last executing test programs: 4.657885366s ago: executing program 3 (id=1945): unshare(0x2a020480) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.empty_time\x00', 0x275a, 0x0) flistxattr(r0, 0x0, 0xfbffffff) 4.432004064s ago: executing program 0 (id=1950): syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f00000000c0)={[{@datacow}, {@nodatacow}, {@flushoncommit}, {@nossd_spread}, {@nodatasum}, {@autodefrag}, {@user_subvol_rm}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x33, 0x78, 0x37, 0x65, 0x36, 0x10]}}], [{@flag='dirsync'}]}, 0x0, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f00000001c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c}}) 3.902945582s ago: executing program 4 (id=1957): mkdir(&(0x7f0000000540)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2284c3b, &(0x7f0000000800)={[{@mode={'mode', 0x3d, 0x4}}, {}]}) 3.83643889s ago: executing program 3 (id=1958): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x2, &(0x7f0000000200)=[{0x20, 0x0, 0x0, 0xfffff028}, {0x6}]}) 3.804869383s ago: executing program 4 (id=1959): syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a"], 0xd) syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="042c1101c800000000000000000000000000000276e92be46cb4b048789e1eff4539e87b6bfb1fc6b7b85198f1ac5a68bdfb2e42474e6586935e56ee8bcc2b0862303fbda9aa452269363c34"], 0x14) unshare(0x40040000) 3.456520256s ago: executing program 4 (id=1962): r0 = socket$can_raw(0x1d, 0x3, 0x1) unshare(0x20000400) bind$can_raw(r0, &(0x7f0000000000), 0x10) 3.34416499s ago: executing program 3 (id=1963): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 3.333309097s ago: executing program 4 (id=1964): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x17ef, 0x60a3, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)={0x0, 0x0, 0x5, {0x5, 0x0, "a7ea31"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 3.181477307s ago: executing program 3 (id=1966): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x810, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x22, 0x5, {[@main, @main=@item_012={0x1, 0x0, 0x9, "b7"}, @local=@item_012={0x1, 0x2, 0x0, "9a"}]}}, 0x0}, 0x0) 2.977674957s ago: executing program 2 (id=1968): r0 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="9feb01001800000002000000000000c8"], &(0x7f0000001f80)=""/237, 0x18, 0xed, 0x2, 0x0, 0x0, @void, @value}, 0x28) 2.885480559s ago: executing program 2 (id=1969): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001200210200000000000000000704"], 0x24}}, 0x0) 2.813880171s ago: executing program 2 (id=1970): syz_mount_image$cramfs(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x2200400, &(0x7f0000000400)=ANY=[], 0xfe, 0x160, &(0x7f0000000200)="$eJzs0M+LEnEYx/H3d+brKKRYZCBBKXTIksAf1C3CiSQhGyi6dBJs+gGKkVDeUqJbB6Grh9q9Lgv7F+jqYdlFL7v/xF68LezRZWbcXZb1P9jndZvP830+D8yLp7OM4tzzVvPrN7fddj+k3zjV8tvD4bDk5RZ0ti7Mg/ejEnxGM9Iw74EXT2Lw8UvDNeqthvc9L0EYsK8tc5rx03t2QtPTkCfYz9yD8S3/ncHlzC0S8vdua7DjQZYDFv/hvgX2jSDz+o4AE5SylsfumPyuZFM3FXQG2c2NvdfT3cqjh8/cP4Vy/0E0aWZ/whq2iuxMPh2Yy63ZtPrKqTqzYqHwpJjLGzze9wu7ffTL6Hd4r0B7fQZ+n0Xyrn4HvxT89W/Nt1UMGP87dprhs3/d/WGmQaUG9VoytF5LXDcwM9qbLFjBnxBZNRJCCCGEEEIIIYQQQgghhBBCCHHVnQQAAP//A2lTBA==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 2.686693703s ago: executing program 2 (id=1972): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x20801, 0x0) write$rfkill(r0, &(0x7f0000000100)={0x0, 0x2, 0x3, 0x1}, 0x8) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280), 0x2000, 0x0) 2.486523158s ago: executing program 0 (id=1975): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000280)={&(0x7f0000fec000/0x11000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000fec000/0x4000)=nil, &(0x7f0000fed000/0x4000)=nil, &(0x7f0000fec000/0x4000)=nil, &(0x7f0000ff3000/0x3000)=nil, &(0x7f0000ff6000/0x1000)=nil, &(0x7f0000ff4000/0x1000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000ff8000/0x2000)=nil, 0x0, 0x0, r0}, 0x68) 2.056387653s ago: executing program 1 (id=1978): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x50, &(0x7f0000000300)=ANY=[@ANYBLOB='shortname=winnt,shortname=lower,iocharset=maccenteuro,utf8=0,iocharset=macgreek,codepage=1255,flush,shortname=mixed,tz=UTC,check=strict,rodir,nonumtail=0,uid=', @ANYRESDEC=0x0, @ANYBLOB='\x00\x00'], 0xfd, 0x289, &(0x7f0000000c40)="$eJzs3cFLNGUcB/Dfums7CrF7CMQInOhQp0WN6LoSBtFCUeyhTkmuFK4JCkId1Jv0P9S/UMegU9AhuvYPRBAWdMlOHoKNdVbdWXc39X3X5eX9fC7+/M3zZZ6ZZ3DxsM989MLO9ubu/tbZ2WkkSSFK9ajHeSGqMRPF6CrHcQwq3egAAE+O804n/u5kpj0XAOBh+PwHgKfPuM//wvFV792HnxkAMCmP9P//zESmBABM2PsffPj2WqOx/l6aJhE7JwfNg2b2Mzu+thWfRjtasRyV+DeicyWr33yrsb6cdv1RjWTnqJc/OmgW8/mVqES1P/99pftbN7+SZqLZn5+N+V7+1/loxWpU4rnh518dmn8mXnmp7/y1qMQvH8dutGMzutksX46Iw5U0feOdxkC+fDEOAAAAAAAAAAAAAAAAAAAAAAAmoZZeqeb3v8n276nVRh3P8v37A82N3R9ocH+eUjzvNYIAAAAAAAAAAAAAAAAAAABwYf/zL7Y32u3W3rjis5+/+fG0nAX+d/D4otA7791SJ7nO6y/npzF3u6sYKJ598fevhh0qR/lu96cY97sbsxHR30l7p/xh6f6398GKn04/WXx1f+G1UWOi1N/5snupuTHZCi4Oxkv3WspbFH9VIr9MS3H9PCd3fiD7i28vi/o/N8ZcPkqtvblpL9zC1/WN7w5/+/O6k1xMbOQKjtYpPu4/QwAAAAAAAAAAAAAAAAAAQO777dOeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMz/X7/y+LJCLyneFFOXKdZOTg42lfIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/BcAAP//S4aJvQ==") mkdir(&(0x7f0000000000)='./control\x00', 0x0) rmdir(&(0x7f0000000100)='./control\x00') 2.056008397s ago: executing program 5 (id=1979): syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file6\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaa6, &(0x7f0000001100)="$eJzs3U2MW0cBAOCxd73JJilxSkKXNLQJhbb8dNNslvATQVIlQiJqKsSlUsUlStMSEYJEkYCqEklO3GhVBYkTP+LUS1UQEr2gqCculWikCqmnwoEDURCVOEAgcRXvjNee2H22s+tnx98njcfz5j3PvOfn5/c7E4CpVW2+Li8vVEK4+PrLR//x4N/nbw451Bqj3nydbUvVQgiVmJ7NPu/dmZX4+nsvnOwWV8JS8zWlwxNXW9NuDiGcC7vDpVAPOy9efunNpcePnz92Yc9brxy8sj5zDwAA0+Xrlw4u7/jrn+/ddu3V+w6HDa3haf+8HtNb4n7/4bjjn/b/q6EzXWkL7eay8WZjqM53jjfTZbz2cmrZeLM9yp/Lyq/1GG9D+ODyZ9qGdZtvmGRpPa6HSnWxI12tLi6uHJOH5nH9XGXx7OkzzzxXUkWBNffv+0MIu9vCkQud6XELh8agDkOGxhjUYSLD4dGVda2xovR5HlFobC17CwSwIr9eeItz+ZmF29P6tNn+yr/6WLX79LAGRr3+D1T+XMnlB+X/5rwtDmvnTl2b0nyl39GWmM6vI+T3L/X+/eVXOjqH5tcjan3Ws9d1hEm5vtCrnjMjrsewetU/Xy/uVF+OcVoOX8ny238/+Xc6Kd8x0N1/8vP/giCMdwgd6drtfFaj5O0PML7y++Ya6fpolN/Xl+dvKMjfWJA/X5C/qSB/c0E+TLPfff+n4cXK6nF+fkw/6PnwdJ7trhh/aMD65OcjBy0/v+93ULdbfn4/MYyzP5x48tQXnn7q8sr9/5XW+n8jru/pcKMef1uX4gjpfGF+Xr1173+9s5xqj/HuzupzV5fxm++3d45X2b76OaFtO3NLPRY6p9vaa7xdnePVs/HmY9iY1TffP9mUTZf2P9J2NS2v2Wx+a9l8zGX1SNuVbTHO6wHDSOtjr/v/0/q5EGqVZ06fOfVoTKf19E8ztQ03h+8bcb2B29fv8z8LofP5ny2t4bVq+3Zh6+rwysp24bX4eZ3Dl1rldA7fH9Ppf+5bM/PN4Ysnv3vm6bWffZhqz/3o+W+fOHPm1Pe8GfrNV8ejGoO8SYct41Ifb8buTckbJmDd7f3xyk7AI6e/c+LZU8+eOrv/wIH9S0sHvrh/eW9zv35v+959u3Ml1BZYS6t/+mXXBAAAAAAAAAAAAOjXD44dvfz2G59/Z+X5/9Xn/9Lz/+nO3/T8/0+y5//z5+TTc/DpOcBtXfKb42QNrM5l49Vi+HBW3+1ZOTuy6T4S41Y/fvH5/1Rc3q5rqs892fBaj2TWnMAt7aXMZW2Q5P0FfjzGF2L86wAlqsx3Hxzjovat07qe2qdoa5eioX3gyZG+t7Q2pHZM0vPfXdt1avuyt42gjqy9UTxOWPY8At39c6ra//7X6oyXXhehd5gdbXk/n951otFzL73fHmwA1kbZ/X+m854pPvvHr228GdJoVx/r3F7m7ZfCIP7ydmd63PufXO/y8377Rl1+2fM/6v4/W/3f9b39y3rMqw9X7n9/ceWdtmLDzn7Lz+c/tQO9fbDyr8Xy09w8FPorv/GrrPz8glCf/peVv6nP8m+Z/13Dlf//WH5abA8/0G/5KzWuVDvrkZ83Ttf/8vPGyfVs/lPbnh9Q/jee7zb/Q3bUeCOWD9NsUvqZHVS2H9HaaR++/9/o3Nr2/9uqbLZZy+/D+FxMpw1xus8h7+9k0Pqn+yvS/8CO7PMrBf9v+v+dbF+KcdHvIfX/m9bHevzLb0s3l2VK17os2zt1WwOT6t2puv43EWHjGNRB6D80ZoaYrtVPXMn1bzQa63tCq0CphVP68i/7OKHs8ste/kXy/n/zffi8/988P+//N8/P+//N8+fjN9QrP+//N1+eef+/ef492efm/QMvFOR/tCB/Z/f81mH7vQXT7yrI/1hB/p5W/qGOMVL+fQXT31+Qf3dB/gMF+Z8oyP9kQf6DBfkPt+W39wGd8j9VMP2dLj2PMq3zD9Msfz7P7x+mR7r+0+v3v70gH5hcP3t135GnfvvN+srz/3Ot8yHpOt7hmK7F46cfxnR+3Tu0pW/mvRHTf8vyx/18B0yTvP2M/P/9oYJ8YHKl+7z8vmEKVTZ2Hxzjonareu3nM1k+HePPxPizMX4kxosx3hvjfTFeGlH9WB9HXvv9wRcrq8f7W7P8fu8nz58H6mgnKoSwv8/65OcHBr2fPW/Hb1C3W/6Qj4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUptp8XV5eqIRw8fWXjz55/PTem0MOtcaoN19n21K11nQhPBrjmRj/Mr65/t4LJ9vjGzGuhKVQCZXW8PDE1VZJm0MI58LucCnUw86Ll196c+nx4+ePXdjz1isHr6zfEgAAAIA73/sBAAD//weuDxQ=") r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000680)={0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x2401}) 2.004690754s ago: executing program 0 (id=1980): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f00000003c0)={[{@iocharset={'iocharset', 0x3d, 'cp874'}}, {@dmask={'dmask', 0x3d, 0xaf}}, {@gid}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@iocharset={'iocharset', 0x3d, 'cp862'}}, {@fmask={'fmask', 0x3d, 0x106}}, {@fmask={'fmask', 0x3d, 0x9}}, {@fmask={'fmask', 0x3d, 0x6}}, {@fmask={'fmask', 0x3d, 0x7}}]}, 0x1, 0x1524, &(0x7f0000002080)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+Xw+JCRJkyQhOSXrf0342+3a3977233bd31z/67ruaz7Xc+9nvW89/u8z8HMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5uHJxWf05JSb9exthf65HUq/2DNjVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2ebpBa/nJfsu/Pw/O+Pz//8hmaXHfrW29I1dAWL+2RSuf/bG9f8/K/hnVuL6Z29c/+wq9mpPgP0vwMd/dpDj7/Zw/bM3rj9j2dnVfv58tReIZO/34Gp//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC63r/a8GGOMMcYYY4wx9ufxOa72DBhjjDHGGGOMMfY/D0GABAUBxEAOiIWckAsEAFwLeeA6iMD1EAc3QF64EfJBfigABSEeCkFh0GAgBghCKAJFIQo3QTG4GYpDCSgJpcBBaUiAW6AM3Apl4TYoB7dDebgDKkBFqASV4U6oAndBVbgbqsE9UB1qQE2oBfdCbbgP6sD9UBcegHrwINSHh6ABPAwN4RFoBI9CY3gMmsDj0BSaQXNoAS3/W/kvQQ94GXpCL0iC3tAHXoG+0A/6wwAYCK/CIHgNBsPrkAxDYCi8AcPgTRgOb8EIGAmj4G0YDe/AGBgL42A8pMAEmAjvwiR4DybDFJgK0yAVpsMMeB9mwiyYDR/AHPgQ5sI8mA8LIA0+goWwCNLhY1gMn0AGLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJn8Iu+Ax2wx7YC5/DPvjiX8w//Tf5XREQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwL+bFfJgPC2ABjMd4LIyF0aBBQsIiWASjGMViWAyLY3EsiSXRocMETMAyeCuWxbJYDstheSyPFbAiVsTKWBmrYBWsilWxGlbD6lgda2JNvBfvxd5YB+tgXayL9bDe5cdT2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJ2AE7YEfsiJ2wE3bGztgFu2BX7IbdMl/KAfgyvoy9sLrojX2wD/bF5Bz9cQAOwFdxEL6Gr+HrmIxDcCi+gW/gmzgcT+EIHImjcBRWEe/gGByLJMZjCqbgRJyIk3ASTsYpOAWnYSpOxxk4A2fiLJyFH+Ac/BA/xHk4DxdgGqbhQlyE6ZiOi/E0ZuASXIrLcDmuwOW4ClfjKlyL63AtbsANuAk34RbcgttwG+7AHfgpKgD8DPfgHkzGfbgP9+N+PIAH8CAexEzMxEN4CA/jYTyCR/AoHsVjeBxP4HE8iSfxFJ7GM3gGz+E5PI8vxH/T6NMSa5JBZFFCiRgRI2JFrMglconcIrfII/KIiIiIOBEn8oq8Ip/IJwqIAiJexIvCorAwwggSYQwAiKiIimKimCguiouSoqRwwokEkSDKiDKirCgryonbRXlxh6ggKoo2rrKoLKqItq6quFtUE9VEdVFD1BS1RC1RW9QWdUQdUVfUFfVEPVFfPCQaiN7YHx8RWZVpLIZgEzEUm4pmQl76BmslhmNr0Ua0FU+JkTgC24tWLlE8KzqIMdhR/EWMxedFZzEeu4gXRVfRTXQXL4keorXrKXqJydhb9BHTsK/oJ/qLAWIm1hAf4JycNcXrIlkMEUPFG2IBvimGi7fECDFSjBJvi9HiHTFGjBXjxHiRIiaIieJdMUm8JyaLKWKqmCZSxXQxQ7wvZopZYrb4QMwRH4q5Yp6YLxaINPGRWCgWiXTxsVgsPhEZYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih9gpPhW7xGdit9gj9orPxT7xhdgvvhQHxFfioPhaZIpvxCHxrTgsvhNHxPfiqPhBHBPHxQnxozgpfhKnxGlxRpwV58TP4rz4RVwQXoBEKaSUSgYyRuaQsTKnzCWvkbllcOndvV7GyRtkXnmjzCfzywKyoIyXhWRhqaWRVpIMZRFZVEblTbKYvFkWlyVkSVlKOllaJshbZBl5qywrb5Pl5O2yvLxDVpAVZSVZWd4pq8i7JEQubqO6rCFrylryXpkE98k68n5ZVz4g68kHZX35kGwgH5YN5SOykXxUNpaPySbycdlUNpPNZQvZUj4hW8knZWvZRraVT8l28mnZXj4jE+WzsoP0lz4iz8vO8gXZRb4ou8pusrv8RV6QXvaUvST0BtlHviL7yn6yvxwgB8pX5SD5mhwsX5fJcogcKt+Qw+Sbcrh8S46QI+Uo+bYcLd+RY+RYOU6Olylygpwo35WT5Htyspwip8ppMlVOl/0vjTRbyn+Y/+4f5A/+deub5Ga5RW6V2+R2uUPulJ/KXXKX3C13y71yr9wn98n9cr88IA/Ig/KgzJSZ8pA8JA/Lw/KIPCKPyqPymDwuz8of5Un5kzwlT8vT8qw8J8/J85feA1CohJJKqUDFqBwqVuVUudQ1Kre6VuVR16mIul7FqRtUXnWjyqfyqwKqoIpXhVRhpZVRVpEKVRFVVEXVTXjpA6NKqlLKqdIqQd3yr+SrYupmVVyV+E3+5fkl/Z35tVQtVSvVSrVWrVVb1Va1U+1Ue9VeJapE1UF1UB1VR9VJdVKdVWfVRXVRXVVX1V11Vz1UD9VT9VRJKkn1Ua+ovqqf6q8GqIHqVTVIDVKD1WCVrJLVUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVIpKURPVRDVJTVKT1WQ1VU1VqSpVzVAz1Ew1U81Ws9UcNUfNVXPVfDVfpak0tVAtVOkqXS1Wi1WGWqKWqGVqmVqhVqhVapVao9aodWqd2qA2qAy1WW1WW9VWtV1tVzvVTrVL7VK71W61V+1V+9Q+tV/tVwfUAXVQHVSZKlMdUofUYXVYHVFH1FF1VB1Tx9QJdUKdVCfVKXVKnVFn1Dl1Tp1X59UFdSHrsi8QgQhUkHWmjQlig9ggV5AryB3kDvIEeYJIEAnigrggb3BjkC/IHxQICgbxQaGgcKADE9hAXCp6NLgpKBbcHBQPSgQlg1KBC0oHCcEtQZng1qBscFtQLrg9KB/cEVQIKgaVgsrBnUGV4K6ganB3UC24J6ge1AhqBrWCe4PawX1BneD+oG7wQFAveDCoHzwUNAgeDhoGjwSNgkeDxsFjQZPg8aBp0CxoHrQIWv6p43t/Kv+TrqfupZN0b91Hv6L76n66vx6gB+pX9SD9mh6sX9fJeogeqt/Qw/Sberh+S4/QI/Uo/bYerd/RY/RYPU6P1yl6gp6o39WT9Ht6sp6ip+ppOlVP1zP0+3qmnqVn6w/0HP2hnqvn6fl6gU7TH+mFepFO1x/rxfoTnaGX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepvernfonfpTvUt/pnfrPXqv/lzv01/o/fpLfUB/pQ/qr3Wm/kYf0t/qw/o7fUR/r4/qH/QxfVyf0D/qk/onfUqf1mf0WX1O/6zP61/0Be2zLu6zTu9GGWViTIyJNbEml8llcpvcJo/JYyImYuJMnMlr8pp8Jp8pYAqYeBNvCpvCJgsZMkVMERM1UVPMFDPFTXFT0pQ0zjiTYBJMGVPGlDVlTTlTzpQ35U0FU8FUMpXMneZOc5e5y9xt7jb3mHtMDVPD1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDfNTUvT0rQyrUxr09q0NW1NO9POtDftTaJJNB1MB9PRdDSdTCfT2XQ2XUwX09V0Nd1Nd9PD9DA9TU+TZJJMH9PH9DV9TX/T3ww0A80gM8gMNoNNskk2Q81QM8wMM8PNcDPCjDSjsg4f844ZY8aacWa8STEpZqKZaCaZSWaymWymmqkm1aSaGWaGmWlmmtlmtplj5pi5Zq6Zb+abNJNmFpqFJt2km8VmsckwGWapWWqWm+VmpVlpVpvVZq1Za9bDerPRbDSbzWaz1Ww12812s9PsNLvMLrPb7DZ7zV6zz+wz+81+c8AcMAfNQZNpMs0hc8gcNofNEXPEHDVHzTFzzJwwJ8xJc9KcMqfMGXPGnDP5L50vvYm1OW0ue43Nba+1eex19m/jAragjbeFbGGrbT6b/zexsdYWtyVsSVvKOlvaJthbfhdXsBVtJVvZ3mmr2Lts1d/Fte19to6939a1D9ha9t7fxPXsg7a+fcw2QASwzWwj28I2to/ZJvZx29Q2s81tC9vOPm3b22dson3WdrDP/S5eaBfZ1XaNXWvX2d12jz1jz9rD9jt7zv5se9pedqB91Q6yr9nB9nWbbIf8Lh5l37aj7Tt2jB1rx9nxv4un2mk21U63M+z7dqad9bs4zX5k59h0O9fOs/Ptgl/jrDml24/tYvuJzbABLLXL7HK7wq60q/7/XJfZDXaj3WR32c/sVrvNbrc77M7LF8J2j91rP7f77Bf2kP3WHrBf2YP2iM203/waZ+3fEfu9PWp/sMfscXvC/mhP2p/U5eysff/R/mIvWG+BkIAkKQoohnJQLOWkXHQN5aZrKQ9dRxG6nuLoBspLN1I+yk8FqCDFUyEqTJoMWSIKqQgVpSjdRJenV5JKkaPSlEC3UBm6lcrSbVSObqfydAdVoIpUiSrTnVSF7qKqdDdVo3uoOtWgmlSL7qXadB/VofupLjxA9ehBqk8PUQN6mBrSI9SIHqXG9Bg1ocepKTWj5tSCWtIT1IqepNbUhtrSU9SOnqb29Awl0rPUgZ6jjvQX6kTPU2d6gbrQi9SVulF3eol60MvUk3pREvWmPvQK9aV+1J8G0EB6lQbRazSYXqdkGkJD6Q0aRm/ScHqLRtBIGkVv02h6h8bQWBpH4ymFJtBEepcm0Xs0mabQVJpGqTSdZtD7NJNm0Wz6gObQhzSX5tF8WkBp9BEtpEWUTh/TYvqEMmgJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQTvqUdtFntJv20F76nPbRF7SfvqQD9BUdpK8pk76hQ/QtHabv6Ah973vRD3SMjtMJ+pFO0k90ik7TGTpL5+hnOk+/0AXyBCGGIpShCoMwJswRxoY5w1zhNWHu8NowT3hdGAmvD+PCG8K84Y1hvjB/WCAsGMaHhcLCoQ5NaEMKw7BIWDSMhjeFxcKbw+JhibBkWCp0YekwIbwlLBPeGpYNbwvLhbeH5cM7wgphxfCxByqHd4ZVwrvCquHdYbXwnrB6WCOsGdYK7w1rh/eFdcL7w7rhA2HZ8MGwfvhQ2CB8OGwYPhI2Ch8NG4ePhU3Cx8OmYbOwedgibBk+EbYKnwxbh23CtuFTYbvw6bB9+EyYGD4bdgif+7X/wUV/vz8p7B32CV8JXwm9v1/Ojy6IpkU/ii6MLoqmRz+OLo5+Es2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel8rBzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qLuJlfM3eyKuxKupCvlnCvtElwL19K1dK3ck661a+PauqfcU+5p97R7xj3jnnUd3HOuo/uL6+Sed53dC+4F96Lr6rq57u4l18NNyHPxmExyfVwf19f1df1dfzfQDXSD3CA32A12yS7ZDXVD3TA3zA13w90IN8KNcqPcaDfajXFj3Dg3zqW4FDfRTXST3CQ32U12U91Ul+pS3Qw3w810M12VWRe3MtfNdfPdfJfm0txCl3XNmO4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f66i4O6fW6/2+8OuAPuoPvaZbpv3CH3rTvsvnNH3PfuqPvBHXPH3Qn3ozvpfnKn3Gl3xp1159zP7rz7xV1w3qVEJkQmRt6NTIq8F5kcmRKZGpkWSY1Mj8yIvB+ZGZkVmR35IDIn8mFkbmReZH5kQSQt8lFkYWRRJD3ycWRx5JNIRmRJZGlkWWR5ZEXE+0JbQ1/EF/VRf5Mv5m/2xX0JX9KX8s6X9gn+Fl/G3+rL+tt8OX+7L+/v8BV8RV/JP+6b+ma+uW/hW/onfCv/pG/t2/i2/infzj/t2/tnfKJ/1nfwz/mO/i++k3/ed/Yv+C7+Rd/Vd/Pd/Uu+h3/Z9/S9fJLv7fv4V3xf38/39wP8QP+qH+Rf84P96z7ZD/FD/Rt+mH/TD/dv+RF+pB8V87YfffkWGcb7FD/BT/Tv+kn+PbjbT/FT/TSf6qf7Gf59P9PP8rP9B36O/9DP9fP8fL/Ap/mP/EK/yKf7j/1i/4nP8EsuP1T2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9p36X/8zv9nv8Xv+53+e/8Pv9l/6A/8of9F/7TP+NP+S/9Yf9d/6I/94f9T/4Y/64P+F/9Cf9T/6UP+3P+LP+nP/Zn/e/+Av8O2uMMcYYY/+UCVea4rc9Fx/n9/6DHPFXK/cBgGu3Fcz86/6sK8r1+S62+4n4dhEAeLZXl0cuL9WrJyUlXVo3Q0JQdB7A5f8JyhIDV+Il0BaehkRoA2X+cP79RLdz9A/Gj94OkOuvcmLhSnxl/C8BMOkPxn/iqVELy4dn4v6L8ecBFC96JScnXImXQNtfn6+0gbJ/Z/75W/2D+ef8KgWg9V/l5IYr8ZX5J8CT8Bwk/mZNxhhjjDHGGGPson6iUqfL95+Xf+Lzj+7P49WVnBxwJf5H9+eMMcYYY4wxxhi7+p7v1v2ZJxIT23T61xtV/1tZ/3SjCfxPjcyNP2x4D3D5FQUA/+aAAFkN+Z/ciy3/kW0lXzp0/rZr+VkfwP+OUv4Zjav8xcQYY4wxxhj701256P/t6+pqTYgxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/Tuxq7yNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//8BsgGO") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 1.853897886s ago: executing program 1 (id=1981): syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @loopback, @local}}}}}}, 0x0) r0 = socket$kcm(0xa, 0x2, 0x73) sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0xffac, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x8, &(0x7f0000001d00)=ANY=[@ANYBLOB="1400000000000000010000002500000002010000000000004800000000000000080000000797dbc64107b42c556567f2219787566400007300000000000000000000000008000000ef3820f3439cb150a3651e799ef4dca1e3c32158996e4b2abde5f2ba8b679121ac0b0ad62ade31fb2c47f0bbf781eb8bd1e3064141e90e9eac25b189c0da98b676571bbeefba392c3e15a10e03dee4ae1dfe99793e51ec0c6bb5fa6d7b357d249502f5919ef251e5d0e5bed378265b8bd55fde4689cb509b14fa754813a27e72d175e8d677420e10d65108006e2ab8168b1d633b1bb9a7d4d59ebdc7083d93d35cd469deb0d81d7adee2ef7c2f058c2c262b97ecbfb32fe3e3ffcdf7b5c24d0ab0a7ae9e6be6c115c5663dd864d655a7babdcf8315dc29b6f18539abf1422502d7d53ce861d8a07dbb00c5a94e0186689f988628a0986d8f0419924348a32be8950099b4718e6109b9eed9e5b3e8ff86d22cf39479b26cc3e977df19f757432bf055090461", @ANYRES32=0x0, @ANYBLOB="e1212f0409000000e70bcf35ac837225dd355ad309a5ec6096633ba38e1ef5baf006020e5f45c993cb5680017c6720bea9b7c451516a8cff7f00000000000019f20b784b2336d43c8a0f7347801a596dfb0b078a967980ccec1d115c7a0000000000000000000000fed6260fdf140498f1274bc569d0d87656d0d18d903580f0ec0915e89bd286b2c25165043f6a001d53f84eaabf01cc310ff28c7c76867ce1a2c9c91b1db7295614e2a4f8711ec37ae999180cb5bbb9c5382120076e117539d423a2ec0f468db35960831f5f883472327697495b8e8ba8e2f3defbe93e1fc733b06dfc74890a3f63b154e9681d69cdd9894c914ee45c286462888ff84e401a6d8895ffda88a171b7359f815d7b6f7562fba1bbff4cba08f7a3f582d7c604013317281c5e9a8e88b66a4717b3c318f85aecbe8b5f3485f8d31bf5a57b9dd53b382ec017a33d1fabe09daf76b3b0"], 0x6b}, 0x0) 1.818791454s ago: executing program 5 (id=1982): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_FLUSH(r0, 0x0, 0xd1, &(0x7f0000000000)=0x3, 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x4, 0x3f, 0x3202, @vifc_lcl_addr=@private=0xa010101, @private=0xa010101}, 0x10) 1.794588672s ago: executing program 0 (id=1983): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x2}}}, 0x10) 1.697390938s ago: executing program 1 (id=1984): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x3a, &(0x7f0000000480)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@generic={0x3, 0x2}]}}}}}}}, 0x0) 1.655464743s ago: executing program 5 (id=1985): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = gettid() sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, 0x41, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@typed={0x8, 0x1, 0x0, 0x0, @pid=r1}]}, 0x1c}}, 0x0) 1.648501327s ago: executing program 0 (id=1986): syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a"], 0xd) syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="042c1101c800000000000000000000000000000276e92be46cb4b048789e1eff4539e87b6bfb1fc6b7b85198f1ac5a68bdfb2e42474e6586935e56ee8bcc2b0862303fbda9aa452269363c34"], 0x14) unshare(0x40040000) 1.526885217s ago: executing program 5 (id=1987): r0 = syz_io_uring_setup(0xd79, &(0x7f00000035c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000003580)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x27}) io_uring_enter(r0, 0x291c, 0x0, 0x0, 0x0, 0x0) 1.393562549s ago: executing program 1 (id=1988): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)={0x64, r1, 0x1, 0x0, 0x0, {0x36}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2000}}}]}, 0x64}}, 0x0) 1.387608448s ago: executing program 3 (id=1989): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0) write$vga_arbiter(r0, &(0x7f0000000340)=@other={'lock', ' ', 'io'}, 0x8) write$vga_arbiter(r0, &(0x7f0000000080)=@other={'unlock', ' ', 'io+mem'}, 0xe) 1.317827152s ago: executing program 5 (id=1990): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000200), r0) sendmsg$NFC_CMD_DEV_DOWN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r1, 0x1}, 0x14}}, 0x0) 1.242719754s ago: executing program 0 (id=1991): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0) r1 = dup(r0) fallocate(r1, 0x11, 0x0, 0x50000) 1.153067328s ago: executing program 2 (id=1992): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') getdents(r0, &(0x7f00000004c0)=""/4096, 0x1000) getdents(r0, 0x0, 0x0) 1.065332488s ago: executing program 1 (id=1993): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xe10, 0x870, 0x1, 0x1, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x3, 0x8, 0x2800, 0x6, 0x2, 0xba2, 0xc, 0x30, {0x8, 0xffffffff}, 0xd0, 0x9}}) 1.045911025s ago: executing program 5 (id=1994): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="74010000", @ANYRES16=r1, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003000100000028000200060001000a00000014000200ff010000000000000000000000000001050003000300000028000080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0) 1.009006152s ago: executing program 3 (id=1995): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000030000005800018044000400200001000a0000000000000000000000000000000000000000002d0100000000200002000a00000000000000fe8000000000000000000000000000bb000000000d0001007564703a73"], 0x6c}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 835.109298ms ago: executing program 1 (id=1996): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000004c0), r0) sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010000000000000000002400000008000200", @ANYRES32=r0], 0x1c}}, 0x0) 798.326129ms ago: executing program 2 (id=1997): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r0, &(0x7f0000000240)={0x0, 0xfffffe90, &(0x7f0000000000)={&(0x7f0000004840)={0x38, r1, 0x731, 0x0, 0x0, {0x2e}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x73}}}]}, 0x38}, 0x1, 0x2}, 0x0) 87.222991ms ago: executing program 4 (id=1998): setrlimit(0x2, &(0x7f0000000080)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000026c0)={&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0}, 0x68) prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000ffc000/0x1000)=nil) 0s ago: executing program 4 (id=1999): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="50020000", @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000080001000000000004000480080002000100000010000c7d0c000b8008000a00b4ed000004000880c8000c802400e73608000900f36aad4208000a156878badf10076800d5441e0f080009002bd49f3b0c00008008000a00697100002c000b8008000a"], 0x250}}, 0x0) kernel console output (not intermixed with test programs): ng 0 endpoint 0x81 has an invalid bInterval 33, changing to 9 [ 169.899540][ T25] usb 3-1: New USB device found, idVendor=1c4f, idProduct=0059, bcdDevice= 0.00 [ 169.912840][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.924146][ T25] usb 3-1: config 0 descriptor?? [ 169.934130][ T8075] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 169.956861][ T5285] usb 2-1: config 0 interface 0 has no altsetting 0 [ 169.963761][ T5285] usb 2-1: New USB device found, idVendor=0c70, idProduct=f00d, bcdDevice= 0.00 [ 169.974353][ T5285] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.986993][ T5285] usb 2-1: config 0 descriptor?? [ 170.054629][ T8082] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 170.057904][ T8109] loop0: detected capacity change from 0 to 4096 [ 170.138346][ T8082] (syz.3.984,8082,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 170.151942][ T5231] syz-executor: attempt to access beyond end of device [ 170.151942][ T5231] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 170.184473][ T5231] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 170.364509][ T8109] ntfs3: loop0: failed to convert "0080" to macromanian [ 170.413030][ T25] sigmamicro 0003:1C4F:0059.001E: hidraw0: USB HID v0.00 Device [HID 1c4f:0059] on usb-dummy_hcd.2-1/input0 [ 170.420682][ T5243] ocfs2: Unmounting device (7,3) on (node local) [ 170.455051][ T8109] ntfs3: loop0: failed to convert name for inode 1e. [ 170.497656][ T5285] aquacomputer_d5next 0003:0C70:F00D.001F: hidraw1: USB HID v0.03 Device [HID 0c70:f00d] on usb-dummy_hcd.1-1/input0 [ 170.642734][ T8] usb 3-1: USB disconnect, device number 9 [ 170.817747][ T8117] netlink: 'syz.4.999': attribute type 58 has an invalid length. [ 170.872050][ T5285] usb 2-1: USB disconnect, device number 7 [ 171.573201][ T5285] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 171.732959][ T5285] usb 3-1: Using ep0 maxpacket: 16 [ 171.740298][ T5285] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 171.769512][ T5285] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 171.798668][ T5285] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 171.832634][ T5285] usb 3-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00 [ 171.859140][ T5285] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.871191][ T8148] loop5: detected capacity change from 0 to 256 [ 171.881392][ T5285] usb 3-1: config 0 descriptor?? [ 171.898974][ T8120] loop3: detected capacity change from 0 to 32768 [ 171.948250][ T8120] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 171.963425][ T8155] loop4: detected capacity change from 0 to 256 [ 171.998660][ T8155] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 172.088230][ T8120] XFS (loop3): Ending clean mount [ 172.179842][ T8155] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 172.213301][ T8155] exFAT-fs (loop4): Filesystem has been set read-only [ 172.220120][ T8155] exFAT-fs (loop4): error, failed to bmap (inode : ffff88807a2794e8 iblock : 8, err : -5) [ 172.254691][ T8155] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 172.264386][ T5243] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 172.344745][ T5285] kye 0003:0458:0087.0020: unknown main item tag 0x0 [ 172.403148][ T5285] kye 0003:0458:0087.0020: hidraw0: USB HID v0.00 Device [HID 0458:0087] on usb-dummy_hcd.2-1/input0 [ 172.536610][ T5285] usb 3-1: USB disconnect, device number 10 [ 172.909679][ T8173] loop1: detected capacity change from 0 to 4096 [ 172.929347][ T8173] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 172.981240][ T8173] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 173.208981][ T5393] ntfs3: loop1: ino=1a, ntfs_sync_fs failed, -22. [ 173.527686][ T8174] loop3: detected capacity change from 0 to 32768 [ 173.535057][ T8174] XFS: noikeep mount option is deprecated. [ 173.578727][ T8168] loop5: detected capacity change from 0 to 32768 [ 173.644372][ T8168] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1019 (8168) [ 173.697521][ T8168] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 173.728071][ T8174] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 173.753094][ T8168] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 173.762042][ T8168] BTRFS info (device loop5): using free-space-tree [ 173.944530][ T8174] XFS (loop3): Ending clean mount [ 173.961080][ T8174] XFS (loop3): Quotacheck needed: Please wait. [ 174.019545][ T8220] loop0: detected capacity change from 0 to 64 [ 174.201694][ T8174] XFS (loop3): Quotacheck: Done. [ 174.351801][ T8229] loop4: detected capacity change from 0 to 256 [ 174.376181][ T5231] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 174.420936][ T8229] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 174.470467][ T5243] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 174.565842][ T8232] loop1: detected capacity change from 0 to 64 [ 174.713436][ T8235] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1037'. [ 174.731822][ T8197] loop2: detected capacity change from 0 to 32768 [ 174.761789][ T8235] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1037'. [ 174.802942][ T8197] ERROR: (device loop2): dtSearch: stack overrun! [ 174.802942][ T8197] [ 174.864290][ T8197] ERROR: (device loop2): remounting filesystem as read-only [ 174.908416][ T8197] btstack dump: [ 174.938488][ T8197] bn = 0, index = 0 [ 174.963792][ T8197] bn = 0, index = 0 [ 175.020152][ T8197] bn = 0, index = 0 [ 175.042279][ T8197] bn = 0, index = 0 [ 175.052303][ T8197] bn = 0, index = 0 [ 175.081068][ T8197] bn = 0, index = 0 [ 175.090399][ T8197] bn = 0, index = 0 [ 175.117322][ T8197] bn = 0, index = 0 [ 175.121570][ T8197] jfs_lookup: dtSearch returned -5 [ 175.169492][ T8237] ERROR: (device loop2): dtSearch: stack overrun! [ 175.169492][ T8237] [ 175.200546][ T8237] btstack dump: [ 175.208203][ T8237] bn = 0, index = 0 [ 175.242586][ T8237] bn = 0, index = 0 [ 175.252811][ T8237] bn = 0, index = 0 [ 175.256656][ T8237] bn = 0, index = 0 [ 175.278896][ T8237] bn = 0, index = 0 [ 175.289016][ T8237] bn = 0, index = 0 [ 175.306960][ T8237] bn = 0, index = 0 [ 175.317083][ T8237] bn = 0, index = 0 [ 175.320952][ T8237] jfs_lookup: dtSearch returned -5 [ 175.523493][ T8257] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 176.138376][ T8275] loop2: detected capacity change from 0 to 512 [ 176.282907][ T8280] mmap: syz.1.1058 (8280) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 176.360557][ T8286] loop5: detected capacity change from 0 to 256 [ 176.372065][ T8251] loop3: detected capacity change from 0 to 32768 [ 176.389438][ T8286] exfat: Deprecated parameter 'utf8' [ 176.410049][ T8251] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1045 (8251) [ 176.438208][ T8286] exfat: Deprecated parameter 'utf8' [ 176.445563][ T8275] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 176.482071][ T8275] EXT4-fs (loop2): 1 truncate cleaned up [ 176.488964][ T8275] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.502175][ T8286] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 176.524202][ T8251] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 176.559421][ T8251] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 176.596223][ T8275] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 176.612294][ T8251] BTRFS info (device loop3): using free-space-tree [ 176.662991][ T8294] netlink: 'syz.0.1064': attribute type 29 has an invalid length. [ 176.672076][ T5227] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.743678][ T8294] netlink: 'syz.0.1064': attribute type 29 has an invalid length. [ 176.879228][ T8309] loop1: detected capacity change from 0 to 1024 [ 176.922723][ T8309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.969858][ T8309] EXT4-fs error (device loop1): ext4_lookup:1813: comm syz.1.1068: inode #12: comm syz.1.1068: iget: illegal inode # [ 177.018773][ T8309] EXT4-fs (loop1): Remounting filesystem read-only [ 177.122413][ T5393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.296453][ T5243] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 177.368854][ T8325] netlink: 'syz.1.1070': attribute type 10 has an invalid length. [ 177.847251][ T8337] loop3: detected capacity change from 0 to 1024 [ 178.202897][ T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 178.349432][ T8335] loop4: detected capacity change from 0 to 32768 [ 178.396420][ T25] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 178.436114][ T8335] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 178.453057][ T25] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 178.464040][ T25] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 178.473446][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.495486][ T8339] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 178.510135][ T25] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 178.648316][ T8335] XFS (loop4): Ending clean mount [ 178.658336][ T8335] XFS (loop4): Quotacheck needed: Please wait. [ 178.762366][ T25] usb 2-1: USB disconnect, device number 8 [ 178.777775][ T8335] XFS (loop4): Quotacheck: Done. [ 178.855442][ T8364] can0: slcan on ptm0. [ 178.868416][ T5222] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 179.003593][ T8362] can0 (unregistered): slcan off ptm0. [ 179.270006][ T8372] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1087'. [ 179.722369][ T8387] loop3: detected capacity change from 0 to 128 [ 179.760224][ T8391] netlink: 'syz.1.1091': attribute type 153 has an invalid length. [ 179.867088][ T8367] loop2: detected capacity change from 0 to 32768 [ 179.875591][ T8367] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1085 (8367) [ 179.904857][ T8367] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 179.947233][ T8367] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 179.960890][ T8367] BTRFS info (device loop2): using free-space-tree [ 179.995415][ T8407] loop3: detected capacity change from 0 to 512 [ 180.085608][ T8407] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 180.109635][ T8410] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1097'. [ 180.229015][ T8417] loop1: detected capacity change from 0 to 64 [ 180.617986][ T8407] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c198, mo2=0002] [ 180.633075][ T8407] System zones: 1-12 [ 180.640837][ T8407] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1094: corrupted in-inode xattr: e_value size too large [ 180.753063][ T8407] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.1094: couldn't read orphan inode 15 (err -117) [ 181.023253][ T8407] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 181.214720][ T8452] loop5: detected capacity change from 0 to 40427 [ 181.225181][ T8452] F2FS-fs (loop5): Corrupted extension count (64 + 1 > 64) [ 181.232596][ T8452] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 181.322091][ T8461] loop4: detected capacity change from 0 to 512 [ 181.366622][ T5243] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.372909][ T8461] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 181.398314][ T8461] UDF-fs: Scanning with blocksize 512 failed [ 181.403648][ T5227] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 181.420468][ T8452] F2FS-fs (loop5): Found nat_bits in checkpoint [ 181.473580][ T8473] loop1: detected capacity change from 0 to 512 [ 181.482690][ T8473] EXT4-fs: Ignoring removed oldalloc option [ 181.501553][ T8461] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 181.520304][ T8461] UDF-fs: Scanning with blocksize 1024 failed [ 181.535867][ T8473] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 181.551862][ T8461] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 181.590335][ T8452] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 181.595117][ T8473] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1115: invalid indirect mapped block 2683928664 (level 1) [ 181.597723][ T8461] UDF-fs: Scanning with blocksize 2048 failed [ 181.643194][ T8452] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 181.723319][ T8473] EXT4-fs (loop1): 1 truncate cleaned up [ 181.730888][ T8473] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.770950][ T8461] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 181.814295][ T8473] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1115: Invalid block bitmap block 3 in block_group 0 [ 181.943577][ T8461] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 182.008365][ T8488] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1119'. [ 182.147466][ T8486] loop3: detected capacity change from 0 to 256 [ 182.154696][ T8486] exfat: Deprecated parameter 'utf8' [ 182.189341][ T8461] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 21) has entry at pos 172 with incorrect tag 0 [ 182.234023][ T5393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.297494][ T8486] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x0ec8ca35, utbl_chksum : 0xe619d30d) [ 182.543660][ T8496] loop4: detected capacity change from 0 to 1024 [ 182.689151][ T8504] netlink: 110 bytes leftover after parsing attributes in process `syz.5.1116'. [ 182.708230][ T8496] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 183.200011][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.212249][ T8526] warning: `syz.5.1135' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 183.235886][ T8527] loop2: detected capacity change from 0 to 256 [ 183.281879][ T8520] loop1: detected capacity change from 0 to 4096 [ 183.355297][ T8527] FAT-fs (loop2): Directory bread(block 64) failed [ 183.395599][ T8527] FAT-fs (loop2): Directory bread(block 65) failed [ 183.402616][ T8527] FAT-fs (loop2): Directory bread(block 66) failed [ 183.417316][ T29] audit: type=1800 audit(1726909531.663:36): pid=8520 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1132" name="file1" dev="loop1" ino=30 res=0 errno=0 [ 183.489638][ T8527] FAT-fs (loop2): Directory bread(block 67) failed [ 183.520380][ T8527] FAT-fs (loop2): Directory bread(block 68) failed [ 183.543004][ T8527] FAT-fs (loop2): Directory bread(block 69) failed [ 183.574979][ T8527] FAT-fs (loop2): Directory bread(block 70) failed [ 183.614507][ T8527] FAT-fs (loop2): Directory bread(block 71) failed [ 183.621330][ T8527] FAT-fs (loop2): Directory bread(block 72) failed [ 183.655029][ T8527] FAT-fs (loop2): Directory bread(block 73) failed [ 183.680832][ T8535] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check. [ 183.808540][ T8539] loop3: detected capacity change from 0 to 64 [ 184.182308][ T8529] loop0: detected capacity change from 0 to 32768 [ 184.267081][ T8552] loop3: detected capacity change from 0 to 512 [ 184.484809][ T8537] loop4: detected capacity change from 0 to 32768 [ 184.596679][ T8552] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1147: invalid indirect mapped block 256 (level 2) [ 184.672062][ T8529] XFS (loop0): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 184.690429][ T8552] EXT4-fs (loop3): 2 truncates cleaned up [ 184.699227][ T8552] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.846252][ T29] audit: type=1400 audit(1726909533.093:37): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=8576 comm="syz.2.1157" [ 184.954039][ T8529] XFS (loop0): Ending clean mount [ 185.062590][ T29] audit: type=1800 audit(1726909533.303:38): pid=8529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1138" name="file1" dev="loop0" ino=7430 res=0 errno=0 [ 185.182661][ T8590] netlink: 'syz.5.1163': attribute type 29 has an invalid length. [ 185.192212][ T8589] loop4: detected capacity change from 0 to 512 [ 185.213088][ T5221] XFS (loop0): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 185.231978][ T8589] EXT4-fs: Ignoring removed oldalloc option [ 185.232089][ T5243] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.248714][ T8590] netlink: 'syz.5.1163': attribute type 29 has an invalid length. [ 185.272210][ T8593] loop2: detected capacity change from 0 to 512 [ 185.295735][ T8589] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1158: Parent and EA inode have the same ino 15 [ 185.320944][ T8593] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 185.351761][ T8595] loop1: detected capacity change from 0 to 2048 [ 185.412690][ T8589] EXT4-fs (loop4): Remounting filesystem read-only [ 185.417621][ T8595] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 185.420695][ T8589] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2862: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 185.484906][ T8589] EXT4-fs warning (device loop4): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 185.526180][ T8589] EXT4-fs (loop4): 1 orphan inode deleted [ 185.533272][ T8593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 185.558517][ T8589] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.571720][ T8593] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 185.839387][ T5227] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.852542][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.270695][ T8624] sp0: Synchronizing with TNC [ 186.290227][ T8621] [U] è` [ 186.527841][ T8635] netlink: 'syz.1.1180': attribute type 1 has an invalid length. [ 186.562506][ T8635] netlink: 9352 bytes leftover after parsing attributes in process `syz.1.1180'. [ 186.970493][ T8653] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1191'. [ 187.153517][ T8661] RDS: rds_bind could not find a transport for fe80::1c, load rds_tcp or rds_rdma? [ 187.257041][ T8663] loop0: detected capacity change from 0 to 64 [ 187.733345][ T8682] loop3: detected capacity change from 0 to 22 [ 187.743727][ T8682] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 187.812116][ T8682] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 188.031978][ T8649] loop1: detected capacity change from 0 to 32768 [ 188.066671][ T8696] loop2: detected capacity change from 0 to 1024 [ 188.309966][ T8707] loop0: detected capacity change from 0 to 1024 [ 188.426056][ T8696] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.470207][ T8649] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 188.527620][ T8707] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 188.680852][ T5227] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.686088][ T5221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.734283][ T5285] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 188.818292][ T9] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 188.829862][ T5393] ocfs2: Unmounting device (7,1) on (node local) [ 188.843610][ T29] audit: type=1326 audit(1726909537.023:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.0.