][ T30] audit: type=1326 audit(1761987159.392:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6442 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fbc80d8efc9 code=0x7ffc0000 [ 114.249746][ T30] audit: type=1326 audit(1761987159.392:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6442 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc80d8efc9 code=0x7ffc0000 [ 114.260626][ T6449] netlink: 60 bytes leftover after parsing attributes in process `syz.1.177'. [ 114.468832][ T6455] pim6reg9: entered allmulticast mode [ 114.541183][ T6457] loop2: detected capacity change from 0 to 1024 [ 114.557261][ T6461] loop0: detected capacity change from 0 to 256 [ 114.636940][ T6465] loop1: detected capacity change from 0 to 64 [ 114.644536][ T6457] hfsplus: bad catalog entry type [ 114.655281][ T6461] exfat: Deprecated parameter 'namecase' [ 114.688273][ T6461] exfat: Deprecated parameter 'namecase' [ 114.744036][ T6461] exfat: Deprecated parameter 'namecase' [ 114.789438][ T6461] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 114.810757][ T6470] loop5: detected capacity change from 0 to 512 [ 114.817817][ T36] hfsplus: b-tree write err: -5, ino 4 [ 114.853189][ T6461] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 114.894536][ T6470] EXT4-fs: Ignoring removed bh option [ 114.971713][ T6470] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 115.032503][ T6470] EXT4-fs (loop5): 1 truncate cleaned up [ 115.042947][ T6470] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.097624][ T6470] EXT4-fs warning (device loop5): verify_group_input:137: Cannot add at group 50043 (only 1 groups) [ 115.366506][ T5837] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.624876][ T30] audit: type=1800 audit(1761987160.912:15): pid=6493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.197" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 115.631120][ T6495] vlan2: entered promiscuous mode [ 115.710086][ T6495] veth1_virt_wifi: entered promiscuous mode [ 115.775822][ T6497] loop0: detected capacity change from 0 to 512 [ 115.831452][ T6497] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.200: bad orphan inode 11 [ 115.872632][ T6497] ext4_test_bit(bit=10, block=4) = 1 [ 115.901199][ T6501] loop4: detected capacity change from 0 to 1024 [ 115.915766][ T6497] is_bad_inode(inode)=0 [ 115.922219][ T6497] NEXT_ORPHAN(inode)=2080374784 [ 115.927722][ T6497] max_ino=32 [ 115.932526][ T6497] i_nlink=0 [ 115.935752][ T6497] EXT4-fs (loop0): 1 truncate cleaned up [ 115.946548][ T6497] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.971439][ T6497] EXT4-fs warning (device loop0): ext4_empty_dir:3089: inode #2: comm syz.0.200: directory missing '.' [ 116.074954][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.220126][ T6479] loop1: detected capacity change from 0 to 32768 [ 116.261978][ T6506] syz_tun: entered promiscuous mode [ 116.267403][ T6506] macsec1: entered allmulticast mode [ 116.318897][ T6506] syz_tun: entered allmulticast mode [ 116.345902][ T6479] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 116.372322][ T6506] syz_tun: left allmulticast mode [ 116.377628][ T6506] syz_tun: left promiscuous mode [ 116.491401][ T6479] XFS (loop1): Ending clean mount [ 116.517642][ T6524] netlink: 8 bytes leftover after parsing attributes in process `syz.2.209'. [ 116.551606][ T6524] netlink: 8 bytes leftover after parsing attributes in process `syz.2.209'. [ 116.743275][ T5839] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 117.039933][ T5843] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 117.191772][ T5843] usb 5-1: too many configurations: 17, using maximum allowed: 8 [ 117.238596][ T6543] loop1: detected capacity change from 0 to 2048 [ 117.262170][ T5843] usb 5-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 117.280690][ T5843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.300383][ T5843] usb 5-1: Product: syz [ 117.316229][ T5843] usb 5-1: Manufacturer: syz [ 117.327590][ T5992] Alternate GPT is invalid, using primary GPT. [ 117.333055][ T5843] usb 5-1: SerialNumber: syz [ 117.349947][ T5992] loop1: p2 p3 p7 [ 117.360398][ T5843] usb 5-1: config 0 descriptor?? [ 117.407063][ T5843] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 117.474563][ T5843] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 117.504239][ T6543] Alternate GPT is invalid, using primary GPT. [ 117.512557][ T5843] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 117.535230][ T6543] loop1: p2 p3 p7 [ 117.552402][ T5843] usb 5-1: media controller created [ 117.621429][ T6529] digitv: more than 2 i2c messages at a time is not handled yet. TODO. [ 117.652681][ T5843] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 117.664273][ T6529] dvb-usb: bulk message failed: -22 (7/0) [ 117.717751][ T6557] loop5: detected capacity change from 0 to 1024 [ 117.782366][ T6557] EXT4-fs: Ignoring removed nobh option [ 117.828522][ T6557] EXT4-fs: Ignoring removed bh option [ 117.847870][ T5993] udevd[5993]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 117.852788][ T6020] udevd[6020]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 117.882467][ T5992] udevd[5992]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 117.923962][ T6554] loop3: detected capacity change from 0 to 8192 [ 117.938398][ T5843] DVB: Unable to find symbol mt352_attach() [ 117.957024][ T6557] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.008827][ T5843] DVB: Unable to find symbol nxt6000_attach() [ 118.015387][ T5843] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 118.032361][ T5843] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input7 [ 118.063476][ T5843] dvb-usb: schedule remote query interval to 1000 msecs. [ 118.073974][ T5843] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 118.074101][ T6568] netlink: 'syz.0.226': attribute type 27 has an invalid length. [ 118.084284][ T5843] dvb-usb: bulk message failed: -22 (7/0) [ 118.098987][ T5843] dvb-usb: bulk message failed: -22 (7/0) [ 118.115366][ T5843] usb 5-1: USB disconnect, device number 3 [ 118.259940][ T6020] udevd[6020]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 118.262282][ T6334] udevd[6334]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 118.271346][ T5894] udevd[5894]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory [ 118.407732][ T5837] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.541602][ T5843] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 118.723760][ T6584] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 118.723760][ T6584] program syz.0.233 not setting count and/or reply_len properly [ 118.765002][ T6581] loop3: detected capacity change from 0 to 2048 [ 118.823008][ T6581] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 118.890637][ T6581] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 118.950959][ T30] audit: type=1800 audit(1761987164.232:16): pid=6581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.232" name="file1" dev="loop3" ino=1346 res=0 errno=0 [ 119.025841][ T6589] loop2: detected capacity change from 0 to 4096 [ 119.184905][ T6598] loop1: detected capacity change from 0 to 256 [ 119.191279][ T6599] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 119.361812][ T6598] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 120.314935][ T6635] netlink: 'syz.1.256': attribute type 3 has an invalid length. [ 120.491327][ T6637] loop4: detected capacity change from 0 to 16 [ 120.509632][ T6594] loop5: detected capacity change from 0 to 32768 [ 120.532404][ T6637] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 120.812910][ T6643] loop1: detected capacity change from 0 to 1024 [ 120.998389][ T6594] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 121.130709][ T6655] loop0: detected capacity change from 0 to 164 [ 121.209675][ T6594] XFS (loop5): Ending clean mount [ 121.323946][ T3524] hfsplus: b-tree write err: -5, ino 8 [ 121.337014][ T6660] netlink: 'syz.4.262': attribute type 1 has an invalid length. [ 121.392976][ T6660] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 121.553230][ T5837] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 121.598493][ T6665] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 121.633588][ T6665] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 121.659286][ T6665] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 121.704837][ T6662] loop0: detected capacity change from 0 to 4096 [ 121.750563][ T6665] comedi comedi3: 8255: I/O port conflict (0x5c952399,4) [ 121.753773][ T6662] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 121.757630][ T6665] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 121.757690][ T6665] comedi comedi3: 8255: I/O port conflict (0x3ff,4) [ 121.843140][ T6665] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 121.884597][ T6662] ntfs3(loop0): ino=19, mi_enum_attr [ 121.899692][ T6665] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 121.930248][ T6665] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 121.937403][ T6665] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 121.949563][ T6662] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 122.177858][ T6677] netlink: 12 bytes leftover after parsing attributes in process `syz.4.271'. [ 122.415667][ T6687] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.274'. [ 122.465438][ T6683] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.274'. [ 122.801425][ T6703] loop4: detected capacity change from 0 to 1024 [ 122.995621][ T6703] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 123.044118][ T6703] EXT4-fs error (device loop4): ext4_lookup:1787: comm syz.4.281: inode #12: comm syz.4.281: iget: illegal inode # [ 123.094743][ T6713] loop3: detected capacity change from 0 to 1024 [ 123.099992][ T6703] EXT4-fs (loop4): Remounting filesystem read-only [ 123.143305][ T6713] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.396640][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.482631][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.629087][ T6739] loop2: detected capacity change from 0 to 16 [ 123.725097][ T6739] erofs (device loop2): mounted with root inode @ nid 36. [ 124.264940][ T6754] loop2: detected capacity change from 0 to 4096 [ 124.296318][ T6754] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 124.379160][ T6754] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 124.529736][ T43] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 124.721462][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 124.761125][ T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1088, setting to 1024 [ 124.803559][ T43] usb 6-1: New USB device found, idVendor=1b1c, idProduct=0a31, bcdDevice= 0.00 [ 124.836833][ T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.882426][ T43] usb 6-1: config 0 descriptor?? [ 124.909066][ T6762] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 125.023306][ T6778] loop1: detected capacity change from 0 to 2048 [ 125.097018][ T6778] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 125.373030][ T6758] loop0: detected capacity change from 0 to 40427 [ 125.376541][ T43] hid-corsair-void 0003:1B1C:0A31.0004: hidraw0: USB HID v0.00 Device [HID 1b1c:0a31] on usb-dummy_hcd.5-1/input0 [ 125.541722][ T43] usb 6-1: USB disconnect, device number 2 [ 125.585372][ T6796] loop4: detected capacity change from 0 to 1024 [ 125.613518][ T6796] EXT4-fs: Ignoring removed nomblk_io_submit option [ 125.783202][ T6758] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 125.787645][ T6797] fido_id[6797]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 125.802510][ T6796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 125.873600][ T6801] loop1: detected capacity change from 0 to 1024 [ 125.884368][ T6758] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 125.985563][ T6801] EXT4-fs (loop1): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 126.137782][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.309320][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 126.688205][ T6782] loop2: detected capacity change from 0 to 32768 [ 126.758047][ T6782] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 126.800077][ T6782] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 126.809702][ T5930] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 126.913816][ T6782] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 127.009227][ T5930] usb 6-1: config 220 has an invalid interface number: 76 but max is 2 [ 127.029326][ T5930] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 127.048537][ T5930] usb 6-1: config 220 has an invalid descriptor of length 1, skipping remainder of the config [ 127.078851][ T5930] usb 6-1: config 220 has no interface number 2 [ 127.102422][ T6782] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 127.115455][ T5930] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 127.200685][ T5930] usb 6-1: config 220 interface 0 has no altsetting 0 [ 127.237977][ T5930] usb 6-1: config 220 interface 76 has no altsetting 0 [ 127.262251][ T5930] usb 6-1: config 220 interface 1 has no altsetting 0 [ 127.312734][ T5930] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 127.329445][ T5895] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 127.341126][ T5930] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.383176][ T5930] usb 6-1: Product: syz [ 127.387347][ T5930] usb 6-1: Manufacturer: syz [ 127.417570][ T5930] usb 6-1: SerialNumber: syz [ 127.432758][ T6813] loop4: detected capacity change from 0 to 32768 [ 127.478070][ T6813] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 127.533734][ T5895] usb 1-1: unable to get BOS descriptor or descriptor too short [ 127.542986][ T5895] usb 1-1: not running at top speed; connect to a high speed hub [ 127.561051][ T5895] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 127.563885][ T6813] XFS (loop4): Ending clean mount [ 127.584184][ T5895] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 127.593973][ T6842] sg_write: data in/out 988/14 bytes for SCSI command 0x0-- guessing data in; [ 127.593973][ T6842] program syz.3.337 not setting count and/or reply_len properly [ 127.609781][ T5895] usb 1-1: config 1 has no interface number 1 [ 127.622392][ T5895] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 127.636265][ T5895] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4 [ 127.664990][ T6813] XFS (loop4): Quotacheck needed: Please wait. [ 127.672695][ T5930] uvcvideo 6-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 127.680932][ T5930] uvcvideo 6-1:220.0: No valid video chain found. [ 127.687389][ T5930] usb 6-1: selecting invalid altsetting 0 [ 127.696988][ T5895] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 127.708551][ T5895] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.719240][ T5895] usb 1-1: Product: syz [ 127.740792][ T5930] usb 6-1: selecting invalid altsetting 0 [ 127.746941][ T5930] usbtest 6-1:220.1: probe with driver usbtest failed with error -22 [ 127.755743][ T5895] usb 1-1: Manufacturer: syz [ 127.759822][ T6813] XFS (loop4): Quotacheck: Done. [ 127.765484][ T5895] usb 1-1: SerialNumber: syz [ 127.779826][ T5930] usb 6-1: USB disconnect, device number 3 [ 128.006919][ T5895] hub 1-1:1.0: Invalid hub with more than one config or interface [ 128.029119][ T5895] hub 1-1:1.0: probe with driver hub failed with error -22 [ 128.043213][ T5830] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 128.067879][ T5895] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor [ 128.248974][ T5895] usb 1-1: USB disconnect, device number 3 [ 128.348594][ T6848] loop2: detected capacity change from 0 to 512 [ 128.415743][ T6020] udevd[6020]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 128.516195][ T6848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.599589][ T6848] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 128.633886][ T6832] loop1: detected capacity change from 0 to 32768 [ 128.687208][ T6848] EXT4-fs error (device loop2): ext4_add_entry:2417: inode #12: comm syz.2.340: Directory hole found for htree leaf block 0 [ 128.709730][ T6832] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.335 (6832) [ 128.787347][ T6832] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 128.849908][ T6832] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm [ 128.899082][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.927523][ T6859] binder: 6857:6859 ioctl c00c620f 200000000040 returned -22 [ 129.212120][ T6832] BTRFS info (device loop1): enabling ssd optimizations [ 129.219103][ T6832] BTRFS info (device loop1): turning on async discard [ 129.261158][ T6832] BTRFS info (device loop1): enabling free space tree [ 129.289950][ T6832] BTRFS info (device loop1): use lzo compression, level 1 [ 129.310742][ T6882] Bluetooth: MGMT ver 1.23 [ 129.592504][ T6888] mkiss: ax0: crc mode is auto. [ 129.600329][ T5839] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 129.652231][ T6861] loop4: detected capacity change from 0 to 32768 [ 129.683979][ T6861] (syz.4.339,6861,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 129.719695][ T6861] (syz.4.339,6861,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 129.963185][ T6861] JBD2: Ignoring recovery information on journal [ 130.057812][ T6861] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 130.206931][ T6906] loop5: detected capacity change from 0 to 256 [ 130.281955][ T6906] exfat: Deprecated parameter 'namecase' [ 130.395496][ T6906] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 130.498370][ T6912] hfs: can't find a HFS filesystem on dev nullb0 [ 130.646937][ T5830] ocfs2: Unmounting device (7,4) on (node local) [ 130.717359][ T10] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 130.930253][ T10] usb 3-1: too many endpoints for config 0 interface 0 altsetting 10: 67, using maximum allowed: 30 [ 130.949784][ T10] usb 3-1: config 0 interface 0 altsetting 10 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 130.989625][ T10] usb 3-1: config 0 interface 0 altsetting 10 has 1 endpoint descriptor, different from the interface descriptor's value: 67 [ 131.033289][ T10] usb 3-1: config 0 interface 0 has no altsetting 0 [ 131.069759][ T10] usb 3-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00 [ 131.109298][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.151801][ T10] usb 3-1: config 0 descriptor?? [ 131.161053][ T6910] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 131.612471][ T10] elecom 0003:056E:010C.0005: hidraw0: USB HID v0.fd Device [HID 056e:010c] on usb-dummy_hcd.2-1/input0 [ 131.640662][ T6914] loop3: detected capacity change from 0 to 32768 [ 131.697505][ T6914] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 131.734549][ T6918] loop0: detected capacity change from 0 to 32768 [ 131.811910][ T6914] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 131.838459][ T5895] usb 3-1: USB disconnect, device number 2 [ 131.910876][ T6918] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 131.934646][ T6924] loop5: detected capacity change from 0 to 32768 [ 131.945203][ T6924] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.366 (6924) [ 131.988972][ T6924] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 132.006409][ T5827] ocfs2: Unmounting device (7,3) on (node local) [ 132.029571][ T6924] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm [ 132.066765][ T6918] XFS (loop0): Ending clean mount [ 132.101675][ T6918] XFS (loop0): Quotacheck needed: Please wait. [ 132.151257][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.158399][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.180656][ T6957] loop3: detected capacity change from 0 to 512 [ 132.256855][ T6957] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 132.304979][ T6918] XFS (loop0): Quotacheck: Done. [ 132.329841][ T6957] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 132.442938][ T6924] BTRFS info (device loop5): enabling ssd optimizations [ 132.473942][ T6924] BTRFS info (device loop5): turning on async discard [ 132.537270][ T6924] BTRFS info (device loop5): enabling free space tree [ 132.552947][ T5921] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 132.604246][ T5828] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 132.627607][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.742171][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 