last executing test programs: 4m51.906456918s ago: executing program 5 (id=1622): r0 = syz_open_dev$radio(&(0x7f0000000080), 0x2, 0x2) ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f00000002c0)={0x0, 0x1}) 4m51.287689267s ago: executing program 5 (id=1626): r0 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r0, 0x10d, 0xa, &(0x7f00001c9fff)="03", 0x19) 4m51.110442031s ago: executing program 5 (id=1629): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f00000001c0)={0x53, 0xfffffffffffffffc, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000240)="2a110745137f", 0x0, 0xfffffffc, 0x10001, 0xffffffffffffffff, 0x0}) 4m50.926899386s ago: executing program 5 (id=1631): syz_mount_image$jfs(&(0x7f0000000200), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='discard,quota,errors=remount-ro,iocharset=macturkish,errors=remount-ro,quota,iocharset=maccroatian\x00gid=', @ANYRESHEX, @ANYBLOB="2c75737271756f74552c71756f74612c726573697a653d3078666666666666666666666666666666652c67727071756f74612c726573697a652c646973636172642c726573697a653d3078303030303030303030303030306132662c6e6f696e746567726974792c61707072616973652c7375626a5f757365723d21952c657569643c", @ANYRESDEC, @ANYBLOB=',\x00'], 0x1, 0x61ae, &(0x7f0000007640)="$eJzs3c1vHGcdB/DfvvolNLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQYlFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288Szm92uXds7a8/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByutiLj187RgKeIz0YloRyyU9XJELCwv5fW7EfFc7DbHsxHRm4sob7/7z9MRr0bER+cjtnc2VsvFVw/Yj+/+8e+/++G5t/72h97l//5pffx6Dx786j9/fniULQYAAIDmKYqiaKWP+RfS5/t23Z0CAKYiv/4XSV5+5utf//Otv8xSf9RqtVqtnkJdVYz2sFpExGb1NuV7BofjAeCU2YyP6+4CNZJ/o3Uj4lzdnQBmWqvuDnAitnc2Vlsp31b19WB5rz2fCzKQ/2br8fUd46aTDJ9jMq3H11Z04pkx/VmYUh9mSc6/PZz/rb32flrvpPOflnH59/cufWqcnH9nOP8hZyf/9sj8myrn3z1U/h35AwAAAADADMv//79U8/HfuaNvyoF80vHf5Sn1AQAAAAAAAACO21HH/3vsWMf/67w2bj3j/wEAAMDhlZ/VS785v79s3HexlctvtiKeGlofaJh0scxi3f0AAAAAAAAAAAAAgCbp7p3De7MV0YuIpxYXi6Iof6qG68M66u1Pu6ZvPzRZ3U/yAACw56PzQ9fytyLmI+Jm+q6/3uLiYlHMLywWi8XCXH4/25+bLxYqn2vztFw21z/AG+Juvyh/2XzldlWTPi9Pah/+feV99YvOATp2THrprzmmuaawASDZezXa9op0xhTF0+PefMAA+/8ZtBRLdT+umH11P0wBAACAk1cURdFKX+d9IR3zb9fdKQBgKvLr//BxgSPV7THtEcfz+9VqtVqtVn+quqoY7WG1iIjN6m3K9wyG4weAU2YzPq67C9RI/o3WjYjn6u4EMNNadXeAE7G9s7HaSvm2qq8HaXz3fC7IQP6brd3b5duPmk4yfI7JtB5fW9GJZ8b059kp9WGW5Pzbw/nf2mvvp/VOOv9pGZd/f/eSuebJ+XeG8x9ydvJvj8y/qXL+3UPl35E/AAAAAADMsPz//0uO/+ZNBgAAAAAAAIBTZ3tnYzVf95qP/39uxHqu/zybcv6tw+a/kOblf6rl/NtD+X95aL1OZf7Rm/v7/793NlZ/v/6vz+bpQfOfyzOt9MhqpUdEK91Tq5umR9m6J231Ov3ynnqtdqebzvkpeu/Enbgba3FlYN12+nvst68MtJc97Q20Xx1o7z7Rfm2gvZe+d6BYyO2XYjV+Enfj7d32sm1uwvbPT2gvJrTn/Due/xsp59+t/JT5L6b21tC09OjD9hP7fXU66n7euPP5X145+c2ZaCs6j7etqty+izX0Z/dvcq4fP7u/du/Sg9vr6/dWIk0Gll6NNDlmOf/e7s/c/vP/C3vt+Xm/ur8++rB/6PxnxVZ0x+b/QmW+3N6Xpty3OuT8++kn5/92ah+9/5/m/Mfv/y/X0B8AAAAAAAAAAAAAAAD4JEVR7F4i+kZEXE/X/9R1bSYAMF359b9I8nK1Wq1Wq9Vnr64qRnu9WkTEX6u3Kd8z/GLULwMAZtn/IuIfdXeC2si/wfL3/ZXTF+vuDDBV99//4Ee3795du3e/7p4AAAAAAAAAAJ9WHv9zuTL+84sRsTS03sD4r2/G8lHH/+zmmccDjB7zQN9jbLX7nXZluPHnY3d87kvjxv++GE+O/53HxO1Ut2OM3oT2/oT2uQnt8yOX7qc18kKPipz/85Xxzsv8LwwNv96E8V+Hx7xvgpz/xcrjucz/S0PrVfMvfjtz+W8edMWtaA/kf3n9vZ9evv/+B6/cee/2u2vvrv342srKlWvXr9+4cePyO3furl3Z+/dkej0Dcv557GvngTZLzj9nLv9myfl/IdXyb5ac/xdTLf9myfnn93vyb5acf/7sI/9myfm/lGr5N0vO/yupln+zbO9szJX5v5xq+TdL3v+/mmr5N0vO/5VUy79Zcv6XUi3/Zsn5X071AfL39fBnSM4/H+Gy/zdLzn8l1fJvlpz/1VTLv1ly/tdSLf9myfm/mmr5N0vO/2upln+z5Pyvp1r+zZLz/3qq5d8sOf8bqZZ/s+T8v5Fq+TdLzv+bqZZ/s+T8X0u1/Jsl5/+tVMu/WXL+3061/Jsl5/+dVMu/WXL+r6da/s2y//3/ZsyYMZNn6n5mAgAAAAAAAAAAAACGTeN04rq3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt7dxch11mcAP7PetddOQgyE4KQGNokJIXGyazvxB22KCZ8NUAokFPqB43rXZsFfeO0SKJJNAyUSRkUVFelFW0CojVRVRBUXtKI0F1U/rkp7QW8q2kpIjaqAAipSW1G2mnPe992Z2dmZWe9kPXve309K/rszZ+acOXNmdp9dP3sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaHXL6+c+3SiKovlf+b/tRXFt8+OtU9vLy15ztbcQAAAAWKv/K///3PXpgsMD3Khlmb99+T98bXFxcbF476bfnfj84mK6YqooJrYURXld9NS/v6/RukzwWDHZGGv5fKzP6jf1uX68z/UTfa7f3Of6LX2un+xz/bIdsMzW6ucx5Z3tKj/cXu3S4oZiorxuV5dbPdbYMjYWf5ZTapS3WZw4XswXJ4u5YqZt+WrZRrn8N25prustRVzXWMu6djaPkB98/FjchkbYx7va1rV0n9H3XldM/fAHHz/2R+efvanb7Lsb2u6v2s47bm1u5yfDJdW2NootaZ/E7Rxr2c6dXZ6TTW3b2Shv1/y4czufG3A7Ny1t5rrqfM4ni7Hy42+V+2m89cd6aT/tDJf9921FUVxa2uzOZZatqxgrtrVdMrb0/ExWR2TzPpqH0ouK8VUdp7cMcJw25+yu9uO08zURn/9bwu3GV9iG1qfpe5/YvOx5X+1xGjUf9Uqvlc5jcNivlVE5BuNx8a3yQT/e9RjcFR7/x29f+Rjseux0OQbT4245Bm/tdwyObd5UbnN6EhrlbZaOwT1ty28q19Qo5zO39z4Gp8+fOju98NGP3T1/6uiJuRNzp/ft2TOzb//+gwcPTh+fPzk3U/3/Cvf26NtWjKXXwK1h38XXwKs6lm09VBe/NLzX4WSP1+H2jmWH/Toc73xwjfV5QS4/pqvXxkPNnT55eaxY4TVWPj93rv11mB53y+twvOV12PVrSpfX4fgAr8PmMmfvHOx7lvGW/7ptw/P1tWB7yzHY+f1I5zE47O9HRuUYnAzHxb/cufLXgp1hex/fvdrvRzYtOwbTww3vPc1L0vf7kwfL0e24vLl5xTWbiwsLc+fuefTo+fPn9hRhrIsXtxwrncfrtpbHVCw7XsdWfbwenn/54zd3uXx72FeTdzf/N7nic9Vc5t57ej9X5Ve37vuz7dK9RRhDtt77s9tX8+b+TFmyx/5sLvPJ6bV/L55yacv778QK778x9/+kWl+6q8c2TYxXr99Nae9MtL0ftz9V4+V7V6Nc93PTg70fT4T/1vv9+IYe78c7OpYd9vvxROeDi+/HjX4/7VibzudzMhwnJ2d6vx83l9mxd7XH5HjP9+PbwmyE/f/qkBRSLmo5dlY6btO6xscnwuMaj2toP073tS0/EbJZc11P7r2y4/SO26r72pQe3ZL1Ok6nOpYd9nGa3q9WOk4b/X76dmU6n8/JcFzcsK/3cdpc5ul71/7euTV+2PLeubnfMTixaXNzmyfSQVi93y9ujcfgPcWx4kxxspgtr91cHk+Ncl277xvsGNwc/lvv98odPY7BOzqWHfYxmL6OrXTsNcaXP/gh6Hw+J8Nx8cR9vY/B5jJvODDc713vCJekZVq+d+38+dpKP/O6uWM3PZ8/82pu518f6P2z2eYyJw+uNmf23k93hUuu6bKfOl+/K72mZov12U87wnY+e3Dl/dTcnuYynz804PF0uCiKix9+oPx5b/j9yp9d+PbX2n7v0u13Ohc//MD3rzv+N6vZfgA2vp9UY1v1ta7lN1OD/P4fAAAA2BBi7h8LM5H/AQAAoDZi7o//KjyR/wEAAKA2Yu4fDzPJJP/veMOz8z+5WKRm/mIQr0+74cFqudhxnQmfTy0uaV7+wFfmfvQXFwdb91hRFD9+8De6Lr/jwbhdlamwnU+9sf3y5Te8OND6H3l4abnW/voXw/3HxzPoYdCtgjtTFMU3rv9suZ6p910u59MPPlLOd116/LHmMs8dqj6Pt3/mxdXyvx/Kv4ePH227/TNhP3w3zJm3dt8f8XZfvfzqnQfes7S+eLvGrS8oH/YT76/uN/6dnM89Vi0f9/NK2/+Xn3nyq83lH31l9+2/ONZ9+58M9/uVMP/nZdXyrc9B8/N4u0+F7Y/ri7e758vf7Lr9T326Wv7sm6rlHgkzrv+O8PmuNz0737q/Hm0cbXtcxZur5eL6Z7792+X18f7i/Xdu/+SRy237o/P4ePqfqvuZ7lg+Xh7XE/15x/qb99N6fMb1P/lbj7Tt537rf+pdz7yseb+d67+rY7lNHbfv/ItNf/Cpz3ZdX9yew396tu3xHH5neB2H9T/x/nA8huv/96nPtq03euSd7e8/cfkvbr/Y9niit/ywWv9Trz1Rzv+Y+tHvXXPtdS+49IrmviuKb727ur9+6z/xh2fatv9LN95ZPh/x+tjR71z/SuL6z31k9+kzCxfmZ1v2avm3c95Wbc+Wya3bmtt7fXhv7fz8yJnzH5g7NzUzNVMUU/X9E3pX7Mthfr8al1Z7+zsfDs/nzV/4xrbb//Ez8fJ/fqi6/PJbq69brwrLfS5cvr16/hYba1z/E7fcWL6+G09Xn7f12Idg567/PDjQguHxd35fEI/3sy/5QLkfmteVXzfi63qN2/+d2ep+vh7262L4y8y33ri0vtbl499GuPzu6vW+5v0X3ubi8/rH4fl++3er+4/bFR/vd8L3Md/c0f5+F4+Pr18c67z/8q94XArvJ8Wl6vq4VNzfl5+7sevmxb9DUly6qfz8d9L93LSqh7mShY8uTJ+cP33h0enzcwvnpxc++rEjp85cOH3+SPm3PI98sN/tl96ftpXvT7Nz++8tZrYWRXGmmFmHN6znZ/ubHw22/WcfPjZ7YOb22bnjRy8cP//w2blzJ44tLBybm124/ejx43Mf6Xf7+dn79+w9tO/A3t0n5mfvP3jo0L5Du+dPn2luRrVRfeyf+dDu0+eOlDdZuP/eQ3vuu+/emd2nzszO3X9gZmb3hX63L7827W7e+td3n5s7efT8/Km53QvzH5u7f8+h/fv39v1rgKfOHl+Ymj534fT0hYW5c9PVY5k6X17c/NrX7/bU08K/Vt/PdmpUf4iveMdd+9PfZ236yidWvKtqkY4/IPps+Fs0f//CswcH+Tzm/okwk0zyPwAAAOQg5v7NYSbyPwAAANRGzP1bwkzkfwAAAKiNmPsnw0wyyf/6//r/g/X/q+v1//Pq/5/9cNUr3ej9/9if1//Pw1Xu/695/fr/+v/16/8P3p/f6Nuv/6//z3Kj1v+PuX9rUWSZ/wEAACAHMfdvCzOR/wEAAKA2Yu6/JsxE/gcAAIDaiLn/2jCTTPK//v9A/f+9/QpX9e//O/+//n+xMfv/8cnR/8/Gqvv373mo7VP9/0D/X/9f/1//X/+fNZtY8Zqr1f+Puf+6MJNM8j8AAADkIOb+F4SZyP8AAABQGzH3Xx9mIv8DAABAbcTcvz3MJJP8r//v/P/6//r/te7/r/X8/y0bo/+/MTj/f2/6/31ccf9/Uv9/I/b/J4a7/aPd/++7+fr/PC9G7fz/Mfe/MMwkk/wPAAAAOYi5/0VhJvI/AAAA1EbM/S8OM5H/AQAAoDZi7r8hzCST/K//r/8/Wv3/L9zd3PP6/xX9/8pV7f/3PP9/9ZH+/2jR/+9N/78P5//Pq/8/5O0f7f7/sM//P/HGztvr/9PNqPX/Y+5/SZhJJvkfAAAAchBz/41hJvI/AAAA1EbM/S8NM5H/AQAAoDZi7t8RZpJJ/tf/1/8frf6/8//r/2+k/n9F/3+06P/3pv/fh/6//r/+/2D9/y7f/Or/082o9f9j7r8pzCST/A8AAAA5iLn/5jAT+R8AAABqI+b+nwozkf8BAACgNmLu3xlmkkn+1//X/9f/z6v/f9dm/X/9/3rT/+9N/78P/X/9f/3/Ac//v9xq+v9b+t0ZtTFq/f+Y+18WZpJJ/gcAAIAcxNz/8jAT+R8AAABqI+b+V4SZyP8AAABQGzH3T4WZZJL/9f/r1f//k7964hWF/r/+f5/117T/Hw8D/f/M6f/3pv/fh/6//r/+/7r0/8nHqPX/Y+6/Jcwkk/wPAAAAOYi5/9YwE/kfAAAAaiPm/tvCTOR/AAAAqI2Y+3eFmWSS//X/69X/j/T/9f97rb+m/f9E/z9v+v9dtLxI9f/70P/X/8++/x+/+9X/ZzhGrf8fc/8rw0wyyf8AAACQg5j7bw8zkf8BAACgNmLuf1WYifwPAAAAtRFz/x1hJpnkf/1//X/9f/1//f/u69f/35j0/3tbbf9/s/6//r/+f2b9f+f/Z7iufv+/+s4tfh5z/6vDTDLJ/wAAAJCDmPvvDDOR/wEAAKA24r/frP7dq/wPAAAAdRRz/+4wk0zyv/6//n9O/f+G/r/+v/5/7en/9+b8/33o/+v/6//r/zNUV7//3/55zP13h5lkkv8BAAAgBzH33xNmIv8DAABAbcTcPx1mIv8DAABAbcTcPxNmUub/iau0VetH/1//P6f+v/P/6//r/9ef/n9v+v996P/r/9et/18U+v9cVaPW/4+5f0+Yid//AwAAQG3E3L83zET+BwAAgNqIuX9fmIn8DwAAALURc/+9YSaZ5H/9f/1//X/9f/3/7uvX/9+Y9P970//vQ/9f/79u/X/n/+cqG7X+f8z994WZZJL/AQAAIAcx9+8PM5H/AQAAoDZi7j8QZhLyf7d/1w0AAABsLDH3HwwzyeT3//r/Nen//+bfta1b/1//v9f6h9P/36r/H6b+/2hZ6t+Xx2td+v+dL4srpv/fh/6//r/+v/4/QzVq/f+Y+w+FmWSS/wEAACAHMfe/JsxE/gcAAIDaiLn/p8NM5H8AAACojZj7fybMJJP8r/9fk/5/B/1//f9e63f+f/3/OnP+/95q1f8f0//X/x+t7df/1/9nuee//x8/Gqz/H3P//WEmmeR/AAAAyEHM/T8bZiL/AwAAQG3E3P/aMBP5HwAAAGoj5v7DYSaZ5H/9f/1//X/9/+en///aotMo9v+bB4/+f73o//dWq/6/8//r/4/Y9uv/6/+z3Kid/z/m/teFmWSS/wEAACAHMfc/EGYi/wMAAEBtxNz/+jAT+R8AAABqI+b+N4SZZJL/9f/1//X/9f+d/7/7+vX/Nyb9/970//vQ/9f/1//X/2eoRq3/H3P/G8NMMsn/AAAAkIOY+98UZiL/AwAAQG3E3P/mMBP5HwAAAGoj5v63hJlkkv/1//X/9f/1//X/u69/0P5/8W/6/6Mk4/7/xCAL6f/3of+v/6//r//PUI1a/z/m/p8LM8kk/wMAAEAOYu5/MMxE/gcAAIDaiLn/rWEm8j8AAADURsz9bwszyST/6//r/+v/6//r/3dfv/P/b0wZ9/8Hov/fh/6//r/+v/4/QzVq/f+Y+98eZpJJ/gcAAIAcxNz/82Em8j8AAADURsz97wgzkf8BAABgdHUrYvcQc/8vhJlkkv/1//X/R6v/v3ix9Xb6//r/xbD6/80b6f9nQf+/N/3/Prr0/7fo/+v/6//r/3PFRq3/H3P/O8NMMsn/AAAAkIOY+98VZiL/AwAAQG3E3P/uMBP5HwAAAGoj5v6Hwkwyyf/6/1n2/9NDHr3+v/P/6/87/7/+/9ro//em/9+H8/8PqT9/rf6//r/+P6VR6//H3P9wmEkm+R8AAAByEHP/e8JM5H8AAACojZj7fzHMRP4HAACA2oi5/71hJpnkf/3/LPv/I3z+/7r1/8fbjo+c+v+TLc9nOi71//X/14H+f2/6/33o/zv//yj3/8PRvHWF2+v/M4pGrf8fc//7wkwyyf8AAACQg5j7fynMRP4HAACA2oiJ/5fbPpP/AQAAoE5i7v+VMJNM8r/+v/6//r/z/zv/f/f16/9vTPr/ven/96H/r/8/yv3/PvT/GUWj1v+Puf9Xw0xWDH7f/68BHiYAAAAwQmLuf3+YSSa//wcAAIAcxNx/JMxE/gcAAIDaiLn/kTCTTPK//n9n/z+eUVX/X/9f/1//X/9/Ixpe//+l1xWF/r/+v/6//r/+v/4/azFq/f+Y+4+GmWSS/wEAACAHMff/WpiJ/A8AAAC1EXP/sTAT+R8AAABqI+b+2TCTTPL/Vez/T4xm/9/5/6+0//9j/X/9/0D/vzv9//Xh/P+96f/3of+v/6//r//PUI1a/z/m/rkwk0zyPwAAANRY+nFwzP3Hw0zkfwAAAKiNmPtPhJnI/wAAAFAbMfd/IMwkk/zv/P/6/87/fzX6/+Nty+v/V/T/9f+HQf+/N/3/PvT/9f/1//X/GapR6//H3D8fZpJJ/gcAAIAcxNz/wTAT+R8AAABqI+b+D4WZyP8AAABQGzH3nwwzyST/6//r/+fe/28UxSXn/9f/77Z+/f+NSf+/N/3/PvT/9f/1//X/GapR6//H3H8qzCST/A8AAAA5iLn/dJiJ/A/A/7N3H012ndUeh499bYXR5SMwZsQQRuYjMGVGFWOKZHKwTc5gcg7G5JwzmJxzziZjMphoqBLl7rWW1Dqn95bUu8/Z+32fZ7KuVNbtI9z2rf8Vv3oBAGhG7v77xC32PwAAADQjd/9945ZO9r/+X//fe/+/2sn7/wf/ev3/Pv2//n8Ka/39FZv/usOi8EP7/zvf5ep76v/1/9P0/yfrx/r/Se368+v/9f+sm1v/n7v/fnFLJ/sfAAAAepC7//5xi/0PAAAAzcjd/4C4xf4HAACAZuTuvzpu6WT/d93/nzr7OZL+X/+/9xM99/836f/1/8vm/f9h+v8R3v/X/+v/9f9Mam79f+7+B8Ytnex/AAAA6EHu/gfFLfY/AAAANCN3/4PjFvsfAAAAmpG7/yFxSyf7v+v+3/v/+v+wjP7/hPf/z/v96P/1/5vo/4fp/0fo//X/+n/9P5OaW/+fu/+hcUsn+x8AAAB6kLv/YXGL/Q8AAADNyN3/8LjF/gcAAIBm5O5/RNzSyf7X/+v/9f9L6f+39P6//l//v3A3rM7+O0H/v07/P2Kk/1+t9P9DLrif3/zbW87nP4T+X//Purn1/7n7Hxm33G21OnGpv0kAAABgVnL3Pypu6eTP/wEAAKAHufuviVvsfwAAAGhG7v5r45ZO9r/+X/+v/9f/6/83f339/zJ5/3/Y0fv/O93h3vfqt//3/v8w7/9P3f/f/p2h/2fZ5tb/5+6/Lm7pZP8DAABAD3L3Pzpusf8BAACgGbn7HxO32P8AAADQjNz9j41bOtn/+v/W+v//O/Drzun/92oX/b/+X/+v/2+d/n+Y9/9H7P1r7nT9UP+v//f+/7n9//Dr6Pp/Nplb/5+7/3FxSyf7HwAAAHqQu//xcYv9DwAAAM3I3f+EuMX+BwAAgGbk7n9i3NLJ/t9O/785yNf/e/9f/6//1//r/6em/x+m/x/Ryvv/l/hds+t+/qh2/fnb7/+H6f/ZZG79f+7+J8Utnex/AAAA6EHu/ifHLfY/AAAANCN3/1PiFvsfAAAAmpG7/6lxSyf73/v/+v9l9P/5FfT/+v/j7/+T/n+Z9P/D9P8jWun/L9Gu+/mlf379v/6fdXPr/3P3Py1u6WT/AwAAQA9y9z89brH/AQAAoBm5+58Rt9j/AAAA0Izc/c+MWzrZ//p//f8y+n/v/+v/vf+v/78w+v9h+v8R+n/9v/5f/8+k5tb/5+6/Pm7pZP8DAABAD3L3Pytusf8BAACgGbn7nx232P8AAADQjNz9z4lbOtn/+n/9v/5f/6//3/z19f/LpP8fpv8fof/X/+v/9f9Makb9/zm/6tTquXFLJ/sfAAAAepC7/3lxi/0PAAAAzcjd//y4xf4HAACAZuTuf0Hc0sn+1//Ppv/fy/na6v9Pr1Yr/f+q0/7/9Dl/P+v7Uv+v/98C/f+wi+//b7lx/zt3n/5f/z9E/6//1/9zvhn1/3s/zt3/wrilk/0PAAAAPcjd/6K4xf4HAACAZuTuf3HcYv8DAABAM3L3vyRu6WT/6/9n0//vaav/9/7/+d8fPfX/3v9fp//fDv3/MO//j9D/6//1//p/JjW3/j93/0vjphNXXvJvEQAAAJiZ3P0vi1s6+fN/AAAA6EHu/pfHLfY/AAAALNT1az+Tu/8VcUsn+1//P23/f+Kcn9P/6//P//7Q/+v/9f/HT/8/TP8/Qv+v/9f/6/+Z1Nz6/9z9r4xbOtn/AAAA0IPc/TfELfY/AAAANCN3/6viFvsfAAAAmpG7/8a4pZP9r//3/r/+X/+v/9/89fX/y6T/H6b/H6H/1//vtv8/efZ/1P/Thovo/8+cOXPNsff/uftfHbd0sv8BAACgB7n7XxO32P8AAADQjNz9r41b7H8AAABoRu7+18Utnex//X+n/X9+qy+r/792tdL/6//1//r/Yfr/Yfr/Efp//b/3//X/TGpu7//n7n993NLJ/gcAAIAe5O5/Q9xi/wMAAEAzcve/MW6x/wEAAKAZufvfFLd0sv/1/532/97/1//r/7fd/9+20v9vxSL6/9OHf/259//X6f/1/wO66//vftcDP9T/6/9ZN7f+P3f/m+OWTvY/AAAA9CB3/1viFvsfAAAAmpG7/61xi/0PAAAAzcjd/7a46YpO9r/+X/+v/9f/6/83f/0tv/9/YrVa6f8nsIj+f8Dc+/9p3v8//5/ys/T/+v8lf379v/6fdXPr/3P3vz1u6WT/AwAAQA9y978jbrH/AQAAoBm5+98Zt9j/AAAA0Izc/e+KWzrZ//p//b/+f7r+/7JDvh/0//H9sKv+/7pF9P/e/5+I/n/YPPr/w+n/9f9L/vz6f/0/F25X/X/u/nfHLZ3sfwAAAOhB7v73xC32PwAAADQjd/974xb7HwAAAJqRu/99cUsn+1//r/+/mP4/P6f+v633/0/Orv8/deB/Xyfv/+v/J6L/H6b/H6H/1//r/6/X/zOlub3/n7v//XFLJ/sfAAAAepC7/wNx6/91a/8DAABAM3L3fzBusf8BAACgGbn7PxS3dLL/9f/6f+//6/+bf/9f/98V/f8w/f8I/f8x9PO3f2r9/4L6f+//M6m59f+5+z8ct3Sy/wEAAKAHufs/ErfY/wAAANCM3P0fjVvsfwAAAGhG7v6b4pZO9r/+X/+v/9f/6//3/x7q/9ug/x+2nf7/tP5f/1/9/GXxT4H+X/8/9utp09z6/9z9H4tbOtn/AAAA0IPc/R+PW+x/AAAAaEbu/k/ELfY/AAAALNIVG34ud/8n45ZO9r/+X/+v/9f/6/83f339/zLtpP/Pbwr9v/f/Qz/9/x0P/Oio/fy2P//5//dL/6//Z3pz6/9z938qbulk/wMAAEAPcvd/Om6x/wEAAKAZufs/E7fY/wAAANCM3P2fjVs62f/6/2X0//mdqf/X/+v/9f/6/2He/x+m/x+h/9/p+/lL//z6f/0/6+bW/+fu/1zc0sn+BwAAgB7k7v983GL/AwAAQDNy938hbrH/AQAAoBl7uz/jsg73v/5/Gf2/9//1//p//b/+/8Lo/4fp/0fo//X/+n/9P5OaW///xb1fdWr1pbilk/0PAAAAPcjd/+W4xf4HAACAWTr8vypwuNz9X4lb7H8AAABoRu7+r8Ytnex//b/+fxn9/5kzZ67R/+v/D/5+zvb/N+v/Kfr/Yfr/Efp//b/+X//PpObW/+fu/1rc0sn+BwAAgB7k7v963GL/AwAAQDNy938jbrH/AQAAoBm5+78Zt3Sy//X/M+j/T+n/vf+v/195/1//PxH9/zD9/4gW+/9TF/7b33U/f1S7/vz6f/0/6+bW/+fu/1bc0sn+BwAAgB7k7v923GL/AwAAQDNy938nbrH/AQAAoBm5+78bt3Sy//X/2+v/b//Prpf3/0+vNn9+/b/+X/+v/z9u+v9h+v8RLfb/F2HX/fzSP7/+X//Purn1/7n7vxe3HBx+V17c7xIAAACYk9z9349bOvnzfwAAAOhB7v4fxC32PwAAADQjd/8P45ZO9r/+fwbv/zfY/3v/f/P3h/5/1v3/5fr/Nuj/h+n/R+j/9f/6/4n6//xu1v/3bm79f+7+H8Utnex/AAAA6EHu/h/HLfY/AAAANCN3/0/iFvsfAAAAmpG7/+a45Zz9v6ntboX+X/+v/9f/6/83f339/zLp/4ddaP9/cnW0/j/p//X/+v9e+3/v/7Nvbv1/7v6fxi3+/B8AAAAW58pDfj53/8/iFvsfAAAAmpG7/+dxi/0PAAAAzcjd/4u45dbLd/WRtkr/r//X/+v/9f+bv77+f5n0/8O8/z9C/z9FP3+V/r+N/n+10v9zdHPr/3P3/zJu8ef/AAAA0Izc/b+KW+x/AAAAaEbu/l/HLfY/AAAANCN3/2/ilk72v/5f/3/E/n8vzdT/79P/79P/b6b/3w79/zD9/wj9v/f/9f/e/2dSc+v/c/ffErd0sv8BAACgB7n7fxu32P8AAADQjNz9v4tb7H8AAABoRu7+38ctnez/nfX/8R+1/n/x/b/3//X/+n/9/6zo/4fp/0fo//X/+n/9P5OaW/+fu/8PcUsn+x8AAAB6kLv/j3GL/Q8AAADNyN3/p7jF/gcAAIBm5O7/c9zSyf73/v9R+//9QEX/f/Dz6/8P0v/H94P+X/+/Bfr/Yfr/zepvlP5f/6//1/8zqbn1/7n7/xK3dLL/AQAAoAe5+/8at9j/AAAA0Izc/bfGLfY/AAAANCN3/9/ilk72v/7f+//6f/2//n/z19f/L5P+f9gu+/97/P/4l/X+/877//wI+n/9v/6fScyt/8/d//e4pZP9DwAAAD3I3f+PuMX+BwAAgGbk7v9n3GL/AwAAQDNy9/8rbulk/4/0/yfrL9T/D9L/H/z8+v/N3x/6f/2//v/46f+Hef9/hP7f+//6f/0/k5pb/5+7/99xSyf7HwAAAHqQu/+2uMX+BwAAgGbk7v9P3GL/AwAAQDNy9/83bulk/3v/f0n9/1X6f/2//l//r/8fof8fpv8fof/X/+v/9f9Mam79f+7+/wUAAP//h5xMZQ==") mount(&(0x7f00000037c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000003800)='./file0\x00', &(0x7f0000003840)='jfs\x00', 0x800000, 0x0) 4m50.171104141s ago: executing program 5 (id=1638): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000851000000300000018000000000000000000000000000000950000000000000095000000000000002da2f7321fba26142d4f79"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x1a) 4m48.95022962s ago: executing program 5 (id=1650): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, 0x0, 0x0) 4m48.390822129s ago: executing program 32 (id=1650): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, 0x0, 0x0) 3m41.079635081s ago: executing program 1 (id=2470): ioperm(0x0, 0x5, 0x5) fsopen(0x0, 0x0) 3m40.765821113s ago: executing program 1 (id=2475): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x2}) 3m40.438731117s ago: executing program 1 (id=2477): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f00000003c0)=@ethtool_ringparam={0x11, 0x0, 0x20040001, 0x0, 0x4}}) 3m40.23138812s ago: executing program 1 (id=2480): syz_mount_image$hfs(&(0x7f0000000100), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="696f636861727365743d63703934392c636f6465706167653d6b6f69382d752c756d61736b3d30303030303030303030303030303030303030303031312c00bfb51dfa909f63f01bf23ebddc283926cec7a2f175271147fc710ab32236bec378fa06b25eea99509a6f0d8a5fe8a6179c2a0caf7e09c9e25b1c0543103f37edc75f1fe47e71732d155ffb1029f565ff9e7a4c2e26e24748e0a3e60c338dddd1ee6cb724c3a022abbe15edf61673e7"], 0x1, 0x2e5, &(0x7f0000000140)="$eJzs3U1PE0Ecx/HfbFsoD8EVMCZeNCiJXoioB+OlxvTq3ZNR25IQG4iAiXoRjUfjC/DuW/BFeNH4BvTkybucHDPTadnCdkvFshS/n4RmOzuz+5/OPsx/Y60A/LfuVL99uP7D/RmpoIKkW1IkqSwVJZ3R2fLTta3VrWajnrWhgm/h/oxaLc2+OrW1RlpT1863CGL3rqjpZBmGw1p7+3veQSB3/uxPEUnj4Tz068tHHNewbEvn847hqCUH2OxoR880k2M4AIBjINz/o3CbmPZFRlEkLYbb/om6/++cnK44N5r7imxmg8T938/urHHje8qv2s33fArn1kftLPEgwZT2vB9T68jqmmCaflmljyWaWFktaqn2SvVIr1UJEtXm/Wu9dei29Yl2ISU3zdB7ayXdnWz1xs8o92qHtLLabIy7hZT45wbb4+GZT+aLuW9ivVe9M/8rWuOGyY9UvGekopKL/2rvLU75Vq6WQtpfqVSiriqn/U7OhT0EfXpZTs9IkttsPyDY7kSQFaff96y6Hyu0erfcp9VcWqu4865Hq/muVoVwJCzV1puZj1KGo91F887cMwv6qY+qJub/kYtvUYkzM+v6aHzNcGTU1vXb2rH0mkVfM953ud09XS50IgjGB+4bpAGflr3VI93UzObzF48LzWZjwy08TFl4Mr1hQknpjZRaZ/gLBWXU0fZuiXVeWnvQLdtDBGb6fRpX+m/n18F36q4fnRJ3+qRVdmdZpyT6B5+8NTkM93FfqH5W1gE5OgvWSj1WDe06hWNk07QHPRRM5BwQjpqbd5lW/udn8mFW51Mk9xJnzNOzk0x1bXG5k8F1TwVn/evkQBncVO8MLrHHaz1yRp9zXbwsXUoUGmXuMQ5xnhCmqq96wPN/AAAAAAAAAAAAAAAAAACAURP+0X/7K5tD+aZBzl0EAAAAAAAAAAAAAAAAAAAAAGDk/dXv/6b9H/H+939jfv8XGCF/AgAA///7WndM") mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480)='configfs\x00', 0x0, 0x0) 3m39.824654513s ago: executing program 1 (id=2486): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)) ioctl$TUNGETDEVNETNS(r0, 0xc0189436, 0x20000000) 3m39.065803564s ago: executing program 1 (id=2496): r0 = io_uring_setup(0x1de0, &(0x7f0000000440)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000001c0), 0x0) 3m38.914570824s ago: executing program 33 (id=2496): r0 = io_uring_setup(0x1de0, &(0x7f0000000440)) io_uring_register$IORING_REGISTER_PROBE(r0, 0x8, &(0x7f00000001c0), 0x0) 26.71621439s ago: executing program 3 (id=5322): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000000)) 25.95489461s ago: executing program 3 (id=5329): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4000000}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {0x4, 0x1, 0xb, 0x9, 0xa}}}, &(0x7f0000000200)='syzkaller\x00', 0x9, 0x1003, &(0x7f0000001e40)=""/4099, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 25.262091732s ago: executing program 3 (id=5334): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TIPC_NL_SOCK_GET(r0, &(0x7f0000000580)={&(0x7f0000000280), 0xc, &(0x7f0000000400)={&(0x7f0000000740)={0x14, 0x0, 0x800, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x4051) 24.618523774s ago: executing program 3 (id=5339): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a8f4dd086d0492082a6d0000000109021b0001000000000904"], 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x18, &(0x7f00000000c0)={0x0, 0x0, 0x1, '\''}, 0x0, 0x0, 0x0, 0x0}) 22.179630196s ago: executing program 3 (id=5350): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1276, &(0x7f0000001f80)="$eJzs3UtrJFUYBuCvks51zEUdR2dAPOhGEdpJFq5ECDIDYkCJZkAFocZ0tEnnQroJtAsnrlwJ/gxRl+4E8Q9k48a1IIhk43IWYknSHU0nnduYdGR4nk0fTp23vqoUVVDhHGr7lS+Xlxbr5cW8EX1ZFqW1gSjdT5GiL/qjZTNeuPPzL0+//e57b8zMzt6aS+n2zDtTL6eUxp/54f1Xv332x8aVO9+Nfz8UW5MfbP8x/evWta3r2399E9V6qtbTymoj5enu6mojv1urpIVqfamc0lu1Sl6vpOpKvbLesX2xtrq21kz5ysLY6Np6pV5P+UozLVWaqZGlxnoz5R/l1ZVULpfT2GjwX8x/fb8oioiiGIjBKIqiGInRuBKPxFiMx0RMxqPxWDweV+OJuBZPxlNxfXfUZR83AAAAAAAAAAAAAAAAAAAAPFxOWP+fWf8PAAAAAAAAAAAAAAAAAAAAF+/g+v9ShO//AwAAAAAAAAAAAAAAAAAAQI+d8P3/A+v/X7T+HwAAAAAAAAAAAAAAAAAAAC7CcOtnLqXhiOXPN+Y35lu/rf6ZxahGLSpxMybiz9hd/d/Sat9+ffbWzbRrMl5avtfO39uY7+/I98XARExmXfNTrXzqzA/F6P760zERV7vXn+6aH47nn9vJf9bKl2MifvowVqMWCxFZ++x3859OpfTam7MjnfkbO+OO1H/BlwUAAADOUzn94/D7+2Z7UNftrU3t9/PUHpkd8/+BA+/npbhRuqyzZk+9+clSXqtV1k/dyLL9qcGj9zN41j2f0MgiIo/9PeOjv83tFD+3Eg/a6O9p0YHjxzzANd1rROl/8Mc8h8bvX+3rGY7eVu9r3xJ5bef5ebpUbBbFmWoNtYuc9sC63oxDx6WOfmZkF/xMonf+veiXfSQAAAAAAAAAAACcRdfZfyMRcWg+4MeHevamh3fG99ZGn2Zm2Re9OUkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv9mBYwEAAAAAYf7WaXRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwVQAAAP//lKjLvg==") execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x0, 0x0, 0x0) 20.043450014s ago: executing program 4 (id=5367): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r0, 0x0, 0x0) 19.995349866s ago: executing program 2 (id=5368): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, 0x0, 0x3e) 19.715025654s ago: executing program 6 (id=5369): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x18, 0x140c, 0x301, 0x70bd29, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x4c000}, 0x0) 19.535396669s ago: executing program 0 (id=5370): r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) ioctl$SOUND_MIXER_READ_RECSRC(r0, 0x80044dff, &(0x7f0000000040)) 19.50495182s ago: executing program 7 (id=5371): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=@newtaction={0x78, 0x1e, 0x109, 0x70bd2b, 0x0, {}, [{0x64, 0x1, [@m_bpf={0x30, 0x16, 0x0, 0x0, {{0x8}, {0x4}, {0x6, 0x6, '3F'}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0xe42326e9d602b717}}}}, @m_gact={0x30, 0xe, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x78}, 0x1, 0x2b1e, 0x0, 0x40044}, 0x0) 19.372675833s ago: executing program 2 (id=5372): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_VFIO_CHECK_EXTENSION(r0, 0x3b65, 0x4) 19.338996542s ago: executing program 4 (id=5373): r0 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000005c0)={'veth1_to_bond\x00', &(0x7f0000000000)=@ethtool_cmd={0x27, 0x6, 0x4, 0x0, 0x8, 0x0, 0x0, 0x0, 0xff, 0x0, 0xffffffff, 0x0, 0xfffb, 0x0, 0x4, 0x2, [0x800000]}}) 19.116143342s ago: executing program 6 (id=5374): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000540)=[@in6={0xa, 0x4e22, 0x4, @local, 0x9}], 0x1c) 18.849777064s ago: executing program 2 (id=5375): r0 = syz_open_procfs(0x0, &(0x7f00000023c0)='net/tcp\x00') read$FUSE(r0, &(0x7f0000000000)={0x2020}, 0x96) 18.83457312s ago: executing program 0 (id=5376): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000009940), 0x2, 0x0) write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000009980)={0x2e, 0x6, 0x0, {0x0, 0x0, 0xffffffffffffff07, 0x0, 'syz1\x00'}}, 0x2e) 18.790931231s ago: executing program 7 (id=5377): r0 = syz_open_dev$media(&(0x7f0000000080), 0x901c, 0x0) ioctl$MEDIA_IOC_SETUP_LINK(r0, 0xc0347c03, &(0x7f00000007c0)={{0x80000000, 0x0, 0x1, [0x9, 0x8]}, {0x80000000, 0x0, 0x1, [0xc, 0x8]}, 0x1, [0x3, 0xe93b4908]}) 18.784949804s ago: executing program 4 (id=5378): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x1c) 18.528880998s ago: executing program 6 (id=5379): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000080)={{{@in6=@ipv4={'\x00', '\xff\xff', @private=0xa010101}, @in=@broadcast, 0x4e21, 0x9, 0x4e22, 0x5, 0x2, 0x42a6340857f25ec8, 0x80, 0x6}, {0x3, 0xfff, 0x5, 0x0, 0xff, 0x5, 0x7, 0x100000000}, {0xfffffffffffff800, 0x5, 0x4000000000000, 0x1}, 0x2, 0x6e6bbe, 0x0, 0x1, 0x0, 0x2}, {{@in=@local, 0x4d6, 0x2b}, 0x2, @in=@empty, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x402}}, 0xe8) 18.278543777s ago: executing program 0 (id=5380): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="500000001000110f0300"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b00010067656e657665000010000280040006000500080001"], 0xff0e}}, 0x0) 18.23250572s ago: executing program 4 (id=5381): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001900)=ANY=[@ANYBLOB="240000001e0001"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0) 18.215917438s ago: executing program 7 (id=5382): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0xfc, 0x200000000000000, 0x0}) 18.173182059s ago: executing program 3 (id=5383): r0 = socket$phonet(0x23, 0x2, 0x1) ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000040)=0x200) 18.086227453s ago: executing program 2 (id=5384): syz_usb_connect(0x0, 0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000022546940fa0ae803d0990102030109023600010000000009047500038cbb2a0009050a001000010000090588"], 0x0) shmctl$IPC_RMID(0x0, 0x0) 17.906831391s ago: executing program 6 (id=5385): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="9000000000010104000000000000000002008000240001801400018008000100ac14140008000200ac1e00010c00028005000100000000002400028014000180080001007f00000108000200ac1e00010c000200050001000000000008000740000000001c0018800800024000000000080001"], 0x90}}, 0x0) 17.62195051s ago: executing program 7 (id=5386): r0 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x480, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3b0, 0xffffffff, 0xffffffff, 0x3b0, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [], [], 'ip6gretap0\x00', 'macsec0\x00'}, 0x0, 0x1c8, 0x1f0, 0x0, {}, [@common=@inet=@ecn={{0x28}, {0x29}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4e0) 17.525114088s ago: executing program 0 (id=5387): r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) fsetxattr$security_evm(r0, &(0x7f0000000040), &(0x7f00000000c0)=@v2={0x5, 0x2, 0xe, 0x8}, 0x9, 0x1) 17.473536229s ago: executing program 4 (id=5388): fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0xfffffffb) 17.274361987s ago: executing program 6 (id=5389): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x500, &(0x7f0000000a40)="$eJzs3b9vW1sdAPDvdeImL8996YM3AAJeeTwoqKrzo69RVQbaBYSqSoiKiaENiRtFsesoTkoTOqQjOxJFTPAnsDEgdWJgY4ONpQxIBSpQA+pw0b12EzeJ60B+uLU/H+nm3nPujb/n2D3n+J7aOQEMrLMRsRkRpyLidkSMt/KT1hZXm1t23fNnD+a2nj2YSyJNb/49yc9nedH2O5l3W485GhHf+3bED5O9cRvrG0uz1WplpZWeWK0tTzTWNy4sFlo50zNTM5OXL16abv+1nx+mrh/Wfv30W4vXv//b33zhyR82v/7jrFiln5zOz7XX4yg1q16MUlvecERcP45gPTLc+vfD2ydrbZ+KiI/y9j8eQ/mrCQD0szQdj3S8Pb3jPykA0I+y+/9SJIVyay6gFIVCudycw/sgxgrVemP1/Hh97e585HNYZ6JYuLNYrUy25grPRDHJ0lP58U56elf6YkS8HxE/HXknT5fn6tX5Xr7xAYAB9u6u8f9fI83xHwDoc6O9LgAAcOKM/wAweIz/ADB4/ofx37cDAaBPuP8HgMFj/AeAwdN1/H94MuUAAE7Ed2/cyLZ0q/X3r+fvra99o3TvwnylsVSurc2V5+ory+WFen2hWinPpWm3x6vW68tTn2wnG+sbt2r1tburtxZrswuVW5XiMdcHAOju/Q8f/ymJiM0r7+RbtK3lYKyG/lbodQGAnhnqdQGAnvF9HhhcB7jHNw0AfW6fJXpf0fEjQo8s/gpvq3OfNf8Pg8r8Pwyu/2/+/5tHXg7g5L2c/99M0+4f7gX6Spom0es1iAGAk2WOHzjU//8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAgCrlW1Io52uBb2Y/C+VyxOmIOBPF5M5itTIZEe9FxB9HiiNZeqrXhQYADqnw16S1/te58Y9Lu8+eSv49ku8j4ke/uPmz+7OrqytTWf4/tvNXH7Xyp0/1ogIAQLure7Oa43Rr33Yj//zZg7mX20kW8em15uKiWdyt1tY8MxzD+X40ihEx9s+klW7K3q8MHUH8zYcR8Zmd+t9vi1DK50CaK5/ujp/FPn0M8Xee/93xC6/EL+Tnsn0xfy4+fQRlgUHz+Fqzn2y1vayJZe3vRZqmcTa/Yv/2P5r3UIf3sv/b2tP/Fbb7v6E98ZO8zZ/dTr++JE8/+d139mSm481zDyM+N7xf/GQ7ftKh//34gHX88+e/+FGnc+kvI87F/vGbank3O7FaW55orG9cWKzNLlQWKnenp2emZiYvX7w0PZHPUTd//n6/GH+7cv69TvGz+o91iD/apf5fOWD9f/Xi9g++9Jr4X/vy/q//B6+Jn42JXz1g/Nmxqx2X787iz3eof7fX//wB4z/5y8b8AS8FAE5AY31jabZarax0Ocjea3a7xsHbeRCbEW9AMRy8UQe97pmA47bT6HtdEgAAAAAAAAAAAAAAoJPG+sbSSBzv14l6XUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6138DAAD//8731/g=") lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0) 17.148909129s ago: executing program 7 (id=5390): syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x200000, &(0x7f0000000280)={[{@uid}, {@dir_umask={'dir_umask', 0x3d, 0x7}}, {@gid}, {@type={'type', 0x3d, "9d119198"}}, {@codepage={'codepage', 0x3d, 'cp950'}}, {}, {@iocharset={'iocharset', 0x3d, 'cp864'}}, {@file_umask={'file_umask', 0x3d, 0x3}}]}, 0x4, 0x337, &(0x7f0000000540)="$eJzs3U1r1EAYB/D/ZN9tqbGtVDxWC55KWw+KCIr05hfwIMXabqE0VrAVrChWzyLeBMGjN8+iX0Ev4hfQUw/Fk16KSCMzmWRntzPZTV82u/T/g+7rPJlnkkwysxIDIjq2bsz+eH9xS/6JEoACgCuAB6AKFAGcxlj14er68npQX0xbUEFFyD+BKFLsKbOwWreFyjgVofnyXRGD5md0NMIwDH+2LfW7K7lQfkTU9/fwgIruner7atcz25fNDgpUupNKDzG2sNjBDh5hKM90iIgof/r87+mzxKAev3seMKHH4f10/o+ZM4im8c0O8ORk9/PpGcn534veh0KuH7VGRGO+p6Zwch168SzRtizrPhE2VncZ0Z7VtAFEu1mlysWrLS0H9clNtYAXuKYZxUbV4yLihiiubMvR07hlbpoire3pBlQbSrINJUf+I5lr/LyNN/bq5r52kJP4Ir6JOeHjLRaT8V8xFHLlqPXjAzUzIMp/yr1E1Uo/KtXUykbvO6UqORtvgU8fGq2sudZrFQWZi41cimgdv/txnq/L7igMNx8UdOum3a1TUSPWqJnk/V9r1GhrVG2pFNQnF+4HqT+lHBrrjE68ErfEOH7hI2aN8b8nS0/A3TOberlQJfWekdqeoirp2I5NVAe+l6lnEvAvjGQMe4m7uIyhtY3HK/NBUH+Q/4u4q/RIPtGOqHdH+Yl8NsqgKl+UABxapbthGFq/KuIQqijHqbpyLqmmXnqXNFkdZvVPKQerHZvROjS+uu4u3Dhsyk/iI0LGSlX4syRKni2yhP/Rta9t2HdIYWRYPtodMq5qPgjOJBuugEpHPaW2j0pvPl2ZD/ZzLKJ+Y/SXsdvbV/NOh7pPjrtENP8z5itT6qgjH/yU2UjbUYexxGnHDGhYPZ7obAaXLNY5ThyIXwT1mbQ517kLwPmWGj3ENT5vXayv80Qv/qtkxZZWLS1CzOI77vD3fyIiIiIiIiIiIiIiIiIiIiIiIiKifpP1agT35QS7+jok+5UYDVvH8D/eICIiIiIiIiIiIiIiIiIiIiIiIiIiIiI6GOP+v0BB3TGmnPv9fwsd3P9XtL3FJxG18T8AAP//uTRlfg==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) 17.036725418s ago: executing program 0 (id=5391): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@mpls_delroute={0x24, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_DST={0x8, 0x1, {0x100}}]}, 0x24}}, 0x0) 16.94610565s ago: executing program 4 (id=5392): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_ifreq(r0, 0x8994, &(0x7f0000000180)={'veth1_to_bond\x00', @ifru_addrs=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xe}}) 16.537828213s ago: executing program 0 (id=5393): r0 = syz_open_dev$evdev(&(0x7f0000000200), 0x200, 0x0) ioctl$EVIOCSCLOCKID(r0, 0x40084504, &(0x7f0000ffcffc)) 16.480037925s ago: executing program 7 (id=5394): clock_gettime(0x4, &(0x7f0000000140)={0x0, 0x0}) clock_settime(0x0, &(0x7f0000000240)={r0, r1+60000000}) 16.138301858s ago: executing program 6 (id=5395): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bind(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x4000, 0x0) 15.780922107s ago: executing program 2 (id=5396): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f0000000100)={[{@grpid}, {@auto_da_alloc}, {@delalloc}, {@nodioread_nolock}, {@init_itable}]}, 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ////8+wKHhUtID7hAOjFcXV39P50ZViLApWvd/+93II+TBRgpxb5GAAKj7P++/3+uNH2ohAAAgIGbbk1JoZR9vTcdhUKpFHGz9bMAxWRto1qZj4gnIuK3M8VrzfpCa8vk3GsGAAAAAAAAAAAAAAAAAAAAAAAAAKAtTZNIAQAAgJEWUfhT8sv2s/znZp6f7v5+YCL5V+sngSci4q0fvvH9u8uNxu5Cc/nfjpY3fpAtf3EY32AAAAAA3TrX6a35P4edDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACj5r0Hb690pj5ePjWouH/5QkTM5sUfj8nWfDKKEXH970mMn9guiYixAcQ/vBcRH82LnzTTOgqZF38Qb8I58WM2exfy4t8YQHy4yu43jz+v5fW/Qjzbmuf3v/GI/6l/UL2Pf3F0/Bvr0f9v9hnjqXd+Vu4Z/17EU+P5x59O/KRH/Of6jP/1rx0c9FqX/ihirvP50zrinYxwXCo3tnbK9f2D2xtby+uV9cr24uLCy0uvLL20NF9e26hWsn9zY3zn6Z+/f1b7r+d+/iVZNr3b/3zO/vI+k/7zzt0HH+5UDk/Hv/VcTvxf/Th7xen4hSzOp7Jyc/1cp3zYLp/0zE9/88xZ7V89bn/xYf7/b/XaabdTHeXpfv90AIALUN8/2FyuViu7I1toXqU/AmkoPIKFbw10h2maps0+lbPqfkT0s58kBtzSQn4+x4WeR4BhH5kAAIBBOz7pH3YmAAAAAAAAAAAAAAAAAAAAcHVdxlPWumMePwI5GcQjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuK/AQAA//+VeNP6") lsetxattr$security_capability(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0) 15.351160195s ago: executing program 2 (id=5397): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x2, 0x7, 0x3, 0x0, 0x0, {0xa, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x48085}, 0x8000) 3.084507261s ago: executing program 34 (id=5383): r0 = socket$phonet(0x23, 0x2, 0x1) ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000040)=0x200) 1.583668475s ago: executing program 35 (id=5392): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_ifreq(r0, 0x8994, &(0x7f0000000180)={'veth1_to_bond\x00', @ifru_addrs=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xe}}) 1.096628922s ago: executing program 36 (id=5393): r0 = syz_open_dev$evdev(&(0x7f0000000200), 0x200, 0x0) ioctl$EVIOCSCLOCKID(r0, 0x40084504, &(0x7f0000ffcffc)) 917.05158ms ago: executing program 37 (id=5394): clock_gettime(0x4, &(0x7f0000000140)={0x0, 0x0}) clock_settime(0x0, &(0x7f0000000240)={r0, r1+60000000}) 763.913586ms ago: executing program 38 (id=5395): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bind(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x4000, 0x0) 0s ago: executing program 39 (id=5397): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, 0x2, 0x7, 0x3, 0x0, 0x0, {0xa, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x48085}, 0x8000) kernel console output (not intermixed with test programs): ice number 5 [ 379.794085][T15163] "syz.4.3686" (15163) uses obsolete ecb(arc4) skcipher [ 379.963371][T15175] loop2: detected capacity change from 0 to 4096 [ 380.064608][T15175] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 380.183441][T15190] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3693'. [ 380.183730][T15187] loop3: detected capacity change from 0 to 512 [ 380.284496][T15175] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 380.314061][T15187] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 380.415399][T15187] ext4 filesystem being mounted at /632/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 380.443677][T15203] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 380.604472][T15187] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2977: inode #15: comm syz.3.3694: corrupted xattr block 85: invalid header [ 380.633822][ T3464] ntfs3(loop2): ino=1a, ntfs3_write_inode failed, -22. [ 380.683434][ T5833] ntfs3(loop2): ino=1a, ntfs_sync_fs failed, -22. [ 380.746607][T15187] EXT4-fs warning (device loop3): ext4_evict_inode:276: xattr delete (err -117) [ 380.806174][T15218] loop7: detected capacity change from 0 to 4096 [ 380.829689][T15218] ntfs3(loop7): Failed to initialize $Extend/$ObjId. [ 380.903077][T15218] ntfs3(loop7): ino=5, "/" attr_set_size [ 380.919103][T15218] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 381.009162][T15230] netlink: 6 bytes leftover after parsing attributes in process `syz.2.3702'. [ 381.189763][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.222337][T15237] netlink: 'syz.4.3712': attribute type 13 has an invalid length. [ 381.244746][T15230] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 381.409573][T15237] gretap0: refused to change device tx_queue_len [ 381.416890][T15237] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 381.432671][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 381.432689][ T29] audit: type=1326 audit(1733362838.863:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15240 comm="syz.3.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23baf7ff19 code=0x7ffc0000 [ 381.487715][T15242] netlink: 'syz.6.3711': attribute type 5 has an invalid length. [ 381.564937][ T29] audit: type=1326 audit(1733362838.883:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15240 comm="syz.3.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23baf7ff19 code=0x7ffc0000 [ 381.596863][T15242] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3711'. [ 381.649046][ T29] audit: type=1326 audit(1733362838.883:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15240 comm="syz.3.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f23baf7ff19 code=0x7ffc0000 [ 381.797990][ T29] audit: type=1326 audit(1733362838.883:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15240 comm="syz.3.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23baf7ff19 code=0x7ffc0000 [ 381.938969][ T29] audit: type=1326 audit(1733362838.883:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15240 comm="syz.3.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23baf7ff19 code=0x7ffc0000 [ 382.000908][T15260] x_tables: duplicate entry at hook 3 [ 382.809342][T15297] Cannot find del_set index 1 as target [ 383.104450][ T968] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 383.174881][T15321] netlink: 'syz.4.3745': attribute type 21 has an invalid length. [ 383.182872][T15321] netlink: 128 bytes leftover after parsing attributes in process `syz.4.3745'. [ 383.192092][T15321] netlink: 'syz.4.3745': attribute type 5 has an invalid length. [ 383.199972][T15321] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3745'. [ 383.284484][ T968] usb 1-1: Using ep0 maxpacket: 32 [ 383.298745][ T968] usb 1-1: config 0 interface 0 has no altsetting 0 [ 383.305713][ T968] usb 1-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e [ 383.325574][ T5897] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 383.364394][ T968] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.398265][T15329] loop7: detected capacity change from 0 to 512 [ 383.430391][ T968] usb 1-1: config 0 descriptor?? [ 383.487105][ T968] usb 1-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state [ 383.488930][T15329] EXT4-fs error (device loop7): ext4_clear_blocks:876: inode #13: comm syz.7.3750: attempt to clear invalid blocks 1 len 1 [ 383.514688][T15329] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3750: bg 0: block 343: padding at end of block bitmap is not set [ 383.536124][T15329] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 383.554404][ T5897] usb 4-1: Using ep0 maxpacket: 16 [ 383.584887][ T5897] usb 4-1: unable to get BOS descriptor or descriptor too short [ 383.593714][ T5897] usb 4-1: config 1 has an invalid interface number: 26 but max is 1 [ 383.602015][ T5897] usb 4-1: config 1 has an invalid interface number: 89 but max is 1 [ 383.610362][ T968] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 383.610845][ T5897] usb 4-1: config 1 has an invalid descriptor of length 11, skipping remainder of the config [ 383.630934][ T5897] usb 4-1: config 1 has no interface number 0 [ 383.641075][T15329] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.3750: invalid indirect mapped block 1819239214 (level 0) [ 383.702251][ T968] dvbdev: DVB: registering new adapter (HCW 126xxx) [ 383.709056][ T5897] usb 4-1: config 1 has no interface number 1 [ 383.715341][ T5897] usb 4-1: config 1 interface 26 altsetting 213 bulk endpoint 0xC has invalid maxpacket 1023 [ 383.719483][ T968] usb 1-1: media controller created [ 383.726983][ T5897] usb 4-1: config 1 interface 26 altsetting 213 bulk endpoint 0xD has invalid maxpacket 8 [ 383.741399][ T5897] usb 4-1: config 1 interface 26 altsetting 213 endpoint 0x8 has invalid maxpacket 1023, setting to 64 [ 383.752903][ T5897] usb 4-1: config 1 interface 26 altsetting 213 has 3 endpoint descriptors, different from the interface descriptor's value: 5 [ 383.766474][ T5897] usb 4-1: config 1 interface 89 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 383.779783][ T5897] usb 4-1: config 1 interface 26 has no altsetting 0 [ 383.786998][ T5897] usb 4-1: config 1 interface 89 has no altsetting 0 [ 383.805372][ T968] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 383.839776][T15329] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.3750: invalid indirect mapped block 1819239214 (level 1) [ 383.884945][ T968] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 383.891838][ T968] error writing reg: 0xff, val: 0x00 [ 383.921963][ T5897] usb 4-1: New USB device found, idVendor=1f38, idProduct=0001, bcdDevice=29.ec [ 383.923544][T15329] EXT4-fs (loop7): 1 truncate cleaned up [ 383.928942][ T5897] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 383.966034][T15329] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 383.974863][ T5897] usb 4-1: Product: syz [ 383.984648][ T5897] usb 4-1: Manufacturer: syz [ 383.989282][ T5897] usb 4-1: SerialNumber: syz [ 384.014765][T15294] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 384.022893][T15294] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 384.035936][ T968] dvb_usb_mxl111sf 1-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22 [ 384.114650][ T968] usb 1-1: USB disconnect, device number 23 [ 384.192453][T15348] netlink: 'syz.2.3756': attribute type 16 has an invalid length. [ 384.224936][T15348] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3756'. [ 384.235538][T15329] tmpfs: Bad value for 'mpol' [ 384.324788][ T5897] usb 4-1: unknown interface protocol 0x7d, assuming v1 [ 384.331843][ T5897] usb 4-1: 26:2 : does not exist [ 384.349485][T12390] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.376571][ T5897] usb 4-1: unknown interface protocol 0x13, assuming v1 [ 384.383995][ T5897] usb 4-1: 89:2 : does not exist [ 384.443293][ T5897] usb 4-1: USB disconnect, device number 25 [ 384.554828][ T968] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 384.656344][ T5846] udevd[5846]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.26/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 384.776054][ T968] usb 7-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 384.785399][ T968] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.823474][ T968] usb 7-1: config 0 descriptor?? [ 384.842073][ T968] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 385.248028][ T968] gspca_stv06xx: I2C: Read error writing address: -71 [ 385.285208][ T968] usb 7-1: USB disconnect, device number 6 [ 385.452398][T15354] loop2: detected capacity change from 0 to 32768 [ 385.480105][T15378] overlayfs: conflicting options: userxattr,metacopy=on [ 385.505228][T15354] (syz.2.3760,15354,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 385.548002][T15354] (syz.2.3760,15354,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 385.548189][T15380] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 385.710278][T15358] loop4: detected capacity change from 0 to 32768 [ 385.834650][T15354] JBD2: Ignoring recovery information on journal [ 385.944733][ T5897] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 385.974691][T15354] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 386.114922][ T5897] usb 8-1: Using ep0 maxpacket: 16 [ 386.132202][ T5897] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 386.163078][ T5897] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 386.239056][ T5897] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 386.248761][ T5897] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.262399][ T5897] usb 8-1: Product: syz [ 386.310230][ T5897] usb 8-1: Manufacturer: syz [ 386.328581][ T5897] usb 8-1: SerialNumber: syz [ 386.337622][ T5833] ocfs2: Unmounting device (7,2) on (node local) [ 386.868062][T15424] netlink: 'syz.4.3791': attribute type 10 has an invalid length. [ 386.878891][T15424] team0: Device netdevsim0 is up. Set it down before adding it as a team port [ 386.975476][ T5897] usb 8-1: cannot find UAC_HEADER [ 387.196096][ T5897] snd-usb-audio 8-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 387.243077][ T5897] usb 8-1: USB disconnect, device number 6 [ 387.377038][T15430] loop3: detected capacity change from 0 to 4096 [ 387.422980][T15444] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 387.431348][T15444] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 387.665712][ T5846] udevd[5846]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 387.725010][T15450] loop7: detected capacity change from 0 to 2048 [ 387.792991][T15450] UDF-fs: error (device loop7): udf_process_sequence: Primary Volume Descriptor not found! [ 387.857845][T15450] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 387.925531][T15450] UDF-fs: error (device loop7): udf_fiiter_advance_blk: extent after position 0 not allocated in directory (ino 1376) [ 388.614606][T15485] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3824'. [ 388.824912][T15491] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 388.896293][T15497] binder: binder_mmap: 15494 20174000-20d74000 bad vm_flags failed -1 [ 389.266116][T15505] loop2: detected capacity change from 0 to 136 [ 389.401290][T15513] loop4: detected capacity change from 0 to 256 [ 389.497926][T15516] overlayfs: disabling nfs_export due to verity=require [ 389.525371][T15516] overlayfs: missing 'lowerdir' [ 389.681035][T15524] loop6: detected capacity change from 0 to 1024 [ 389.716525][T15526] mmap: syz.7.3841 (15526): VmData 37470208 exceed data ulimit 1243. Update limits or use boot option ignore_rlimit_data. [ 389.804122][ T5833] iso9660: Corrupted directory entry in block 1 of inode 1536 [ 389.813799][ T5833] iso9660: Corrupted directory entry in block 1 of inode 1536 [ 389.834734][T15524] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 389.909636][T15524] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 389.936786][T15535] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3842'. [ 389.964452][T15524] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 389.966343][T15537] netlink: 'syz.2.3839': attribute type 1 has an invalid length. [ 390.002588][T15535] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3842'. [ 390.028297][T15524] EXT4-fs error (device loop6): ext4_get_journal_inode:5809: inode #5: comm syz.6.3843: unexpected bad inode w/o EXT4_IGET_BAD [ 390.102890][T15524] EXT4-fs (loop6): no journal found [ 390.129148][T15524] EXT4-fs (loop6): can't get journal size [ 390.174192][T15524] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 390.366717][T15552] xt_CT: You must specify a L4 protocol and not use inversions on it [ 390.455903][T10017] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.616019][T15558] netlink: 'syz.3.3858': attribute type 10 has an invalid length. [ 390.623899][T15558] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3858'. [ 390.673885][T15558] batman_adv: batadv0: Adding interface: vlan1 [ 390.688431][T15558] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 390.730633][T15558] batman_adv: batadv0: Interface activated: vlan1 [ 391.054547][ T5912] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 391.248708][ T5912] usb 1-1: Using ep0 maxpacket: 16 [ 391.278165][ T5912] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 391.288203][ T5896] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 391.331278][ T5912] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 391.340253][T15583] loop3: detected capacity change from 0 to 256 [ 391.359263][ T5912] usb 1-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice=f4.95 [ 391.369419][ T5912] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.377609][ T5912] usb 1-1: Product: syz [ 391.382169][ T5912] usb 1-1: Manufacturer: syz [ 391.386994][ T5912] usb 1-1: SerialNumber: syz [ 391.418911][ T5912] usb 1-1: config 0 descriptor?? [ 391.424622][T15564] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 391.432423][T15564] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 391.452785][T15583] FAT-fs (loop3): Directory bread(block 64) failed [ 391.459813][T15583] FAT-fs (loop3): Directory bread(block 65) failed [ 391.475460][T15583] FAT-fs (loop3): Directory bread(block 66) failed [ 391.482093][T15583] FAT-fs (loop3): Directory bread(block 67) failed [ 391.519484][T15583] FAT-fs (loop3): Directory bread(block 68) failed [ 391.533829][T15583] FAT-fs (loop3): Directory bread(block 69) failed [ 391.564676][T15583] FAT-fs (loop3): Directory bread(block 70) failed [ 391.592561][T15583] FAT-fs (loop3): Directory bread(block 71) failed [ 391.625707][T15583] FAT-fs (loop3): Directory bread(block 72) failed [ 391.680432][T15564] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 391.703991][T15583] FAT-fs (loop3): Directory bread(block 73) failed [ 391.724208][T15564] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 391.762609][T15595] bridge2: the hash_elasticity option has been deprecated and is always 16 [ 391.816311][ T5896] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 391.827241][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.844696][ T5896] usb 5-1: Product: syz [ 391.849142][ T5896] usb 5-1: Manufacturer: syz [ 391.853786][ T5896] usb 5-1: SerialNumber: syz [ 391.955902][ T5896] usb 5-1: config 0 descriptor?? [ 392.070052][ T5896] ch341 5-1:0.0: ch341-uart converter detected [ 392.076500][ T5912] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 392.090060][ T5912] asix 1-1:0.0: probe with driver asix failed with error -71 [ 392.161405][ T5912] usb 1-1: USB disconnect, device number 24 [ 392.180855][T15606] nft_compat: unsupported protocol 0 [ 392.296252][T15611] ieee802154 phy0 wpan0: encryption failed: -90 [ 392.451683][ T5896] usb 5-1: failed to send control message: -71 [ 392.478970][ T5896] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 392.550619][ T46] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 392.639588][T15622] loop6: detected capacity change from 0 to 256 [ 392.674019][ T5896] usb 5-1: USB disconnect, device number 21 [ 392.688219][ T5896] ch341 5-1:0.0: device disconnected [ 392.735981][ T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 392.784881][ T46] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 392.794252][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 392.873767][ T46] usb 3-1: config 0 descriptor?? [ 392.888065][T15622] FAT-fs (loop6): Directory bread(block 64) failed [ 392.896107][T15622] FAT-fs (loop6): Directory bread(block 65) failed [ 392.902739][T15622] FAT-fs (loop6): Directory bread(block 66) failed [ 392.909745][T15622] FAT-fs (loop6): Directory bread(block 67) failed [ 392.930568][T15622] FAT-fs (loop6): Directory bread(block 68) failed [ 392.950890][T15622] FAT-fs (loop6): Directory bread(block 69) failed [ 392.959041][T15622] FAT-fs (loop6): Directory bread(block 70) failed [ 392.966616][T15622] FAT-fs (loop6): Directory bread(block 71) failed [ 392.973336][T15622] FAT-fs (loop6): Directory bread(block 72) failed [ 392.980780][T15622] FAT-fs (loop6): Directory bread(block 73) failed [ 393.246125][ T46] ath6kl: Failed to submit usb control message: -71 [ 393.252838][ T46] ath6kl: unable to send the bmi data to the device: -71 [ 393.260064][ T46] ath6kl: Unable to send get target info: -71 [ 393.269696][ T46] ath6kl: Failed to init ath6kl core: -71 [ 393.276286][ T46] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 393.358171][ T46] usb 3-1: USB disconnect, device number 27 [ 393.525946][T15651] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.3903'. [ 393.675510][T15657] loop7: detected capacity change from 0 to 256 [ 393.683138][T15657] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 393.695376][T15660] x_tables: unsorted entry at hook 3 [ 393.830077][T15657] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 393.872961][T15664] bridge3: entered promiscuous mode [ 393.917041][T15667] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3909'. [ 393.932396][T15664] bridge3: entered allmulticast mode [ 394.083271][T15665] loop6: detected capacity change from 0 to 4096 [ 394.304846][T15665] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 394.707878][T15665] ntfs3(loop6): failed to convert "c46c" to cp437 [ 395.122940][T15718] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3930'. [ 395.637555][T15733] loop4: detected capacity change from 0 to 16 [ 395.724744][T15733] erofs (device loop4): mounted with root inode @ nid 36. [ 395.773813][T15739] loop2: detected capacity change from 0 to 64 [ 395.815985][T15733] erofs (device loop4): inconsistent algorithmtype 0 for nid 36 [ 395.862217][T15733] erofs (device loop4): inconsistent algorithmtype 0 for nid 36 [ 395.914499][T15733] erofs (device loop4): read error -117 @ 72 of nid 36 [ 395.977915][T15747] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3943'. [ 396.197667][T15754] loop6: detected capacity change from 0 to 512 [ 396.414410][T15754] EXT4-fs error (device loop6): ext4_orphan_get:1415: comm syz.6.3948: bad orphan inode 4 [ 396.525099][T15754] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 396.641118][T15778] openvswitch: netlink: IPv4 tunnel dst address is zero [ 396.653434][T15777] dvmrp0: entered allmulticast mode [ 396.697595][T10017] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 396.834768][ T5912] usb 3-1: new full-speed USB device number 28 using dummy_hcd [ 396.907140][T15782] loop3: detected capacity change from 0 to 128 [ 396.943641][T15786] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3960'. [ 396.966166][T15782] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 397.002836][T15782] ext4 filesystem being mounted at /677/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 397.023458][ T5912] usb 3-1: config 4 has an invalid interface number: 231 but max is 0 [ 397.050212][ T5912] usb 3-1: config 4 has no interface number 0 [ 397.099469][ T5912] usb 3-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 397.123217][ T5912] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 397.162893][ T5912] usb 3-1: Product: syz [ 397.193385][ T5912] usb 3-1: Manufacturer: syz [ 397.213425][ T5912] usb 3-1: SerialNumber: syz [ 397.241894][ T5834] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 397.294175][ T5912] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 397.423887][T15803] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3969'. [ 397.510468][T15806] xt_TPROXY: Can be used only with -p tcp or -p udp [ 397.555395][ T5912] vp7045: USB control message 'out' went wrong. [ 397.564362][ T5912] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 397.585038][ T5912] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 397.654467][ T5912] usb 3-1: USB disconnect, device number 28 [ 398.034673][T15825] trusted_key: encrypted_key: keylen parameter is missing [ 398.264157][T15822] loop4: detected capacity change from 0 to 32768 [ 398.314458][ T968] usb 8-1: new full-speed USB device number 7 using dummy_hcd [ 398.386687][T15822] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 398.440207][T15822] JBD2: Ignoring recovery information on journal [ 398.477399][ T968] usb 8-1: config 8 has an invalid interface number: 177 but max is 0 [ 398.515410][ T968] usb 8-1: config 8 has no interface number 0 [ 398.521758][ T968] usb 8-1: config 8 interface 177 altsetting 9 endpoint 0x8 has invalid maxpacket 1023, setting to 64 [ 398.601107][ T968] usb 8-1: config 8 interface 177 has no altsetting 0 [ 398.620717][ T968] usb 8-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1 [ 398.622552][T15822] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 398.645844][ T968] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 398.668427][T15823] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 398.787751][T15822] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total [ 398.867629][T15822] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 398.894589][ T968] usb 8-1: string descriptor 0 read error: -71 [ 398.946700][T15822] OCFS2: Returning error to the calling process. [ 398.953990][ C0] ir_toy 8-1:8.177: out urb status: -71 [ 398.960748][T15822] (syz.4.3978,15822,0):ocfs2_claim_suballoc_bits:2038 ERROR: status = -5 [ 398.984632][T15822] (syz.4.3978,15822,0):__ocfs2_claim_clusters:2412 ERROR: status = -5 [ 399.006493][T15822] (syz.4.3978,15822,0):__ocfs2_claim_clusters:2420 ERROR: status = -5 [ 399.024473][T15822] (syz.4.3978,15822,0):ocfs2_local_alloc_new_window:1216 ERROR: status = -5 [ 399.039064][ T29] audit: type=1326 audit(1733362856.493:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15854 comm="syz.2.3991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 399.073970][T15822] (syz.4.3978,15822,0):ocfs2_local_alloc_new_window:1241 ERROR: status = -5 [ 399.091749][T15822] (syz.4.3978,15822,0):ocfs2_local_alloc_slide_window:1315 ERROR: status = -5 [ 399.113036][ T29] audit: type=1326 audit(1733362856.493:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15854 comm="syz.2.3991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 399.146280][T15822] (syz.4.3978,15822,0):ocfs2_local_alloc_slide_window:1334 ERROR: status = -5 [ 399.169412][T15822] (syz.4.3978,15822,0):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -5 [ 399.186103][T15859] ufs: You didn't specify the type of your ufs filesystem [ 399.186103][T15859] [ 399.186103][T15859] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 399.186103][T15859] [ 399.186103][T15859] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 399.204377][ T29] audit: type=1326 audit(1733362856.513:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15854 comm="syz.2.3991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 399.216813][ C1] vkms_vblank_simulate: vblank timer overrun [ 399.230617][T15859] ufs: ufstype=old is supported read-only [ 399.250046][T15822] (syz.4.3978,15822,0):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -5 [ 399.257268][T15859] ufs: ufs_fill_super(): bad magic number [ 399.274521][T15822] (syz.4.3978,15822,1):ocfs2_reserve_clusters_with_limit:1170 ERROR: status = -5 [ 399.293767][T15822] (syz.4.3978,15822,1):ocfs2_reserve_clusters_with_limit:1219 ERROR: status = -5 [ 399.317763][T15822] (syz.4.3978,15822,1):ocfs2_symlink:1922 ERROR: status = -5 [ 399.324487][ T29] audit: type=1326 audit(1733362856.513:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15854 comm="syz.2.3991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 399.337166][T15822] (syz.4.3978,15822,1):ocfs2_symlink:2076 ERROR: status = -5 [ 399.359499][ T29] audit: type=1326 audit(1733362856.513:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15854 comm="syz.2.3991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 399.464526][ T968] ir_toy 8-1:8.177: could not write reset command: -110 [ 399.471791][ T968] ir_toy 8-1:8.177: probe with driver ir_toy failed with error -110 [ 399.538696][ T968] usb 8-1: USB disconnect, device number 7 [ 399.569432][ T5829] ocfs2: Unmounting device (7,4) on (node local) [ 400.443033][T15904] loop2: detected capacity change from 0 to 1024 [ 400.541124][T15904] EXT4-fs: Ignoring removed orlov option [ 400.555087][T15904] EXT4-fs: Ignoring removed nomblk_io_submit option [ 400.578399][T15904] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 400.758661][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 400.871918][T15925] netlink: 'syz.4.4026': attribute type 1 has an invalid length. [ 400.879877][T15925] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4026'. [ 401.305664][T15941] loop2: detected capacity change from 0 to 8 [ 401.379056][T15941] SQUASHFS error: zlib decompression failed, data probably corrupt [ 401.412889][T15941] SQUASHFS error: Failed to read block 0x4e8: -5 [ 401.425235][ T29] audit: type=1800 audit(1733362858.873:132): pid=15941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4034" name="file1" dev="loop2" ino=5 res=0 errno=0 [ 401.614378][T15948] loop3: detected capacity change from 0 to 256 [ 402.038144][T15974] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4042'. [ 402.074902][T15974] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4042'. [ 402.079735][T15948] FAT-fs (loop3): Directory bread(block 64) failed [ 402.114718][T15948] FAT-fs (loop3): Directory bread(block 65) failed [ 402.151980][T15948] FAT-fs (loop3): Directory bread(block 66) failed [ 402.187754][T15948] FAT-fs (loop3): Directory bread(block 67) failed [ 402.214771][T15948] FAT-fs (loop3): Directory bread(block 68) failed [ 402.234270][T15948] FAT-fs (loop3): Directory bread(block 69) failed [ 402.241214][T15948] FAT-fs (loop3): Directory bread(block 70) failed [ 402.242453][T15977] loop6: detected capacity change from 0 to 512 [ 402.273439][T15948] FAT-fs (loop3): Directory bread(block 71) failed [ 402.305721][T15948] FAT-fs (loop3): Directory bread(block 72) failed [ 402.312319][T15948] FAT-fs (loop3): Directory bread(block 73) failed [ 402.328311][T15977] EXT4-fs (loop6): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 402.535911][T10017] EXT4-fs (loop6): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 402.702719][ T29] audit: type=1400 audit(1733362860.153:133): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA5153386EED838C49D3A pid=15989 comm="syz.6.4056" [ 402.730649][ C1] vkms_vblank_simulate: vblank timer overrun [ 402.775530][T15992] netlink: 'syz.2.4057': attribute type 2 has an invalid length. [ 402.806145][T15992] netlink: 'syz.2.4057': attribute type 1 has an invalid length. [ 402.828672][T15969] loop4: detected capacity change from 0 to 32768 [ 403.053226][T15969] __jfs_setxattr: xattr_size = 1857, new_size = 2089 [ 403.221885][T16006] netlink: 'syz.2.4064': attribute type 2 has an invalid length. [ 403.231259][T16006] netlink: 'syz.2.4064': attribute type 11 has an invalid length. [ 403.256708][T16006] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4064'. [ 403.306934][T16008] netlink: 52 bytes leftover after parsing attributes in process `syz.6.4065'. [ 403.472826][T16013] program syz.3.4069 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 403.725577][T16022] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4073'. [ 404.065312][T16039] loop6: detected capacity change from 0 to 256 [ 404.189426][T16039] FAT-fs (loop6): Directory bread(block 64) failed [ 404.244887][T16039] FAT-fs (loop6): Directory bread(block 65) failed [ 404.251700][T16039] FAT-fs (loop6): Directory bread(block 66) failed [ 404.316880][T16039] FAT-fs (loop6): Directory bread(block 67) failed [ 404.355445][T16039] FAT-fs (loop6): Directory bread(block 68) failed [ 404.416887][T16039] FAT-fs (loop6): Directory bread(block 69) failed [ 404.464886][T16039] FAT-fs (loop6): Directory bread(block 70) failed [ 404.471444][T16039] FAT-fs (loop6): Directory bread(block 71) failed [ 404.504966][T16039] FAT-fs (loop6): Directory bread(block 72) failed [ 404.511609][T16039] FAT-fs (loop6): Directory bread(block 73) failed [ 404.769633][T16057] (unnamed net_device) (uninitialized): up delay (3) is not a multiple of miimon (6516), value rounded to 0 ms [ 405.127446][T16076] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 405.138534][T16076] overlayfs: overlapping lowerdir path [ 405.221351][T16079] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4099'. [ 405.387345][T16085] netlink: 'syz.6.4102': attribute type 32 has an invalid length. [ 405.864709][T16105] cgroup: name respecified [ 405.885940][T16107] loop2: detected capacity change from 0 to 64 [ 406.197004][T16072] loop3: detected capacity change from 0 to 32768 [ 406.323646][T16072] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 406.381055][T16072] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 406.406341][T16115] loop6: detected capacity change from 0 to 4096 [ 406.426130][T16115] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 406.487349][T16115] ntfs3(loop6): failed to convert "c46c" to maciceland [ 406.554053][T16072] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 406.614502][ T968] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 406.621336][ T968] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 406.859680][ T968] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 238ms [ 406.867444][ T968] gfs2: fsid=syz:syz.0: jid=0: Done [ 406.879727][T16072] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 407.015424][T16143] loop7: detected capacity change from 0 to 256 [ 407.036292][T16147] loop2: detected capacity change from 0 to 1024 [ 407.140795][T16143] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 407.267343][ T29] audit: type=1326 audit(1733362864.723:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16152 comm="syz.2.