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5649b7def9 code=0x7ffc0000 [ 188.883004][ T29] audit: type=1326 audit(1726909537.023:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.0.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5649b7def9 code=0x7ffc0000 [ 188.905575][ T29] audit: type=1326 audit(1726909537.023:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.0.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f5649b7def9 code=0x7ffc0000 [ 188.924252][ T5285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.928965][ T29] audit: type=1326 audit(1726909537.033:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.0.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5649b7def9 code=0x7ffc0000 [ 188.952416][ T5285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.962049][ T29] audit: type=1326 audit(1726909537.033:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.0.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5649b7def9 code=0x7ffc0000 [ 188.962099][ T29] audit: type=1326 audit(1726909537.033:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.0.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f5649b7def9 code=0x7ffc0000 [ 188.962145][ T29] audit: type=1326 audit(1726909537.033:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.0.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5649b7def9 code=0x7ffc0000 [ 188.962190][ T29] audit: type=1326 audit(1726909537.033:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8724 comm="syz.0.1221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5649b7def9 code=0x7ffc0000 [ 189.075489][ T5285] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 189.084740][ T5285] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.109433][ T5285] usb 4-1: config 0 descriptor?? [ 189.167679][ T8730] loop2: detected capacity change from 0 to 512 [ 189.314347][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 189.324578][ T8730] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 189.339668][ T8730] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 189.350639][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 189.434780][ T9] usb 6-1: New USB device found, idVendor=0458, idProduct=501b, bcdDevice= 0.00 [ 189.484887][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.530589][ T9] usb 6-1: config 0 descriptor?? [ 189.546373][ T5227] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.728041][ T5285] hid-led 0003:27B8:01ED.0021: probe with driver hid-led failed with error -71 [ 189.764757][ T5285] usb 4-1: USB disconnect, device number 11 [ 189.987850][ T9] kye 0003:0458:501B.0022: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 190.043356][ T9] kye 0003:0458:501B.0022: hidraw0: USB HID v0.00 Device [HID 0458:501b] on usb-dummy_hcd.5-1/input0 [ 190.073218][ T9] kye 0003:0458:501B.0022: tablet-enabling feature report not found [ 190.090135][ T9] kye 0003:0458:501B.0022: tablet enabling failed [ 190.187561][ T9] usb 6-1: USB disconnect, device number 14 [ 190.607820][ T8741] loop4: detected capacity change from 0 to 40427 [ 190.629254][ T8741] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 190.647326][ T8741] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 190.656243][ T8741] F2FS-fs (loop4): heap/no_heap options were deprecated [ 190.713427][ T5242] Bluetooth: hci4: command 0x0406 tx timeout [ 190.717272][ T5230] Bluetooth: hci2: command 0x0406 tx timeout [ 190.720206][ T5233] Bluetooth: hci5: command 0x0406 tx timeout [ 190.728534][ T5230] Bluetooth: hci1: command 0x0406 tx timeout [ 190.741773][ T8741] F2FS-fs (loop4): invalid crc value [ 190.776250][ T8773] loop3: detected capacity change from 0 to 64 [ 190.823225][ T8741] F2FS-fs (loop4): Found nat_bits in checkpoint [ 190.921217][ T8741] F2FS-fs (loop4): Start checkpoint disabled! [ 190.984198][ T8775] netlink: 'syz.1.1241': attribute type 64 has an invalid length. [ 191.009738][ T8741] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 191.013108][ T8775] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1241'. [ 191.104164][ T8741] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 191.330107][ T8741] F2FS-fs (loop4): disabling checkpoint not compatible with read-only [ 191.419733][ T8795] loop5: detected capacity change from 0 to 4096 [ 191.468221][ T8795] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 191.491789][ T8797] loop1: detected capacity change from 0 to 1024 [ 191.571167][ T8797] EXT4-fs: Ignoring removed nomblk_io_submit option [ 191.676111][ T8795] ntfs3: loop5: ino=1b, "file0" failed to parse mft record [ 191.697615][ T8795] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 191.771645][ T8795] ntfs3: loop5: ino=1b, "file0" attr_set_size [ 191.888883][ T8806] loop2: detected capacity change from 0 to 1024 [ 191.932273][ T8806] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 192.178595][ T8818] netlink: zone id is out of range [ 192.192307][ T8818] netlink: zone id is out of range [ 192.213635][ T8806] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.1257: Invalid block bitmap block 0 in block_group 0 [ 192.251763][ T8806] Quota error (device loop2): write_blk: dquota write failed [ 192.266599][ T8818] netlink: zone id is out of range [ 192.271904][ T8818] netlink: zone id is out of range [ 192.277782][ T8806] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 192.300415][ T8818] netlink: zone id is out of range [ 192.311729][ T8806] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.1257: Failed to acquire dquot type 0 [ 192.345458][ T8818] netlink: zone id is out of range [ 192.360484][ T8806] EXT4-fs error (device loop2): ext4_free_blocks:6589: comm syz.2.1257: Freeing blocks not in datazone - block = 0, count = 4096 [ 192.376439][ T8818] netlink: zone id is out of range [ 192.391267][ T8818] netlink: zone id is out of range [ 192.405072][ T8806] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.1257: Invalid inode bitmap blk 0 in block_group 0 [ 192.428191][ T8818] netlink: zone id is out of range [ 192.436895][ T8818] netlink: zone id is out of range [ 192.443112][ T988] EXT4-fs error (device loop2): ext4_release_dquot:6902: comm kworker/u8:5: Failed to release dquot type 0 [ 192.468344][ T8806] EXT4-fs error (device loop2) in ext4_free_inode:360: Corrupt filesystem [ 192.515142][ T8823] loop0: detected capacity change from 0 to 2048 [ 192.540945][ T8806] EXT4-fs (loop2): 1 orphan inode deleted [ 192.586380][ T8806] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 192.642942][ T8826] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 192.657265][ T8810] loop4: detected capacity change from 0 to 40427 [ 192.675525][ T8810] F2FS-fs (loop4): invalid crc value [ 192.697033][ T8806] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 192.754457][ T5227] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.810755][ T8829] netlink: 108 bytes leftover after parsing attributes in process `syz.5.1264'. [ 192.818748][ T8810] F2FS-fs (loop4): Found nat_bits in checkpoint [ 192.860659][ T8829] netlink: 'syz.5.1264': attribute type 6 has an invalid length. [ 192.872894][ T5295] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 192.912983][ T8810] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 193.038143][ T5295] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 193.038189][ T5295] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 193.039133][ T5295] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 193.039169][ T5295] usb 4-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 193.039197][ T5295] usb 4-1: Product: syz [ 193.041163][ T5295] usb 4-1: config 0 descriptor?? [ 193.146892][ T5222] syz-executor: attempt to access beyond end of device [ 193.146892][ T5222] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 193.147103][ T5222] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 193.403069][ T8848] loop5: detected capacity change from 0 to 512 [ 193.423352][ T8848] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.1273: Invalid inode bitmap blk 4 in block_group 0 [ 193.424567][ T8848] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 193.464935][ T5295] konepure 0003:1E7D:2DB4.0023: item fetching failed at offset 10/11 [ 193.465430][ T5295] konepure 0003:1E7D:2DB4.0023: parse failed [ 193.465480][ T5295] konepure 0003:1E7D:2DB4.0023: probe with driver konepure failed with error -22 [ 193.466787][ T8848] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.1273: Invalid inode bitmap blk 4 in block_group 0 [ 193.469084][ T8848] EXT4-fs error (device loop5) in ext4_free_inode:360: Corrupt filesystem [ 193.603133][ T5231] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.715128][ T9] usb 4-1: USB disconnect, device number 12 [ 193.776932][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.787665][ T1262] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.020367][ T8867] loop0: detected capacity change from 0 to 512 [ 194.021324][ T8871] loop4: detected capacity change from 0 to 1024 [ 194.098264][ T8873] loop1: detected capacity change from 0 to 8 [ 194.124342][ T8873] unable to read inode lookup table [ 194.138318][ T8873] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 194.260782][ T8867] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 194.299174][ T8867] ext4 filesystem being mounted at /237/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 194.411902][ T68] hfsplus: b-tree write err: -5, ino 4 [ 194.434765][ T8867] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #2: comm syz.0.1280: corrupted inode contents [ 194.542994][ T8867] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #2: comm syz.0.1280: mark_inode_dirty error [ 194.610504][ T8867] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #2: comm syz.0.1280: corrupted inode contents [ 194.675565][ T8892] loop3: detected capacity change from 0 to 64 [ 194.816865][ T5221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.151880][ T8909] loop0: detected capacity change from 0 to 2048 [ 195.207936][ T8909] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 195.222909][ T9] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 195.231004][ T8909] UDF-fs: Scanning with blocksize 512 failed [ 195.284690][ T8909] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 129: 0x7d != 0x7e [ 195.327680][ T8909] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 195.426281][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 195.447539][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 195.473011][ T9] usb 6-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00 [ 195.533185][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.583972][ T9] usb 6-1: config 0 descriptor?? [ 196.036755][ T8946] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.1317'. [ 196.050874][ T8946] netlink: 18430 bytes leftover after parsing attributes in process `syz.1.1317'. [ 196.060484][ T5284] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 196.069801][ T9] input: HID 28bd:0933 Mouse as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:28BD:0933.0024/input/input24 [ 196.198968][ T8950] loop1: detected capacity change from 0 to 4096 [ 196.263242][ T5284] usb 3-1: Using ep0 maxpacket: 32 [ 196.263945][ T8950] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 196.279041][ T5284] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.322127][ T5284] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.336223][ T9] uclogic 0003:28BD:0933.0024: input,hidraw0: USB HID v5.50 Mouse [HID 28bd:0933] on usb-dummy_hcd.5-1/input0 [ 196.378899][ T5284] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 196.393261][ T8950] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 196.403263][ T9] usb 6-1: USB disconnect, device number 15 [ 196.416203][ T5284] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 196.446611][ T5284] usb 3-1: Product: syz [ 196.468013][ T5284] usb 3-1: Manufacturer: syz [ 196.547262][ T5284] hub 3-1:4.0: USB hub found [ 196.729027][ T5284] hub 3-1:4.0: 2 ports detected [ 196.779144][ T8962] loop1: detected capacity change from 0 to 1024 [ 196.890615][ T8962] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 196.940172][ T8962] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 197.135588][ T8962] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 197.145736][ T5284] hub 3-1:4.0: set hub depth failed [ 197.175303][ T5284] usb 3-1: USB disconnect, device number 11 [ 197.415175][ T5393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.912962][ T5285] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 198.172930][ T5285] usb 4-1: Using ep0 maxpacket: 16 [ 198.184970][ T5285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 198.195942][ T9011] loop2: detected capacity change from 0 to 512 [ 198.195971][ T5285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 198.212428][ T5285] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 198.225501][ T5285] usb 4-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00 [ 198.234734][ T5285] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.257327][ T5285] usb 4-1: config 0 descriptor?? [ 198.272969][ T9011] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 198.366855][ T9011] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002] [ 198.372077][ T8993] loop0: detected capacity change from 0 to 40427 [ 198.405643][ T8993] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 198.413065][ T9011] System zones: 1-12 [ 198.441803][ T9011] EXT4-fs (loop2): 1 truncate cleaned up [ 198.464439][ T8993] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 198.501465][ T9011] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.532078][ T8987] loop5: detected capacity change from 0 to 32768 [ 198.551732][ T8993] F2FS-fs (loop0): invalid crc value [ 198.619237][ T8993] F2FS-fs (loop0): Found nat_bits in checkpoint [ 198.685342][ T5285] uclogic 0003:5543:0064.0025: unknown main item tag 0x0 [ 198.704197][ T5285] uclogic 0003:5543:0064.0025: No inputs registered, leaving [ 198.722519][ T9008] loop4: detected capacity change from 0 to 32768 [ 198.730189][ T5285] uclogic 0003:5543:0064.0025: hidraw0: USB HID v0.00 Device [HID 5543:0064] on usb-dummy_hcd.3-1/input0 [ 198.755133][ T9008] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1345 (9008) [ 198.773326][ T5227] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.776734][ T8987] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 198.805699][ T9008] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 198.845268][ T9008] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 198.880623][ T9008] BTRFS info (device loop4): using free-space-tree [ 199.129127][ T5295] usb 4-1: USB disconnect, device number 13 [ 199.211548][ T8987] XFS (loop5): Ending clean mount [ 199.228512][ T8993] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 199.238934][ T8993] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 199.252106][ T8987] XFS (loop5): Quotacheck needed: Please wait. [ 199.383003][ T5285] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 199.506631][ T8987] XFS (loop5): Quotacheck: Done. [ 199.572927][ T5285] usb 2-1: config 0 has an invalid interface number: 108 but max is 0 [ 199.581162][ T5285] usb 2-1: config 0 has no interface number 0 [ 199.587792][ T5285] usb 2-1: config 0 interface 108 altsetting 231 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.599065][ T5285] usb 2-1: config 0 interface 108 altsetting 231 endpoint 0x81 has invalid wMaxPacketSize 0 [ 199.609263][ T5285] usb 2-1: config 0 interface 108 has no altsetting 0 [ 199.618559][ T5285] usb 2-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 199.627694][ T5285] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.705201][ T5285] usb 2-1: config 0 descriptor?? [ 199.719529][ T5231] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 200.117760][ T5222] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 200.246508][ T5285] uclogic 0003:5543:0522.0026: unknown main item tag 0x0 [ 200.254877][ T5285] uclogic 0003:5543:0522.0026: unknown main item tag 0x0 [ 200.276631][ T5285] uclogic 0003:5543:0522.0026: unknown main item tag 0x0 [ 200.332899][ T5285] uclogic 0003:5543:0522.0026: unknown main item tag 0x0 [ 200.340207][ T5285] uclogic 0003:5543:0522.0026: unknown main item tag 0x0 [ 200.347962][ T5285] uclogic 0003:5543:0522.0026: No inputs registered, leaving [ 200.365275][ T5285] uclogic 0003:5543:0522.0026: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.1-1/input108 [ 200.460496][ T5285] usb 2-1: USB disconnect, device number 9 [ 200.960443][ T5236] Bluetooth: hci3: command 0x0405 tx timeout [ 200.965669][ T9076] loop3: detected capacity change from 0 to 32768 [ 201.033024][ T9076] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1366 (9076) [ 201.077966][ T9088] loop2: detected capacity change from 0 to 1024 [ 201.097813][ T9076] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 