last executing test programs: 15m46.823565917s ago: executing program 4 (id=3667): syz_read_part_table(0x403a, &(0x7f0000004040)="$eJzs0D1KA2EQBuBZQbCxsBAs5wiyspZ6AQ+hrAsKi40/mCLN5l6BXCNFjpArJLAJSbtFElI8T/O98DHDy7x8fv3+Zz1qs8y39ifv8+M9y6rK76bOx4c4gWKXrmISRXRxE5dDBl+vF8tjFjsXt3dxsY1Fn1bxvP99mm1u2L8RMe6G7p1Pm79DdwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM0OHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADByQAAAAAgv6/bkegAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8FAAD//8QZE0c=") 15m45.638556998s ago: executing program 4 (id=3669): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x21b, &(0x7f0000000300)="$eJzs2j+LHGUcB/DfnJHEC5dd8R8JiA/aaDNkt7bIIQmIC4pmBRUkE29Wlx13j53lYEXMdba+BGuxtBFR8gYOwcrSwu6aK1OII8nG5O5Yi0O8Ff18mvnCM194Hp7h4Slm/+UvPh4N6nxQzGIty2LtSuzGnSzasRZ/2o2Xfvz+52ffeufd1zZ7vatvpnRt83qnm1K68NwP73369fO3Z+ff/ubCd2djr/3+/kH3172n9y7u/379o2GdhnUaT2apSDcnk1lxsyrT1rAe5Sm9UZVFXabhuC6nR8YH1WR7e56K8dbG+va0rOtUjOdpVM7TbJJm03kqPiyG45TnedpYD/6O/ld3miYOmkdvRNM0j30Z52/Hxi/RiuzxlD1xJXvqRvbMbnbxoGlaq54q/wj7//926FA/F1F9vtPf6S+ei/HNQQyjijIuRyt+i7ufyX2LfO3V3tXL6Z52fFvdut+/tdN/5Gi/E61oL+93Fv10tH821g/3u9GKJ5f3u0v75+LFFw7182jFTx/EJKrYirvdh/3POim98nrvWP/SvfcAAP5r8vTA0vtbnv/V+KJ/gvvhsfvVmbh0ZrVrJ6KefzIqqqqcCoIgPAirPpk4DQ83fdUzAQAAAAAAAAAA4CRO43fCVa8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4d/sjAAD//xC22EM=") 15m45.32605838s ago: executing program 4 (id=3671): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) 15m44.978566541s ago: executing program 4 (id=3672): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800002, &(0x7f0000000380)={[{@nls={'nls', 0x3d, 'cp932'}}, {@nodecompose}, {@nobarrier}, {@uid}, {@part={'part', 0x3d, 0xff}}, {@gid}, {}, {@nobarrier}]}, 0xff, 0x6b3, &(0x7f0000000780)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7HipJXjorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHhlHskbhxyAIzmz9pre+PYieN1289Hmp03+96895tf5s/ubKwJ8Jl1/vXs76fI+RMXbpXL9+72Fu7d7V0flJNMJGkl7XqWopsUHyfnUk/5fPlm013xsHFevf9R0X7/w1691G6mqn1rs/U2GNmynxxYWdiXZKou/mcLHbZG91dNVT+XVvt7TMVK3GXCjg8SB+O2vEF/tXLUobHW1o9bYM+6XV83N5hMDqa+upafA9KcHR59Zhi/Tc9N/d2LAwAAAJ6Wkd/lhz3zIA9yK4d2JxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4dCjqZwYWzdQalKdSDJ7/3xl6pn5nzOE+ofeuVLPvPjPuQAAAAAAAAADgiRx7kAe5lUOD5eWi+s3/pWrhcPX6ubydm5nLYk7mVmazlKUsZibJ5FBHnVuzS0uLMxvX/GXKNZeXl283a54euebptXH11wc66n8abGgEAAAAAAAAAJ9ZP8r51d//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLyiSffWsmg4PypNptZMcSNIpplaad8Ya7A7487gDAAAAgKev28wPFf+rC8tF9Z3/SPW9/0Dezo0sZT5LWchcLlf3Aupv/a2/93sL9+72rpfTxo6/8a9txVH1mPrew+iRp6sWL6yscT7fzvdyIlO5mMXM5/uZzVLmMpVvVaXZFJls7l5M3rvbzSDWjfGeW7N0cX1sx4bKZXxHq0i6uZL5KraTudQZhN5q2h0dGu2PnWTdiHfK7BSvNbaYo8vNvNyiXzTzvWGy2vL9KxmZbnJfZuPZ4bxvzP0295P1I82ktXIP6vDqKOXi+pEeK+cHm3mZ658+3Zxv81ba2kz0f14uDfa+I5vnPPnyP/5y8WrrxrWrV26e2Du70WNav0/0hjLx4pYysVBmov8EmTjwJPHvnE6Tjfosur2z5UvVuocyn+/kzVzOXM5kOjM5m+l8LafTy+mhvL6weV6rY621vWPt+JeaQnlN+tnQtWnXTDysoszrs0N5HT7TTVZ1w++sZum5LWSp6GR0lv45MpT2F5pCOcaPh64447c+EzNDmXh+80z8+r/LSW4u3Li2eHX2rS2O93IzLw/b99aem3+zIxu0fc3mlvvLc+U/VurLxvDeUdY9P6hbl69O84tLu+lsTV0n1fFc1z3qSC17OnJnVE913YsjR+lVdUeH6tZ8ysmbWVj5FNLY9YMUgC04+MrBTvd+92/dD7o/6V7tXjjwzYmzE1/sZP9f23/a97vWb1tfL17JB/lhDo07UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4+c6712YXFuYW92AhrR3u8M7IqkEq6nc6I9ocyx7IxiejMLHZHvX71I9resjqnXHE3M1D49ndQtq7MNZERlRdWHmnm7RW4klybY884A54Gk4tXX/r1M133v3K/PXZN+bemLtx+uyZ1870vjpz+9SV+YW56fq1adwec7DAjlr9GDDuSAAAAAAAAAAAAICt2o0/bxgxbNEfw7YCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn0znX8/+forMTJ+cLpfv3e0tlNOgvNqynaSVpPhBUnycnEs9ZXKou+Jh47x6/6Nfvfz+h73VvtqD9q116/3h38vL29yKfjNlKsm+Zv5oE1vq79JQf/1tBlYrVrawTNjxQeJg3P4fAAD//+/HBYc=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) 