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 407.293801][ T29] audit: type=1326 audit(1733362864.743:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16152 comm="syz.2.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 407.425201][ T29] audit: type=1326 audit(1733362864.793:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16152 comm="syz.2.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 407.505196][ T29] audit: type=1326 audit(1733362864.793:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16152 comm="syz.2.4136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 407.640616][T16161] loop2: detected capacity change from 0 to 512 [ 407.647305][T16163] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4139'. [ 407.663017][ T29] audit: type=1326 audit(1733362865.113:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0edc17ff19 code=0x7ffc0000 [ 407.695288][T16163] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4139'. [ 407.734410][T16163] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4139'. [ 407.743501][T16161] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 407.782214][ T29] audit: type=1326 audit(1733362865.143:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0edc17ff19 code=0x7ffc0000 [ 407.810071][T16161] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00fc01c, mo2=0002] [ 407.842324][ T29] audit: type=1326 audit(1733362865.173:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7f0edc17ff19 code=0x7ffc0000 [ 407.890720][T16161] System zones: 1-12 [ 407.914564][ T29] audit: type=1326 audit(1733362865.173:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0edc17ff19 code=0x7ffc0000 [ 407.948328][T16161] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.4138: Parent and EA inode have the same ino 15 [ 407.966652][ T29] audit: type=1326 audit(1733362865.173:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16164 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0edc17ff19 code=0x7ffc0000 [ 408.001731][T16161] EXT4-fs (loop2): 1 truncate cleaned up [ 408.020585][T16161] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 408.027802][T16177] netlink: 136 bytes leftover after parsing attributes in process `syz.3.4133'. [ 408.280047][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 408.628876][T16199] loop3: detected capacity change from 0 to 1024 [ 408.729762][T16199] hfsplus: inconsistency in B*Tree (-1,0,1,1,0) [ 408.738907][T16199] hfsplus: failed to load root directory [ 408.898745][T16207] netlink: 'syz.0.4152': attribute type 29 has an invalid length. [ 408.997974][T16171] loop7: detected capacity change from 0 to 32768 [ 409.031141][T16171] XFS: ikeep mount option is deprecated. [ 409.356926][T16223] bridge3: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 409.421124][T16238] loop4: detected capacity change from 0 to 16 [ 409.470921][T16238] erofs (device loop4): mounted with root inode @ nid 36. [ 409.484551][T16171] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 409.751104][T16247] loop6: detected capacity change from 0 to 2048 [ 409.775652][T16247] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found! [ 409.810241][T16247] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 409.888824][T16171] XFS (loop7): Ending clean mount [ 409.904093][T16171] XFS (loop7): Quotacheck needed: Please wait. [ 409.908171][T16253] loop4: detected capacity change from 0 to 256 [ 410.011885][T16171] XFS (loop7): Quotacheck: Done. [ 410.328965][T12390] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 410.435909][T16233] loop2: detected capacity change from 0 to 32768 [ 410.521481][T16233] (syz.2.4167,16233,1):ocfs2_read_blocks:239 ERROR: status = -12 [ 410.530033][T16233] (syz.2.4167,16233,1):ocfs2_read_virt_blocks:1019 ERROR: status = -12 [ 410.540644][T16233] (syz.2.4167,16233,1):ocfs2_read_dir_block:511 ERROR: status = -12 [ 410.548929][T16233] (syz.2.4167,16233,1):ocfs2_read_blocks:239 ERROR: status = -12 [ 410.556811][T16233] (syz.2.4167,16233,1):ocfs2_read_virt_blocks:1019 ERROR: status = -12 [ 410.565177][T16233] (syz.2.4167,16233,1):ocfs2_read_dir_block:511 ERROR: status = -12 [ 410.573289][T16233] (syz.2.4167,16233,1):ocfs2_read_blocks:239 ERROR: status = -12 [ 410.581222][T16233] (syz.2.4167,16233,1):ocfs2_read_virt_blocks:1019 ERROR: status = -12 [ 410.589643][T16233] (syz.2.4167,16233,1):ocfs2_read_dir_block:511 ERROR: status = -12 [ 410.597871][T16233] (syz.2.4167,16233,1):ocfs2_init_global_system_inodes:461 ERROR: status = -22 [ 410.606982][T16233] (syz.2.4167,16233,1):ocfs2_init_global_system_inodes:463 ERROR: Unable to load system inode 1, possibly corrupt fs? [ 410.607022][T16233] (syz.2.4167,16233,1):ocfs2_init_global_system_inodes:472 ERROR: status = -22 [ 410.628782][T16233] (syz.2.4167,16233,1):ocfs2_initialize_super:2250 ERROR: status = -22 [ 410.637205][T16233] (syz.2.4167,16233,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 410.654735][T16267] xt_CT: You must specify a L4 protocol and not use inversions on it [ 410.999536][T16259] loop6: detected capacity change from 0 to 32768 [ 411.309818][ T29] audit: type=1326 audit(1733362868.763:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16286 comm="syz.4.4193" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa101d7ff19 code=0x0 [ 411.372826][T16259] JBD2: Ignoring recovery information on journal [ 411.510968][T16259] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 411.993145][T16293] loop3: detected capacity change from 0 to 40427 [ 412.001417][T16293] F2FS-fs (loop3): Corrupted extension count (64 + 1 > 64) [ 412.008860][T16293] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 412.040404][T10017] ocfs2: Unmounting device (7,6) on (node local) [ 412.069290][T16293] F2FS-fs (loop3): Found nat_bits in checkpoint [ 412.117445][ T5912] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 412.294608][T16293] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 412.306234][ T5912] usb 1-1: config 0 has an invalid interface number: 156 but max is 1 [ 412.314405][T16293] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 412.334387][ T5912] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 412.383425][ T5912] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 412.414394][ T5912] usb 1-1: config 0 has no interface number 0 [ 412.440851][ T5912] usb 1-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 412.470344][ T5912] usb 1-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 412.522180][ T5912] usb 1-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 412.597796][ T5912] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 412.633017][ T5912] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=21 [ 412.654920][ T5912] usb 1-1: SerialNumber: syz [ 412.675542][ T5912] usb 1-1: config 0 descriptor?? [ 412.691557][ T5912] gspca_main: spca561-2.14.0 probing abcd:cdee [ 412.906434][ T5912] spca561 1-1:0.156: probe with driver spca561 failed with error -22 [ 412.942270][ T5912] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 412.969430][T16331] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.4213'. [ 412.970533][T16305] loop2: detected capacity change from 0 to 32768 [ 413.015694][ T5912] usb 1-1: MIDIStreaming interface descriptor not found [ 413.277473][ T5912] usb 1-1: USB disconnect, device number 25 [ 413.715609][T16349] netlink: 'syz.2.4218': attribute type 10 has an invalid length. [ 413.723979][T16328] loop6: detected capacity change from 0 to 32768 [ 413.750541][T16349] lo: entered promiscuous mode [ 413.761412][T16349] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 413.778151][T16328] JBD2: Ignoring recovery information on journal [ 413.890384][T16354] loop2: detected capacity change from 0 to 128 [ 413.921305][T16328] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 413.921816][T16354] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 413.954707][T16354] FAT-fs (loop2): Filesystem has been set read-only [ 414.063440][T16360] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4225'. [ 414.076421][ T5843] udevd[5843]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 414.390173][T16368] loop3: detected capacity change from 0 to 2048 [ 414.502881][T10017] ocfs2: Unmounting device (7,6) on (node local) [ 414.510127][T16368] loop3: p1 < > p3 [ 414.525834][T16368] loop3: p3 size 134217728 extends beyond EOD, truncated [ 414.614801][ T5199] loop3: p1 < > p3 [ 414.634918][ T5199] loop3: p3 size 134217728 extends beyond EOD, truncated [ 414.655115][T16384] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4237'. [ 414.897046][ T5846] udevd[5846]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 415.059721][ T5856] udevd[5856]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 415.073863][ T5846] udevd[5846]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 415.220459][T16402] x_tables: ip6_tables: SNPT target: used from hooks PREROUTING, but only usable from INPUT/POSTROUTING [ 415.235333][T16401] x_tables: (null)_tables: DNAT target: only valid in nat table, not syz0 [ 415.474728][ T29] audit: type=1326 audit(1733362872.913:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16409 comm="syz.4.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa101d7ff19 code=0x7ffc0000 [ 415.524697][T16414] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode balance-xor(2) [ 415.648388][ T29] audit: type=1326 audit(1733362872.913:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16409 comm="syz.4.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa101d7ff19 code=0x7ffc0000 [ 415.670813][ C0] vkms_vblank_simulate: vblank timer overrun [ 415.744422][ T29] audit: type=1326 audit(1733362872.973:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16409 comm="syz.4.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7fa101d7ff19 code=0x7ffc0000 [ 415.815007][T16426] xt_hashlimit: max too large, truncated to 1048576 [ 415.853383][ T29] audit: type=1326 audit(1733362872.973:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16409 comm="syz.4.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa101d7ff19 code=0x7ffc0000 [ 415.994466][ T29] audit: type=1326 audit(1733362872.973:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16409 comm="syz.4.4251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa101d7ff19 code=0x7ffc0000 [ 416.273151][T16445] loop7: detected capacity change from 0 to 64 [ 416.587307][T16458] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4275'. [ 416.653952][T16461] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 417.398505][T16492] loop4: detected capacity change from 0 to 64 [ 417.453464][T16487] loop6: detected capacity change from 0 to 32768 [ 417.458295][T16492] hfs: bad allocation block size 272 [ 417.481847][T16492] hfs: can't find a HFS filesystem on dev loop4 [ 417.494483][T16487] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4291 (16487) [ 417.719843][T16504] loop3: detected capacity change from 0 to 64 [ 417.727827][T16487] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 417.754505][T16487] BTRFS info (device loop6): using sha256 (sha256-ni) checksum algorithm [ 417.762973][T16487] BTRFS info (device loop6): using free-space-tree [ 417.797791][T16511] loop2: detected capacity change from 0 to 8 [ 417.898414][T16511] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 418.158123][T16492] loop4: detected capacity change from 0 to 32768 [ 418.165358][T16492] JFS: Invalid value of umask [ 418.267907][T16511] cramfs: Error -3 while decompressing! [ 418.281529][T16511] cramfs: ffffffff9a4f6368(26)->ffff88807732a000(4096) [ 418.349843][T16511] cramfs: Error -5 while decompressing! [ 418.516667][T16511] cramfs: ffffffff9a4f6382(26)->ffff888051fe5000(4096) [ 418.533842][T16511] cramfs: Error -3 while decompressing! [ 418.543962][T16511] cramfs: ffffffff9a4f639c(16)->ffff88804257b000(4096) [ 418.560275][T16511] cramfs: Error -3 while decompressing! [ 418.570394][T16511] cramfs: ffffffff9a4f6368(26)->ffff88807732a000(4096) [ 418.649018][T16541] loop7: detected capacity change from 0 to 64 [ 418.652575][ T29] audit: type=1800 audit(1733362876.043:149): pid=16511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4298" name="file3" dev="loop2" ino=348 res=0 errno=0 [ 418.974559][T10017] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 420.703283][ T29] audit: type=1326 audit(1733362878.153:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23baf7ff19 code=0x7ffc0000 [ 420.777011][ T29] audit: type=1326 audit(1733362878.183:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23baf7ff19 code=0x7ffc0000 [ 420.834028][ T29] audit: type=1326 audit(1733362878.193:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f23baf7ff19 code=0x7ffc0000 [ 420.912039][ T29] audit: type=1326 audit(1733362878.193:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23baf7ff19 code=0x7ffc0000 [ 421.014369][ T29] audit: type=1326 audit(1733362878.193:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16624 comm="syz.3.4343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23baf7ff19 code=0x7ffc0000 [ 421.117928][T16640] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4350'. [ 421.174016][ T5897] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 421.355456][ T5897] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 421.372288][T16650] netlink: 'syz.2.4355': attribute type 6 has an invalid length. [ 421.390127][ T5897] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.426318][ T5897] usb 1-1: config 0 descriptor?? [ 421.467442][ T5897] gspca_main: spca508-2.14.0 probing 8086:0110 [ 421.574431][T16657] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4359'. [ 421.624794][T16657] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4359'. [ 421.697362][T16662] tmpfs: Bad value for 'mpol' [ 421.888338][ T5897] gspca_spca508: reg_read err -71 [ 421.896564][ T5897] gspca_spca508: reg_read err -71 [ 421.904571][ T8] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 421.914516][ T5897] gspca_spca508: reg_read err -71 [ 421.926481][ T5897] gspca_spca508: reg_read err -71 [ 421.964579][ T5897] gspca_spca508: reg write: error -71 [ 421.970081][ T5897] spca508 1-1:0.0: probe with driver spca508 failed with error -71 [ 422.010278][ T5897] usb 1-1: USB disconnect, device number 26 [ 422.084782][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 422.111178][ T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 422.126626][ T8] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 422.150292][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.176956][ T8] usb 3-1: Product: syz [ 422.184253][ T8] usb 3-1: Manufacturer: syz [ 422.189254][ T8] usb 3-1: SerialNumber: syz [ 422.235000][ T8] r8152-cfgselector 3-1: Unknown version 0x0000 [ 422.273671][T16680] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4370'. [ 422.311530][T16680] xfrm1: entered promiscuous mode [ 422.324434][T16680] xfrm1: entered allmulticast mode [ 422.396334][T16684] loop6: detected capacity change from 0 to 256 [ 422.403711][T16684] exfat: Deprecated parameter 'utf8' [ 422.655778][T16684] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 422.684575][ T5912] r8152-cfgselector 3-1: USB disconnect, device number 29 [ 422.764229][T16696] loop4: detected capacity change from 0 to 512 [ 422.811158][T16696] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 422.827109][T16698] netlink: 'syz.7.4379': attribute type 3 has an invalid length. [ 422.859944][T16698] netlink: 224 bytes leftover after parsing attributes in process `syz.7.4379'. [ 422.886688][T16702] netlink: 'syz.3.4380': attribute type 1 has an invalid length. [ 422.961810][T16696] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 422.987526][T16696] ext4 filesystem being mounted at /756/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 423.157867][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 423.363036][T16723] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 423.457047][T16725] loop6: detected capacity change from 0 to 128 [ 423.544588][ T8] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 423.624805][T16730] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4393'. [ 423.727044][ T8] usb 3-1: config index 0 descriptor too short (expected 64922, got 72) [ 423.759486][ T8] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 423.799737][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.848704][ T8] usb 3-1: Product: syz [ 423.852967][ T8] usb 3-1: Manufacturer: syz [ 423.900419][ T8] usb 3-1: SerialNumber: syz [ 423.931506][ T8] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 423.950757][ T968] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 424.592518][ T5912] usb 3-1: USB disconnect, device number 30 [ 424.937438][T16777] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4419'. [ 424.946568][T16777] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4419'. [ 425.044647][ T968] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 425.051724][ T968] ath9k_htc: Failed to initialize the device [ 425.123920][ T5912] usb 3-1: ath9k_htc: USB layer deinitialized [ 425.346629][T16792] x_tables: duplicate underflow at hook 3 [ 425.661167][T16781] loop4: detected capacity change from 0 to 32768 [ 425.669252][T16781] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4416 (16781) [ 425.734180][T16781] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 425.745887][T16781] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 425.756696][T16781] BTRFS info (device loop4): using free-space-tree [ 425.992451][T16821] usb usb8: usbfs: process 16821 (syz.3.4433) did not claim interface 0 before use [ 426.089970][ T3464] BTRFS warning (device loop4): checksum verify failed on logical 5308416 mirror 1 wanted 0x47c1be8eef63a64480a0d216c40351d1b0e275802e790c94e39791d738abc154 found 0x25c21d6a9a88c7d2f2683cbaf97e32396d0c545ffc2abdab6a266a8a51e10101 level 0 [ 426.113589][ C1] vkms_vblank_simulate: vblank timer overrun [ 426.200272][T16781] BTRFS: error (device loop4) in btrfs_fill_super:981: errno=-5 IO failure [ 426.239291][T16781] BTRFS error (device loop4 state E): commit super ret -30 [ 426.523892][T16838] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4439'. [ 427.385861][T16857] loop7: detected capacity change from 0 to 2048 [ 427.439519][T16861] loop6: detected capacity change from 0 to 40427 [ 427.447302][T16861] F2FS-fs (loop6): Corrupted extension count (64 + 1 > 64) [ 427.454612][T16861] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 427.480528][T16858] loop2: detected capacity change from 0 to 4096 [ 427.511259][T16861] F2FS-fs (loop6): Found nat_bits in checkpoint [ 427.551087][T16858] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 427.666821][T16858] ntfs3(loop2): failed to convert "c46c" to cp864 [ 427.690701][T16861] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 427.704644][T16861] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 428.401490][T16888] xt_CT: You must specify a L4 protocol and not use inversions on it [ 428.654073][T16869] loop3: detected capacity change from 0 to 40427 [ 428.773526][T16899] loop6: detected capacity change from 0 to 8 [ 428.868785][ T29] audit: type=1326 audit(1733362886.323:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16905 comm="syz.7.