201.132479][ T9076] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 201.153143][ T9076] BTRFS info (device loop3): using free-space-tree [ 201.172351][ T9091] loop0: detected capacity change from 0 to 512 [ 201.225225][ T35] hfsplus: b-tree write err: -5, ino 4 [ 201.289310][ T9105] ieee802154 phy0 wpan0: encryption failed: -22 [ 201.382541][ T9091] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 201.463629][ T9122] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 201.465013][ T9119] loop2: detected capacity change from 0 to 64 [ 201.508317][ T9091] EXT4-fs (loop0): Remounting filesystem read-only [ 201.515038][ T5238] Bluetooth: hci2: command 0x0406 tx timeout [ 201.538080][ T9091] EXT4-fs (loop0): 1 truncate cleaned up [ 201.546056][ T9091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 201.638605][ T5221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.707212][ T5243] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 201.798037][ T9131] dvmrp5: entered allmulticast mode [ 201.873695][ T9139] dvmrp5: left allmulticast mode [ 202.015853][ T9144] tmpfs: Cannot retroactively limit size [ 202.135935][ T9150] loop4: detected capacity change from 0 to 256 [ 202.189469][ T9150] FAT-fs (loop4): Directory bread(block 64) failed [ 202.204892][ T9150] FAT-fs (loop4): Directory bread(block 65) failed [ 202.211709][ T9150] FAT-fs (loop4): Directory bread(block 66) failed [ 202.312159][ T9150] FAT-fs (loop4): Directory bread(block 67) failed [ 202.363743][ T9150] FAT-fs (loop4): Directory bread(block 68) failed [ 202.370656][ T9150] FAT-fs (loop4): Directory bread(block 69) failed [ 202.420071][ T9150] FAT-fs (loop4): Directory bread(block 70) failed [ 202.435683][ T9153] loop2: detected capacity change from 0 to 16 [ 202.464589][ T9150] FAT-fs (loop4): Directory bread(block 71) failed [ 202.478597][ T9153] erofs: (device loop2): mounted with root inode @ nid 36. [ 202.486523][ T9158] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1392'. [ 202.507022][ T9150] FAT-fs (loop4): Directory bread(block 72) failed [ 202.536956][ T9150] FAT-fs (loop4): Directory bread(block 73) failed [ 202.546622][ T9159] netlink: 140 bytes leftover after parsing attributes in process `syz.1.1391'. [ 202.557873][ T9153] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 202.592873][ T9159] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1391'. [ 202.612033][ T9153] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[1851] [ 202.663617][ T9153] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 202.803084][ T9165] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1394'. [ 203.073603][ T9167] loop3: detected capacity change from 0 to 32768 [ 203.220335][ T9179] pimreg: entered allmulticast mode [ 203.228263][ T9179] pimreg: left allmulticast mode [ 203.334110][ T9167] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 203.472607][ T5243] ocfs2: Unmounting device (7,3) on (node local) [ 203.586879][ T9194] loop0: detected capacity change from 0 to 4096 [ 203.615677][ T9194] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 203.690945][ T9194] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 204.002985][ T57] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 204.019017][ T9216] loop4: detected capacity change from 0 to 512 [ 204.081077][ T9216] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.104567][ T9216] ext4 filesystem being mounted at /231/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 204.104828][ T9222] loop3: detected capacity change from 0 to 256 [ 204.173158][ T57] usb 2-1: Using ep0 maxpacket: 16 [ 204.192471][ T57] usb 2-1: config 0 interface 0 altsetting 44 endpoint 0x83 has invalid wMaxPacketSize 0 [ 204.202692][ T57] usb 2-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 204.216731][ T57] usb 2-1: config 0 interface 0 has no altsetting 0 [ 204.268411][ T57] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 204.278863][ T57] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 204.288963][ T57] usb 2-1: Product: syz [ 204.293582][ T57] usb 2-1: Manufacturer: syz [ 204.298921][ T57] usb 2-1: SerialNumber: syz [ 204.306234][ T57] usb 2-1: config 0 descriptor?? [ 204.317554][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.339191][ T9230] program syz.0.1424 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 204.352173][ T57] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input25 [ 204.492697][ T9234] loop2: detected capacity change from 0 to 512 [ 204.502956][ T5295] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 204.518821][ T9234] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.546390][ T9234] ext4 filesystem being mounted at /235/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 204.557829][ T57] usb 2-1: USB disconnect, device number 10 [ 204.684909][ T5295] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 204.713190][ T5295] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 204.750642][ T5295] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 204.769696][ T5295] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.790226][ T5227] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.801949][ T5295] usb 4-1: config 0 descriptor?? [ 204.963287][ T9248] netlink: 'syz.0.1432': attribute type 13 has an invalid length. [ 205.102959][ T57] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 205.245467][ T9258] loop0: detected capacity change from 0 to 128 [ 205.267634][ T5295] konepure 0003:1E7D:2DB4.0027: unknown main item tag 0x0 [ 205.285305][ T5295] konepure 0003:1E7D:2DB4.0027: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.3-1/input0 [ 205.297138][ T57] usb 2-1: Using ep0 maxpacket: 16 [ 205.310410][ T9258] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 205.321086][ T57] usb 2-1: config 0 interface 0 altsetting 44 endpoint 0x83 has invalid wMaxPacketSize 0 [ 205.334380][ T57] usb 2-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 205.361103][ T9258] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 205.382871][ T57] usb 2-1: config 0 interface 0 has no altsetting 0 [ 205.395975][ T9237] loop5: detected capacity change from 0 to 32768 [ 205.397805][ T57] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 205.423103][ T9237] bcachefs (/dev/loop5): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 38) overruns end of section [ 205.423103][ T9237] clean (size 2912): [ 205.423103][ T9237] flags: 0 [ 205.423103][ T9237] journal_seq: 8 [ 205.423103][ T9237] log: [ 205.423103][ T9237] usage: type=key_version v=0 [ 205.423103][ T9237] usage: type=reserved v=0 [ 205.423103][ T9237] usage: type=reserved v=0 [ 205.423103][ T9237] usage: type=reserved v=0 [ 205.423103][ T9237] usage: type=reserved v=0 [ 205.423103][ T9237] data_usage: btree: 1/1 [0]=2816 [ 205.423103][ T9237] data_usage: journal: 1/1 [0]=0 [ 205.423103][ T9237] [ 205.514495][ T57] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.522610][ T57] usb 2-1: Manufacturer:  [ 205.532136][ T5295] usb 4-1: USB disconnect, device number 14 [ 205.540433][ T9258] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:517: comm syz.0.1437: Block bitmap for bg 0 marked uninitialized [ 205.547043][ T57] usb 2-1: SerialNumber: syz [ 205.567354][ T9237] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean [ 205.600651][ T57] usb 2-1: config 0 descriptor?? [ 205.633619][ T57] input:  as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input26 [ 205.696092][ T5221] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 205.881269][ T5295] usb 2-1: USB disconnect, device number 11 [ 205.929805][ T9278] loop2: detected capacity change from 0 to 1764 [ 205.994420][ T9278] syz.2.1446 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 206.101264][ T9285] loop4: detected capacity change from 0 to 512 [ 206.108953][ T9285] EXT4-fs: Ignoring removed mblk_io_submit option [ 206.128016][ T9285] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 206.146575][ T9285] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 206.160970][ T9285] EXT4-fs (loop4): orphan cleanup on readonly fs [ 206.172364][ T9285] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1450: Invalid block bitmap block 0 in block_group 0 [ 206.195519][ T9285] EXT4-fs (loop4): Remounting filesystem read-only [ 206.202281][ T9285] __quota_error: 1 callbacks suppressed [ 206.202299][ T9285] Quota error (device loop4): write_blk: dquota write failed [ 206.215841][ T9285] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 206.225970][ T9285] EXT4-fs (loop4): 1 orphan inode deleted [ 206.242434][ T9285] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 206.370850][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.721662][ T9315] loop3: detected capacity change from 0 to 1024 [ 206.831769][ T9321] loop4: detected capacity change from 0 to 512 [ 206.885319][ T9315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 206.976084][ T9321] EXT4-fs error (device loop4): dx_probe:823: inode #2: comm syz.4.1467: Attempting to read directory block (0) that is past i_size (256) [ 206.998065][ T9321] EXT4-fs (loop4): Remounting filesystem read-only [ 207.034541][ T9321] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 207.051566][ T9306] loop5: detected capacity change from 0 to 32768 [ 207.061504][ T9306] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1460 (9306) [ 207.067914][ T9321] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.091529][ T9306] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 207.106054][ T5243] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.136011][ T9306] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 207.154793][ T9306] BTRFS info (device loop5): using free-space-tree [ 207.183686][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.205248][ T29] audit: type=1326 audit(2000000015.959:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9337 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b2b37def9 code=0x7ffc0000 [ 207.239375][ T29] audit: type=1326 audit(2000000015.959:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9337 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b2b37def9 code=0x7ffc0000 [ 207.269874][ T29] audit: type=1326 audit(2000000015.959:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9337 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f4b2b37def9 code=0x7ffc0000 [ 207.292444][ T29] audit: type=1326 audit(2000000015.969:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9337 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b2b37def9 code=0x7ffc0000 [ 207.316941][ T29] audit: type=1326 audit(2000000015.969:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4b2b3affe5 code=0x7ffc0000 [ 207.365025][ T29] audit: type=1326 audit(2000000015.969:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9337 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b2b37def9 code=0x7ffc0000 [ 207.370382][ T9346] loop3: detected capacity change from 0 to 8 [ 207.388267][ T29] audit: type=1326 audit(2000000015.989:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9337 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f4b2b37def9 code=0x7ffc0000 [ 207.419935][ T29] audit: type=1326 audit(2000000015.989:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9337 comm="syz.1.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b2b37def9 code=0x7ffc0000 [ 207.499606][ T9357] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0 [ 207.534233][ T9356] IPVS: stopping master sync thread 9357 ... [ 207.707572][ T5231] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 207.751688][ T9365] loop0: detected capacity change from 0 to 512 [ 207.796869][ T9367] netlink: 'syz.1.1477': attribute type 29 has an invalid length. [ 207.816019][ T9365] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 207.834584][ T9365] UDF-fs: Scanning with blocksize 512 failed [ 207.855214][ T9367] netlink: 'syz.1.1477': attribute type 29 has an invalid length. [ 207.885788][ T9365] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 207.913251][ T9365] UDF-fs: Scanning with blocksize 1024 failed [ 207.962691][ T9365] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 207.981743][ T9365] UDF-fs: Scanning with blocksize 2048 failed [ 207.996844][ T9365] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 208.086444][ T9365] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 208.126170][ T9350] loop4: detected capacity change from 0 to 32768 [ 208.188716][ T9350] JBD2: Ignoring recovery information on journal [ 208.253146][ T9376] netlink: 'syz.2.1483': attribute type 3 has an invalid length. [ 208.354769][ T9373] loop3: detected capacity change from 0 to 4096 [ 208.362422][ T9350] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 208.441858][ T9386] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 208.746065][ T5222] ocfs2: Unmounting device (7,4) on (node local) [ 208.756646][ T9402] loop3: detected capacity change from 0 to 256 [ 208.834105][ T9402] exfat: Deprecated parameter 'namecase' [ 208.877527][ T9402] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 208.972952][ T25] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 209.143070][ T25] usb 3-1: Using ep0 maxpacket: 8 [ 209.152080][ T25] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 209.182892][ T25] usb 3-1: New USB device found, idVendor=13d3, idProduct=3340, bcdDevice=ab.0b [ 209.216181][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.219281][ T9417] loop0: detected capacity change from 0 to 64 [ 209.256287][ T25] usb 3-1: config 0 descriptor?? [ 209.290432][ T25] r8712u: register rtl8712_netdev_ops to netdev_ops [ 209.319761][ T25] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 209.487110][ T9424] loop0: detected capacity change from 0 to 64 [ 209.647733][ T9428] loop1: detected capacity change from 0 to 64 [ 209.703727][ T25] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed [ 209.730976][ T25] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 209.756979][ T25] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 209.857591][ T9406] loop5: detected capacity change from 0 to 32768 [ 209.910917][ T5284] usb 3-1: USB disconnect, device number 12 [ 209.930738][ T9406] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 210.116066][ T9412] loop4: detected capacity change from 0 to 32768 [ 210.175054][ T9406] XFS (loop5): Ending clean mount [ 210.200981][ T9412] XFS (loop4): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 210.246916][ T9453] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1513'. [ 210.251363][ T9457] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1512'. [ 210.276078][ T5231] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 210.288256][ T9457] net_ratelimit: 324 callbacks suppressed [ 210.288275][ T9457] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check. [ 210.445777][ T9462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1515'. [ 210.800161][ T9412] XFS (loop4): Ending clean mount [ 210.928036][ T9476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1520'. [ 211.060510][ T5222] XFS (loop4): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 211.068583][ T5284] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 211.148803][ T9489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1526'. [ 211.152890][ T5288] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 211.248257][ T5284] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 211.257789][ T5284] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.283672][ T5284] usb 6-1: Product: syz [ 211.287964][ T5284] usb 6-1: Manufacturer: syz [ 211.292578][ T5284] usb 6-1: SerialNumber: syz [ 211.323292][ T5288] usb 4-1: Using ep0 maxpacket: 16 [ 211.349507][ T5288] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.373022][ T5288] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.392842][ T5284] usb 6-1: config 0 descriptor?? [ 211.408585][ T5288] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 211.420307][ T5288] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.436760][ T5288] usb 4-1: config 0 descriptor?? [ 211.593255][ T9504] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0 [ 211.623068][ T9503] IPVS: stopping backup sync thread 9504 ... [ 211.743219][ T5284] usb 6-1: USB disconnect, device number 16 [ 211.864761][ T9516] loop1: detected capacity change from 0 to 64 [ 211.935027][ T5288] elan 0003:04F3:0755.0028: item fetching failed at offset 2/5 [ 211.943393][ T5288] elan 0003:04F3:0755.0028: Hid Parse failed [ 211.949461][ T5288] elan 0003:04F3:0755.0028: probe with driver elan failed with error -22 [ 212.033914][ T9520] loop4: detected capacity change from 0 to 2048 [ 212.086060][ T9524] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 212.161356][ T5284] usb 4-1: USB disconnect, device number 15 [ 212.593503][ T9518] loop0: detected capacity change from 0 to 32768 [ 212.681834][ T9518] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 212.733114][ T9518] OCFS2: ERROR (device loop0): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 65 has empty extent list at depth 312 [ 212.753481][ T9518] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 212.765894][ T9518] OCFS2: File system is now read-only. [ 212.771480][ T9518] (syz.0.1541,9518,1):ocfs2_find_leaf:1940 ERROR: status = -30 [ 212.780279][ T9518] (syz.0.1541,9518,1):ocfs2_get_clusters_nocache:421 ERROR: status = -30 [ 212.790181][ T9518] (syz.0.1541,9518,1):ocfs2_get_clusters:624 ERROR: status = -30 [ 212.799044][ T9518] (syz.0.1541,9518,1):ocfs2_extent_map_get_blocks:671 ERROR: status = -30 [ 212.807836][ T9518] (syz.0.1541,9518,1):ocfs2_read_virt_blocks:981 ERROR: status = -30 [ 212.818426][ T9518] (syz.0.1541,9518,1):ocfs2_read_dir_block:511 ERROR: status = -30 [ 212.863064][ T25] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 212.948646][ T5221] ocfs2: Unmounting device (7,0) on (node local) [ 213.012896][ T25] usb 6-1: Using ep0 maxpacket: 8 [ 213.024221][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.061003][ T25] usb 6-1: New USB device found, idVendor=044e, idProduct=121e, bcdDevice= 0.00 [ 213.090078][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.118035][ T25] usb 6-1: config 0 descriptor?? [ 213.152941][ T5295] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 213.344786][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.356466][ T5295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.366476][ T5295] usb 3-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00 [ 213.383002][ T5284] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 213.386067][ T5295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.415291][ T5295] usb 3-1: config 0 descriptor?? [ 213.550189][ T5284] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 213.569832][ T25] hid-alps 0003:044E:121E.0029: hidraw0: USB HID v0.00 Device [HID 044e:121e] on usb-dummy_hcd.5-1/input0 [ 213.572686][ T5284] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.619513][ T5284] usb 2-1: config 0 descriptor?? [ 213.631348][ T5284] cp210x 2-1:0.0: cp210x converter detected [ 213.731782][ T9574] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1566'. [ 213.757483][ T9] usb 