15m44.446039235s ago: executing program 4 (id=3673): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'}) 15m43.450133455s ago: executing program 4 (id=3675): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0x3, 0x1, 0xffff}, 0x20) 15m42.669375325s ago: executing program 32 (id=3675): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0x3, 0x1, 0xffff}, 0x20) 15m11.312181702s ago: executing program 3 (id=3976): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="6c0000002000010029bd7000fddbdf2502800006040000040c000000080001"], 0x6c}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010) 15m10.818435727s ago: executing program 3 (id=3982): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=ANY=[@ANYBLOB="500500003e000701feffffff00000000017c0000040042800c00018006000600800a00002c0502802805148024050680040002"], 0x550}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) 15m10.432323232s ago: executing program 3 (id=3987): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3800000010005fba000400080000000000020000", @ANYRES32=0x0, @ANYBLOB="800002000800000008001b000000000008000d0001000000080029000edd"], 0x38}}, 0x0) 15m9.362886398s ago: executing program 3 (id=4001): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000001600)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@redirect_dir_nofollow}, {@userxattr}], [], 0x2c}) 15m8.610444492s ago: executing program 3 (id=4010): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x88400) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f0000000300)={{0x1, 0x2, 0x1, 0x3, 0x9}, 0x4, 0xfff}) 15m7.322460029s ago: executing program 3 (id=4024): r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000051c0)) 15m6.460105143s ago: executing program 33 (id=4024): r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000051c0)) 11m37.143752969s ago: executing program 5 (id=6505): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000140)) 11m36.841830879s ago: executing program 5 (id=6513): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000100001000000000000000000d100000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a19020000000000000000010020000c00024000000000000000010900010073797a310000000020000480140003"], 0xe8}}, 0x0) 11m36.596102114s ago: executing program 5 (id=6517): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000004cc0)={0x0, 0x0, &(0x7f0000004c80)={&(0x7f0000004c00)=@ipv4_delrule={0x2c, 0x21, 0x1, 0x70bd2d, 0x25dfdbfc, {0x2, 0x80, 0x14, 0x6, 0x5, 0x0, 0x0, 0x1, 0x14}, [@FRA_SRC={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, @FRA_DST={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x20004840) 11m36.291811947s ago: executing program 5 (id=6523): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000002240)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 11m35.61934266s ago: executing program 5 (id=6535): r0 = syz_open_procfs(0x0, &(0x7f0000000240)='smaps\x00') close_range(r0, 0xffffffffffffffff, 0x0) 11m34.654669794s ago: executing program 5 (id=6547): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1000000, &(0x7f00000000c0)={[{@mblk_io_submit}]}, 0xfe, 