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f567c57ff19 code=0x7ffc0000 [ 428.913010][T16869] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff [ 428.932797][T16899] SQUASHFS error: lzo decompression failed, data probably corrupt [ 428.952441][T16869] F2FS-fs (loop3): Image doesn't support compression [ 428.954969][T16899] SQUASHFS error: Failed to read block 0x0: -5 [ 428.968541][ T29] audit: type=1326 audit(1733362886.343:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16905 comm="syz.7.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f567c57ff19 code=0x7ffc0000 [ 429.020749][T16899] SQUASHFS error: lzo decompression failed, data probably corrupt [ 429.029351][T16899] SQUASHFS error: Failed to read block 0x0: -5 [ 429.039187][ T29] audit: type=1326 audit(1733362886.363:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16905 comm="syz.7.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f567c57ff19 code=0x7ffc0000 [ 429.040667][T16869] F2FS-fs (loop3): invalid crc value [ 429.061539][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.111820][ T29] audit: type=1326 audit(1733362886.363:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16905 comm="syz.7.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f567c57ff19 code=0x7ffc0000 [ 429.134509][ T46] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 429.156188][T16869] F2FS-fs (loop3): Found nat_bits in checkpoint [ 429.190839][ T29] audit: type=1800 audit(1733362886.523:159): pid=16899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.4459" name="file2" dev="loop6" ino=3 res=0 errno=0 [ 429.321998][ T46] usb 5-1: config 0 has no interfaces? [ 429.355133][ T46] usb 5-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=a7.2d [ 429.384773][T16869] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 429.387319][ T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 429.444558][ T46] usb 5-1: Product: syz [ 429.459029][ T46] usb 5-1: Manufacturer: syz [ 429.463729][ T46] usb 5-1: SerialNumber: syz [ 429.497227][ T46] usb 5-1: config 0 descriptor?? [ 429.498861][T16869] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff [ 429.563303][T16869] F2FS-fs (loop3): Image doesn't support compression [ 429.751852][ T46] usb 5-1: USB disconnect, device number 22 [ 430.150223][T16944] loop6: detected capacity change from 0 to 2048 [ 430.255036][T16944] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 430.283946][T16949] loop2: detected capacity change from 0 to 1024 [ 430.479807][T16958] netlink: 104 bytes leftover after parsing attributes in process `syz.7.4493'. [ 430.530017][ T11] hfsplus: b-tree write err: -5, ino 4 [ 430.924592][ T29] audit: type=1326 audit(1733362888.123:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16962 comm="syz.2.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 430.946993][ C1] vkms_vblank_simulate: vblank timer overrun [ 431.025398][ T29] audit: type=1326 audit(1733362888.123:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16962 comm="syz.2.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 431.047899][ C1] vkms_vblank_simulate: vblank timer overrun [ 431.140075][ T29] audit: type=1326 audit(1733362888.123:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16962 comm="syz.2.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 431.254447][ T29] audit: type=1326 audit(1733362888.123:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16962 comm="syz.2.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 431.354440][ T29] audit: type=1326 audit(1733362888.123:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16962 comm="syz.2.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46037ff19 code=0x7ffc0000 [ 431.678156][T17006] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4518'. [ 431.710410][T17006] netlink: 'syz.2.4518': attribute type 3 has an invalid length. [ 431.737065][T17008] loop3: detected capacity change from 0 to 2048 [ 431.818049][T17008] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 431.861059][T17008] ext4 filesystem being mounted at /767/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 431.969233][T17019] loop4: detected capacity change from 0 to 256 [ 432.130980][T17031] netlink: 'syz.7.4526': attribute type 32 has an invalid length. [ 432.187856][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 432.318554][T17035] netlink: 'syz.2.4529': attribute type 25 has an invalid length. [ 432.405707][T17036] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«= [ 432.434267][T17036] [U] J"—e:ÀÆ" [ 433.080425][T17066] loop6: detected capacity change from 0 to 512 [ 433.197632][T17066] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 433.262447][T17066] ext4 filesystem being mounted at /440/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 433.275407][T17066] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 433.488691][T17081] loop3: detected capacity change from 0 to 256 [ 433.510618][T17081] exfat: Deprecated parameter 'utf8' [ 433.529024][T17055] loop2: detected capacity change from 0 to 32768 [ 433.545971][T17081] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x987a2e96, utbl_chksum : 0xe619d30d) [ 433.807185][T17093] loop6: detected capacity change from 0 to 2048 [ 433.818441][T17093] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 433.899432][T17055] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 434.474999][ T5833] ocfs2: Unmounting device (7,2) on (node local) [ 434.726922][T17115] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4560'. [ 435.139760][T17127] loop3: detected capacity change from 0 to 512 [ 435.175356][T17127] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 435.230022][T17127] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.4571: corrupted in-inode xattr: e_name out of bounds [ 435.351977][T17127] EXT4-fs (loop3): Remounting filesystem read-only [ 435.394605][T17127] EXT4-fs (loop3): 1 truncate cleaned up [ 435.402254][T17127] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 435.581320][T17127] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 435.880011][T17165] loop2: detected capacity change from 0 to 256 [ 436.095223][T17171] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4592'. [ 436.104419][T17171] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4592'. [ 436.343248][T17183] loop2: detected capacity change from 0 to 256 [ 437.187324][T17202] loop4: detected capacity change from 0 to 8192 [ 437.369569][T17221] netlink: 'syz.0.4615': attribute type 1 has an invalid length. [ 437.439130][T17225] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4616'. [ 437.504649][T17225] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4616'. [ 438.158520][T17255] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 438.354514][ T25] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 438.516746][ T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 438.544414][ T25] usb 5-1: config 0 has no interfaces? [ 438.615573][ T25] usb 5-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 0.02 [ 438.636023][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 438.644097][ T25] usb 5-1: SerialNumber: syz [ 438.691098][ T25] usb 5-1: config 0 descriptor?? [ 438.703939][T17273] loop2: detected capacity change from 0 to 128 [ 438.768231][T17275] loop3: detected capacity change from 0 to 1764 [ 438.940738][ T968] usb 5-1: USB disconnect, device number 23 [ 439.017748][T17282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4646'. [ 439.037029][T17243] loop6: detected capacity change from 0 to 32768 [ 439.115716][T17243] gfs2: fsid=(œ[{{{+: Trying to join cluster "lock_nolock", "(œ[{{{+" [ 439.124043][T17243] gfs2: fsid=(œ[{{{+: Now mounting FS (format 0)... [ 439.183174][T17243] gfs2: fsid=(œ[{{{+.0: journal 0 mapped with 22 extents in 0ms [ 439.275208][ T9] gfs2: fsid=(œ[{{{+.0: jid=0, already locked for use [ 439.282336][ T9] gfs2: fsid=(œ[{{{+.0: jid=0: Looking at journal... [ 439.355424][ T9] gfs2: fsid=(œ[{{{+.0: jid=0: Journal head lookup took 73ms [ 439.367955][ T9] gfs2: fsid=(œ[{{{+.0: jid=0: Done [ 439.374619][T17243] gfs2: fsid=(œ[{{{+.0: first mount done, others may mount [ 439.546910][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.599192][T17298] loop2: detected capacity change from 0 to 64 [ 439.641348][T17304] netlink: 'syz.4.4655': attribute type 10 has an invalid length. [ 439.722456][T17304] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 439.912075][T17310] netlink: 1 bytes leftover after parsing attributes in process `syz.6.4658'. [ 440.498788][T17306] loop7: detected capacity change from 0 to 32768 [ 440.601158][T17306] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.4656 (17306) [ 440.711292][T17306] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 440.767826][T17330] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4663'. [ 440.793119][T17306] BTRFS info (device loop7): using sha256 (sha256-ni) checksum algorithm [ 440.821263][T17330] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4663'. [ 440.843203][T17306] BTRFS info (device loop7): using free-space-tree [ 441.028051][T17347] loop2: detected capacity change from 0 to 256 [ 441.200066][T17361] loop6: detected capacity change from 0 to 256 [ 441.235624][T17361] MINIX-fs: mounting file system with errors, running fsck is recommended [ 441.384247][T17369] netlink: 'syz.0.4674': attribute type 12 has an invalid length. [ 441.521988][T17361] Trying to free block not in datazone [ 441.527733][T17361] Trying to free block not in datazone [ 441.533324][T17361] Trying to free block not in datazone [ 441.539234][T17361] Trying to free block not in datazone [ 441.554437][T17361] Trying to free block not in datazone [ 441.564392][T17361] Trying to free block not in datazone [ 441.574413][T17361] Trying to free block not in datazone [ 441.584656][T17361] Trying to free block not in datazone [ 441.615611][T17361] Trying to free block not in datazone [ 441.662552][T12390] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 441.678499][T17361] Trying to free block not in datazone [ 441.822454][T17382] loop2: detected capacity change from 0 to 512 [ 441.877232][T17382] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 442.005628][ T5897] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 442.007256][T17382] EXT4-fs (loop2): 1 truncate cleaned up [ 442.072980][T17382] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 442.164408][ T5897] usb 5-1: Using ep0 maxpacket: 8 [ 442.176786][ T5897] usb 5-1: config 1 interface 0 altsetting 129 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 442.207610][T17382] EXT4-fs error (device loop2): ext4_lookup:1813: comm syz.2.4681: inode #13: comm syz.2.4681: iget: illegal inode # [ 442.234575][ T5897] usb 5-1: config 1 interface 0 has no altsetting 0 [ 442.285232][ T5897] usb 5-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 442.306188][ T5897] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 442.314224][ T5897] usb 5-1: Product: syz [ 442.358868][ T5897] usb 5-1: Manufacturer: syz [ 442.394117][ T5897] usb 5-1: SerialNumber: syz [ 442.461460][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 442.660040][ T5897] usbhid 5-1:1.0: can't add hid device: -71 [ 442.666983][ T46] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 442.694655][ T5897] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 442.731230][ T5897] usb 5-1: USB disconnect, device number 24 [ 442.935667][ T46] usb 1-1: config index 0 descriptor too short (expected 23569, got 27) [ 442.959729][ T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 442.976454][ T46] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 442.986150][ T46] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 442.994176][ T46] usb 1-1: Manufacturer: syz [ 443.030509][ T46] usb 1-1: config 0 descriptor?? [ 443.113406][T17406] loop7: detected capacity change from 0 to 32768 [ 443.130306][T17406] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.4695 (17406) [ 443.134531][ T46] rc_core: IR keymap rc-hauppauge not found [ 443.184623][ T46] Registered IR keymap rc-empty [ 443.193797][ T46] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 443.214761][T17406] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 443.225441][T17406] BTRFS info (device loop7): using sha256 (sha256-ni) checksum algorithm [ 443.233896][T17406] BTRFS info (device loop7): using free-space-tree [ 443.252334][ T46] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input24 [ 443.269496][T17396] loop3: detected capacity change from 0 to 32768 [ 443.277864][T17396] BTRFS: device /dev/loop3 (7:3) using temp-fsid faba95bb-1764-4da9-8c36-b789832e2591 [ 443.287773][T17396] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4690 (17396) [ 443.310478][T17396] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 443.311077][ C1] igorplugusb 1-1:0.0: Error: urb status = -32 [ 443.327462][T17396] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 443.336003][T17396] BTRFS info (device loop3): using free-space-tree [ 443.493967][ T46] usb 1-1: USB disconnect, device number 27 [ 443.918492][T17448] openvswitch: netlink: Missing valid actions attribute. [ 443.931664][T17448] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 444.077106][T17466] loop6: detected capacity change from 0 to 128 [ 444.319834][T17463] Process accounting resumed [ 444.371367][ T5834] BTRFS info (device loop3): last unmount of filesystem faba95bb-1764-4da9-8c36-b789832e2591 [ 444.379169][T17463] FAT-fs (loop6): error, clusters badly computed (2 != 0) [ 444.404052][T17463] FAT-fs (loop6): Filesystem has been set read-only [ 444.616033][T12390] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 445.254420][ T46] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 445.264500][ T5899] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 445.444574][ T5899] usb 3-1: Using ep0 maxpacket: 16 [ 445.452076][ T46] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 445.469472][ T5899] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 445.479858][ T5899] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 445.495273][ T46] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 445.514392][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 445.522440][ T5899] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 445.564794][ T5899] usb 3-1: config 0 interface 0 has no altsetting 0 [ 445.582994][ T46] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 445.606010][ T5899] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 445.616873][ T5899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 445.648545][ T5899] usb 3-1: Product: syz [ 445.652740][ T5899] usb 3-1: Manufacturer: syz [ 445.678099][ T5899] usb 3-1: SerialNumber: syz [ 445.694409][ T5899] usb 3-1: config 0 descriptor?? [ 445.817963][T17497] loop4: detected capacity change from 0 to 32768 [ 445.860084][T17516] loop3: detected capacity change from 0 to 2048 [ 445.902512][T17516] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 445.914451][T17514] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 445.943993][ T5899] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input25 [ 445.964875][ T5184] synaptics_usb 3-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 445.984239][T17516] UDF-fs: error (device loop3): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 445.998867][T17497] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 446.047716][ T5184] synaptics_usb 3-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 446.150215][ T5842] synaptics_usb 3-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 446.232591][ T9] usb 3-1: USB disconnect, device number 31 [ 446.250750][ T5184] synaptics_usb 3-1:0.0: synusb_open - usb_submit_urb failed, error: -19 [ 446.277310][T17497] XFS (loop4): Ending clean mount [ 446.279825][T17514] usb 8-1: Using ep0 maxpacket: 8 [ 446.295660][T17514] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 172, changing to 11 [ 446.307239][T17514] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32 [ 446.325582][T17514] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 446.335072][T17514] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 446.343078][T17514] usb 8-1: Product: syz [ 446.354701][ T5829] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 446.363432][T17514] usb 8-1: Manufacturer: syz [ 446.368481][T17514] usb 8-1: SerialNumber: syz [ 446.496489][T17536] loop3: detected capacity change from 0 to 512 [ 446.563733][T17536] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 446.591278][T17536] ext4 filesystem being mounted at /808/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 446.613354][T17536] __quota_error: 1 callbacks suppressed [ 446.613401][T17536] Quota error (device loop3): do_check_range: Getting block 835 out of range 1-5 [ 446.643067][T17536] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 446.659178][ T46] stv0680 1-1:4.0: STV(e): camera ping failed!! [ 446.674763][T17536] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.4737: Failed to acquire dquot type 0 [ 446.728887][T17514] cdc_ncm 8-1:1.0: bind() failure [ 446.827515][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 446.856149][T17514] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found [ 446.863017][T17514] cdc_ncm 8-1:1.1: bind() failure [ 446.880076][T17514] usb 8-1: USB disconnect, device number 8 [ 446.898678][ T46] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 446.917084][ T46] stv0680 1-1:4.0: last error: 59, command = 0x9d [ 447.048119][ T46] usb 1-1: USB disconnect, device number 28 [ 447.330925][T17559] loop3: detected capacity change from 0 to 1024 [ 447.477060][T17559] syz.3.4747: attempt to access beyond end of device [ 447.477060][T17559] loop3: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 448.290332][T17599] @ÿ: renamed from bond_slave_0 (while UP) [ 448.796628][T17619] netlink: 'syz.0.4776': attribute type 4 has an invalid length. [ 448.845398][T17621] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4777'. [ 449.255011][T17591] loop7: detected capacity change from 0 to 32768 [ 449.298668][T17591] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.4760 (17591) [ 449.392093][T17591] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 449.424492][T17641] netlink: 'syz.0.4787': attribute type 1 has an invalid length. [ 449.430484][T17591] BTRFS info (device loop7): using sha256 (sha256-ni) checksum algorithm [ 449.470593][T17591] BTRFS info (device loop7): using free-space-tree [ 449.631814][T17656] loop3: detected capacity change from 0 to 64 [ 449.732806][T17669] loop6: detected capacity change from 0 to 8 [ 450.285928][T12390] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 450.450083][T17686] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 450.642857][T17690] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4803'. [ 450.812153][T17697] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4806'. [ 450.843184][T17697] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4806'. [ 451.118322][T17704] loop4: detected capacity change from 0 to 512 [ 451.207932][T17704] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 451.282885][T17704] ext4 filesystem being mounted at /816/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 451.369606][T17720] netlink: 'syz.3.4813': attribute type 1 has an invalid length. [ 451.417510][T17720] netlink: 'syz.3.4813': attribute type 1 has an invalid length. [ 451.418020][T17704] EXT4-fs error (device loop4): ext4_empty_dir:3097: inode #12: comm syz.4.4809: Directory hole found for htree leaf block 0 [ 451.604173][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 451.652796][T17727] loop6: detected capacity change from 0 to 256 [ 451.743478][T17727] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d) [ 451.818848][T17727] exFAT-fs (loop6): error, invalid access to FAT bad cluster (entry 0x00000005) [ 451.868465][T17727] exFAT-fs (loop6): Filesystem has been set read-only [ 451.943104][T17727] exFAT-fs (loop6): failed to initialize root inode [ 452.254520][T17749] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4829'. [ 452.549421][T17762] loop7: detected capacity change from 0 to 16 [ 452.567993][T17764] netlink: 'syz.4.4835': attribute type 6 has an invalid length. [ 452.604759][T17764] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.4835'. [ 452.620835][T17762] erofs (device loop7): mounted with root inode @ nid 36. [ 452.721095][T17762] syz.7.4836: attempt to access beyond end of device [ 452.721095][T17762] loop7: rw=0, sector=131157, nr_sectors = 1 limit=16 [ 452.773546][T17762] erofs (device loop7): read error -5 @ 0 of nid 36 [ 453.517279][T17805] loop6: detected capacity change from 0 to 24 [ 453.829176][T17787] loop2: detected capacity change from 0 to 32768 [ 453.923882][T17817] loop4: detected capacity change from 0 to 4096 [ 453.951183][T17817] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 454.001711][T17787] JBD2: Ignoring recovery information on journal [ 454.158089][T17787] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode. [ 454.465084][ T5833] ocfs2: Unmounting device (7,2) on (node local) [ 455.872522][T17863] loop6: detected capacity change from 0 to 32768 [ 455.912685][T17863] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4882 (17863) [ 456.068761][T17863] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 456.090920][T17863] BTRFS info (device loop6): using sha256 (sha256-ni) checksum algorithm [ 456.099677][T17863] BTRFS info (device loop6): using free-space-tree [ 456.113614][T17902] loop3: detected capacity change from 0 to 64 [ 456.965274][ T46] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 457.024725][T10017] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 457.153916][ T46] usb 3-1: unable to get BOS descriptor or descriptor too short [ 457.185887][ T46] usb 3-1: config 6 has an invalid interface number: 1 but max is 0 [ 457.227737][ T46] usb 3-1: config 6 has no interface number 0 [ 457.233897][ T46] usb 3-1: config 6 interface 1 has no altsetting 0 [ 457.273143][ T46] usb 3-1: New USB device found, idVendor=1554, idProduct=5014, bcdDevice=a4.10 [ 457.312954][ T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 457.327518][ T46] usb 3-1: Product: syz [ 457.331740][ T46] usb 3-1: Manufacturer: syz [ 457.368269][ T46] usb 3-1: SerialNumber: syz [ 457.717011][ T46] cx231xx 3-1:6.1: New device syz syz @ 480 Mbps (1554:5014) with 1 interfaces [ 457.734406][ T46] cx231xx 3-1:6.1: Not found matching IAD interface [ 457.763523][T17979] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4916'. [ 457.847300][ T46] usb 3-1: USB disconnect, device number 32 [ 458.078826][T17989] loop7: detected capacity change from 0 to 64 [ 458.122696][T17989] syz.7.4922: attempt to access beyond end of device [ 458.122696][T17989] loop7: rw=0, sector=234881062, nr_sectors = 2 limit=64 [ 458.136990][T17989] Buffer I/O error on dev loop7, logical block 117440531, async page read [ 458.152637][T17989] syz.7.4922: attempt to access beyond end of device [ 458.152637][T17989] loop7: rw=0, sector=8548515840, nr_sectors = 2 limit=64 [ 458.205204][T17989] Buffer I/O error on dev loop7, logical block 4274257920, async page read [ 458.239823][T17989] syz.7.4922: attempt to access beyond end of device [ 458.239823][T17989] loop7: rw=0, sector=301989888, nr_sectors = 2 limit=64 [ 458.333456][T17989] Buffer I/O error on dev loop7, logical block 150994944, async page read [ 458.350702][T17989] syz.7.4922: attempt to access beyond end of device [ 458.350702][T17989] loop7: rw=0, sector=234881062, nr_sectors = 2 limit=64 [ 458.474827][T17989] Buffer I/O error on dev loop7, logical block 117440531, async page read [ 458.485328][ T29] audit: type=1800 audit(1733362915.933:166): pid=17989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.4922" name="file3" dev="loop7" ino=6 res=0 errno=0 [ 458.805597][T18013] loop3: detected capacity change from 0 to 16 [ 458.866613][T18013] erofs (device loop3): mounted with root inode @ nid 36. [ 458.922781][T18013] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 458.998554][T18013] erofs (device loop3): failed to decompress -23 in[64, 4032] out[1851] [ 459.054500][T18013] erofs (device loop3): read error -117 @ 43 of nid 36 [ 459.448237][T18046] loop4: detected capacity change from 0 to 256 [ 459.452768][T18048] netlink: 'syz.2.4942': attribute type 10 has an invalid length. [ 459.512005][T18048] team0: Port device dummy0 added [ 459.579860][ T29] audit: type=1800 audit(1733362916.993:167): pid=18046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4941" name="file1" dev="loop4" ino=1048662 res=0 errno=0 [ 460.578176][T18082] loop4: detected capacity change from 0 to 256 [ 460.769532][T18044] loop7: detected capacity change from 0 to 32768 [ 460.938127][T18044] (syz.7.4940,18044,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 460.964847][T18044] (syz.7.4940,18044,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 460.969996][T18093] batadv0: mtu less than device minimum [ 461.016738][T18093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-208) [ 461.030208][T18093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-208) [ 461.042686][T18093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-208) [ 461.055228][T18093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-208) [ 461.067749][T18093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-208) [ 461.080252][T18093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-208) [ 461.092773][T18093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-208) [ 461.105310][T18093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-208) [ 461.117804][T18093] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-208) [ 461.188782][T18044] JBD2: Ignoring recovery information on journal [ 461.274855][T18101] netlink: 'syz.2.4961': attribute type 21 has an invalid length. [ 461.282937][T18101] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4961'. [ 461.340490][T18106] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4962'. [ 461.360837][T18044] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode. [ 461.380680][T18106] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4962'. [ 461.670804][T12390] ocfs2: Unmounting device (7,7) on (node local) [ 461.958783][T18121] loop3: detected capacity change from 0 to 4096 [ 462.025453][T18121] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 462.206965][T18121] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 462.517923][T18146] MTD: Attempt to mount non-MTD device "./file0" [ 462.557842][T18146] syz.2.4980: attempt to access beyond end of device [ 462.557842][T18146] loop4: rw=0, sector=0, nr_sectors = 2 limit=0 [ 462.796967][T18160] tmpfs: Bad value for 'mpol' [ 462.833846][T18162] loop3: detected capacity change from 0 to 4096 [ 462.854652][T18162] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 462.972562][T18162] ntfs3(loop3): failed to convert "c46c" to cp850 [ 463.547649][T18191] overlay: Bad value for 'upperdir' [ 463.838066][T18206] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5007'. [ 463.881643][T18206] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5007'. [ 463.891061][T18206] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5007'. [ 464.300136][T18224] loop3: detected capacity change from 0 to 256 [ 464.336463][T18225] ieee802154 phy0 wpan0: encryption failed: -22 [ 464.364785][T18224] FAT-fs (loop3): Directory bread(block 64) failed [ 464.374409][T18224] FAT-fs (loop3): Directory bread(block 65) failed [ 464.381567][T18224] FAT-fs (loop3): Directory bread(block 66) failed [ 464.506810][T18224] FAT-fs (loop3): Directory bread(block 67) failed [ 464.524532][T18224] FAT-fs (loop3): Directory bread(block 68) failed [ 464.534471][T18224] FAT-fs (loop3): Directory bread(block 69) failed [ 464.541112][T18224] FAT-fs (loop3): Directory bread(block 70) failed [ 464.584427][T18224] FAT-fs (loop3): Directory bread(block 71) failed [ 464.591120][T18224] FAT-fs (loop3): Directory bread(block 72) failed [ 464.601538][T18224] FAT-fs (loop3): Directory bread(block 73) failed [ 465.858629][T18282] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5049'. [ 466.168535][ T29] audit: type=1107 audit(1733362923.623:168): pid=18287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 466.337261][T18299] loop7: detected capacity change from 0 to 2048 [ 466.486920][T18307] Device name cannot be null; rc = [-22] [ 466.547569][T18299] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 466.963531][T18316] loop2: detected capacity change from 0 to 4096 [ 467.021749][T18316] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 467.054474][T17514] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 467.118485][T18316] ntfs3(loop2): failed to convert "c46c" to cp1250 [ 467.214403][T17514] usb 1-1: Using ep0 maxpacket: 32 [ 467.266335][T17514] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 467.292562][T17514] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.329934][T17514] usb 1-1: Product: syz [ 467.347502][T17514] usb 1-1: Manufacturer: syz [ 467.352204][T17514] usb 1-1: SerialNumber: syz [ 467.392013][T17514] usb 1-1: config 0 descriptor?? [ 467.732352][T17514] rtl8150 1-1:0.0: couldn't reset the device [ 467.754575][T17514] rtl8150 1-1:0.0: probe with driver rtl8150 failed with error -5 [ 467.784929][T17514] usb 1-1: USB disconnect, device number 29 [ 467.815167][T18355] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5081'. [ 468.105760][T18368] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5087'. [ 468.413018][T18381] loop6: detected capacity change from 0 to 8 [ 468.474561][T18381] SQUASHFS error: Failed to read block 0x260685: -5 [ 468.481680][T18381] SQUASHFS error: Unable to read metadata cache entry [260685] [ 468.506898][T18381] SQUASHFS error: Unable to read directory block [260685:0] [ 469.093511][T18409] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 469.500926][T18425] loop6: detected capacity change from 0 to 256 [ 469.530915][T18425] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 198) [ 469.590695][T18425] FAT-fs (loop6): Filesystem has been set read-only [ 470.111978][T18439] loop2: detected capacity change from 0 to 4096 [ 470.207111][T18439] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 470.295002][T18450] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5124'. [ 470.349418][T18439] ntfs3(loop2): failed to convert "c46c" to ascii [ 470.682331][T18464] fuse: blksize only supported for fuseblk [ 470.817792][T18441] loop4: detected capacity change from 0 to 32768 [ 471.343354][T18441] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 471.343936][T18481] loop3: detected capacity change from 0 to 1024 [ 471.649408][T18481] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 471.694454][T18441] XFS (loop4): Ending clean mount [ 471.780993][T18513] loop6: detected capacity change from 0 to 4096 [ 472.023614][T18523] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5159'. [ 472.099494][ T5829] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 472.132273][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.207449][T18521] loop7: detected capacity change from 0 to 32768 [ 472.776559][T18537] loop2: detected capacity change from 0 to 64 [ 472.851053][T18537] syz.2.5165: attempt to access beyond end of device [ 472.851053][T18537] loop2: rw=0, sector=2590, nr_sectors = 2 limit=64 [ 472.953115][T18537] Buffer I/O error on dev loop2, logical block 1295, async page read [ 473.076040][T18537] syz.2.5165: attempt to access beyond end of device [ 473.076040][T18537] loop2: rw=0, sector=2590, nr_sectors = 2 limit=64 [ 473.149664][T18537] Buffer I/O error on dev loop2, logical block 1295, async page read [ 473.234640][ T29] audit: type=1800 audit(1733362930.683:169): pid=18537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5165" name="file2" dev="loop2" ino=6 res=0 errno=0 [ 473.314596][T18562] netlink: 'syz.0.5175': attribute type 6 has an invalid length. [ 473.322465][T18562] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5175'. [ 473.824510][T17514] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 473.970671][T18594] loop6: detected capacity change from 0 to 512 [ 474.014970][T17514] usb 5-1: config index 0 descriptor too short (expected 64922, got 72) [ 474.024651][ T46] usb 3-1: new low-speed USB device number 33 using dummy_hcd [ 474.035577][T17514] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 474.045029][T17514] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 474.053039][T17514] usb 5-1: Product: syz [ 474.091332][T17514] usb 5-1: Manufacturer: syz [ 474.097149][T17514] usb 5-1: SerialNumber: syz [ 474.117227][T18600] netlink: 'syz.0.5190': attribute type 32 has an invalid length. [ 474.187756][ T46] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 474.200795][T18594] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002] [ 474.211312][ T46] usb 3-1: config 0 has no interface number 0 [ 474.221040][T17514] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 474.266556][ T46] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 474.297652][T18594] System zones: 1-12 [ 474.305255][ T46] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 474.323502][T18594] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #11: comm syz.6.5188: iget: bogus i_mode (0) [ 474.338172][ T46] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 474.347930][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.377272][ T46] usb 3-1: config 0 descriptor?? [ 474.430669][ T46] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 474.537094][ T5899] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 474.600039][T18594] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.5188: couldn't read orphan inode 11 (err -117) [ 474.629419][T18587] iowarrior 3-1:0.1: Error -90 while submitting URB [ 474.641816][ T46] usb 3-1: USB disconnect, device number 33 [ 474.718099][T18611] loop7: detected capacity change from 0 to 32768 [ 474.784923][ C1] usb 5-1: ath: unknown panic pattern! [ 474.815406][T18594] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 474.933354][T10017] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 475.574438][ T5912] usb 4-1: new full-speed USB device number 26 using dummy_hcd [ 475.767281][ T5912] usb 4-1: config 0 has an invalid interface number: 109 but max is 0 [ 475.775956][ T5912] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 475.827850][ T5912] usb 4-1: config 0 has no interface number 0 [ 475.840016][ T5912] usb 4-1: config 0 interface 109 altsetting 0 endpoint 0x4 has invalid maxpacket 1023, setting to 64 [ 475.914565][ T5912] usb 4-1: config 0 interface 109 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 475.933456][T18611] bcachefs (loop7): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=crc64,data_checksum=xxhash,compression=lz4,no_splitbrain_check,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io [ 476.007795][ T5912] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=fd.2e [ 476.044520][ T5912] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 476.063001][T18611] bcachefs (loop7): recovering from clean shutdown, journal seq 10 [ 476.106221][ T5912] usb 4-1: Product: syz [ 476.119725][ T5912] usb 4-1: Manufacturer: syz [ 476.137961][ T5912] usb 4-1: SerialNumber: syz [ 476.147613][T18644] loop4: detected capacity change from 0 to 256 [ 476.162622][ T5912] usb 4-1: config 0 descriptor?? [ 476.178475][T18611] bcachefs (loop7): Version upgrade required: [ 476.178475][T18611] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 476.178475][T18611] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 476.178475][T18611] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 476.274233][T18633] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 476.303448][T18611] bcachefs (loop7): dropping and reconstructing all alloc info [ 476.469654][T18651] netlink: 'syz.0.5210': attribute type 21 has an invalid length. [ 476.478472][T18651] netlink: 164 bytes leftover after parsing attributes in process `syz.0.5210'. [ 476.550647][T18611] bcachefs (loop7): accounting_read... [ 476.578519][T18644] FAT-fs (loop4): Directory bread(block 64) failed [ 476.591228][T18644] FAT-fs (loop4): Directory bread(block 65) failed [ 476.598089][T18644] FAT-fs (loop4): Directory bread(block 66) failed [ 476.604818][T18644] FAT-fs (loop4): Directory bread(block 67) failed [ 476.611973][T18644] FAT-fs (loop4): Directory bread(block 68) failed [ 476.618970][T18644] FAT-fs (loop4): Directory bread(block 69) failed [ 476.625780][T18644] FAT-fs (loop4): Directory bread(block 70) failed [ 476.632597][T18644] FAT-fs (loop4): Directory bread(block 71) failed [ 476.639439][T18644] FAT-fs (loop4): Directory bread(block 72) failed [ 476.646341][T18644] FAT-fs (loop4): Directory bread(block 73) failed [ 476.735451][T18633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 476.764551][T18611] done [ 476.767407][T18611] bcachefs (loop7): alloc_read... done [ 476.773016][T18611] bcachefs (loop7): stripes_read... done [ 476.795283][T18633] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 476.900394][ T5912] ath6kl: Failed to submit usb control message: -71 [ 476.935082][ T5912] ath6kl: unable to send the bmi data to the device: -71 [ 476.960991][ T5912] ath6kl: Unable to send get target info: -71 [ 476.968521][T18611] bcachefs (loop7): snapshots_read... done [ 477.025884][T18611] bcachefs (loop7): check_allocations... [ 477.071156][ T5912] ath6kl: Failed to init ath6kl core: -71 [ 477.207269][ T5912] ath6kl_usb 4-1:0.109: probe with driver ath6kl_usb failed with error -71 [ 477.231613][T18611] done [ 477.263592][T18611] bcachefs (loop7): going read-write [ 477.324446][ T9] usb 3-1: new full-speed USB device number 34 using dummy_hcd [ 477.342793][ T5912] usb 4-1: USB disconnect, device number 26 [ 477.365164][T18611] bcachefs (loop7): done starting filesystem [ 477.514761][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 477.595735][ T9] usb 3-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f [ 477.686499][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 477.767909][ T9] usb 3-1: Product: syz [ 477.772147][ T9] usb 3-1: Manufacturer: syz [ 477.787679][T12390] bcachefs (loop7): shutting down [ 477.792799][T12390] bcachefs (loop7): going read-only [ 477.839074][ T9] usb 3-1: SerialNumber: syz [ 477.869665][T12390] bcachefs (loop7): finished waiting for writes to stop [ 477.893358][ T9] usb 3-1: config 0 descriptor?? [ 477.960437][ T9] hub 3-1:0.0: bad descriptor, ignoring hub [ 477.989282][T12390] bcachefs (loop7): flushing journal and stopping allocators, journal seq 10 [ 478.044670][ T9] hub 3-1:0.0: probe with driver hub failed with error -5 [ 478.071955][T12390] bcachefs (loop7): flushing journal and stopping allocators complete, journal seq 10 [ 478.107878][ T9] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 478.192973][T12390] bcachefs (loop7): unshutdown complete, journal seq 11 [ 478.260373][T18667] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5217'. [ 478.272719][T12390] bcachefs (loop7): done going read-only, filesystem not clean [ 478.293921][ T9] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 478.433714][ T9] usb 3-1: USB disconnect, device number 34 [ 478.519941][T12390] bcachefs (loop7): shutdown complete [ 478.571310][T18673] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5220'. [ 478.737001][ T5846] udevd[5846]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 481.066045][T18711] 8021q: VLANs not supported on lo [ 481.114980][T18713] netlink: 'syz.6.5240': attribute type 1 has an invalid length. [ 481.188880][T18715] netlink: 'syz.0.5241': attribute type 3 has an invalid length. [ 481.264503][T18715] netlink: 666 bytes leftover after parsing attributes in process `syz.0.5241'. [ 481.864643][T18724] loop2: detected capacity change from 0 to 512 [ 481.891464][T18691] loop3: detected capacity change from 0 to 32768 [ 482.017392][T18691] (syz.3.5229,18691,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 482.042796][T18724] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 482.055785][ T8] usb 1-1: new full-speed USB device number 30 using dummy_hcd [ 482.108336][T18691] (syz.3.5229,18691,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 482.146784][T18732] loop4: detected capacity change from 0 to 64 [ 482.156477][T18731] netlink: 'syz.6.5247': attribute type 1 has an invalid length. [ 482.177868][T18724] ext4 filesystem being mounted at /888/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 482.240203][T18731] netlink: 5 bytes leftover after parsing attributes in process `syz.6.5247'. [ 482.304188][ T8] usb 1-1: not running at top speed; connect to a high speed hub [ 482.368584][ T8] usb 1-1: config 11 has an invalid interface number: 95 but max is 0 [ 482.390448][T18691] JBD2: Ignoring recovery information on journal [ 482.407867][T18724] EXT4-fs error (device