6-1: USB disconnect, device number 17 [ 213.850773][ T5295] uclogic 0003:5543:0042.002A: unknown main item tag 0x6 [ 213.861345][ T5295] uclogic 0003:5543:0042.002A: No inputs registered, leaving [ 213.880320][ T5295] uclogic 0003:5543:0042.002A: hidraw0: USB HID v0.00 Device [HID 5543:0042] on usb-dummy_hcd.2-1/input0 [ 213.912737][ T9566] loop0: detected capacity change from 0 to 32768 [ 213.932925][ T9566] JBD2: Ignoring recovery information on journal [ 213.981093][ T9566] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 214.047420][ T5221] ocfs2: Unmounting device (7,0) on (node local) [ 214.054677][ T5284] usb 2-1: cp210x converter now attached to ttyUSB0 [ 214.082908][ T5288] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 214.102296][ T5284] usb 3-1: USB disconnect, device number 13 [ 214.253719][ T5288] usb 4-1: too many endpoints for config 0 interface 0 altsetting 64: 254, using maximum allowed: 30 [ 214.287522][ T5288] usb 4-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 32, changing to 9 [ 214.314516][ T5288] usb 4-1: config 0 interface 0 altsetting 64 endpoint 0x81 has invalid wMaxPacketSize 0 [ 214.320747][ T25] usb 2-1: USB disconnect, device number 12 [ 214.331758][ T5288] usb 4-1: config 0 interface 0 altsetting 64 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 214.346680][ T25] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 214.352390][ T5288] usb 4-1: config 0 interface 0 has no altsetting 0 [ 214.361899][ T5288] usb 4-1: New USB device found, idVendor=5543, idProduct=0047, bcdDevice= 0.00 [ 214.371409][ T5288] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.380710][ T25] cp210x 2-1:0.0: device disconnected [ 214.382310][ T5288] usb 4-1: config 0 descriptor?? [ 214.461894][ T9588] loop5: detected capacity change from 0 to 1024 [ 214.571005][ T9590] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1573'. [ 214.580118][ T9590] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1573'. [ 214.823670][ T9600] netlink: 110 bytes leftover after parsing attributes in process `syz.2.1578'. [ 214.841940][ T9600] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1578'. [ 215.011979][ T5288] usb 4-1: string descriptor 0 read error: -71 [ 215.018934][ T5288] uclogic 0003:5543:0047.002B: failed retrieving string descriptor #200: -71 [ 215.028613][ T5288] uclogic 0003:5543:0047.002B: failed retrieving pen parameters: -71 [ 215.038901][ T5288] uclogic 0003:5543:0047.002B: failed probing pen v2 parameters: -71 [ 215.054531][ T5288] uclogic 0003:5543:0047.002B: failed probing parameters: -71 [ 215.072484][ T5288] uclogic 0003:5543:0047.002B: probe with driver uclogic failed with error -71 [ 215.112338][ T5288] usb 4-1: USB disconnect, device number 16 [ 215.116782][ T9611] loop2: detected capacity change from 0 to 8 [ 215.147890][ T9614] loop1: detected capacity change from 0 to 512 [ 215.193959][ T9614] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1584: corrupted in-inode xattr: e_name out of bounds [ 215.223616][ T9614] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1584: couldn't read orphan inode 15 (err -117) [ 215.254399][ T9614] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 215.342708][ T5393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.623338][ T25] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 215.726375][ T9641] loop1: detected capacity change from 0 to 1024 [ 215.772223][ T9641] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 215.793307][ T25] usb 6-1: Using ep0 maxpacket: 16 [ 215.804328][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 215.836519][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 215.846423][ T25] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 215.860197][ T25] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 215.870096][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.903825][ T25] usb 6-1: config 0 descriptor?? [ 216.008375][ T5393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.109943][ T9638] loop2: detected capacity change from 0 to 32768 [ 216.199781][ T9638] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 216.298104][ T9638] XFS (loop2): Ending clean mount [ 216.347828][ T25] microsoft 0003:045E:07DA.002C: item 0 4 0 8 parsing failed [ 216.355927][ T25] microsoft 0003:045E:07DA.002C: parse failed [ 216.362088][ T25] microsoft 0003:045E:07DA.002C: probe with driver microsoft failed with error -22 [ 216.392750][ T9669] hugetlbfs: Bad value '%' for mount option 'size' [ 216.392750][ T9669] [ 216.462302][ T5227] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 216.587459][ T25] usb 6-1: USB disconnect, device number 18 [ 216.654318][ T9679] loop1: detected capacity change from 0 to 64 [ 217.161530][ T9701] loop1: detected capacity change from 0 to 512 [ 217.171725][ T9701] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 217.232883][ T9701] EXT4-fs (loop1): 1 truncate cleaned up [ 217.239504][ T9701] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 217.473704][ T9711] team0: Device gtp0 is of different type [ 217.489104][ T5393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.804953][ T9726] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 217.948956][ T9727] loop5: detected capacity change from 0 to 4096 [ 218.038636][ T9739] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 218.124070][ T9704] loop2: detected capacity change from 0 to 40427 [ 218.255959][ T9704] F2FS-fs (loop2): Found nat_bits in checkpoint [ 218.365772][ T9754] loop5: detected capacity change from 0 to 1024 [ 218.419891][ T9754] hfsplus: bad catalog entry type [ 218.493294][ T9704] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 218.604144][ T5227] syz-executor: attempt to access beyond end of device [ 218.604144][ T5227] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 218.639956][ T5227] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 218.714816][ T9770] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 218.862939][ T25] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 218.907889][ T9774] loop5: detected capacity change from 0 to 512 [ 219.017235][ T9774] EXT4-fs: Ignoring removed nomblk_io_submit option [ 219.183000][ T25] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 219.205569][ T25] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 219.281263][ T9774] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 219.282836][ T25] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 219.289701][ T9774] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 219.316652][ T9774] EXT4-fs (loop5): 1 truncate cleaned up [ 219.333088][ T9774] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.382711][ T9774] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #2: block 4: comm syz.5.1654: lblock 0 mapped to illegal pblock 4 (length 1) [ 219.382861][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.431769][ T9765] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 219.446727][ T25] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 219.474462][ T9774] EXT4-fs (loop5): Remounting filesystem read-only [ 219.584806][ T5231] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.689461][ T25] usb 4-1: USB disconnect, device number 17 [ 219.870138][ T9776] loop0: detected capacity change from 0 to 40427 [ 219.886985][ T9776] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 219.895300][ T9776] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 219.905748][ T9776] F2FS-fs (loop0): invalid crc value [ 220.133555][ T9776] F2FS-fs (loop0): Found nat_bits in checkpoint [ 220.343202][ T9776] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 220.360832][ T9776] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 220.811455][ T9829] loop1: detected capacity change from 0 to 256 [ 220.853258][ T5295] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 220.871613][ T9829] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 220.990250][ T9816] loop2: detected capacity change from 0 to 32768 [ 221.029326][ T9816] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1671 (9816) [ 221.059312][ T5295] usb 6-1: Using ep0 maxpacket: 16 [ 221.084865][ T5295] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 221.100155][ T9816] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 221.111134][ T9816] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 221.120868][ T9816] BTRFS info (device loop2): using free-space-tree [ 221.121056][ T5295] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x1D, changing to 0xD [ 221.161001][ T5295] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 221.181237][ T5295] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 221.211132][ T5295] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 221.221545][ T5295] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 221.241392][ T5295] usb 6-1: Manufacturer: syz [ 221.251062][ T5295] usb 6-1: config 0 descriptor?? [ 221.260001][ T5295] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 221.320560][ T9858] loop3: detected capacity change from 0 to 256 [ 221.332641][ T5227] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 221.409784][ T9860] loop0: detected capacity change from 0 to 4096 [ 221.429326][ T9858] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 196) [ 221.429477][ T9860] ntfs3: loop0: ino=3, Correct links count -> 2. [ 221.457053][ T9858] FAT-fs (loop3): Filesystem has been set read-only [ 221.473548][ T5295] usb 6-1: USB disconnect, device number 19 [ 221.647797][ T5243] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 196) [ 221.787649][ T9866] program syz.3.1688 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 221.814051][ T9868] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1689'. [ 221.881628][ T9870] loop0: detected capacity change from 0 to 2048 [ 221.951908][ T9870] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 222.014360][ T5221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.110863][ T9881] loop3: detected capacity change from 0 to 2048 [ 222.171458][ T9885] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 222.266528][ T9890] loop1: detected capacity change from 0 to 128 [ 222.286580][ T9890] EXT4-fs: Ignoring removed mblk_io_submit option [ 222.340569][ T9890] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 222.356298][ T9895] program syz.0.1700 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 222.378936][ T9890] ext4 filesystem being mounted at /284/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 222.649852][ T9901] netlink: 'syz.4.1705': attribute type 25 has an invalid length. [ 222.700333][ T5393] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 222.780729][ T9907] loop4: detected capacity change from 0 to 128 [ 222.803284][ T9907] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 222.846354][ T9888] loop2: detected capacity change from 0 to 32768 [ 223.046120][ T9888] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 223.175931][ T9888] XFS (loop2): Ending clean mount [ 223.248735][ T5227] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 223.318856][ T9900] loop0: detected capacity change from 0 to 32768 [ 223.465676][ T9900] XFS (loop0): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 223.652503][ T9949] IPVS: Error joining to the multicast group [ 223.702256][ T9900] XFS (loop0): Ending clean mount [ 223.709746][ T9900] XFS (loop0): Quotacheck needed: Please wait. [ 223.822285][ T9951] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 223.832273][ T9951] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 223.842121][ T9951] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 223.851922][ T9951] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 223.863605][ T9900] XFS (loop0): Quotacheck: Done. [ 223.884664][ T9951] Zero length message leads to an empty skb [ 224.042274][ T9958] loop2: detected capacity change from 0 to 256 [ 224.046414][ T9938] loop5: detected capacity change from 0 to 40427 [ 224.049987][ T5221] XFS (loop0): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 224.071151][ T9958] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 224.074530][ T9956] loop1: detected capacity change from 0 to 64 [ 224.109711][ T9938] F2FS-fs (loop5): Found nat_bits in checkpoint [ 224.110667][ T9956] hfs: bad catalog entry type 0 [ 224.198083][ T9938] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 224.221073][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 224.221092][ T29] audit: type=1800 audit(2000000032.979:59): pid=9938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1717" name="file2" dev="loop5" ino=10 res=0 errno=0 [ 224.302333][ T5231] syz-executor: attempt to access beyond end of device [ 224.302333][ T5231] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 224.324943][ T5231] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 224.442297][ T9970] syz.1.1729 (9970): drop_caches: 4 [ 224.818387][ T5295] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 224.902482][ T9984] loop5: detected capacity change from 0 to 4096 [ 224.916832][ T9984] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 224.949096][ T9984] ntfs3: loop5: Failed to initialize $Extend/$Reparse. [ 224.975463][ T5295] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x92, changing to 0x82 [ 224.992849][ T5295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 225.006323][ T9984] ntfs3: loop5: ino=1e, "file1" encrypted i/o not supported [ 225.018150][ T5295] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 225.028317][ T29] audit: type=1800 audit(2000000033.789:60): pid=9984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1735" name="file1" dev="loop5" ino=30 res=0 errno=0 [ 225.032898][ T9984] ntfs3: loop5: ino=1e, "file1" encrypted i/o not supported [ 225.062589][ T5295] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 225.071885][ T9980] loop2: detected capacity change from 0 to 32768 [ 225.091804][ T5295] usb 2-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f [ 225.101119][ T5295] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 225.109358][ T5295] usb 2-1: Product: syz [ 225.113695][ T5295] usb 2-1: Manufacturer: syz [ 225.118486][ T5295] usb 2-1: SerialNumber: syz [ 225.130206][ T5295] usb 2-1: config 0 descriptor?? [ 225.146289][ T5295] redrat3 2-1:0.0: Couldn't find all endpoints [ 225.151258][ T9980] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 225.264359][ T9980] XFS (loop2): Ending clean mount [ 225.279905][ T9980] XFS (loop2): Quotacheck needed: Please wait. [ 225.360189][ T5295] usb 2-1: USB disconnect, device number 13 [ 225.380564][ T9980] XFS (loop2): Quotacheck: Done. [ 225.447405][ T9996] loop5: detected capacity change from 0 to 256 [ 225.483405][ T5227] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 225.500305][ T9996] FAT-fs (loop5): Directory bread(block 64) failed [ 225.507048][ T9996] FAT-fs (loop5): Directory bread(block 65) failed [ 225.514129][ T9996] FAT-fs (loop5): Directory bread(block 66) failed [ 225.520761][ T9996] FAT-fs (loop5): Directory bread(block 67) failed [ 225.527485][ T9996] FAT-fs (loop5): Directory bread(block 68) failed [ 225.534231][ T9996] FAT-fs (loop5): Directory bread(block 69) failed [ 225.540823][ T9996] FAT-fs (loop5): Directory bread(block 70) failed [ 225.547740][ T9996] FAT-fs (loop5): Directory bread(block 71) failed [ 225.554643][ T9996] FAT-fs (loop5): Directory bread(block 72) failed [ 225.561851][ T9996] FAT-fs (loop5): Directory bread(block 73) failed [ 225.755341][T10005] netlink: 'syz.3.1740': attribute type 4 has an invalid length. [ 225.773071][T10005] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1740'. [ 225.836831][T10002] loop5: detected capacity change from 0 to 4096 [ 225.859270][T10002] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512). [ 225.903057][ T5295] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 225.918876][T10002] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 226.063056][ T5295] usb 2-1: Using ep0 maxpacket: 16 [ 226.096470][ T5295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 226.135336][ T5295] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 226.173356][ T5295] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x92, changing to 0x82 [ 226.197762][ T5295] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 226.231889][ T5295] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 226.284484][ T5295] usb 2-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b [ 226.302900][ T5295] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3 [ 226.311154][ T5295] usb 2-1: Product: syz [ 226.352859][ T5295] usb 2-1: Manufacturer: syz [ 226.357878][ T5295] usb 2-1: SerialNumber: syz [ 226.383890][ T5295] usb 2-1: config 0 descriptor?? [ 226.413857][ T5295] usb 2-1: NFC: intf ffff88807fe8a000 id ffffffff8f311b20 [ 226.433810][T10034] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1754'. [ 226.533171][T10043] netlink: 'syz.4.1756': attribute type 30 has an invalid length. [ 226.545388][ T5295] nfcmrvl 2-1:0.0: NFC: registered with nci successfully [ 226.721868][ T5295] usb 2-1: USB disconnect, device number 14 [ 226.749247][T10058] nbd: must specify a device to reconfigure [ 226.774847][ T5295] usb 2-1: NFC: intf ffff88807fe8a000 [ 226.965244][T10059] loop5: detected capacity change from 0 to 4096 [ 227.021596][T10066] loop4: detected capacity change from 0 to 512 [ 227.022863][T10059] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 227.087167][T10066] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 227.219123][T10066] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #17: comm syz.4.1766: iget: bad i_size value: -6917529027641081756 [ 227.270047][T10059] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 227.282495][T10066] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1766: couldn't read orphan inode 17 (err -117) [ 227.333179][T10059] ntfs3: loop5: Failed to load $Extend (-22). [ 227.342933][T10059] ntfs3: loop5: Failed to initialize $Extend. [ 227.356362][T10057] loop0: detected capacity change from 0 to 40427 [ 227.373835][T10066] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.394910][T10057] F2FS-fs (loop0): Found nat_bits in checkpoint [ 227.435601][T10072] loop2: detected capacity change from 0 to 4096 [ 227.472910][T10072] ntfs3: loop2: ino=3, Correct links count -> 2. [ 227.489946][T10057] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 227.535880][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.702013][T10072] ntfs3: loop2: failed to convert "0080" to maccyrillic [ 227.704310][T10093] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1771'. [ 227.724880][T10072] ntfs3: loop2: failed to convert name for inode 1e. [ 227.808015][ T5221] syz-executor: attempt to access beyond end of device [ 227.808015][ T5221] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 227.808088][ T5221] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 227.853924][T10100] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1778'. [ 228.015011][T10107] loop3: detected capacity change from 0 to 128 [ 228.072202][T10111] loop5: detected capacity change from 0 to 256 [ 228.741547][T10132] loop0: detected