0x52c, &(0x7f0000000d40)="$eJzs3U9vG2kZAPBnJnY2abPrLHBYVmJ3xS5KIqjTbOhuhNACEoLTSgvlHkLiRlGcuIqdtokqSMUHQEIIkLjAiQsSHwAJ9SMgpEpwR4BAFbRw4FAYZHuchtROU+LY3eT3k97MO//8PK/jGc87M/IEcG69ERHTEZFlWTYTEaV8epqX2GuX5nIPH9xebpYksuzq35JI8mmd13ohH17MVxuLiK9/NeJbyZNx6zu760vVamUrH59tbCSPsmz30trG0mpltbI5/1K8s/DuwpWFy31p52REvPflP//wez//ynu//szNPyz+dfrb7Qa2HWxHP7WbXmy9Fx2FiNg6jWBDUmi1sO3KkHMBAOBozeP9j0TEJyNiJkox0jqaa5kZbmYAAABAv2RfmIhHSfv6HwAAAHA2pRExER+MlvP7fSciTcvl9j28H4sLabVWb3w6K+2fL5iMYnptrVq5nN87MBnFpDk+l99j2xl/+9D4fES8HBE/KI23xsvLterKUM98AAAAwPlxsdXnT9JO//+fpXb/HwAAADhjJoedAAAAAHDq9P8BAADg7NP/BwAAgDPtg/ffb5as8/zrlRs72+u1G5dWKvX18sb2cnm5tnW9vFqrrd4vRNQ2nvZ61Vrt+mdjc/vWbKNSb8zWd3YXN2rbm43Ftf95BDYAAAAwQC+/fvf3SUTsfW48jYgsOTCvGJGNHFy4MPj8gNOTPsvCfzq9PIDBGxl2AsDQOKSH86s47ASAoXvafqDnzTu/6X8uAADA6Zj6+P71/1ZpGs3nJd1X2RtcdsBpyq//Jz22deAMc/0fzq/OeX/3AcD5UzzqCECnAM689Bib+smv/2fZMyUFAAD03USrJGk57wdMRJqWyxEvth4L8Pis4EsR8btS8YVra9XKXGtK4vQAAAAAAAAAAAAAAAAAAAAAAAAAABxTliWR9dB+GmCM9poPAAAAfDhEpH9J8ud/TZXemjh8fmA0+VepNYyImz+5+qNbS43G1lxz+t/3pzd+nE9/e+CnLwAAAIAuOv30Tj8eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrp4YPby50yyLj3vxQRk93iF2KsNRyLYkRc+EcShQPrJREx0of4e3ci4pVu8ZNmWjGZZ3E4fhoR40OOf7EP8eE8u9vc/3yx2/aXxhutYfftr5CXk2rv/0a6xu/s/0Z67P9e7PaC6ZOTXr33y9me8e9EvFrovv/pxE/yN6FwIHazvHnMNn7zG7u7veZlP4uY6vr9k+wv06zNJoXrs/Wd3UtrG0urldXK5vz83DsL7y5cWbg8e22tWsn/do3x/U/86j9Htf9Cj/iTj9vf9f1/65jt//e9Ww8+2q4WD80qxk+zbPrN7p+/V9rxP794KH7nu+9T+b+7OT7Vqe+16we99ovfvvb6Ee1f6dH+sae0f/qY7Z/52nf/eMxFAYABqO/sri9Vq5WtZ6skEXsnWP0ElcgPPgYadHCV8Xgu0uhzZTwGGHTpyM9G5yB2APl8Jw/1XPwL/q8NDQAAOEuS/YP+YWcCAAAAAAAAAAAAAAAAAAAA51d9Z/TI3yc75s/RPczaui5zOObecJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCk/wYAAP//2f7FUg==") quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) 11m34.098007735s ago: executing program 34 (id=6547): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1000000, &(0x7f00000000c0)={[{@mblk_io_submit}]}, 0xfe, 0x52c, &(0x7f0000000d40)="$eJzs3U9vG2kZAPBnJnY2abPrLHBYVmJ3xS5KIqjTbOhuhNACEoLTSgvlHkLiRlGcuIqdtokqSMUHQEIIkLjAiQsSHwAJ9SMgpEpwR4BAFbRw4FAYZHuchtROU+LY3eT3k97MO//8PK/jGc87M/IEcG69ERHTEZFlWTYTEaV8epqX2GuX5nIPH9xebpYksuzq35JI8mmd13ohH17MVxuLiK9/NeJbyZNx6zu760vVamUrH59tbCSPsmz30trG0mpltbI5/1K8s/DuwpWFy31p52REvPflP//wez//ynu//szNPyz+dfrb7Qa2HWxHP7WbXmy9Fx2FiNg6jWBDUmi1sO3KkHMBAOBozeP9j0TEJyNiJkox0jqaa5kZbmYAAABAv2RfmIhHSfv6HwAAAHA2pRExER+MlvP7fSciTcvl9j28H4sLabVWb3w6K+2fL5iMYnptrVq5nN87MBnFpDk+l99j2xl/+9D4fES8HBE/KI23xsvLterKUM98AAAAwPlxsdXnT9JO//+fpXb/HwAAADhjJoedAAAAAHDq9P8BAADg7NP/BwAAgDPtg/ffb5as8/zrlRs72+u1G5dWKvX18sb2cnm5tnW9vFqrrd4vRNQ2nvZ61Vrt+mdjc/vWbKNSb8zWd3YXN2rbm43Ftf95BDYAAAAwQC+/fvf3SUTsfW48jYgsOTCvGJGNHFy4MPj8gNOTPsvCfzq9PIDBGxl2AsDQOKSH86s47ASAoXvafqDnzTu/6X8uAADA6Zj6+P71/1ZpGs3nJd1X2RtcdsBpyq//Jz22deAMc/0fzq/OeX/3AcD5UzzqCECnAM689Bib+smv/2fZMyUFAAD03USrJGk57wdMRJqWyxEvth4L8Pis4EsR8btS8YVra9XKXGtK4vQAAAAAAAAAAAAAAAAAAAAAAAAAABxTliWR9dB+GmCM9poPAAAAfDhEpH9J8ud/TZXemjh8fmA0+VepNYyImz+5+qNbS43G1lxz+t/3pzd+nE9/e+CnLwAAAIAuOv30Tj8eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrp4YPby50yyLj3vxQRk93iF2KsNRyLYkRc+EcShQPrJREx0of4e3ci4pVu8ZNmWjGZZ3E4fhoR40OOf7EP8eE8u9vc/3yx2/aXxhutYfftr5CXk2rv/0a6xu/s/0Z67P9e7PaC6ZOTXr33y9me8e9EvFrovv/pxE/yN6FwIHazvHnMNn7zG7u7veZlP4uY6vr9k+wv06zNJoXrs/Wd3UtrG0urldXK5vz83DsL7y5cWbg8e22tWsn/do3x/U/86j9Htf9Cj/iTj9vf9f1/65jt//e9Ww8+2q4WD80qxk+zbPrN7p+/V9rxP794KH7nu+9T+b+7OT7Vqe+16we99ovfvvb6Ee1f6dH+sae0f/qY7Z/52nf/eMxFAYABqO/sri9Vq5WtZ6skEXsnWP0ElcgPPgYadHCV8Xgu0uhzZTwGGHTpyM9G5yB2APl8Jw/1XPwL/q8NDQAAOEuS/YP+YWcCAAAAAAAAAAAAAAAAAAAA51d9Z/TI3yc75s/RPczaui5zOObecJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCk/wYAAP//2f7FUg==") quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) 43.465137433s ago: executing program 8 (id=14753): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000300)='./file0\x00', &(0x7f0000001400), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=rdma,port=0x00000,privport']) 42.926358844s ago: executing program 8 (id=14756): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x12, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @loopback}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0) 42.494765704s ago: executing program 8 (id=14760): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002000000000000000000000604"], 0x0, 0x26}, 0x28) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={r0, 0x58, &(0x7f00000004c0)}, 0x10) 42.208284557s ago: executing program 8 (id=14763): syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0xcc04, &(0x7f0000000880)=ANY=[@ANYBLOB='dots,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6e6f646f74732c646f74732c74696d655f6f66667365743d3078303030303030303030303030303264382c646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d72656c617865642c666c7573682c64656275672c646f74732c73686f77657865632c6e6f646f74732c6572726f72733d636f6e74696e75652c646f74732c71756965742c003fa5bfd3e968f92d300444698c6f8d94d8b46ce3ce652bc8f6"], 0x1, 0x220, &(0x7f0000000440)="$eJzs3c1uElEUAOAzLS1gXHRnYmIyxoWuGvUJakxNjCQmNSx010RWnVXZQDftY/gKvoxP4QOYrrrQjKkzAy1QpA0/Qb9vw2HOPZd7mTDMhkMehe8PvkSjkcTGXuzFRRI7sRGVsxhVGzsCAKyPizyPH3nh9tXuAwBgHc3w/f9ryUsCABbsw8dP7161WvsHadqIOD/rtXvt4rHIv3nb2n+e/rEzrDrv9dqbg/yLdPTe4TK/FffK/MuiPh2ktyOivR3PnhT5y9zr9630en09Pk9Zd3NO+wcAAAAAAAAAAAAAAAAAAAAAgFV4FGllYn+f3d3RfLPMF8+u9Aca6d9Ti4dVe+Bhe6D8dBmbAgAAAAAAAAAAAAAAAAAAgDXT7Z8cHWZZ53gY1CNicGQn69QmjLk5SMqJZxo8U5DMaZ6JwUbcrbxZbjPLOt9+3q48Kd+iRWxnGDQnn9xZgqgtcmHLCNJ5TVivTvN4qhnJlPI8vwyufwqiDKq2GDeWb0fE9IU9Pbjrvi7yPM++Pj7u9iOfOnh4jagv7WoEAAAAAAAAAAAAAAAAAAD/tyu/+h7T2FzFigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg+br9k+pf/k+ODrOsc9ztzxycRsT9+Ovg6rW2orG6jQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBP+x0AAP//JtMcXQ==") mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=E']) mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x84022, &(0x7f0000000000)={[{@nr_inodes={'nr_inodes', 0x3d, [0x35]}}]}) 41.757932871s ago: executing program 8 (id=14769): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNSETOWNER(r0, 0x400454cc, 0xffffffffffffffff) 41.166527901s ago: executing program 8 (id=14772): r0 = socket$caif_stream(0x25, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000300)=0x3ff, 0x4) connect$caif(r0, &(0x7f0000000100)=@rfm={0x25, 0x0, "d034e68fae880aca9de7751355b0eb74"}, 0x18) 40.308643038s ago: executing program 35 (id=14772): r0 = socket$caif_stream(0x25, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000300)=0x3ff, 0x4) connect$caif(r0, &(0x7f0000000100)=@rfm={0x25, 0x0, "d034e68fae880aca9de7751355b0eb74"}, 0x18) 18.055076713s ago: executing program 0 (id=14947): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10) getpriority(0x2, 0x0) 17.793168918s ago: executing program 0 (id=14949): r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x8}, 0x1c) sendmmsg$sock(r0, &(0x7f0000001c40)=[{{0x0, 0xffffffa7, 0x0}}, {{0x0, 0xfffffffffffffe77, 0x0, 0x0, &(0x7f0000001b40)=[@txtime={{0x18, 0x1, 0x4f, 0x100}}], 0x18}}], 0x2, 0x0) 17.5272036s ago: executing program 0 (id=14952): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0) sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)={0x114, r1, 0xe701ac47a3d23ecd, 0x0, 0x2, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_MGMT_A_DOMAIN={0xce, 0x1, 'C\xec\xf8\xa0w\x15|\xd8\xbcs\xe1\xb93\x14\xcd\xcb\xb6\xb9\xbb\x84\xe5\xbc\xdb\x7f\x9a\xf2\xea\xcc\x91:v@\xe83-\x1d\xaagQl\x7f\tKt\fc\x1f\x17]\xd5\xd0\xf0\xa8\xeb\xd2g\x92\x04\x00\x00\x00od\xe6,\xd3@I\x17\xf3\xbees0\xad\xc6\xbf/*\xb6(o\x91t\x12\x93U6\xf4@n\xdc\xdc\x8a7y\x81FY\xbe\xbbc\xd2\xc3\x01\xa5\xe2V\x8c\xb3im~\xd2V\xdaG\xbdbF\xc8n\x86\xac\x9c\xfb\xda\xe2&\"\xb4:\x13\xe9\tc\x85\xb4\xcb\x17\xbfm\x846\xe7\x7fp\x9eCdb\xad;\xa2\x8fs\xbf6\xe8\xe3Xg3&\xe2 \xd6\n\x9d=~<\x93/\xaf\x89\x06+\x96]\xb5+\xee\xff8^D*\xdb\xb8\xd8t\x80\xd4\x8fK=E0\xe8R\x83'}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x114}}, 0x8800) 17.291985608s ago: executing program 0 (id=14956): syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) listxattr(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) 16.690020204s ago: executing program 0 (id=14963): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r0, 0x0, 0x1}, 0x18) move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0) 16.153868448s ago: executing program 0 (id=14967): r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0x2, 0x48) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x82, 0x100) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='b *:2 m'], 0x9) 15.364382341s ago: executing program 36 (id=14967): r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0x2, 0x48) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x82, 0x100) write$cgroup_devices(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='b *:2 m'], 0x9) 6.917008295s ago: executing program 9 (id=15030): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100b11b700000feffff1a000000180001801400020064756d6d7930"], 0x2c}}, 0x0) 5.575367317s ago: executing program 6 (id=15040): socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x46, &(0x7f0000000040)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x2, 0xb, 0x38, 0x6a, 0x0, 0x8, 0x1, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x17}}, @redirect={0x5, 0x2, 0x0, @multicast1, {0x5, 0x4, 0x3, 0x1f, 0x501, 0x69, 0x7f2, 0x48, 0x1, 0xf, @rand_addr=0x64010102, @remote}, "2b3e2a0daee29c99"}}}}}, 0x0) 5.195752431s ago: executing program 6 (id=15041): request_key(&(0x7f0000000040)='ceph\x00', &(0x7f00000004c0)={'syz', 0x1}, &(0x7f00000000c0)='\x8e\x00\x9e\xbb\x1e\x1av\xe8M\x00d\xaaI\x00\x00\x00\x00\x00\x00\t<\xe5u\xedA\xa7\nT\xdd\xd1{\xff\xcb\xdb\xb1\xfc\xf4\xbc\xc3\x83\xdd31\xc2s\xcb\xbf\x04\x00\x00\x00<\xfe\xf9\f\xe6E\b\x00\xd7\x85q\xc4\xab\xbd&\x92\x89(\xf3\"\xceJ\x14\x185\xa6- \xe6uK\xe1D\xa9\x9f\x92\xca\x93#\xf5E\xc2\x91Yl\x17\x06\x02\t\x17\x7f\xc4\xde\x04\x9b\x89#\xf6&[\xd81\xb3\xdc\x00\x04\x15\x03\x17Zf9\xcc\xdcR\xd24\xeb\xb5\xc2\xff\x1bnF\x8e\xe4\'\x18\xba9.\xd4\xd9\xc6\x98\x8f\xc6D!p\xbeV\xb7x\r@', 0xffffffffffffffff) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000004ac0)={0x2020}, 0x2020) 5.044871012s ago: executing program 6 (id=15043): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x1, 0x1, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x10b85}, [@IFLA_IFNAME={0x14, 0x3, 'macsec0\x00'}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x90}, 0x0) 4.538031201s ago: executing program 2 (id=15047): syz_usb_connect(0x5, 0x24, &(0x7f0000001280)={{0x12, 0x1, 0x300, 0x0, 0x1f, 0x66, 0x8, 0x58f, 0x6610, 0x4805, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4, 0x95, 0x70, 0x81, [{{0x9, 0x4, 0x0, 0x81, 0x0, 0xff, 0xff, 0xff, 0x2}}]}}]}}, &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x23}) r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000a40)={&(0x7f0000000000)=[{0x3, 0x6000, 0x0, &(0x7f00000003c0)}, {0x6, 0x801, 0x0, 0x0}], 0x2}) 2.902509885s ago: executing program 2 (id=15050): syz_usb_connect(0x0, 0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="120100004b41460860163209ea800102030109021e0001000000000904"], 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000340)={&(0x7f00000001c0)=[{0x9b, 0x200, 