132.783645][ T5921] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 132.818626][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.849835][ T5921] usb 2-1: config 0 descriptor?? [ 132.960965][ T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 132.969213][ T5837] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 133.124304][ T6986] loop2: detected capacity change from 0 to 2048 [ 133.143376][ T6986] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 133.156666][ T5929] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 133.165051][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 133.188362][ T10] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 133.192244][ T6986] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 133.223084][ T6988] tipc: Enabling of bearer rejected, failed to enable media [ 133.241689][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 133.279565][ T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 133.293181][ T30] audit: type=1800 audit(1761987178.572:17): pid=6986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.382" name="file1" dev="loop2" ino=1346 res=0 errno=0 [ 133.296820][ T5921] lg-g15 0003:046D:C222.0006: item fetching failed at offset 5/7 [ 133.347838][ T10] usb 5-1: New USB device found, idVendor=28bd, idProduct=0055, bcdDevice= 0.00 [ 133.371097][ T5929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 133.383616][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.394006][ T5929] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 133.430549][ T5921] lg-g15 0003:046D:C222.0006: probe with driver lg-g15 failed with error -22 [ 133.436744][ T10] usb 5-1: config 0 descriptor?? [ 133.446674][ T5929] usb 4-1: New USB device found, idVendor=0b05, idProduct=18c6, bcdDevice= 0.00 [ 133.480759][ T5842] Bluetooth: hci5: command 0x0405 tx timeout [ 133.506252][ T5929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.630332][ T5929] usb 4-1: config 0 descriptor?? [ 133.635922][ T5921] usb 2-1: USB disconnect, device number 3 [ 133.653869][ T6984] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22 [ 133.887888][ T7001] netlink: 36 bytes leftover after parsing attributes in process `syz.0.386'. [ 133.924050][ T10] uclogic 0003:28BD:0055.0007: interface is invalid, ignoring [ 134.067289][ T7005] netlink: 12 bytes leftover after parsing attributes in process `syz.5.388'. [ 134.073576][ T5929] hid (null): report_id 57294 is invalid [ 134.101344][ T5929] asus 0003:0B05:18C6.0008: collection stack underflow [ 134.124310][ T5929] asus 0003:0B05:18C6.0008: item 0 1 0 12 parsing failed [ 134.139687][ T10] usb 5-1: USB disconnect, device number 4 [ 134.150579][ T5929] asus 0003:0B05:18C6.0008: Asus hid parse failed: -22 [ 134.176034][ T5929] asus 0003:0B05:18C6.0008: probe with driver asus failed with error -22 [ 134.281189][ T5929] usb 4-1: USB disconnect, device number 3 [ 134.303948][ T7009] loop0: detected capacity change from 0 to 16 [ 134.354929][ T7009] erofs (device loop0): mounted with root inode @ nid 36. [ 134.435442][ T30] audit: type=1400 audit(1761987179.722:18): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A2F2F26170749D4C1 pid=7007 comm="syz.0.389" [ 134.518386][ T7015] loop5: detected capacity change from 0 to 1024 [ 134.581516][ T7015] hfsplus: bad catalog entry type [ 134.639858][ T7017] Bluetooth: MGMT ver 1.23 [ 134.646432][ T3466] hfsplus: b-tree write err: -5, ino 4 [ 134.883589][ T7024] netlink: 52 bytes leftover after parsing attributes in process `syz.0.398'. [ 134.929518][ T7024] netlink: 'syz.0.398': attribute type 1 has an invalid length. [ 135.029085][ T7030] nbd: socks must be embedded in a SOCK_ITEM attr [ 135.294711][ T7038] loop3: detected capacity change from 0 to 64 [ 135.373067][ T7038] Trying to free block not in datazone [ 135.523787][ T7013] loop1: detected capacity change from 0 to 32768 [ 135.563923][ T7013] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.393 (7013) [ 135.610112][ T7046] loop2: detected capacity change from 0 to 64 [ 135.670099][ T7013] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 135.715444][ T7013] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm [ 135.954019][ T7013] BTRFS info (device loop1): enabling ssd optimizations [ 135.972707][ T7013] BTRFS info (device loop1): turning on async discard [ 136.006121][ T7013] BTRFS info (device loop1): enabling free space tree [ 136.222364][ T7029] loop5: detected capacity change from 0 to 32768 [ 136.262411][ T7029] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.401 (7029) [ 136.276158][ T5843] kernel write not supported for file /sequencer2 (pid: 5843 comm: kworker/1:3) [ 136.378289][ T7029] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 136.410044][ T7029] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm [ 136.438566][ T7081] loop3: detected capacity change from 0 to 2048 [ 136.528991][ T7081] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.546687][ T5839] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 136.581124][ T7097] loop0: detected capacity change from 0 to 512 [ 136.594643][ T7099] loop2: detected capacity change from 0 to 512 [ 136.644183][ T7097] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.673343][ T7097] ext4 filesystem being mounted at /81/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 136.724431][ T7099] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 3: comm syz.2.418: lblock 0 mapped to illegal pblock 3 (length 1) [ 136.755026][ T7029] BTRFS info (device loop5): rebuilding free space tree [ 136.826256][ T7099] EXT4-fs (loop2): Remounting filesystem read-only [ 136.879479][ T7099] EXT4-fs warning (device loop2): dx_probe:791: inode #2: lblock 0: comm syz.2.418: error -117 reading directory block [ 136.950214][ T7029] BTRFS info (device loop5): disabling free space tree [ 136.957173][ T7029] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 136.983601][ T7099] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 137.021725][ T7111] loop4: detected capacity change from 0 to 64 [ 137.041932][ T7099] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.071800][ T7029] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 137.092192][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.169963][ T7099] EXT4-fs warning (device loop2): dx_probe:791: inode #2: lblock 0: comm syz.2.418: error -117 reading directory block [ 137.184755][ T7111] hfs: request for non-existent node 1280 in B*Tree [ 137.209545][ T7111] hfs: request for non-existent node 1280 in B*Tree [ 137.229871][ T7029] BTRFS info (device loop5): enabling ssd optimizations [ 137.241506][ T7099] EXT4-fs: group quota file already specified [ 137.290347][ T7029] BTRFS info (device loop5): turning on