capacity change from 0 to 1024 [ 228.794174][T10140] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 228.801151][T10140] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 228.823724][T10140] vhci_hcd vhci_hcd.0: Device attached [ 228.862192][T10141] vhci_hcd: connection closed [ 228.870887][ T11] vhci_hcd: stop threads [ 228.888546][ T11] vhci_hcd: release socket [ 228.902653][ T11] vhci_hcd: disconnect device [ 228.909954][ T988] hfsplus: b-tree write err: -5, ino 4 [ 229.159264][T10117] loop3: detected capacity change from 0 to 32768 [ 229.185674][T10117] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1785 (10117) [ 229.211809][T10117] BTRFS info (device loop3 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 229.232012][T10117] BTRFS info (device loop3 state S): using blake2b (blake2b-256-generic) checksum algorithm [ 229.242450][ T25] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 229.257891][T10117] BTRFS info (device loop3 state S): using free-space-tree [ 229.413016][ T5284] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 229.427545][ T25] usb 6-1: Using ep0 maxpacket: 32 [ 229.491104][ T5243] BTRFS info (device loop3 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 229.511029][ T25] usb 6-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=e1.d5 [ 229.520537][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.531599][ T29] audit: type=1800 audit(2000000038.287:61): pid=10185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1808" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 229.538286][ T25] usb 6-1: config 0 descriptor?? [ 229.579867][ T25] vmk80xx 6-1:0.0: driver 'vmk80xx' failed to auto-configure device. [ 229.608693][ T5284] usb 3-1: Using ep0 maxpacket: 32 [ 229.663113][ T5284] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 229.713127][ T5284] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 229.763248][ T5284] usb 3-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00 [ 229.781322][ T25] usb 6-1: USB disconnect, device number 20 [ 229.790136][ T5284] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.834606][ T5284] usb 3-1: config 0 descriptor?? [ 229.843567][T10188] loop0: detected capacity change from 0 to 512 [ 229.935398][T10188] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 229.959576][T10188] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 229.967824][T10188] System zones: 0-1, 15-15, 18-18, 34-34 [ 229.974263][T10188] EXT4-fs (loop0): orphan cleanup on readonly fs [ 229.980813][T10188] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 229.992190][T10188] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 229.997607][T10194] support for cryptoloop has been removed. Use dm-crypt instead. [ 230.007239][T10188] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 230.084308][T10188] EXT4-fs error (device loop0): ext4_orphan_get:1414: comm syz.0.1811: bad orphan inode 16 [ 230.100754][T10188] ext4_test_bit(bit=15, block=18) = 1 [ 230.112174][T10188] is_bad_inode(inode)=0 [ 230.117835][T10188] NEXT_ORPHAN(inode)=0 [ 230.121928][T10188] max_ino=32 [ 230.130279][T10188] i_nlink=2 [ 230.141732][T10188] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 230.250962][T10188] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 230.315279][ T5284] waltop 0003:172F:0501.002D: item fetching failed at offset 2/5 [ 230.326784][ T5221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.347297][ T5284] waltop 0003:172F:0501.002D: probe with driver waltop failed with error -22 [ 230.497827][T10210] loop3: detected capacity change from 0 to 512 [ 230.505801][T10210] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 230.510585][ T5288] usb 3-1: USB disconnect, device number 14 [ 230.560868][T10210] EXT4-fs (loop3): 1 truncate cleaned up [ 230.567667][T10210] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.687556][ T5284] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 230.730948][ T5243] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.876205][ T5284] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 230.887794][ T5284] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 230.898372][ T5284] usb 2-1: config 0 interface 0 has no altsetting 0 [ 230.909761][ T5284] usb 2-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00 [ 230.953727][ T5284] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.988697][ T5284] usb 2-1: config 0 descriptor?? [ 231.163992][T10244] loop2: detected capacity change from 0 to 256 [ 231.190464][T10244] exfat: Deprecated parameter 'utf8' [ 231.200347][T10244] exfat: Deprecated parameter 'namecase' [ 231.229000][T10244] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 231.419928][ T5284] elecom 0003:056E:00FE.002E: hidraw0: USB HID v0.00 Device [HID 056e:00fe] on usb-dummy_hcd.1-1/input0 [ 231.619808][ T5284] usb 2-1: USB disconnect, device number 15 [ 231.755196][T10272] loop2: detected capacity change from 0 to 136 [ 231.911941][T10265] loop3: detected capacity change from 0 to 40427 [ 231.923893][T10265] F2FS-fs (loop3): heap/no_heap options were deprecated [ 231.935931][T10265] F2FS-fs (loop3): invalid crc value [ 231.952728][T10265] F2FS-fs (loop3): Found nat_bits in checkpoint [ 232.013334][T10265] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 232.050194][ T29] audit: type=1800 audit(2000000040.807:62): pid=10265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1847" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 232.092476][T10284] loop2: detected capacity change from 0 to 256 [ 232.109457][ T5243] syz-executor: attempt to access beyond end of device [ 232.109457][ T5243] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 232.124342][ T5243] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 232.148822][ T29] audit: type=1326 audit(2000000040.897:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a17def9 code=0x7fc00000 [ 232.176534][ T29] audit: type=1326 audit(2000000040.907:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fca6a17def9 code=0x7fc00000 [ 232.223425][ T29] audit: type=1326 audit(2000000040.907:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a17def9 code=0x7fc00000 [ 232.261498][ T29] audit: type=1326 audit(2000000040.907:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a17def9 code=0x7fc00000 [ 232.295076][ T29] audit: type=1326 audit(2000000040.907:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a17def9 code=0x7fc00000 [ 232.338352][ T29] audit: type=1326 audit(2000000040.907:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a17def9 code=0x7fc00000 [ 232.416088][T10289] loop2: detected capacity change from 0 to 4096 [ 232.424821][ T29] audit: type=1326 audit(2000000040.907:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a17def9 code=0x7fc00000 [ 232.475238][T10292] loop1: detected capacity change from 0 to 1024 [ 232.513747][T10292] EXT4-fs: Ignoring removed orlov option [ 232.519508][T10292] EXT4-fs: Ignoring removed nomblk_io_submit option [ 232.579069][T10292] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 232.582285][T10289] ntfs3: loop2: failed to convert "0080" to cp864 [ 232.753297][ T5393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.755837][T10299] tipc: Enabling of bearer rejected, failed to enable media [ 232.974874][T10312] loop3: detected capacity change from 0 to 22 [ 232.981858][T10312] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 232.993720][T10312] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 233.932975][ T5288] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 234.031652][T10368] UBIFS error (pid: 10368): cannot open "ub ", error -22 [ 234.085066][ T5288] usb 6-1: Using ep0 maxpacket: 8 [ 234.130871][ T5288] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.160369][ T5288] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 234.190138][ T5288] usb 6-1: New USB device found, idVendor=886d, idProduct=db3f, bcdDevice= 0.69 [ 234.218426][ T5288] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.247357][ T5288] usb 6-1: config 0 descriptor?? [ 234.382875][T10379] loop4: detected capacity change from 0 to 1024 [ 234.487913][T10381] loop2: detected capacity change from 0 to 4096 [ 234.527182][T10382] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 234.538917][T10353] loop0: detected capacity change from 0 to 32768 [ 234.569584][T10353] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1886 (10353) [ 234.599050][ T68] hfsplus: b-tree write err: -5, ino 4 [ 234.622933][T10353] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 234.640186][T10353] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 234.649136][T10353] BTRFS info (device loop0): using free-space-tree [ 234.703006][ T5288] hid-generic 0003:886D:DB3F.002F: unbalanced delimiter at end of report description [ 234.738630][ T5288] hid-generic 0003:886D:DB3F.002F: probe with driver hid-generic failed with error -22 [ 234.920515][T10373] loop3: detected capacity change from 0 to 32768 [ 234.949185][T10373] XFS: ikeep mount option is deprecated. [ 234.964823][ T5284] usb 6-1: USB disconnect, device number 21 [ 234.972934][T10373] XFS: noikeep mount option is deprecated. [ 235.003566][T10373] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 235.047245][ T5221] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 235.057817][ T5288] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 235.091905][T10373] XFS (loop3): Ending clean mount [ 235.100209][T10373] XFS (loop3): Quotacheck needed: Please wait. [ 235.151737][T10373] XFS (loop3): Quotacheck: Done. [ 235.222925][ T5288] usb 3-1: Using ep0 maxpacket: 16 [ 235.230121][ T5288] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 235.242600][ T5288] usb 3-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b5.89 [ 235.251791][ T5288] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.259971][ T5288] usb 3-1: Product: syz [ 235.264287][ T5288] usb 3-1: Manufacturer: syz [ 235.268916][ T5288] usb 3-1: SerialNumber: syz [ 235.284893][ T5288] usb 3-1: config 0 descriptor?? [ 235.295583][ T5288] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 235.417981][ T5243] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 235.602931][ T5288] gspca_pac7302: reg_w() failed i: ff v: 01 error -71 [ 235.609816][ T5288] gspca_pac7302 3-1:0.0: probe with driver gspca_pac7302 failed with error -71 [ 235.673305][ T5288] usb 3-1: USB disconnect, device number 15 [ 235.857312][T10422] loop0: detected capacity change from 0 to 256 [ 236.013609][T10422] FAT-fs (loop0): Directory bread(block 64) failed [ 236.058464][T10422] FAT-fs (loop0): Directory bread(block 65) failed [ 236.073193][T10422] FAT-fs (loop0): Directory bread(block 66) failed [ 236.102991][T10422] FAT-fs (loop0): Directory bread(block 67) failed [ 236.109554][T10424] loop3: detected capacity change from 0 to 32768 [ 236.109652][T10422] FAT-fs (loop0): Directory bread(block 68) failed [ 236.150411][T10422] FAT-fs (loop0): Directory bread(block 69) failed [ 236.158907][T10422] FAT-fs (loop0): Directory bread(block 70) failed [ 236.181468][T10424] ERROR: (device loop3): dbAlloc: unable to allocate blocks [ 236.181468][T10424] [ 236.190006][T10422] FAT-fs (loop0): Directory bread(block 71) failed [ 236.219729][T10422] FAT-fs (loop0): Directory bread(block 72) failed [ 236.238288][T10422] FAT-fs (loop0): Directory bread(block 73) failed [ 236.264646][T10424] ERROR: (device loop3): remounting filesystem as read-only [ 236.288746][T10424] ialloc: diAlloc returned -5! [ 236.297798][T10426] loop1: detected capacity change from 0 to 4096 [ 236.353787][T10426] NILFS (loop1): invalid segment: Checksum error in segment payload [ 236.366741][T10426] NILFS (loop1): trying rollback from an earlier position [ 236.408080][T10426] NILFS (loop1): recovery complete [ 236.608262][T10432] loop2: detected capacity change from 0 to 128 [ 236.656632][T10420] loop5: detected capacity change from 0 to 32768 [ 236.891944][T10445] loop3: detected capacity change from 0 to 256 [ 236.905091][T10420] XFS (loop5): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 236.945022][T10445] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 236.979893][T10420] XFS (loop5): Ending clean mount [ 237.045342][ T5231] XFS (loop5): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 237.073670][T10458] tc_dump_action: action bad kind [ 237.494069][T10468] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1926'. [ 237.710159][T10477] loop3: detected capacity change from 0 to 256 [ 237.721454][T10478] netlink: 'syz.1.1930': attribute type 1 has an invalid length. [ 237.931697][T10457] loop2: detected capacity change from 0 to 32768 [ 237.984171][T10457] JBD2: Ignoring recovery information on journal [ 238.062353][T10457] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 238.162916][ T5288] usb 6-1: new full-speed USB device number 22 using dummy_hcd [ 238.235678][ T5227] ocfs2: Unmounting device (7,2) on (node local) [ 238.327668][ T5288] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 238.348487][ T5288] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 238.374126][ T5288] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 238.421242][ T5288] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.432661][T10496] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1939'. [ 238.463944][ T5288] usb 6-1: config 0 descriptor?? [ 238.493147][ T5288] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 238.518209][ T5288] dvb-usb: bulk message failed: -22 (3/0) [ 238.570530][ T5288] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 238.596569][T10498] loop4: detected capacity change from 0 to 512 [ 238.616637][T10498] EXT4-fs: Ignoring removed orlov option [ 238.624432][T10498] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 238.641922][ T5288] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 238.647100][T10500] loop1: detected capacity change from 0 to 256 [ 238.652876][ T5288] usb 6-1: media controller created [ 238.681736][ T5288] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 238.691183][T10500] exfat: Deprecated parameter 'namecase' [ 238.703772][T10498] EXT4-fs (loop4): 1 truncate cleaned up [ 238.710463][T10498] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 238.730550][ T5288] dvb-usb: bulk message failed: -22 (6/0) [ 238.734606][T10472] loop0: detected capacity change from 0 to 40427 [ 238.750147][T10486] loop3: detected capacity change from 0 to 32768 [ 238.758767][T10500] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x973db221, utbl_chksum : 0xe619d30d) [ 238.767735][ T5288] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 238.785395][T10472] F2FS-fs (loop0): Found nat_bits in checkpoint [ 238.817198][ T5288] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input28 [ 238.879352][ T5288] dvb-usb: schedule remote query interval to 150 msecs. [ 238.886529][ T5288] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 238.931560][ T5222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.938208][ T5288] usb 6-1: USB disconnect, device number 22 [ 239.021761][T10472] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 239.032170][ C1] sd 0:0:1:0: [sda] tag#7617 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 239.042658][ C1] sd 0:0:1:0: [sda] tag#7617 CDB: Read(6) 08 00 00 00 00 00 [ 239.043845][ T5288] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 239.061733][T10514] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1944'. [ 239.072087][T10514] tipc: Invalid UDP bearer configuration [ 239.072129][T10514] tipc: Enabling of bearer rejected, failed to enable media [ 239.259702][ T5221] syz-executor: attempt to access beyond end of device [ 239.259702][ T5221] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 239.313055][ T5221] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 239.626646][T10532] loop1: detected capacity change from 0 to 1024 [ 239.687280][T10532] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 239.752109][T10532] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 239.842902][ T5284] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 240.043438][ T5393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.154160][ T5284] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 240.203498][ T5284] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 240.230654][ T5284] usb 6-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00 [ 240.282625][ T5284] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.306062][ T5284] usb 6-1: config 0 descriptor?? [ 240.732634][ T5284] cougar 0003:060B:700A.0030: item fetching failed at offset 2/5 [ 240.743218][ T5284] cougar 0003:060B:700A.0030: parse failed [ 240.749832][ T5284] cougar 0003:060B:700A.0030: probe with driver cougar failed with error -22 [ 240.772964][ T5285] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 240.861494][T10572] loop2: detected capacity change from 0 to 16 [ 240.864432][T10548] loop0: detected capacity change from 0 to 32768 [ 240.869058][T10572] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 240.886764][T10548] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1950 (10548) [ 240.917418][T10548] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 240.932962][ T5285] usb 4-1: Using ep0 maxpacket: 8 [ 240.940019][T10548] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 240.950836][T10548] BTRFS info (device loop0): using free-space-tree [ 240.961555][ T5285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 240.973808][ T5285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 240.973911][ T5284] usb 6-1: USB disconnect, device number 23 [ 240.983825][ T5285] usb 4-1: New USB device found, idVendor=0810, idProduct=0001, bcdDevice= 0.00 [ 241.005420][ T5285] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.019295][ T5285] usb 4-1: config 0 descriptor?? [ 241.162219][ T5221] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 241.464973][ T5285] pantherlord 0003:0810:0001.0031: unknown main item tag 0x0 [ 241.491756][ T5285] pantherlord 0003:0810:0001.0031: hidraw0: USB HID v0.00 Device [HID 0810:0001] on usb-dummy_hcd.3-1/input0 [ 241.554103][ T5285] pantherlord 0003:0810:0001.0031: Force feedback for PantherLord/GreenAsia devices by Anssi Hannula [ 241.625707][T10602] loop1: detected capacity change from 0 to 256 [ 241.673897][ T5285] usb 4-1: USB disconnect, device number 18 [ 241.706000][T10604] loop5: detected capacity change from 0 to 2048 [ 241.709227][T10606] loop0: detected capacity change from 0 to 256 [ 241.740826][T10606] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 241.754731][T10608] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 241.843853][T10575] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 241.863783][T10588] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 241.880703][T10575] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 241.893268][T10588] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 241.941549][T10614] pimreg3: entered allmulticast mode [ 241.981605][T10575] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 241.989603][T10588] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 241.997572][T10588] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 