0x4d, &(0x7f0000000400)="4e8a7645a7a0c507481ed7964f3dce4e44eeb894837e6c2dc3e67f8c3e37e6230c92cfc261a15d172c93d6dbbdf236283970221f075eac78679a8a9b4f030d7e96c75fb79cf3da5c5b48cc337d"}, {0x9b, 0x11, 0x0, 0x0}], 0x2}) 2.697107646s ago: executing program 1 (id=15051): unshare(0x22020600) r0 = fsopen(&(0x7f00000000c0)='ubifs\x00', 0x0) fchdir(r0) 2.454009325s ago: executing program 9 (id=15052): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newqdisc={0x40, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x9, 0xb}}}}]}, 0x40}}, 0x8850) 2.303589005s ago: executing program 7 (id=15053): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_DEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x38, r1, 0x1, 0x0, 0x25dfdbfd, {0x54}, [@handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x8000) 2.216565448s ago: executing program 6 (id=15054): r0 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000540)="900000001c001f4d154a817393278bff0a80a57802000000e503740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e00a2c5fed0759cb068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cef7cff81d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000180)="900000001d001f4d154a817393278bff0a80a578020000000404840014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000766436c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 2.053656451s ago: executing program 7 (id=15055): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x2004000, &(0x7f0000000040)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@usrjquota}]}, 0xfe, 0x563, &(0x7f00000007c0)="$eJzs3c9rHFUcAPDvbHbbpK02BSnoQQI9WKndtIk/KnioR9FiQe91SaahZNMt2U1pYsH2oBcvUgQRC+If4N1j8R/wryhooUgJevASmWQ22Ta7m1/bZHU/H5j2vZnZefPmzXv5vp1dNoCBNZb9U4h4OSK+SSKOt2wrRr5xbG2/5Se3p7IliZWVT/5MIsnXNfdP8v+PNjPFiF+/jDhT2FxufXFptlKtpvN5frwxd2O8vrh09tpcZSadSa9PTE5eeGty4t133u5ZXV+//Pf3Hz/44MLXp5a/+/nRiXtJXIxj+bbWeuzBndbMWIzl16QUF5/Z8XwPCusnyUGfALsylPfzUmRjwPEYyns98P/3RUSsAANpJBL9HwZUMw5ozu035sHDBxiV7J/H769NgDbXv7j23kgMr86NjiwnT82MsvnuaA/Kz8r45Y/797Ilevc+BMCW7tyNiHPF4ubxL8nHv907t419ni3D+Af750EW/7zRLv4prMc/0Sb+Odqm7+7G1v2/8KgHxXSUxX/vtY1/1x9ajQ7luRciRkajlFy9Vk2zse3FiDgdpcNZvtvznAvLD1c6bWuN/7IlK78ZC+bn8ah4+OnXTFcalb3UudXjuxGvtI1/k/X2T9q0f3Y9Lm+zjJPp/Vc7bdu6/s/Xyk8Rr7Vt/40nWkn355Pjq/fDePOu2Oyvr07+1qn8g65/1v5Hutd/NGl9XlvfeRk/Dv+Tdtq22/v/UPLpavpQvu5WpdGYPx9xKPlo8/qJjdc28839s/qfPtV9/Gt3/49ExGfbrH+3mXQ/tP/0jtp/54mHH37+Q6fy8/qXomv7v7maOp2v2c74t90T3Mu1AwAAAAAAgH5TiIhjkRTK6+lCoVxe+3zHS3GkUK3VG2eu1hauT8fqd2VHo1RoPuk+vpZPmp9/GG3JTzyTn4yIExHx7dDIar48VatOH3TlAQAAAAAAAAAAAAAAAAAAoE8c7fD9/8zvQwd9dsBz5ye/YXBt2f978UtPQF/a7d//+R6fB7D/xP8wuPR/GFz6Pwwu/R8Gl/4Pg0v/h8Gl/wMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXb50KVtWlp/cnsry0zcXF2ZrN89Op/XZ8tzCVHmqNn+jPFOrzVTT8lRtbqvjVWu1G+cnYuHWeCOtN8bri0tX5moL1xtXrs1VZtIraWlfagUAAAAAAAAAAAAAAAAAAAD/LfXFpdlKtZrOS/RzYvg5HfnO3o9T7IfrI7HjRBLd9znokQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvwbAAD//+f9MzI=") r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="f40000000001010400000000141a00000200ffff0800074000000001240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e02010c000280050001000000000090000d80080002007f00000114000500ff02000000000000000000000000000108000200ac1e01011400050000000000000000000000ffffffffffff08000200e0000001140004002001000005000000000000000000000214000380060002004e200000060001004e2000"], 0xf4}}, 0x0) 1.941014457s ago: executing program 9 (id=15056): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a001fffffffff7f000000008000", @ANYRES32=0x0, @ANYRES32=r0], 0x24}}, 0x0) 1.830323338s ago: executing program 1 (id=15057): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007100000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0x1d) 