flush-on-commit [ 137.297901][ T7029] BTRFS info (device loop5): turning on async discard [ 137.376374][ T7029] BTRFS info (device loop5): force clearing of disk cache [ 137.399473][ T7029] BTRFS info (device loop5): enabling auto defrag [ 137.418321][ T7029] BTRFS info (device loop5): max_inline set to 57 [ 137.444971][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.455349][ T3491] hfs: request for non-existent node 1280 in B*Tree [ 137.472242][ T3491] hfs: request for non-existent node 1280 in B*Tree [ 137.551508][ T5895] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 137.575838][ T3524] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 137.649606][ T3524] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 137.694810][ T7120] loop2: detected capacity change from 0 to 512 [ 137.711761][ T7124] loop4: detected capacity change from 0 to 64 [ 137.713477][ T3524] EXT4-fs (loop3): This should not happen!! Data will be lost [ 137.713477][ T3524] [ 137.746492][ T5895] usb 1-1: config 0 has an invalid interface number: 133 but max is 0 [ 137.764967][ T5895] usb 1-1: config 0 has no interface number 0 [ 137.771924][ T5837] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 137.793891][ T3524] EXT4-fs (loop3): Total free blocks count 0 [ 137.812256][ T5895] usb 1-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 137.823322][ T5895] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.831877][ T5895] usb 1-1: Product: syz [ 137.836148][ T5895] usb 1-1: Manufacturer: syz [ 137.841340][ T5895] usb 1-1: SerialNumber: syz [ 137.854010][ T3524] EXT4-fs (loop3): Free/Dirty block details [ 137.861471][ T5895] usb 1-1: config 0 descriptor?? [ 137.868666][ T3524] EXT4-fs (loop3): free_blocks=66060288 [ 137.876829][ T7120] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.880938][ T3524] EXT4-fs (loop3): dirty_blocks=1264 [ 137.896026][ T3524] EXT4-fs (loop3): Block reservation details [ 137.902137][ T3524] EXT4-fs (loop3): i_reserved_data_blocks=79 [ 137.914916][ T3524] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 1246 with error 28 [ 137.939680][ T7120] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 138.323417][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.464848][ T5895] keyspan 1-1:0.133: Keyspan 1 port adapter converter detected [ 138.520433][ T5895] keyspan 1-1:0.133: found no endpoint descriptor for endpoint 81 [ 138.577433][ T5895] keyspan 1-1:0.133: found no endpoint descriptor for endpoint 1 [ 138.619546][ T5895] keyspan 1-1:0.133: found no endpoint descriptor for endpoint 2 [ 138.687398][ T5895] usb 1-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 138.740029][ T5843] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 138.760136][ T5895] usb 1-1: USB disconnect, device number 4 [ 138.813157][ T5895] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 138.864605][ T5895] keyspan 1-1:0.133: device disconnected [ 138.939903][ T5843] usb 4-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 138.976628][ T7150] loop4: detected capacity change from 0 to 256 [ 138.978068][ T5843] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.023787][ T5843] usb 4-1: Product: syz [ 139.027962][ T5843] usb 4-1: Manufacturer: syz [ 139.042215][ T7150] exfat: Deprecated parameter 'utf8' [ 139.078088][ T7150] exfat: Deprecated parameter 'namecase' [ 139.079399][ T5843] usb 4-1: SerialNumber: syz [ 139.092970][ T7152] loop1: detected capacity change from 0 to 2048 [ 139.122257][ T7150] exfat: Deprecated parameter 'namecase' [ 139.127923][ T7150] exfat: Deprecated parameter 'utf8' [ 139.151643][ T5843] usb 4-1: config 0 descriptor?? [ 139.157652][ T7152] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 139.215207][ T7150] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x5dbff8ce, utbl_chksum : 0xe619d30d) [ 139.252497][ T7152] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 139.353583][ T30] audit: type=1800 audit(1761987184.642:19): pid=7152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.439" name="file1" dev="loop1" ino=1346 res=0 errno=0 [ 139.591731][ T7156] loop0: detected capacity change from 0 to 16 [ 139.659303][ T7156] erofs (device loop0): mounted with root inode @ nid 36. [ 139.666122][ T7158] loop4: detected capacity change from 0 to 512 [ 139.687524][ T7158] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 139.699718][ T7156] erofs (device loop0): readahead error at folio 7 @ nid 36 [ 139.730695][ T7156] erofs (device loop0): bogus lookback distance 26160 @ lcn 6 of nid 36 [ 139.746457][ T7158] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 139.762201][ T7156] erofs (device loop0): readahead error at folio 6 @ nid 36 [ 139.784598][ T5843] usb 4-1: f81604_read: reg: 105 failed: -EPROTO [ 139.794718][ T5843] f81604 4-1:0.0: Setting termination of CH#1 failed: -EPROTO [ 139.810358][ T7156] erofs (device loop0): readahead error at folio 5 @ nid 36 [ 139.817822][ T7156] erofs (device loop0): readahead error at folio 4 @ nid 36 [ 139.820827][ T5843] f81604 4-1:0.0: probe with driver f81604 failed with error -71 [ 139.840594][ T5843] usb 4-1: USB disconnect, device number 4 [ 139.857540][ T7158] EXT4-fs (loop4): 1 truncate cleaned up [ 139.877945][ T7156] erofs (device loop0): inconsistent algorithmtype 0 for nid 36 [ 139.880850][ T7158] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 139.894027][ T7156] erofs (device loop0): readahead error at folio 3 @ nid 36 [ 139.906556][ T7156] erofs (device loop0): inconsistent algorithmtype 0 for nid 36 [ 139.914623][ T7156] erofs (device loop0): readahead error at folio 1 @ nid 36 [ 139.923266][ T7163] loop1: detected capacity change from 0 to 1024 [ 139.929871][ T7156] erofs (device loop0): bogus lookback distance 0 @ lcn 0 of nid 36 [ 139.929898][ T7156] erofs (device loop0): readahead error at folio 0 @ nid 36 [ 139.930080][ T7156] syz.0.441: attempt to access beyond end of device [ 139.930080][ T7156] loop0: rw=524288, sector=525136, nr_sectors = 8 limit=16 [ 139.975547][ T7156] erofs (device loop0): bogus lookback distance 0 @ lcn 0 of nid 36 [ 139.993118][ T7156] erofs (device loop0): bogus lookback distance 0 @ lcn 0 of nid 36 [ 139.998397][ T7163] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.014487][ T7156] erofs (device loop0): read error -117 @ 0 of nid 36 [ 140.031174][ T7158] EXT4-fs error (device loop4): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.4.442: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 140.060967][ T7156] erofs (device loop0): failed to readdir of logical block 0 of nid 36 [ 140.098557][ T7158] EXT4-fs error (device loop4) in ext4_delete_entry:2739: Corrupt filesystem [ 140.184657][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.234740][ T7145] loop5: detected capacity change from 0 to 40427 [ 