242.018702][T10575] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 242.027781][T10588] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 242.037295][T10588] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 242.058771][T10575] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 242.071972][T10575] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 242.081879][T10575] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 242.095885][T10575] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 242.111824][T10575] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 242.274836][T10575] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 254.733782][ T5226] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 254.745834][ T52] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 254.774214][ T52] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 254.782601][ T5226] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 254.791029][ T52] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 254.801191][ T5226] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 254.811090][ T52] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 254.819402][ T5226] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 254.827280][ T5226] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 254.836407][ T5226] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 254.843999][ T5226] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 254.853261][ T5226] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 254.874996][ T5236] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 254.919193][ T5238] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 254.926731][ T5238] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 254.963502][ T5238] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 254.975094][ T5238] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 254.985729][ T5238] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 255.133977][ T5238] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 255.152998][ T5238] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 255.161598][ T5238] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 255.169671][ T5238] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 255.179600][ T5238] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 255.186949][ T5238] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 255.195851][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.202241][ T1262] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.221058][ T5236] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 255.247106][ T5236] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 255.273789][ T5236] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 255.284374][ T5236] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 255.291970][ T5236] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 255.300993][ T5236] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 255.384623][ T5238] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 255.394593][ T5238] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 255.403950][ T5238] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 255.412485][ T5238] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 255.420632][ T5238] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 255.431239][ T5238] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 255.582900][ T5236] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 255.599640][ T5236] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 255.608477][ T5236] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 255.616635][ T5236] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 255.624774][ T5236] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 255.632136][ T5236] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 256.953125][ T5238] Bluetooth: hci6: command tx timeout [ 257.033114][ T5238] Bluetooth: hci7: command tx timeout [ 257.353157][ T5236] Bluetooth: hci8: command tx timeout [ 257.362078][ T5238] Bluetooth: hci9: command tx timeout [ 257.513115][ T5238] Bluetooth: hci10: command tx timeout [ 257.673060][ T5238] Bluetooth: hci11: command tx timeout [ 259.033078][ T5238] Bluetooth: hci6: command tx timeout [ 259.112924][ T5238] Bluetooth: hci7: command tx timeout [ 259.432935][ T5238] Bluetooth: hci9: command tx timeout [ 259.438406][ T5238] Bluetooth: hci8: command tx timeout [ 259.593120][ T5238] Bluetooth: hci10: command tx timeout [ 259.752993][ T5238] Bluetooth: hci11: command tx timeout [ 261.112909][ T5238] Bluetooth: hci6: command tx timeout [ 261.192879][ T5238] Bluetooth: hci7: command tx timeout [ 261.513066][ T5236] Bluetooth: hci9: command tx timeout [ 261.519568][ T5238] Bluetooth: hci8: command tx timeout [ 261.672956][ T5238] Bluetooth: hci10: command tx timeout [ 261.832971][ T5238] Bluetooth: hci11: command tx timeout [ 263.192938][ T5238] Bluetooth: hci6: command tx timeout [ 263.272938][ T5238] Bluetooth: hci7: command tx timeout [ 263.592935][ T5236] Bluetooth: hci9: command tx timeout [ 263.598528][ T5238] Bluetooth: hci8: command tx timeout [ 263.752978][ T5238] Bluetooth: hci10: command tx timeout [ 263.913038][ T5238] Bluetooth: hci11: command tx timeout [ 315.010231][ T5236] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 315.020020][ T5236] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 315.028367][ T5236] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 315.053013][ T5236] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 315.068132][ T5236] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 315.075661][ T5236] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 315.169772][ T5238] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 315.185438][ T5238] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 315.193901][ T5238] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 315.210293][ T5238] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 315.218201][ T5238] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 315.252260][ T5238] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 315.396870][ T5236] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 315.408362][ T5236] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 315.416771][ T5236] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 315.434554][ T5236] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 315.443746][ T5236] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 315.451162][ T5236] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 315.540621][ T5238] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 315.550831][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 315.559029][ T5238] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 315.573323][ T5238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 315.584305][ T5238] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 315.593416][ T5238] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 315.701699][ T5238] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 315.712086][ T5238] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 315.720497][ T5238] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 315.728534][ T5238] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 315.736819][ T5238] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 315.744210][ T5238] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 315.874988][ T5236] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 315.885141][ T5236] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 315.899766][ T5236] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 315.909197][ T5236] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 315.918162][ T5236] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 315.926292][ T5236] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 316.641048][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.647546][ T1262] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.113087][ T5236] Bluetooth: hci0: command tx timeout [ 317.353202][ T5236] Bluetooth: hci1: command tx timeout [ 317.513033][ T5236] Bluetooth: hci2: command tx timeout [ 317.673029][ T5236] Bluetooth: hci3: command tx timeout [ 317.833084][ T5236] Bluetooth: hci4: command tx timeout [ 317.993044][ T5236] Bluetooth: hci5: command tx timeout [ 319.192960][ T5236] Bluetooth: hci0: command tx timeout [ 319.432949][ T5236] Bluetooth: hci1: command tx timeout [ 319.592981][ T5236] Bluetooth: hci2: command tx timeout [ 319.759716][ T5236] Bluetooth: hci3: command tx timeout [ 319.913033][ T5236] Bluetooth: hci4: command tx timeout [ 320.073078][ T5236] Bluetooth: hci5: command tx timeout [ 321.273007][ T5236] Bluetooth: hci0: command tx timeout [ 321.512971][ T5236] Bluetooth: hci1: command tx timeout [ 321.672819][ T5236] Bluetooth: hci2: command tx timeout [ 321.832936][ T5236] Bluetooth: hci3: command tx timeout [ 321.993005][ T5236] Bluetooth: hci4: command tx timeout [ 322.152941][ T5236] Bluetooth: hci5: command tx timeout [ 323.352978][ T5236] Bluetooth: hci0: command tx timeout [ 323.592954][ T5236] Bluetooth: hci1: command tx timeout [ 323.752943][ T5236] Bluetooth: hci2: command tx timeout [ 323.912946][ T5236] Bluetooth: hci3: command tx timeout [ 324.072998][ T5236] Bluetooth: hci4: command tx timeout [ 324.232979][ T5236] Bluetooth: hci5: command tx timeout [ 376.403753][ T5238] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 376.414140][ T5238] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 376.425299][ T5238] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 376.433803][ T5238] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 376.444928][ T5238] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 376.453736][ T5238] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 376.529485][ T5238] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 376.547813][ T5238] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 376.563707][ T5238] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 376.571968][ T5238] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 376.579836][ T5238] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 376.588011][ T5238] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 376.650410][ T5238] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 376.660198][ T5238] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 376.670054][ T5238] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 376.685443][ T5238] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 376.699924][ T5236] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 376.707493][ T5236] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 376.718491][ T5236] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 376.733440][ T5236] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 376.759056][ T5226] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 376.773842][ T5226] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 376.784581][ T5226] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 376.792021][ T5226] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 376.920316][ T5238] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 376.934553][ T5238] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 376.942565][ T5238] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 376.951093][ T5238] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 376.960631][ T5238] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 376.968326][ T5238] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 377.031804][ T5226] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 377.053045][ T5226] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 377.061541][ T5226] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 377.072183][ T5226] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 377.080057][ T5226] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 377.087559][ T5226] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 378.083833][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.090350][ T1262] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.553064][T10713] Bluetooth: hci12: command tx timeout [ 378.632979][T10713] Bluetooth: hci13: command tx timeout [ 378.793116][T10713] Bluetooth: hci14: command tx timeout [ 378.873026][T10713] Bluetooth: hci15: command tx timeout [ 379.032977][T10713] Bluetooth: hci16: command tx timeout [ 379.118394][T10713] Bluetooth: hci17: command tx timeout [ 380.187389][ T5245] Bluetooth: hci6: command 0x0406 tx timeout [ 380.202771][ T5245] Bluetooth: hci11: command 0x0406 tx timeout [ 380.210625][ T5245] Bluetooth: hci9: command 0x0406 tx timeout [ 380.222818][T10713] Bluetooth: hci7: command 0x0406 tx timeout [ 380.228900][T10713] Bluetooth: hci8: command 0x0406 tx timeout [ 380.235146][ T5245] Bluetooth: hci10: command 0x0406 tx timeout [ 380.633116][ T5236] Bluetooth: hci12: command tx timeout [ 380.713027][ T5236] Bluetooth: hci13: command tx timeout [ 380.873065][ T5236] Bluetooth: hci14: command tx timeout [ 380.952893][ T5236] Bluetooth: hci15: command tx timeout [ 381.113066][ T5236] Bluetooth: hci16: command tx timeout [ 381.192906][ T5236] Bluetooth: hci17: command tx timeout [ 382.712994][ T5236] Bluetooth: hci12: command tx timeout [ 382.794473][ T5236] Bluetooth: hci13: command tx timeout [ 382.953025][ T5236] Bluetooth: hci14: command tx timeout [ 383.032924][ T5236] Bluetooth: hci15: command tx timeout [ 383.194430][ T5236] Bluetooth: hci16: command tx timeout [ 383.272828][ T5236] Bluetooth: hci17: command tx timeout [ 384.793025][ T5236] Bluetooth: hci12: command tx timeout [ 384.873057][ T5236] Bluetooth: hci13: command tx timeout [ 385.033128][ T5236] Bluetooth: hci14: command tx timeout [ 385.113014][ T5236] Bluetooth: hci15: command tx timeout [ 385.272909][ T5236] Bluetooth: hci16: command tx timeout [ 385.353021][ T5236] Bluetooth: hci17: command tx timeout [ 392.436864][ T5222] syz-executor (5222) used greatest stack depth: 18192 bytes left [ 437.709153][ T5226] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 437.739807][ T5226] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 437.749558][ T5226] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 437.779227][ T5226] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 437.787738][ T5226] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 437.796127][ T5226] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 438.353679][ T5236] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 438.374052][ T5236] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 438.393312][ T5236] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 438.401309][ T5236] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 438.412997][ T5236] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3 [ 438.420409][ T5236] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 438.495741][ T5226] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1 [ 438.513103][ T5226] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9 [ 438.521314][ T5226] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9 [ 438.529941][ T5226] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4 [ 438.539390][ T5226] Bluetooth: hci20: unexpected cc 0x0c25 length: 249 > 3 [ 438.547192][ T5226] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2 [ 438.648227][ T5236] Bluetooth: hci21: unexpected cc 0x0c03 length: 249 > 1 [ 438.666721][ T5238] Bluetooth: hci21: unexpected cc 0x1003 length: 249 > 9 [ 438.679979][ T5238] Bluetooth: hci22: unexpected cc 0x0c03 length: 249 > 1 [ 438.690542][ T5238] Bluetooth: hci21: unexpected cc 0x1001 length: 249 > 9 [ 438.698751][ T5238] Bluetooth: hci21: unexpected cc 0x0c23 length: 249 > 4 [ 438.706814][ T5238] Bluetooth: hci21: unexpected cc 0x0c25 length: 249 > 3 [ 438.716722][ T5238] Bluetooth: hci21: unexpected cc 0x0c38 length: 249 > 2 [ 438.745895][ T5238] Bluetooth: hci22: unexpected cc 0x1003 length: 249 > 9 [ 438.754253][ T5238] Bluetooth: hci22: unexpected cc 0x1001 length: 249 > 9 [ 438.762357][ T5238] Bluetooth: hci22: unexpected cc 0x0c23 length: 249 > 4 [ 438.770628][ T5238] Bluetooth: hci22: unexpected cc 0x0c25 length: 249 > 3 [ 438.779498][ T5238] Bluetooth: hci22: unexpected cc 0x0c38 length: 249 > 2 [ 438.863909][ T5236] Bluetooth: hci23: unexpected cc 0x0c03 length: 249 > 1 [ 438.883891][ T5236] Bluetooth: hci23: unexpected cc 0x1003 length: 249 > 9 [ 438.891752][ T5236] Bluetooth: hci23: unexpected cc 0x1001 length: 249 > 9 [ 438.903263][ T5236] Bluetooth: hci23: unexpected cc 0x0c23 length: 249 > 4 [ 438.911608][ T5236] Bluetooth: hci23: unexpected cc 0x0c25 length: 249 > 3 [ 438.921502][ T5236] Bluetooth: hci23: unexpected cc 0x0c38 length: 249 > 2 [ 439.568425][ T1262] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.576811][ T1262] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.833148][ T5230] Bluetooth: hci18: command tx timeout [ 440.473039][ T5230] Bluetooth: hci19: command tx timeout [ 440.633073][ T5230] Bluetooth: hci20: command tx timeout [ 440.793218][ T5230] Bluetooth: hci21: command tx timeout [ 440.873015][ T5230] Bluetooth: hci22: command tx timeout [ 440.953088][ T5230] Bluetooth: hci23: command tx timeout [ 441.628309][ T5230] Bluetooth: hci3: command 0x0406 tx timeout [ 441.638436][T10714] Bluetooth: hci4: command 0x0406 tx timeout [ 441.645638][T10713] Bluetooth: hci1: command 0x0406 tx timeout [ 441.651673][T10713] Bluetooth: hci0: command 0x0406 tx timeout [ 441.662751][ T5230] Bluetooth: hci2: command 0x0406 tx timeout [ 441.668783][ T5230] Bluetooth: hci5: command 0x0406 tx timeout [ 441.912937][ T5242] Bluetooth: hci18: command tx timeout [ 441.972698][ C0] sched: DL replenish lagged too much [ 442.553021][ T5242] Bluetooth: hci19: command tx timeout [ 442.712874][ T5242] Bluetooth: hci20: command tx timeout [ 442.873169][ T5242] Bluetooth: hci21: command tx timeout [ 442.952989][ T5242] Bluetooth: hci22: command tx timeout [ 443.032927][ T5242] Bluetooth: hci23: command tx timeout [ 443.992961][ T5242] Bluetooth: hci18: command tx timeout [ 444.632959][ T5242] Bluetooth: hci19: command tx timeout [ 444.792796][ T5242] Bluetooth: hci20: command tx timeout [ 444.953317][ T5242] Bluetooth: hci21: command tx timeout [ 445.032877][ T5242] Bluetooth: hci22: command tx timeout [ 445.112922][ T5242] Bluetooth: hci23: command tx timeout [ 446.072819][ T5242] Bluetooth: hci18: command tx timeout [ 446.712941][ T5242] Bluetooth: hci19: command tx timeout [ 446.879789][ T5242] Bluetooth: hci20: command tx timeout [ 447.033117][ T5242] Bluetooth: hci21: command tx timeout [ 447.112844][ T5242] Bluetooth: hci22: command tx timeout [ 447.193038][ T5242] Bluetooth: hci23: command tx timeout [ 450.393157][ T30] INFO: task kworker/0:4:5284 blocked for more than 143 seconds. [ 450.400949][ T30] Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 450.452805][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 450.461607][ T30] task:kworker/0:4 state:D stack:20048 pid:5284 tgid:5284 ppid:2 flags:0x00004000 [ 450.512764][ T30] Workqueue: events_power_efficient reg_check_chans_work [ 