1.62250605s ago: executing program 9 (id=15058): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) msgrcv(0x0, 0x0, 0x0, 0x3, 0x1000) 1.612719143s ago: executing program 1 (id=15059): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x301, 0x70bd2b, 0x25dfdbff, {{}, {@void, @val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x8080) 1.494439745s ago: executing program 6 (id=15060): syz_mount_image$erofs(&(0x7f0000000100), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f0000008fc0)={[{@dax}, {@cache_strategy_readahead}, {@cache_strategy_readahead}, {@cache_strategy_readahead}, {@cache_strategy_disabled}, {@cache_strategy_disabled}, {@noacl}]}, 0x1, 0x181, &(0x7f0000000500)="$eJzsmLFOwkAYx/93RVBjfAAXB0nEGEtb1LAwYOJuImrcJFIJWsBATYTEwQdwdDBxcfAFHJ0cfAsd1MmF0fnMtQdciIDGEAe/3/Dld9zHcf1I/kNBEMS/5e314+ViLZ2TPoU4Yurzd6Pbw7X+56uTxcvM+vXd0+1jZfrsvve8cQBCIP7d348AeMga8NVaCCH0/fZBOfCOb4FjQfkOGEzle+DYVu6CYVf5oeZV2W+aByXPNferXkGKJYstiyNLqvd+rXOGgnY/pu3XG82jvOe5tRHKsPm1shwZ7X76/9WejaXNzwaHrTwFhk3lacTaswlHoj3/TKR7vvH75wcb+dRISEj+Trr5JG4Y5rV8imj5kfTLx8l6o7lUKueLbtGtOE5q1Vq2rBUnGQRRWAfk30SQT5Pa+WN9eqMsitO879fssHbWTli/Slwe5B9HYi5cy+yP9r1NuM/U91hgCWNAO0EQBEEQBEEQBEEQBEEQxA+YBQvegg7B2Qi6PwMAAP//rvp2fg==") r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00') preadv(r0, &(0x7f0000000100)=[{&(0x7f0000002a40)=""/4096, 0x1000}], 0x1, 0xf, 0x0) 1.362815379s ago: executing program 7 (id=15061): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x200000c0, 0xffffffff, 0xfffffff8}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@ipv4_newroute={0x2c, 0x1a, 0x1, 0x70bd29, 0x0, {0x2, 0x20, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, [@RTA_DST={0x8, 0x1, @local}, @RTA_SRC={0x8, 0x2, @private=0xa010101}]}, 0x2c}}, 0x0) 1.351320754s ago: executing program 1 (id=15062): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x34, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x24044815}, 0x0) 1.24187673s ago: executing program 9 (id=15063): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@init_itable}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noblock_validity}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v") syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file2\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x1, 0x21d, &(0x7f0000000b40)="$eJzsmL9rFEEUx78zu7e5FRFtUthYGDCi2cvuoaQ5NIJgJULir0oPs4Z4m5xcVjAHgsHGRjsLwcbCf8AiRSoLO/8BQQsVBAuvsLCxGZmd2b1JJnGPNVa+TzF8Z9978+a9233FgSCI/5Yvn39+enJuZv4kgP2YwJh+/s0BGFOaG/4fn9878ax1/sXrD6/erhx4sLn9PBkixNYH9T/kdwG8mXWQFpmK6F9STOjNPHihL4PjuNZXwRBofRMcV7SOwXBd6zuG7kr/ILi9lMTBrW6yIMW0XEK5RHJpbr/fYJ1hQe+FEIIZ9tW1fqedJHHPEK627WCqJIpknXGrfzV4GMxytIz7yS5ee/xoXe7z3kwb/QvBEeoimmCY089nMJb3RrXEqP+wOzzfserfsVrpKg1lRdaVaP3Yk2aZ4tBUtfBJWc5Z23QQVa6BrVE1DE2yk3tbsvXqZMItfxfP6B+0Qq6Lo1bx1Afwjyo1RaUqcjE+2Hxnm76WhQtWnoKN/v7UR71z/iFW75iPfof/Tcd2u9j7DTU/xEuGY8Z8co350UiX7zZW1/pTS8vtxXgxXomi5mkGPDwVNbJBpFZr7g3ns5/Np33G+bVdfD3u4X47TXuhWj3mwUea9qJsHxmfzdxG9/sNHZbiAoCjaiPHplec6Fg5mKd8eOYr1aTtRBAEQRAEQRAEQRAEQRAEUYkjYNm/oCVElzLv3wEAAP//0Ixjlw==") lgetxattr(&(0x7f0000000040)='./file2\x00', &(0x7f0000000100)=ANY=[@ANYBLOB='security.'], 0x0, 0x0) 1.236612071s ago: executing program 2 (id=15074): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none, 0x4, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @none, 0x2, 0x1}, 0xe) 909.93249ms ago: executing program 2 (id=15064): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000100000000000000e9ff000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0, 0x0, 0x2}, 0x18) utimes(0x0, 0x0) 787.517295ms ago: executing