140.259445][ T7145] F2FS-fs (loop5): build fault injection rate: 14 [ 140.278488][ T7145] F2FS-fs (loop5): build fault injection type: 0x3bfe8c [ 140.301406][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.321871][ T7145] F2FS-fs (loop5): invalid crc value [ 140.369840][ C0] F2FS-fs (loop5): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60 [ 140.397823][ C0] F2FS-fs (loop5): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60 [ 140.644084][ T7180] loop4: detected capacity change from 0 to 512 [ 140.687000][ T7180] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 140.723075][ T7145] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 140.724643][ T7180] EXT4-fs (loop4): invalid journal inode [ 140.760458][ T7145] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0 [ 140.781497][ T7180] EXT4-fs (loop4): can't get journal size [ 140.832825][ T7145] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 140.944079][ T7180] EXT4-fs (loop4): 1 truncate cleaned up [ 140.958997][ T7180] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.079278][ T30] audit: type=1800 audit(1761987186.362:20): pid=7180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.450" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 141.203487][ T7202] loop3: detected capacity change from 0 to 64 [ 141.269560][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.576388][ T7206] loop0: detected capacity change from 0 to 4096 [ 141.678147][ T7214] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 141.738352][ T7206] overlayfs: failed to create directory ./bus/work (errno: 5); mounting read-only [ 141.790274][ T7206] overlayfs: failed to get uuid (/file0, err=-95); falling back to uuid=null. [ 142.031045][ T7221] loop3: detected capacity change from 0 to 1024 [ 142.042640][ T5828] NILFS (loop0): nilfs_palloc_commit_free_entry (ino=6): entry number 13 already freed [ 142.060979][ T5828] NILFS (loop0): nilfs_palloc_commit_free_entry (ino=6): entry number 14 already freed [ 142.112050][ T7221] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 142.112551][ T5828] NILFS (loop0): nilfs_palloc_commit_free_entry (ino=6): entry number 15 already freed [ 142.164566][ T5828] NILFS (loop0): nilfs_palloc_commit_free_entry (ino=6): entry number 16 already freed [ 142.192300][ T7221] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.204864][ T5828] NILFS (loop0): nilfs_palloc_commit_free_entry (ino=6): entry number 17 already freed [ 142.251608][ T7221] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.469: missing EA_INODE flag [ 142.274811][ T5828] NILFS error (device loop0): nilfs_lookup: deleted inode referenced: 11 [ 142.309524][ T5828] Remounting filesystem read-only [ 142.344689][ T5828] NILFS error (device loop0): nilfs_lookup: deleted inode referenced: 11 [ 142.355534][ T7221] EXT4-fs (loop3): Remounting filesystem read-only [ 142.362606][ T7221] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 142.512793][ T7208] loop4: detected capacity change from 0 to 32768 [ 142.585625][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.690194][ T7208] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 142.965806][ T7217] loop2: detected capacity change from 0 to 32768 [ 142.971921][ T5830] ocfs2: Unmounting device (7,4) on (node local) [ 143.101225][ T7217] non-latin1 character 0x3ff found in JFS file name [ 143.171498][ T7217] mount with iocharset=utf8 to access [ 143.286605][ T7242] loop3: detected capacity change from 0 to 2048 [ 143.323001][ T7246] bridge_slave_0: default FDB implementation only supports local addresses [ 143.407791][ T5828] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 143.522455][ T7242] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 143.854698][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 143.916414][ T7252] loop2: detected capacity change from 0 to 4096 [ 143.939772][ T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.991051][ T7252] ntfs3(loop2): ino=b, mi_enum_attr [ 144.007690][ T7252] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 144.039735][ T7252] ntfs3(loop2): Failed to load $Extend (-22). [ 144.045815][ T7252] ntfs3(loop2): Failed to initialize $Extend. [ 144.142305][ T7252] ntfs3(loop2): ino=1e, "file1" attr_set_size [ 144.171289][ T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.341675][ T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.514552][ T7261] loop1: detected capacity change from 0 to 512 [ 144.560767][ T7261] EXT4-fs: Ignoring removed bh option [ 144.572617][ T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.593562][ T7261] EXT4-fs: Ignoring removed mblk_io_submit option [ 144.629250][ T7261] EXT4-fs (loop1): Test dummy encryption mode enabled [ 144.662608][ T7261] EXT4-fs error (device loop1): ext4_orphan_get:1392: comm syz.1.486: inode #13: comm syz.1.486: iget: illegal inode # [ 144.737648][ T7261] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.486: couldn't read orphan inode 13 (err -117) [ 144.853911][ T7248] loop4: detected capacity change from 0 to 32768 [ 144.894573][ T7261] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.924733][ T7256] loop5: detected capacity change from 0 to 40427 [ 144.982226][ T7256] F2FS-fs (loop5): build fault injection rate: 771 [ 145.003489][ T7248] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 145.020603][ T7261] EXT4-fs error (device loop1): ext4_resize_begin:60: comm syz.1.486: resize_inode disabled but reserved GDT blocks non-zero [ 145.037220][ T36] bridge_slave_1: left allmulticast mode [ 145.061986][ T36] bridge_slave_1: left promiscuous mode [ 145.068693][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.137013][ T7256] F2FS-fs (loop5): invalid crc value [ 145.154397][ T7248] XFS (loop4): Ending clean mount [ 145.161300][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 145.179591][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 145.189543][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 145.199866][ T36] bridge_slave_0: left allmulticast mode [ 145.209528][ T7267] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 426: padding at end of block bitmap is not set [ 145.224236][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 145.242194][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 145.251087][ T36] bridge_slave_0: left promiscuous mode [ 145.256870][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.301594][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.565105][ T5830] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 145.667879][ T7256] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 145.728550][ T7256] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 145.965322][ T5843] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 146.012115][ T5837] syz-executor: attempt to access beyond end of device [ 146.012115][ T5837] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 146.030500][ T5837] CPU: 0 UID: 0 PID: 5837 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 146.030535][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 146.030550][ T5837] Call Trace: [ 146.030559][ T5837] [ 146.030569][ T5837] dump_stack_lvl+0x189/0x250 [ 146.030612][ T5837] ? __pfx_dump_stack_lvl+0x10/0x10 [ 146.030646][ T5837] ? __pfx_queue_work_on+0x10/0x10 [ 146.030674][ T5837] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 146.030706][ T5837] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 146.030750][ T5837] f2fs_handle_critical_error+0x37c/0x540 [ 146.030796][ T5837] f2fs_write_end_io+0x886/0xb60 [ 146.030841][ T5837] __submit_merged_bio+0x27a/0x6a0 [ 146.030885][ T5837] __submit_merged_write_cond+0x255/0x530 [ 146.030928][ T5837] f2fs_write_data_pages+0x261d/0x3000 [ 146.030991][ T5837] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 146.031065][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.031098][ T5837] ? folio_unqueue_deferred_split+0x93/0x230 [ 146.031129][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.031156][ T5837] ? folios_put_refs+0x584/0x670 [ 146.031197][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.031224][ T5837] ? __lock_acquire+0xab9/0xd20 [ 146.031258][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.031284][ T5837] ? do_raw_spin_lock+0x121/0x290 [ 146.031325][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.031357][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.031385][ T5837] ? do_raw_spin_unlock+0x122/0x240 [ 146.031420][ T5837] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 146.031445][ T5837] do_writepages+0x32e/0x550 [ 146.031483][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.031515][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.031547][ T5837] ? do_raw_spin_unlock+0x122/0x240 [ 146.031586][ T5837] filemap_fdatawrite+0x199/0x240 [ 146.031620][ T5837] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 146.031700][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.031733][ T5837] ? do_raw_spin_unlock+0x122/0x240 [ 146.031772][ T5837] f2fs_sync_dirty_inodes+0x31f/0x830 [ 146.031816][ T5837] f2fs_write_checkpoint+0x93e/0x2440 [ 146.031841][ T5837] ? stack_depot_save_flags+0x40/0x860 [ 146.031913][ T5837] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 146.031985][ T5837] ? f2fs_stop_gc_thread+0x7f/0xb0 [ 146.032010][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.032038][ T5837] ? kfree+0x19a/0x6d0 [ 146.032081][ T5837] kill_f2fs_super+0x2cc/0x6d0 [ 146.032107][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.032141][ T5837] ? __pfx_kill_f2fs_super+0x10/0x10 [ 146.032187][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.032215][ T5837] ? shrinker_free+0x2ce/0x3e0 [ 146.032247][ T5837] deactivate_locked_super+0xbc/0x130 [ 146.032281][ T5837] cleanup_mnt+0x425/0x4c0 [ 146.032309][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.032336][ T5837] ? lockdep_hardirqs_on+0x9c/0x150 [ 146.032373][ T5837] task_work_run+0x1d4/0x260 [ 146.032413][ T5837] ? __pfx_task_work_run+0x10/0x10 [ 146.032445][ T5837] ? __x64_sys_umount+0x122/0x160 [ 146.032484][ T5837] ? exit_to_user_mode_loop+0x40/0x130 [ 146.032512][ T5837] exit_to_user_mode_loop+0xe9/0x130 [ 146.032540][ T5837] do_syscall_64+0x2bd/0xfa0 [ 146.032572][ T5837] ? lockdep_hardirqs_on+0x9c/0x150 [ 146.032604][ T5837] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.032626][ T5837] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.032653][ T5837] ? exc_page_fault+0xab/0x100 [ 146.032688][ T5837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.032711][ T5837] RIP: 0033:0x7f1f773902f7 [ 146.032732][ T5837] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 146.032751][ T5837] RSP: 002b:00007fffe47d5b98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 146.032776][ T5837] RAX: 0000000000000000 RBX: 00007f1f77411d7d RCX: 00007f1f773902f7 [ 146.032792][ T5837] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffe47d5c50 [ 146.032807][ T5837] RBP: 00007fffe47d5c50 R08: 0000000000000000 R09: 0000000000000000 [ 146.032822][ T5837] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffe47d6ce0 [ 146.032838][ T5837] R13: 00007f1f77411d7d R14: 00000000000239e3 R15: 00007fffe47d6d20 [ 146.032877][ T5837] [ 146.032886][ T5837] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 146.209492][ T5843] usb 4-1: Using ep0 maxpacket: 16 [ 146.579953][ T5843] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 146.591175][ T5843] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 146.608235][ T5843] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 146.628949][ T5843] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 146.649130][ T5843] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 146.692340][ T5843] usb 4-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 146.702393][ T5843] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 146.764379][ T5843] usb 4-1: SerialNumber: syz [ 146.786778][ T7296] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 146.819027][ T5843] cdc_acm 4-1:1.0: Control and data interfaces are not separated! [ 146.851062][ T5843] cdc_acm 4-1:1.0: probe with driver cdc_acm failed with error -12 [ 147.112445][ T5929] usb 4-1: USB disconnect, device number 5 [ 147.235160][ T7326] netlink: 8 bytes leftover after parsing attributes in process `syz.5.498'. [ 147.272978][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 147.308743][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 147.319462][ T5844] Bluetooth: hci1: command tx timeout [ 147.325544][ T5843] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 147.336169][ T36] bond0 (unregistering): Released all slaves [ 147.496946][ T5843] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 147.527336][ T5843] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 147.565154][ T5843] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 147.641005][ T5843] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 147.679405][ T5843] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.712928][ T5843] usb 2-1: Product: syz [ 147.731824][ T5843] usb 2-1: Manufacturer: syz [ 147.736432][ T5843] usb 2-1: SerialNumber: syz [ 147.867992][ T5843] usb 2-1: config 0 descriptor?? [ 147.881485][ T7324] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 147.891938][ T7324] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 147.928907][ T5843] usb 2-1: ucan: probing device on interface #0 [ 147.991394][ T7320] loop2: detected capacity change from 0 to 40427 [ 148.001929][ T7345] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 148.037050][ T7320] F2FS-fs (loop2): Invalid log