450.519991][ T30] Call Trace: [ 450.620288][ T30] [ 450.650256][ T30] __schedule+0x1893/0x4b50 [ 450.682784][ T30] ? try_to_wake_up+0x971/0x1480 [ 450.687826][ T30] ? schedule+0x90/0x320 [ 450.692468][ T30] ? __pfx___schedule+0x10/0x10 [ 450.792833][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 450.798912][ T30] ? __pfx_lock_release+0x10/0x10 [ 450.842825][ T30] ? kick_pool+0x45c/0x620 [ 450.847335][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 450.852575][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.892523][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 450.903123][ T30] ? schedule+0x90/0x320 [ 450.907424][ T30] schedule+0x14b/0x320 [ 450.911631][ T30] schedule_preempt_disabled+0x13/0x30 [ 450.922722][ T30] __mutex_lock+0x6a7/0xd70 [ 450.927297][ T30] ? __mutex_lock+0x52a/0xd70 [ 450.932022][ T30] ? reg_check_chans_work+0x99/0xfd0 [ 450.946274][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 450.951370][ T30] ? process_scheduled_works+0x976/0x1850 [ 450.962413][ T30] reg_check_chans_work+0x99/0xfd0 [ 450.979983][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 450.989253][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 451.000173][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 451.007219][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 451.019076][ T30] ? __pfx_reg_check_chans_work+0x10/0x10 [ 451.026206][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 451.032595][ T30] ? process_scheduled_works+0x976/0x1850 [ 451.043097][ T30] process_scheduled_works+0xa65/0x1850 [ 451.048722][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 451.063090][ T30] ? assign_work+0x364/0x3d0 [ 451.069695][ T30] worker_thread+0x870/0xd30 [ 451.083041][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 451.088732][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 451.103999][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 451.109944][ T30] ? __kthread_parkme+0x169/0x1d0 [ 451.123095][ T30] ? __pfx_worker_thread+0x10/0x10 [ 451.128260][ T30] kthread+0x2f2/0x390 [ 451.132354][ T30] ? __pfx_worker_thread+0x10/0x10 [ 451.144345][ T30] ? __pfx_kthread+0x10/0x10 [ 451.148973][ T30] ret_from_fork+0x4d/0x80 [ 451.161719][ T30] ? __pfx_kthread+0x10/0x10 [ 451.169707][ T30] ret_from_fork_asm+0x1a/0x30 [ 451.180325][ T30] [ 451.185261][ T30] [ 451.185261][ T30] Showing all locks held in the system: [ 451.202612][ T30] 3 locks held by kworker/1:0/25: [ 451.208547][ T30] #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 451.227567][ T30] #1: ffffc900001f7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 451.241673][ T30] #2: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 451.257081][ T30] 1 lock held by khungtaskd/30: [ 451.261956][ T30] #0: ffffffff8e9389e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 451.280881][ T30] 4 locks held by kworker/u8:4/68: [ 451.302743][ T30] #0: ffff88801bae5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 451.320370][ T30] #1: ffffc900015d7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 451.340188][ T30] #2: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 451.350173][ T30] #3: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: cfg802154_pernet_exit+0x1b/0xe0 [ 451.371038][ T30] 3 locks held by kworker/u8:5/988: [ 451.377852][ T30] #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 451.401946][ T30] #1: ffffc90003d77d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 451.422087][ T30] #2: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 451.431983][ T30] 3 locks held by kworker/u8:8/2894: [ 451.443732][ T30] #0: ffff88802db40148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 451.461453][ T30] #1: ffffc900097ffd00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 451.485110][ T30] #2: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 451.503063][ T30] 2 locks held by getty/4979: [ 451.507773][ T30] #0: ffff88814cbc00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 451.524750][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 451.541977][ T30] 3 locks held by kworker/0:4/5284: [ 451.547459][ T30] #0: ffff88801ac79948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 451.568724][ T30] #1: ffffc9000344fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 451.582338][ T30] #2: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 451.599423][ T30] 4 locks held by kworker/0:6/5288: [ 451.606350][ T30] 2 locks held by syz.2.1997/10645: [ 451.611585][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 451.629667][ T30] #1: ffffffff8e7d28d0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 451.650627][ T30] 1 lock held by syz-executor/10659: [ 451.658102][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.677560][ T30] 1 lock held by syz-executor/10660: [ 451.690555][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.708020][ T30] 1 lock held by syz-executor/10663: [ 451.716005][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.730264][ T30] 1 lock held by syz-executor/10664: [ 451.739602][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.755063][ T30] 1 lock held by syz-executor/10667: [ 451.760373][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.778315][ T30] 1 lock held by syz-executor/10669: [ 451.789079][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.804198][ T30] 1 lock held by syz-executor/10677: [ 451.809513][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.824307][ T30] 1 lock held by syz-executor/10679: [ 451.829617][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.844236][ T30] 1 lock held by syz-executor/10681: [ 451.849549][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.865867][ T30] 1 lock held by syz-executor/10683: [ 451.871346][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.889029][ T30] 1 lock held by syz-executor/10685: [ 451.899679][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.915100][ T30] 1 lock held by syz-executor/10687: [ 451.920416][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.938936][ T30] 1 lock held by syz-executor/10701: [ 451.945875][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.961327][ T30] 1 lock held by syz-executor/10702: [ 451.970192][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 451.985526][ T30] 1 lock held by syz-executor/10705: [ 451.998749][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 452.012596][ T30] 1 lock held by syz-executor/10706: [ 452.023840][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 452.040563][ T30] 1 lock held by syz-executor/10709: [ 452.046152][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 452.062866][ T30] 1 lock held by syz-executor/10711: [ 452.068181][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 452.086685][ T30] 1 lock held by syz-executor/10722: [ 452.096464][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 452.116602][ T30] 1 lock held by syz-executor/10724: [ 452.121913][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 452.139913][ T30] 1 lock held by syz-executor/10726: [ 452.145492][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 452.162748][ T30] 1 lock held by syz-executor/10728: [ 452.168061][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 452.184042][ T30] 1 lock held by syz-executor/10729: [ 452.189348][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 452.204066][ T30] 1 lock held by syz-executor/10732: [ 452.209376][ T30] #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 452.228366][ T30] [ 452.230734][ T30] ============================================= [ 452.230734][ T30] [ 452.241511][ T30] NMI backtrace for cpu 1 [ 452.245859][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0 [ 452.256218][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 452.266297][ T30] Call Trace: [ 452.269596][ T30] [ 452.272544][ T30] dump_stack_lvl+0x241/0x360 [ 452.277272][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 452.282510][ T30] ? __pfx__printk+0x10/0x10 [ 452.287158][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 452.292306][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 452.297790][ T30] ? _printk+0xd5/0x120 [ 452.301980][ T30] ? __pfx__printk+0x10/0x10 [ 452.306616][ T30] ? __wake_up_klogd+0xcc/0x110 [ 452.311504][ T30] ? __pfx__printk+0x10/0x10 [ 452.316127][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.321834][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 452.326898][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 452.332913][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 452.338926][ T30] watchdog+0xff4/0x1040 [ 452.343203][ T30] ? watchdog+0x1ea/0x1040 [ 452.347660][ T30] ? __pfx_watchdog+0x10/0x10 [ 452.352367][ T30] kthread+0x2f2/0x390 [ 452.356457][ T30] ? __pfx_watchdog+0x10/0x10 [ 452.361162][ T30] ? __pfx_kthread+0x10/0x10 [ 452.365774][ T30] ret_from_fork+0x4d/0x80 [ 452.370226][ T30] ? __pfx_kthread+0x10/0x10 [ 452.374835][ T30] ret_from_fork_asm+0x1a/0x30 [ 452.379648][ T30] [ 452.383892][ T30] Sending NMI from CPU 1 to CPUs 0: [ 452.389116][ C0] NMI backtrace for cpu 0 [ 452.389131][ C0] CPU: 0 UID: 0 PID: 5288 Comm: kworker/0:6 Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0 [ 452.389158][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 452.389174][ C0] Workqueue: events nsim_dev_trap_report_work [ 452.389201][ C0] RIP: 0010:arch_stack_walk+0xf5/0x150 [ 452.389229][ C0] Code: 18 00 00 eb 03 48 89 e9 48 8d bd 70 ff ff ff 4c 89 e6 4c 89 fa e8 1b c9 09 00 83 bd 70 ff ff ff 00 74 37 48 8d 9d 70 ff ff ff <48> 89 df e8 c3 9f 09 00 48 85 c0 74 23 4c 89 f7 48 89 c6 4d 89 eb [ 452.389250][ C0] RSP: 0018:ffffc90000006d40 EFLAGS: 00000202 [ 452.389270][ C0] RAX: 0000000080000101 RBX: ffffc90000006d40 RCX: 0000000080000102 [ 452.389288][ C0] RDX: dffffc0000000000 RSI: ffffc90003388000 RDI: 0000000000000001 [ 452.389305][ C0] RBP: ffffc90000006dd0 R08: ffffc9000338fa10 R09: ffffc90000006d90 [ 452.389325][ C0] R10: dffffc0000000000 R11: fffff52000000db4 R12: ffff88802d338000 [ 452.389343][ C0] R13: ffffffff81807a70 R14: ffffc90000006e20 R15: 0000000000000000 [ 452.389364][ C0] FS: 0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000 [ 452.389385][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 452.389402][ C0] CR2: 00007f4b2c11ff98 CR3: 000000000e734000 CR4: 0000000000350ef0 [ 452.389421][ C0] Call Trace: [ 452.389429][ C0] [ 452.389438][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 452.389465][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 452.389504][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 452.389530][ C0] ? nmi_handle+0x2a/0x5a0 [ 452.389564][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 452.389598][ C0] ? nmi_handle+0x151/0x5a0 [ 452.389622][ C0] ? nmi_handle+0x2a/0x5a0 [ 452.389646][ C0] ? arch_stack_walk+0xf5/0x150 [ 452.389671][ C0] ? default_do_nmi+0x63/0x160 [ 452.389700][ C0] ? exc_nmi+0x123/0x1f0 [ 452.389725][ C0] ? end_repeat_nmi+0xf/0x53 [ 452.389762][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 452.389797][ C0] ? arch_stack_walk+0xf5/0x150 [ 452.389823][ C0] ? arch_stack_walk+0xf5/0x150 [ 452.389854][ C0] ? arch_stack_walk+0xf5/0x150 [ 452.389879][ C0] [ 452.389887][ C0] [ 452.389899][ C0] ? __local_bh_enable_ip+0x1bb/0x200 [ 452.389936][ C0] stack_trace_save+0x118/0x1d0 [ 452.389965][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 452.389995][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.390033][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 452.390074][ C0] kasan_save_track+0x3f/0x80 [ 452.390104][ C0] ? kasan_save_track+0x3f/0x80 [ 452.390133][ C0] ? kasan_save_free_info+0x40/0x50 [ 452.390158][ C0] ? __kasan_slab_free+0x59/0x70 [ 452.390190][ C0] ? kmem_cache_free+0x1a3/0x420 [ 452.390213][ C0] ? nft_synproxy_eval_v4+0x3d2/0x610 [ 452.390247][ C0] ? nft_synproxy_do_eval+0x362/0xa60 [ 452.390279][ C0] ? nft_do_chain+0x4af/0x1da0 [ 452.390313][ C0] ? nft_do_chain_inet+0x418/0x6b0 [ 452.390346][ C0] ? nf_hook_slow+0xc5/0x220 [ 452.390374][ C0] ? NF_HOOK+0x29e/0x450 [ 452.390396][ C0] ? NF_HOOK+0x3a6/0x450 [ 452.390417][ C0] ? __netif_receive_skb+0x2bf/0x650 [ 452.390445][ C0] ? process_backlog+0x662/0x15b0 [ 452.390474][ C0] ? __napi_poll+0xcd/0x490 [ 452.390499][ C0] ? net_rx_action+0x89b/0x1240 [ 452.390527][ C0] ? handle_softirqs+0x2c7/0x980 [ 452.390558][ C0] ? do_softirq+0x11b/0x1e0 [ 452.390612][ C0] ? skb_release_data+0x6a0/0x8a0 [ 452.390636][ C0] kasan_save_free_info+0x40/0x50 [ 452.390662][ C0] __kasan_slab_free+0x59/0x70 [ 452.390694][ C0] ? nft_synproxy_eval_v4+0x3d2/0x610 [ 452.390727][ C0] kmem_cache_free+0x1a3/0x420 [ 452.390750][ C0] ? nft_synproxy_eval_v4+0x3d2/0x610 [ 452.390787][ C0] nft_synproxy_eval_v4+0x3d2/0x610 [ 452.390825][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 452.390865][ C0] ? nf_ip_checksum+0x13a/0x500 [ 452.390903][ C0] nft_synproxy_do_eval+0x362/0xa60 [ 452.390940][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 452.390974][ C0] ? seqcount_lockdep_reader_access+0x1c1/0x220 [ 452.391007][ C0] ? __pfx_validate_chain+0x10/0x10 [ 452.391035][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.391077][ C0] nft_do_chain+0x4af/0x1da0 [ 452.391121][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 452.391154][ C0] ? __local_bh_enable_ip+0x168/0x200 [ 452.391191][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.391241][ C0] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 452.391283][ C0] nft_do_chain_inet+0x418/0x6b0 [ 452.391318][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 452.391350][ C0] ? ipt_do_table+0x312/0x1860 [ 452.391395][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 452.391428][ C0] nf_hook_slow+0xc5/0x220 [ 452.391458][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 452.391483][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 452.391509][ C0] NF_HOOK+0x29e/0x450 [ 452.391530][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.391571][ C0] ? NF_HOOK+0x9a/0x450 [ 452.391594][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 452.391619][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 452.391649][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.391686][ C0] ? ip_rcv_finish+0x406/0x560 [ 452.391712][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 452.391737][ C0] NF_HOOK+0x3a6/0x450 [ 452.391762][ C0] ? NF_HOOK+0x9a/0x450 [ 452.391785][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 452.391808][ C0] ? ip_rcv_core+0x801/0xd10 [ 452.391833][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 452.391867][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 452.391891][ C0] __netif_receive_skb+0x2bf/0x650 [ 452.391920][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 452.391956][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 452.391983][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 452.392019][ C0] ? __pfx_lock_release+0x10/0x10 [ 452.392056][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 452.392096][ C0] process_backlog+0x662/0x15b0 [ 452.392130][ C0] ? process_backlog+0x33b/0x15b0 [ 452.392165][ C0] ? __pfx_process_backlog+0x10/0x10 [ 452.392194][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 452.392232][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 452.392272][ C0] __napi_poll+0xcd/0x490 [ 452.392300][ C0] net_rx_action+0x89b/0x1240 [ 452.392344][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 452.392376][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.392414][ C0] ? sched_clock+0x4a/0x70 [ 452.392455][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 452.392498][ C0] handle_softirqs+0x2c7/0x980 [ 452.392534][ C0] ? do_softirq+0x11b/0x1e0 [ 452.392568][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 452.392607][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.392654][ C0] do_softirq+0x11b/0x1e0 [ 452.392688][ C0] [ 452.392697][ C0] [ 452.392707][ C0] ? __pfx_do_softirq+0x10/0x10 [ 452.392741][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 452.392781][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.392822][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.392866][ C0] ? rcu_is_watching+0x15/0xb0 [ 452.392895][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 452.392931][ C0] ? nsim_dev_trap_report_work+0x75d/0xaa0 [ 452.392957][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 452.392993][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 452.393027][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.393068][ C0] ? nsim_dev_trap_report_work+0x6a7/0xaa0 [ 452.393097][ C0] nsim_dev_trap_report_work+0x75d/0xaa0 [ 452.393132][ C0] ? process_scheduled_works+0x976/0x1850 [ 452.393171][ C0] process_scheduled_works+0xa65/0x1850 [ 452.393226][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 452.393269][ C0] ? assign_work+0x364/0x3d0 [ 452.393307][ C0] worker_thread+0x870/0xd30 [ 452.393346][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 452.393389][ C0] ? __kthread_parkme+0x169/0x1d0 [ 452.393427][ C0] ? __pfx_worker_thread+0x10/0x10 [ 452.393462][ C0] kthread+0x2f2/0x390 [ 452.393484][ C0] ? __pfx_worker_thread+0x10/0x10 [ 452.393519][ C0] ? __pfx_kthread+0x10/0x10 [ 452.393542][ C0] ret_from_fork+0x4d/0x80 [ 452.393576][ C0] ? __pfx_kthread+0x10/0x10 [ 452.393600][ C0] ret_from_fork_asm+0x1a/0x30 [ 452.393645][ C0] [ 453.223858][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 453.230866][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0 [ 453.241053][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 453.251229][ T30] Call Trace: [ 453.254575][ T30] [ 453.257531][ T30] dump_stack_lvl+0x241/0x360 [ 453.262254][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 453.267494][ T30] ? __pfx__printk+0x10/0x10 [ 453.272294][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 453.278492][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 453.284216][ T30] ? vscnprintf+0x5d/0x90 [ 453.288602][ T30] panic+0x349/0x880 [ 453.292575][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 453.298263][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 453.304452][ T30] ? __pfx_panic+0x10/0x10 [ 453.308905][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 453.314308][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 453.319983][ T30] ? __irq_work_queue_local+0x137/0x410 [ 453.325562][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 453.331268][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 453.336693][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 453.342896][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 453.349092][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 453.355821][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 453.362010][ T30] watchdog+0x1033/0x1040 [ 453.366381][ T30] ? watchdog+0x1ea/0x1040 [ 453.370835][ T30] ? __pfx_watchdog+0x10/0x10 [ 453.375546][ T30] kthread+0x2f2/0x390 [ 453.379642][ T30] ? __pfx_watchdog+0x10/0x10 [ 453.384349][ T30] ? __pfx_kthread+0x10/0x10 [ 453.388963][ T30] ret_from_fork+0x4d/0x80 [ 453.393412][ T30] ? __pfx_kthread+0x10/0x10 [ 453.398021][ T30] ret_from_fork_asm+0x1a/0x30 [ 453.402840][ T30] [ 453.406221][ T30] Kernel Offset: disabled [ 453.410741][ T30] Rebooting in 86400 seconds..