loop2): ext4_xattr_block_list:768: inode #15: comm syz.2.5246: corrupted xattr block 33: e_value out of bounds [ 482.474045][ T8] usb 1-1: config 11 has no interface number 0 [ 482.524383][ T8] usb 1-1: config 11 interface 95 altsetting 64 endpoint 0xD has invalid maxpacket 512, setting to 64 [ 482.617417][T18691] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 482.629095][ T8] usb 1-1: config 11 interface 95 altsetting 64 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 482.744385][ T8] usb 1-1: config 11 interface 95 altsetting 64 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 482.824400][ T8] usb 1-1: config 11 interface 95 altsetting 64 endpoint 0x8F has invalid wMaxPacketSize 0 [ 482.907089][ T8] usb 1-1: config 11 interface 95 has no altsetting 0 [ 482.952377][ T8] usb 1-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=b1.4d [ 483.006314][ T8] usb 1-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 483.021259][T18736] loop6: detected capacity change from 0 to 1024 [ 483.032972][T18738] loop4: detected capacity change from 0 to 128 [ 483.044350][ T8] usb 1-1: Manufacturer: syz [ 483.083658][T18725] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 483.339082][ T8] usbtouchscreen 1-1:11.95: probe with driver usbtouchscreen failed with error -90 [ 483.400773][ T8] usb 1-1: USB disconnect, device number 30 [ 483.615112][ C1] sched: DL replenish lagged too much [ 483.802868][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 483.938500][ T5834] ocfs2: Unmounting device (7,3) on (node local) [ 484.244729][T18740] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 485.019544][T18753] loop2: detected capacity change from 0 to 1024 [ 485.226183][T18753] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 485.816547][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 486.090782][ T9] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 486.335930][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 486.365194][T18773] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5267'. [ 486.410157][ T9] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 486.460224][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.539944][ T9] usb 4-1: config 0 descriptor?? [ 486.598070][ T9] gspca_main: sunplus-2.14.0 probing 041e:400b [ 487.038853][ T9] gspca_sunplus: reg_w_riv err -71 [ 487.044101][ T9] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 487.163625][ T9] usb 4-1: USB disconnect, device number 27 [ 488.060760][T18794] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5277'. [ 488.140279][T18795] loop4: detected capacity change from 0 to 256 [ 488.164496][T18794] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5277'. [ 488.234851][T18795] exfat: Deprecated parameter 'utf8' [ 488.342538][T18795] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 489.658256][T18819] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5290'. [ 489.878620][ T8] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 490.114407][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 490.167772][ T8] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 490.214608][ T9] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 490.240842][ T8] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 490.314727][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 490.375106][ T8] usb 3-1: Product: syz [ 490.404440][ T8] usb 3-1: Manufacturer: syz [ 490.444380][ T8] usb 3-1: SerialNumber: syz [ 490.464639][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 490.514725][ T9] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 490.522883][ T9] usb 4-1: config 0 has no interface number 0 [ 490.546054][ T8] usb 3-1: config 0 descriptor?? [ 490.603448][T18821] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 490.652736][ T8] hub 3-1:0.0: bad descriptor, ignoring hub [ 490.667090][ T9] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 490.717036][ T8] hub 3-1:0.0: probe with driver hub failed with error -5 [ 490.740640][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 490.814929][ T8] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input27 [ 490.834530][ T9] usb 4-1: Product: syz [ 490.853811][ T9] usb 4-1: Manufacturer: syz [ 490.861863][T18833] netlink: 'syz.6.5296': attribute type 2 has an invalid length. [ 490.909593][ T9] usb 4-1: SerialNumber: syz [ 490.957720][T18833] netlink: 'syz.6.5296': attribute type 1 has an invalid length. [ 490.977709][ T9] usb 4-1: config 0 descriptor?? [ 491.035977][T18835] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled [ 491.053962][T18821] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 491.061254][T18821] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 491.089376][ T9] radio-si470x 4-1:0.35: could not find interrupt in endpoint [ 491.214499][ T9] radio-si470x 4-1:0.35: probe with driver radio-si470x failed with error -5 [ 491.275971][T18821] vhci_hcd vhci_hcd.0: Device attached [ 491.353641][ T9] radio-raremono 4-1:0.35: this is not Thanko's Raremono. [ 491.450945][ T9] usbhid 4-1:0.35: couldn't find an input interrupt endpoint [ 491.634989][ T9] usb 4-1: USB disconnect, device number 28 [ 491.701839][ T8] usb 38-1: SetAddress Request (2) to port 0 [ 491.763887][T18836] vhci_hcd: connection closed [ 491.823036][ T8] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd [ 491.863157][ T5915] vhci_hcd: stop threads [ 491.885563][ T5912] usb 3-1: USB disconnect, device number 35 [ 491.891541][ C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 491.968040][ T5915] vhci_hcd: release socket [ 492.034363][ T5915] vhci_hcd: disconnect device [ 493.744228][T18856] xt_nfacct: accounting object `sy' does not exists [ 493.845620][T18863] loop6: detected capacity change from 0 to 164 [ 495.408659][T18890] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5320'. [ 496.207100][T18860] loop4: detected capacity change from 0 to 32768 [ 496.325490][T18860] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.5308 (18860) [ 497.134669][ T8] usb 38-1: device descriptor read/8, error -110 [ 497.705613][ T8] usb usb38-port1: attempt power cycle [ 498.047432][T18926] 8021q: adding VLAN 0 to HW filter on device bond3 [ 498.274441][ T9] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 498.504454][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 498.522289][ T8] usb usb38-port1: unable to enumerate USB device [ 498.551568][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 498.648789][ T9] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 498.684520][ T968] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 498.694661][T18938] net_ratelimit: 11 callbacks suppressed [ 498.694683][T18938] netlink: set zone limit has 8 unknown bytes [ 498.726620][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 498.806646][ T9] usb 4-1: config 0 descriptor?? [ 498.886391][ T9] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 498.929324][ T968] usb 7-1: Using ep0 maxpacket: 32 [ 498.995389][ T968] usb 7-1: config 0 has an invalid interface number: 206 but max is 1 [ 499.054497][ T968] usb 7-1: config 0 has no interface number 1 [ 499.060641][ T968] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 499.254465][ T968] usb 7-1: config 0 interface 206 has no altsetting 0 [ 499.339797][ T9] gspca_vc032x: reg_w err -71 [ 499.360459][ T968] usb 7-1: New USB device found, idVendor=13d3, idProduct=3393, bcdDevice=6b.ed [ 499.394471][ T9] vc032x 4-1:0.0: probe with driver vc032x failed with error -71 [ 499.439485][ T968] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 499.482282][ T9] usb 4-1: USB disconnect, device number 29 [ 499.521290][ T968] usb 7-1: Product: syz [ 499.594382][ T968] usb 7-1: Manufacturer: syz [ 499.621135][ T968] usb 7-1: SerialNumber: syz [ 499.687258][ T968] usb 7-1: config 0 descriptor?? [ 499.893883][T18948] loop4: detected capacity change from 0 to 1024 [ 500.063708][ T968] usb 7-1: USB disconnect, device number 7 [ 500.680059][ T5915] hfsplus: b-tree write err: -5, ino 4 [ 501.008757][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.048855][T18954] loop3: detected capacity change from 0 to 8192 [ 501.185640][T18965] netlink: 288 bytes leftover after parsing attributes in process `syz.4.5354'. [ 501.279662][T18968] xt_bpf: check failed: parse error [ 501.486886][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 501.574505][T18954] FAT-fs (loop3): Filesystem has been set read-only [ 501.648456][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 501.756895][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 501.853920][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 501.933824][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.018592][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.107459][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.190918][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.285474][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.357308][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.441059][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.523860][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.629688][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.721970][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.784997][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.874432][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 502.883120][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 503.044464][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 503.101886][T18996] netlink: 'syz.7.5371': attribute type 7 has an invalid length. [ 503.122504][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 503.194718][T18996] netlink: 'syz.7.5371': attribute type 8 has an invalid length. [ 503.212015][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 503.308528][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 503.384576][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 503.466401][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 503.574436][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 503.644659][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 503.730344][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 503.828547][T18954] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 2070) [ 504.395404][T19017] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5380'. [ 504.424849][T19016] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5381'. [ 504.658319][T19022] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5385'. [ 504.730121][T19022] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5385'. [ 504.741854][ T9] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 505.007300][ T9] usb 3-1: config 0 has an invalid interface number: 117 but max is 0 [ 505.067782][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 505.143573][ T9] usb 3-1: config 0 has no interface number 0 [ 505.202855][ T9] usb 3-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 505.280986][ T9] usb 3-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 505.387173][ T9] usb 3-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 505.407007][T19033] loop6: detected capacity change from 0 to 512 [ 505.419168][T19034] loop7: detected capacity change from 0 to 64 [ 505.445942][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 505.510237][ T9] usb 3-1: Product: syz [ 505.551538][T19033] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 505.577736][ T9] usb 3-1: Manufacturer: syz [ 505.582410][ T9] usb 3-1: SerialNumber: syz [ 505.662995][T19033] ext4 filesystem being mounted at /599/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 505.675091][ T9] usb 3-1: config 0 descriptor?? [ 505.816667][T19033] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5389: bg 0: block 225: padding at end of block bitmap is not set [ 505.874944][T19040] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 225: padding at end of block bitmap is not set [ 505.916447][ T9] usbtouchscreen 3-1:0.117: probe with driver usbtouchscreen failed with error -71 [ 505.951755][T19033] Quota error (device loop6): write_blk: dquota write failed [ 505.978890][ T9] usb 3-1: USB disconnect, device number 36 [ 505.997418][T19033] Quota error (device loop6): qtree_write_dquot: Error -28 occurred while creating quota [ 506.053262][T19033] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.5389: Failed to acquire dquot type 1 [ 506.578580][T19045] loop2: detected capacity change from 0 to 512 [ 506.631879][T19045] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 506.666252][T19045] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 506.684671][T19045] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.5396: Failed to acquire dquot type 1 [ 506.707536][T19045] EXT4-fs (loop2): 1 truncate cleaned up [ 506.715391][T19045] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 506.747039][T19045] ext4 filesystem being mounted at /915/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 506.787890][T19045] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 506.809582][T19045] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 506.824159][T19045] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.5396: Failed to acquire dquot type 1 [ 509.208177][T19048] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set [ 520.166042][ T5852] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 520.184416][ T5852] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 520.192223][ T5852] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 520.200244][ T5852] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 520.208839][ T5852] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 520.216243][ T5852] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 520.344650][T19050] xfrm0 speed is unknown, defaulting to 1000 [ 520.558570][T19050] chnl_net:caif_netlink_parms(): no params data found [ 521.263993][ T5853] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 521.284513][ T5853] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 521.294379][ T5853] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 521.302225][ T5853] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 521.315306][ T5853] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 521.324618][ T5853] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 522.344554][ T5853] Bluetooth: hci6: command tx timeout [ 522.540946][ T5852] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 522.556336][ T5852] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 522.565586][ T5852] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 522.580445][ T5852] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 522.592390][ T5852] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 522.600029][ T5852] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 522.701453][ T5853] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 522.714449][ T5853] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 522.722250][ T5853] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 522.733721][ T5853] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 522.741785][ T5853] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 522.749541][ T5853] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 522.949453][ T5852] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 522.966826][ T5852] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 522.974949][ T5852] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 522.983791][ T5852] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 522.992195][ T5852] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 523.000451][ T5852] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 523.346405][ T5853] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 523.355850][ T5853] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 523.363729][ T5853] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 523.372580][ T5853] Bluetooth: hci7: command tx timeout [ 523.381139][ T5853] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 523.395696][ T5853] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 523.403714][ T5853] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 524.417611][ T5853] Bluetooth: hci6: command tx timeout [ 524.654718][ T5853] Bluetooth: hci8: command tx timeout [ 524.814662][ T5853] Bluetooth: hci9: command tx timeout [ 525.054655][ T5853] Bluetooth: hci10: command tx timeout [ 525.454536][ T5852] Bluetooth: hci7: command tx timeout [ 525.464088][ T5853] Bluetooth: hci11: command tx timeout [ 526.484699][ T5853] Bluetooth: hci6: command tx timeout [ 526.734858][ T5853] Bluetooth: hci8: command tx timeout [ 526.884894][ T5853] Bluetooth: hci9: command tx timeout [ 527.134636][ T5853] Bluetooth: hci10: command tx timeout [ 527.537613][ T5853] Bluetooth: hci11: command tx timeout [ 527.543166][ T5853] Bluetooth: hci7: command tx timeout [ 528.583732][ T5853] Bluetooth: hci6: command tx timeout [ 528.814788][ T5853] Bluetooth: hci8: command tx timeout [ 528.976946][ T5853] Bluetooth: hci9: command tx timeout [ 529.204875][ T5853] Bluetooth: hci10: command tx timeout [ 529.614470][ T5852] Bluetooth: hci11: command tx timeout [ 529.624137][ T5853] Bluetooth: hci7: command tx timeout [ 530.894588][ T5853] Bluetooth: hci8: command tx timeout [ 531.054558][ T5853] Bluetooth: hci9: command tx timeout [ 531.294580][ T5853] Bluetooth: hci10: command tx timeout [ 531.711107][ T5853] Bluetooth: hci11: command tx timeout [ 533.783734][ T5853] Bluetooth: hci2: command 0x0406 tx timeout [ 562.430909][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 583.120653][T19075] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 583.160376][T19075] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 583.174393][T19075] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 583.189374][T19075] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 583.199105][T19075] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 583.207338][T19075] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 583.908386][T19053] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 583.918082][T19053] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 583.927472][T19053] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 583.935942][T19053] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 583.952780][T19053] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 583.960632][T19053] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 584.041278][T19093] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 584.051522][T19093] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 584.069562][T19093] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 584.084817][T19093] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 584.092571][T19093] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 584.100852][T19093] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 584.230191][T19096] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 584.244695][T19096] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 584.253750][T19096] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 584.264691][T19096] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 584.272382][T19096] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 584.281979][T19096] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 584.555349][T19090] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 584.576984][T19090] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 584.587718][T19090] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 584.597295][T19090] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 584.618345][T19090] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 584.625979][T19090] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 584.724949][T19101] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 584.735781][T19101] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 584.744197][T19101] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 584.753531][T19101] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 584.775314][T19101] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 584.786229][T19101] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 623.859570][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 639.854766][ T30] INFO: task jbd2/sda1-8:5161 blocked for more than 143 seconds. [ 639.862557][ T30] Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 639.904354][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 639.944996][ T30] task:jbd2/sda1-8 state:D stack:24400 pid:5161 tgid:5161 ppid:2 flags:0x00004000 [ 640.013816][ T30] Call Trace: [ 640.031203][ T30] [ 640.034184][ T30] __schedule+0x1850/0x4c30 [ 640.139263][ T30] ? __pfx___schedule+0x10/0x10 [ 640.144227][ T30] ? __pfx_lock_release+0x10/0x10 [ 640.217537][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 640.223630][ T30] ? schedule+0x90/0x320 [ 640.308963][ T30] schedule+0x14b/0x320 [ 640.313219][ T30] io_schedule+0x8d/0x110 [ 640.334461][ T30] bit_wait_io+0x12/0xd0 [ 640.338884][ T30] __wait_on_bit+0xb2/0x2f0 [ 640.343890][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 640.424914][ T30] out_of_line_wait_on_bit+0x1d5/0x260 [ 640.430473][ T30] ? __pfx_bit_wait_io+0x10/0x10 [ 640.474351][ T30] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 640.480425][ T30] ? __pfx_wake_bit_function+0x10/0x10 [ 640.574343][ T30] jbd2_journal_commit_transaction+0x3d07/0x6650 [ 640.580825][ T30] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 640.664357][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 640.669674][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.734763][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 640.740777][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.804442][ T30] ? __try_to_del_timer_sync+0x2ad/0x340 [ 640.810209][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 640.874541][ T30] ? __pfx___timer_delete_sync+0x10/0x10 [ 640.880275][ T30] ? __pfx_do_raw_write_lock+0x10/0x10 [ 640.934451][ T30] ? prepare_to_wait+0x186/0x210 [ 640.939479][ T30] ? schedule+0x90/0x320 [ 640.943773][ T30] kjournald2+0x41c/0x7b0 [ 640.984466][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 640.990925][ T30] ? __pfx_kjournald2+0x10/0x10 [ 641.043033][ T30] ? __pfx_autoremove_wake_function+0x10/0x10 [ 641.079973][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 641.100813][ T30] ? __kthread_parkme+0x169/0x1d0 [ 641.122180][ T30] ? __pfx_kjournald2+0x10/0x10 [ 641.154353][ T30] kthread+0x2f2/0x390 [ 641.158523][ T30] ? __pfx_kjournald2+0x10/0x10 [ 641.163939][ T30] ? __pfx_kthread+0x10/0x10 [ 641.206902][ T30] ret_from_fork+0x4d/0x80 [ 641.211410][ T30] ? __pfx_kthread+0x10/0x10 [ 641.253651][ T30] ret_from_fork_asm+0x1a/0x30 [ 641.273266][ T30] [ 641.285591][ T30] [ 641.285591][ T30] Showing all locks held in the system: [ 641.293347][ T30] 1 lock held by init/1: [ 641.343637][ T30] 3 locks held by kworker/0:1/9: [ 641.363368][ T30] #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 641.414411][ T30] #1: ffffc900000e7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 641.464357][ T30] #2: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 [ 641.504539][ T30] 3 locks held by kworker/u8:0/11: [ 641.509803][ T30] #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 641.614866][ T30] #1: ffffc90000107d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 641.665653][ T30] #2: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 641.724430][ T30] 3 locks held by kworker/1:0/25: [ 641.729517][ T30] 1 lock held by khungtaskd/30: [ 641.778578][ T30] #0: ffffffff8e937aa0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 641.814420][ T30] 4 locks held by kworker/1:1/46: [ 641.819504][ T30] 2 locks held by klogd/5188: [ 641.824194][ T30] 2 locks held by getty/5586: [ 641.879851][ T30] #0: ffff888030fbf0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 641.924453][ T30] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 641.966291][ T30] 5 locks held by kworker/u9:7/5852: [ 641.971600][ T30] #0: ffff888056984948 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 642.044348][ T30] #1: ffffc90003177d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 642.081911][ T30] #2: ffff88804ab14d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1ec/0x400 [ 642.109417][ T30] #3: ffff88804ab14078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1ea/0xe00 [ 642.127729][ T30] #4: ffffffff8fe0fda8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x15d/0x300 [ 642.146727][ T30] 4 locks held by kworker/u9:8/5853: [ 642.152033][ T30] #0: ffff888046f2a148 ((wq_completion)hci12#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 642.174437][ T30] #1: ffffc90003167d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 642.197702][ T30] #2: ffff888069f3c078 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x97/0xaa0 [ 642.215524][ T30] #3: ffffffff8fe0fda8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x473/0xaa0 [ 642.241937][ T30] 2 locks held by kworker/1:7/5899: [ 642.252328][ T30] 3 locks held by kworker/u8:9/5915: [ 642.268321][ T30] #0: ffff88814d52b948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 642.288369][ T30] #1: ffffc90002f37d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 642.308454][ T30] #2: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 642.324321][ T30] 2 locks held by kworker/1:2/17514: [ 642.329627][ T30] 2 locks held by syz.3.5383/19023: [ 642.341016][ T30] #0: ffff888011b00208 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x90/0x240 [ 642.356078][ T30] #1: ffffffff8e93cfb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x830 [ 642.380672][ T30] 1 lock held by syz.4.5392/19039: [ 642.396134][ T30] #0: ffff888011b15c08 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x90/0x240 [ 642.414331][ T30] 2 locks held by syz-executor/19050: [ 642.419725][ T30] #0: ffffffff8f459660 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250 [ 642.444696][ T30] #1: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xd04/0x24f0 [ 642.453841][ T30] 4 locks held by kworker/u9:0/19053: [ 642.464317][ T30] #0: ffff888095ad5148 ((wq_completion)hci14#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 642.488168][ T30] #1: ffffc90003557d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 642.518023][ T30] #2: ffff88808ebc8078 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x97/0xaa0 [ 642.538371][ T30] #3: ffffffff8fe0fda8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x473/0xaa0 [ 642.561163][ T30] 1 lock held by syz-executor/19059: [ 642.572763][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 642.587957][ T30] 1 lock held by syz-executor/19065: [ 642.593261][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 642.611530][ T30] 1 lock held by dhcpcd/19067: [ 642.626791][ T30] #0: ffff88804db90258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 642.653222][ T30] 1 lock held by syz-executor/19068: [ 642.663002][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 642.680985][ T30] 1 lock held by syz-executor/19070: [ 642.688796][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 642.708360][ T30] 1 lock held by dhcpcd/19071: [ 642.713231][ T30] #0: ffff88806cf9a258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 642.733718][ T30] 1 lock held by syz-executor/19073: [ 642.741935][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 642.759272][ T30] 4 locks held by kworker/u9:1/19075: [ 642.766049][ T30] #0: ffff888020f26148 ((wq_completion)hci13#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 642.791773][ T30] #1: ffffc90002e67d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 642.812782][ T30] #2: ffff888096d64078 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x97/0xaa0 [ 642.832098][ T30] #3: ffffffff8fe0fda8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x473/0xaa0 [ 642.847789][ T30] 1 lock held by dhcpcd/19076: [ 642.852590][ T30] #0: ffff888033742258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 642.871173][ T30] 1 lock held by dhcpcd/19079: [ 642.882315][ T30] #0: ffff8880253be258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 642.904431][ T30] 1 lock held by syz-executor/19084: [ 642.909746][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 642.935607][ T30] 1 lock held by syz-executor/19088: [ 642.940932][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 642.961129][ T30] 4 locks held by kworker/u9:2/19090: [ 642.975346][ T30] #0: ffff888056e2b148 ((wq_completion)hci16#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 642.998458][ T30] #1: ffffc9000fa77d00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 643.022363][ T30] #2: ffff88803aeac078 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x97/0xaa0 [ 643.033956][ T30] #3: ffffffff8fe0fda8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x473/0xaa0 [ 643.072366][ T30] 1 lock held by syz-executor/19091: [ 643.084413][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 643.093953][ T30] 1 lock held by syz-executor/19094: [ 643.112837][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 643.130408][ T30] 4 locks held by kworker/u9:4/19096: [ 643.143332][ T30] #0: ffff8880289e6948 ((wq_completion)hci15#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 643.159371][ T30] #1: ffffc9000fa9fd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 643.177413][ T30] #2: ffff88809d73c078 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x97/0xaa0 [ 643.202931][ T30] #3: ffffffff8fe0fda8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x473/0xaa0 [ 643.224059][ T30] 1 lock held by syz-executor/19097: [ 643.234199][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 643.243798][ T30] 1 lock held by syz-executor/19100: [ 643.254324][ T30] #0: ffffffff8fcaf448 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 643.263854][ T30] 4 locks held by kworker/u9:6/19101: [ 643.281622][ T30] #0: ffff888094e2e948 ((wq_completion)hci17#2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 643.298707][ T30] #1: ffffc9000facfd00 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 643.319922][ T30] #2: ffff888094edc078 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x97/0xaa0 [ 643.344174][ T30] #3: ffffffff8fe0fda8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x473/0xaa0 [ 643.364329][ T30] 1 lock held by dhcpcd/19103: [ 643.369129][ T30] #0: ffff888035816258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 643.391410][ T30] 1 lock held by dhcpcd/19104: [ 643.400904][ T30] #0: ffff888026310258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 643.415919][ T30] 1 lock held by dhcpcd/19105: [ 643.420815][ T30] #0: ffff88803554a258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 643.447817][ T30] 1 lock held by dhcpcd/19106: [ 643.452666][ T30] #0: ffff88807c81a258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 643.476686][ T30] 1 lock held by dhcpcd/19107: [ 643.481508][ T30] #0: ffff8880a010c258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 643.500326][ T30] 1 lock held by dhcpcd/19108: [ 643.508837][ T30] #0: ffff88809ec00258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 643.524328][ T30] 1 lock held by dhcpcd/19109: [ 643.529124][ T30] #0: ffff88809ec16258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0 [ 643.558796][ T30] [ 643.561186][ T30] ============================================= [ 643.561186][ T30] [ 643.574326][ T30] NMI backtrace for cpu 0 [ 643.578687][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0 [ 643.589252][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 643.599330][ T30] Call Trace: [ 643.602628][ T30] [ 643.605590][ T30] dump_stack_lvl+0x241/0x360 [ 643.610313][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 643.615551][ T30] ? __pfx__printk+0x10/0x10 [ 643.620188][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 643.625165][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 643.630653][ T30] ? _printk+0xd5/0x120 [ 643.634842][ T30] ? __pfx__printk+0x10/0x10 [ 643.639468][ T30] ? __wake_up_klogd+0xcc/0x110 [ 643.644342][ T30] ? __pfx__printk+0x10/0x10 [ 643.648965][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.654618][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 643.659675][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 643.665680][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 643.671697][ T30] watchdog+0xff6/0x1040 [ 643.675976][ T30] ? watchdog+0x1ea/0x1040 [ 643.680428][ T30] ? __pfx_watchdog+0x10/0x10 [ 643.685137][ T30] kthread+0x2f2/0x390 [ 643.689238][ T30] ? __pfx_watchdog+0x10/0x10 [ 643.693943][ T30] ? __pfx_kthread+0x10/0x10 [ 643.698568][ T30] ret_from_fork+0x4d/0x80 [ 643.703007][ T30] ? __pfx_kthread+0x10/0x10 [ 643.707625][ T30] ret_from_fork_asm+0x1a/0x30 [ 643.712424][ T30] [ 643.716514][ T30] Sending NMI from CPU 0 to CPUs 1: [ 643.721742][ C1] NMI backtrace for cpu 1 [ 643.721758][ C1] CPU: 1 UID: 0 PID: 17514 Comm: kworker/1:2 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0 [ 643.721786][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 643.721802][ C1] Workqueue: wg-crypt-wg0 wg_packet_tx_worker [ 643.721843][ C1] RIP: 0010:usb_unanchor_urb+0x80/0xc0 [ 643.721895][ C1] Code: 89 04 24 80 3c 2b 00 74 08 4c 89 ef e8 89 01 c1 fa 4d 3b 65 00 75 49 e8 ae 19 56 fa 4c 89 ff 4c 89 e6 e8 53 00 00 00 4c 89 f7 <48> 8b 34 24 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d e9 69 b6 89 [ 643.721916][ C1] RSP: 0018:ffffc90000a18840 EFLAGS: 00000046 [ 643.721936][ C1] RAX: ffffffff87495aff RBX: 1ffff11009375607 RCX: ffff888027ca3c00 [ 643.721956][ C1] RDX: 0000000000000100 RSI: 0000000000000001 RDI: ffff88802b2a62f8 [ 643.721973][ C1] RBP: dffffc0000000000 R08: ffffffff87495af6 R09: 1ffff11005654c67 [ 643.721992][ C1] R10: dffffc0000000000 R11: ffffed1005654c68 R12: ffff88802b2a6298 [ 643.722011][ C1] R13: ffff888049bab038 R14: ffff88802b2a62f8 R15: ffff888049bab000 [ 643.722034][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 643.722055][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 643.722072][ C1] CR2: 000000110c2449a5 CR3: 000000000e736000 CR4: 0000000000350ef0 [ 643.722092][ C1] Call Trace: [ 643.722101][ C1] [ 643.722111][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 643.722140][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 643.722172][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 643.722199][ C1] ? nmi_handle+0x2a/0x5a0 [ 643.722238][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 643.722262][ C1] ? nmi_handle+0x151/0x5a0 [ 643.722291][ C1] ? nmi_handle+0x2a/0x5a0 [ 643.722320][ C1] ? usb_unanchor_urb+0x80/0xc0 [ 643.722356][ C1] ? default_do_nmi+0x63/0x160 [ 643.722383][ C1] ? exc_nmi+0x123/0x1f0 [ 643.722407][ C1] ? end_repeat_nmi+0xf/0x53 [ 643.722449][ C1] ? __usb_unanchor_urb+0x226/0x2e0 [ 643.722486][ C1] ? __usb_unanchor_urb+0x22f/0x2e0 [ 643.722526][ C1] ? usb_unanchor_urb+0x80/0xc0 [ 643.722564][ C1] ? usb_unanchor_urb+0x80/0xc0 [ 643.722604][ C1] ? usb_unanchor_urb+0x80/0xc0 [ 643.722642][ C1] [ 643.722652][ C1] [ 643.722665][ C1] __usb_hcd_giveback_urb+0x2a6/0x6e0 [ 643.722703][ C1] ? __pfx___usb_hcd_giveback_urb+0x10/0x10 [ 643.722739][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.722765][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 643.722791][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.722821][ C1] dummy_timer+0x856/0x4620 [ 643.722849][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.722887][ C1] ? debug_object_deactivate+0x2d5/0x390 [ 643.722939][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.722979][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 643.723008][ C1] ? __pfx_dummy_timer+0x10/0x10 [ 643.723032][ C1] __hrtimer_run_queues+0x59d/0xd30 [ 643.723067][ C1] ? ktime_get_update_offsets_now+0x2d/0x3b0 [ 643.723107][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 643.723141][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.723164][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.723187][ C1] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 643.723220][ C1] hrtimer_run_softirq+0x19a/0x2c0 [ 643.723258][ C1] handle_softirqs+0x2d6/0x9b0 [ 643.723295][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.723324][ C1] ? __irq_exit_rcu+0xf7/0x220 [ 643.723362][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 643.723401][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.723424][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 643.723456][ C1] __irq_exit_rcu+0xf7/0x220 [ 643.723491][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 643.723531][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.723557][ C1] irq_exit_rcu+0x9/0x30 [ 643.723590][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 643.723622][ C1] [ 643.723630][ C1] [ 643.723640][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 643.723676][ C1] RIP: 0010:__local_bh_enable_ip+0x170/0x200 [ 643.723713][ C1] Code: 8c e8 94 a5 6e 0a 65 66 8b 05 74 0f a2 7e 66 85 c0 75 5d bf 01 00 00 00 e8 5d bd 0b 00 e8 38 75 45 00 fb 65 8b 05 38 0f a2 7e <85> c0 75 05 e8 b7 80 a8 ff 48 c7 44 24 20 0e 36 e0 45 49 c7 04 1c [ 643.723734][ C1] RSP: 0018:ffffc9001f227a80 EFLAGS: 00000282 [ 643.723755][ C1] RAX: 0000000080000000 RBX: 1ffff92003e44f54 RCX: ffffffff817b246a [ 643.723773][ C1] RDX: dffffc0000000000 RSI: ffffffff8c0a9680 RDI: ffffffff8c5f63e0 [ 643.723792][ C1] RBP: ffffc9001f227b40 R08: ffffffff942b8987 R09: 1ffffffff2857130 [ 643.723812][ C1] R10: dffffc0000000000 R11: fffffbfff2857131 R12: dffffc0000000000 [ 643.723830][ C1] R13: 1ffff92003e44f58 R14: ffffc9001f227ac0 R15: 0000000000000200 [ 643.723854][ C1] ? mark_lock+0x9a/0x360 [ 643.723893][ C1] ? wg_packet_tx_worker+0x25f/0x810 [ 643.723931][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 643.723966][ C1] ? rcu_read_lock_bh_held+0x7e/0x120 [ 643.724003][ C1] ? __pfx_rcu_read_lock_bh_held+0x10/0x10 [ 643.724040][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.724066][ C1] ? wg_packet_tx_worker+0x25f/0x810 [ 643.724103][ C1] wg_packet_tx_worker+0x5ef/0x810 [ 643.724139][ C1] ? wg_packet_tx_worker+0x25f/0x810 [ 643.724177][ C1] ? process_scheduled_works+0x976/0x1840 [ 643.724203][ C1] process_scheduled_works+0xa68/0x1840 [ 643.724244][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 643.724279][ C1] ? assign_work+0x364/0x3d0 [ 643.724308][ C1] worker_thread+0x870/0xd30 [ 643.724338][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.724365][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 643.724391][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 643.724426][ C1] ? __kthread_parkme+0x169/0x1d0 [ 643.724458][ C1] ? __pfx_worker_thread+0x10/0x10 [ 643.724485][ C1] kthread+0x2f2/0x390 [ 643.724513][ C1] ? __pfx_worker_thread+0x10/0x10 [ 643.724538][ C1] ? __pfx_kthread+0x10/0x10 [ 643.724569][ C1] ret_from_fork+0x4d/0x80 [ 643.724593][ C1] ? __pfx_kthread+0x10/0x10 [ 643.724622][ C1] ret_from_fork_asm+0x1a/0x30 [ 643.724655][ C1] [ 644.311472][ T5899] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 644.370447][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 644.370472][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0 [ 644.370507][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 644.370526][ T30] Call Trace: [ 644.370537][ T30] [ 644.370551][ T30] dump_stack_lvl+0x241/0x360 [ 644.370600][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 644.370640][ T30] ? __pfx__printk+0x10/0x10 [ 644.370684][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 644.370714][ T30] ? vscnprintf+0x5d/0x90 [ 644.370749][ T30] panic+0x349/0x880 [ 644.370783][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 644.370813][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 644.370848][ T30] ? __pfx_panic+0x10/0x10 [ 644.370881][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 644.370925][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 644.370952][ T30] ? __irq_work_queue_local+0x137/0x410 [ 644.370987][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 644.371015][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 644.371048][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 644.371080][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 644.371116][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 644.371149][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 644.371186][ T30] watchdog+0x1035/0x1040 [ 644.371221][ T30] ? watchdog+0x1ea/0x1040 [ 644.371260][ T30] ? __pfx_watchdog+0x10/0x10 [ 644.371293][ T30] kthread+0x2f2/0x390 [ 644.371328][ T30] ? __pfx_watchdog+0x10/0x10 [ 644.371361][ T30] ? __pfx_kthread+0x10/0x10 [ 644.371397][ T30] ret_from_fork+0x4d/0x80 [ 644.371427][ T30] ? __pfx_kthread+0x10/0x10 [ 644.371462][ T30] ret_from_fork_asm+0x1a/0x30 [ 644.371504][ T30] [ 644.373470][ T30] Kernel Offset: disabled