blocks per segment (4278190089) [ 148.120750][ T7320] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 148.192454][ T7320] F2FS-fs (loop2): invalid crc value [ 148.347151][ T5843] usb 2-1: ucan: device reported invalid device info [ 148.382573][ T5843] usb 2-1: ucan: probe failed; try to update the device firmware [ 148.571157][ T5843] usb 2-1: USB disconnect, device number 4 [ 148.583908][ T7320] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 148.636481][ T7320] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 148.656665][ T7320] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 148.810638][ T7368] F2FS-fs (loop2): Corrupted max_depth of 3: 255 [ 148.861630][ T7368] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 148.996710][ T36] hsr_slave_0: left promiscuous mode [ 149.044035][ T36] hsr_slave_1: left promiscuous mode [ 149.065593][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 149.106428][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 149.146584][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 149.149997][ T5843] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 149.155841][ T5829] ------------[ cut here ]------------ [ 149.169294][ T5829] kernel BUG at fs/f2fs/inode.c:965! [ 149.191667][ T5829] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 149.193110][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 149.198085][ T5829] CPU: 1 UID: 0 PID: 5829 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 149.214582][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 149.224629][ T5829] RIP: 0010:f2fs_evict_inode+0x1b35/0x1b60 [ 149.230440][ T5829] Code: cc b7 fd 40 84 ed 75 32 e8 d8 c9 b7 fd 49 bd 00 00 00 00 00 fc ff df e9 e8 e6 ff ff e8 c4 c9 b7 fd 90 0f 0b e8 bc c9 b7 fd 90 <0f> 0b e8 b4 c9 b7 fd 90 0f 0b 90 e9 f9 fe ff ff e8 a6 c9 b7 fd e8 [ 149.250035][ T5829] RSP: 0018:ffffc900030578d0 EFLAGS: 00010293 [ 149.256093][ T5829] RAX: ffffffff84083cd4 RBX: ffff888055421ae8 RCX: ffff8880311a8000 [ 149.264051][ T5829] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000 [ 149.272011][ T5829] RBP: 0000000000000000 R08: ffff888055421f7f R09: 1ffff1100aa843ef [ 149.279969][ T5829] R10: dffffc0000000000 R11: ffffed100aa843f0 R12: ffff888055421f78 [ 149.287935][ T5829] R13: dffffc0000000000 R14: 1ffff1100aa843ef R15: 0000000000000002 [ 149.295896][ T5829] FS: 0000555584c33500(0000) GS:ffff88812623e000(0000) knlGS:0000000000000000 [ 149.304814][ T5829] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.311381][ T5829] CR2: 00007fffc29d3c08 CR3: 000000005a684000 CR4: 0000000000350ef0 [ 149.319340][ T5829] Call Trace: [ 149.322608][ T5829] [ 149.325531][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 149.331159][ T5829] ? do_raw_spin_unlock+0x122/0x240 [ 149.336355][ T5829] ? __pfx_f2fs_evict_inode+0x10/0x10 [ 149.341721][ T5829] evict+0x504/0x9c0 [ 149.345616][ T5829] ? __pfx_evict+0x10/0x10 [ 149.350030][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 149.355653][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 149.361274][ T5829] ? do_raw_spin_unlock+0x122/0x240 [ 149.366471][ T5829] evict_inodes+0x64c/0x6d0 [ 149.370960][ T5829] ? __pfx_evict_inodes+0x10/0x10 [ 149.375968][ T5829] ? dput+0x37/0x2b0 [ 149.379866][ T5829] generic_shutdown_super+0x9a/0x2c0 [ 149.385154][ T5829] kill_block_super+0x44/0x90 [ 149.389828][ T5829] kill_f2fs_super+0x399/0x6d0 [ 149.394583][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 149.400210][ T5829] ? __pfx_kill_f2fs_super+0x10/0x10 [ 149.405495][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 149.411121][ T5829] ? shrinker_free+0x2ce/0x3e0 [ 149.415875][ T5829] deactivate_locked_super+0xbc/0x130 [ 149.421237][ T5829] cleanup_mnt+0x425/0x4c0 [ 149.425644][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 149.431289][ T5829] ? lockdep_hardirqs_on+0x9c/0x150 [ 149.436514][ T5829] task_work_run+0x1d4/0x260 [ 149.441131][ T5829] ? __pfx_task_work_run+0x10/0x10 [ 149.446251][ T5829] ? __x64_sys_umount+0x122/0x160 [ 149.451278][ T5829] ? exit_to_user_mode_loop+0x40/0x130 [ 149.456735][ T5829] exit_to_user_mode_loop+0xe9/0x130 [ 149.462018][ T5829] do_syscall_64+0x2bd/0xfa0 [ 149.466609][ T5829] ? lockdep_hardirqs_on+0x9c/0x150 [ 149.471802][ T5829] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.477858][ T5829] ? srso_alias_return_thunk+0x5/0xfbef5 [ 149.483578][ T5829] ? exc_page_fault+0xab/0x100 [ 149.488339][ T5829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.494222][ T5829] RIP: 0033:0x7fbc80d902f7 [ 149.498626][ T5829] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 149.518227][ T5829] RSP: 002b:00007ffc006a60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 149.526641][ T5829] RAX: 0000000000000000 RBX: 00007fbc80e11d7d RCX: 00007fbc80d902f7 [ 149.534599][ T5829] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc006a61a0 [ 149.542558][ T5829] RBP: 00007ffc006a61a0 R08: 0000000000000000 R09: 0000000000000000 [ 149.550516][ T5829] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc006a7230 [ 149.558474][ T5829] R13: 00007fbc80e11d7d R14: 00000000000245ca R15: 00007ffc006a7270 [ 149.566460][ T5829] [ 149.569475][ T5829] Modules linked in: [ 149.574678][ T5829] ---[ end trace 0000000000000000 ]--- [ 149.593760][ T5844] Bluetooth: hci1: command tx timeout [ 149.617134][ T5829] RIP: 0010:f2fs_evict_inode+0x1b35/0x1b60 [ 149.623831][ T5829] Code: cc b7 fd 40 84 ed 75 32 e8 d8 c9 b7 fd 49 bd 00 00 00 00 00 fc ff df e9 e8 e6 ff ff e8 c4 c9 b7 fd 90 0f 0b e8 bc c9 b7 fd 90 <0f> 0b e8 b4 c9 b7 fd 90 0f 0b 90 e9 f9 fe ff ff e8 a6 c9 b7 fd e8 [ 149.644585][ T36] veth1_macvtap: left promiscuous mode [ 149.644726][ T7381] loop3: detected capacity change from 0 to 128 [ 149.652269][ T36] veth0_macvtap: left promiscuous mode [ 149.657887][ T5829] RSP: 0018:ffffc900030578d0 EFLAGS: 00010293 [ 149.668399][ T5829] RAX: ffffffff84083cd4 RBX: ffff888055421ae8 RCX: ffff8880311a8000 [ 149.678411][ T5829] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000 [ 149.699581][ T36] veth1_vlan: left promiscuous mode [ 149.707044][ T5829] RBP: 0000000000000000 R08: ffff888055421f7f R09: 1ffff1100aa843ef [ 149.707575][ T36] veth0_vlan: left promiscuous mode [ 149.715344][ T5829] R10: dffffc0000000000 R11: ffffed100aa843f0 R12: ffff888055421f78 [ 149.728308][ T5829] R13: dffffc0000000000 R14: 1ffff1100aa843ef R15: 0000000000000002 [ 149.736320][ T5829] FS: 0000555584c33500(0000) GS:ffff88812623e000(0000) knlGS:0000000000000000 [ 149.745332][ T5829] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 149.752049][ T5829] CR2: 00007fe1d1371980 CR3: 000000005a684000 CR4: 0000000000350ef0 [ 149.761625][ T5829] Kernel panic - not syncing: Fatal exception [ 149.767905][ T5829] Kernel Offset: disabled [ 149.772236][ T5829] Rebooting in 86400 seconds..