program 7 (id=15065): r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x1000) utimes(0x0, &(0x7f0000000200)={{0x0, 0xea60}}) 660.850626ms ago: executing program 1 (id=15066): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) faccessat2(r0, &(0x7f0000000080)='\x00', 0x2, 0x1000) 501.554222ms ago: executing program 2 (id=15067): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000003c0)={0xffffffffffffffff}, 0x111, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(r0, &(0x7f00000004c0)={0xa, 0x4, 0xfa00, {r1}}, 0xc) 406.730969ms ago: executing program 7 (id=15068): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000040)=0x3ff, 0x4) setsockopt$inet_int(r0, 0x0, 0x17, 0x0, 0x0) 343.421825ms ago: executing program 1 (id=15069): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x2, 0xfffff010}, {0x20, 0x0, 0x20, 0xfffff034}, {0x6}]}, 0x10) sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0) 170.333357ms ago: executing program 2 (id=15070): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x1200c86, &(0x7f0000000140)=ANY=[@ANYBLOB='codepage=euc-jp,umask=00000000000000000000000,iocharset=cp932,gid=', @ANYRESHEX=0x0, @ANYRES16=0x0], 0x1, 0x286, &(0x7f0000000200)="$eJzs3c9qE1EUx/HfnaRtakud/pGCy2rBldi6ETeK9CFciKhNhGKooBXUlbgWcSe4d+dafAE3rsQX0JUrHyC7kXtnkkzi/Gs0uU38fiAhOvfcOaczydwTSCIA/60be9/fX/5pb0aqqSbpqhRIakh1SWe02XhyeHRw1G41iyaquQh7M4ojzR9j9g9bWaE2zkUkQvuvupbT/4fxiKIo+uE7CXjnnv0ZAmkheXa67Y2JZzYeL3wn4JnpqKOnWvGdBwDAr+T6HyTX+eVk/R4E0nZy2Z+p63/HdwKepa7/rsuKjD2+p92mfr/nWji7Peh2iQUz5m6ZV3xmDSwwTVlX6XIJFu8ftFsX9x+2m4Fe6loiNWzD3TfjU7erJNutgmQzlNeeZ8nVMGdr2M3Jf32UPb49fio95ov5am6bUO/U7K3/6pGxh8kdqdAdqbAXEOd/KX9GV2UYj8qpctXt5GyyB336UKHKRnZHou4ZtarBNwjCbp5v5gui1oai4up28qtzUeuZUbslURvDUf2zOT9ydDllDzGvzU2zpV/6qL3U+j+wf+1tVXlm2jFuZHJmFNZTdyPDCokFldJHVXOFW1/pnq5o5fGz5w/uttutR1PxoHYy0pj4g7omsa/uCXMiSp7tB/rreWpa0FhTLXrxWPyXr1PwqH/QtXnLdzLwwa67TNz/pfqV626b7ZNCt06fU9Y6PSqbPDXjTk5vsObuTx2rg1vK7+Cq9lznLkjnC/b4eXDaMMlzRpg9fdMd3v8HAAAAAAAAAAAAAAAAAACYNtU+D7CQjB7t4wSeSwQAAAAAAAAAAAAAAAAAAAAAYOqN//d/U9/qXf77v+5buvn9X2AyfgcAAP//C8h7PA==") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) 136.742172ms ago: executing program 7 (id=15071): syz_mount_image$hfs(&(0x7f0000000300), &(0x7f0000000880)='./file7\x00', 0xc10, &(0x7f0000000180)=ANY=[], 0x3, 0x308, &(0x7f00000004c0)="$eJzs3b1rFEEYBvBndu8uFw1xTSIBy2jASjQ2YhOR/A1ioWLMnRBuiZBEMDYe1iJ2fnQWdtZiY2kftBatxMI+163MO7O5vdx+3efm9PlBjvV2Zvad/XznYB0Q0X/rxtqP91d+6T8FuHABXAMcAFWgBOAMFquPtnY3d/16La0hV2roPwVTU3WV2diqx1XV9aSG5el/lTAT/Y5GIwiC4Oc3N73MqbGFQwWRqz/oPg8cYMpenbKyWkRwI9AsOoCCqRZaeIzZouMgIqJi6ed/2ST++jk/Y/N3xwGW7WN/wp7/6Vlra3yBHEuR57+MsgKlj6/sMtUe78kQTq93wlFiSouJayowiWRHdqmyRpUSizP9YNOvX9x46NccPMOqFSm2IJ81c+qGMqJdSgk2Rnbfk0iPnbLuw0pC/PP9bPFV76EcOgjUvrqrPLxFDbP2oJQC2SNypDyJ2zusYOK/JMs3yzEtntQfSkmphF6elo2ctVvApw85ellF4rC0Yts0p+5T86UXxvmyklJrDp0/K5jeXU7akq01H1trJaPWQrvW7/DOac/m5Jr9S+j2EeqFuqWW8AcfsRbJ/x29t5elQLjbU4JUUtKeGan9KUlJL0dgTq7wKa+4S7XtOe7jKmZ39p401n2/vp134fP3HgoPa+HNO7PgDtJO2POuVSUMGmEwZZoe1U7oM0J9y+mhVnjCDDP4SswOB9C034THJLGd8J4WtwnVfSgnZQEDt+NiCo3wnjm0wOzebjbWfbMUnyhN93tPomMmcntcvJ1dPBhHTDRW+h6izPhPMnmT1V2Xdfry9yRPLyMuT888H6TF13f2zfAhMjZoJ6tz8nmilxFcWqYb6UPqmOvcBeA82nnn0S1+6WzWs3H+I9QavuIef/8nIiIiIiIiIiIiIiIiIiIiIiIiIpo0mS8GHATbO3v29ZY+3wwpuItERERERERERERERERERERERERERERERBMvbf5fmSMzY/7f8M2A5Pl/I/+rd/b8v6u6oYT5f7tmA4qdOomIcvsbAAD//wpUabs=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) 46.665146ms ago: executing program 6 (id=15072): syz_mount_image$cramfs(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xfc, 0x15e, &(0x7f0000000480)="$eJzs0U1rE0Ecx/Hv7E4ewIQoRggeTG5Gg5AH9CYhKwYDxgVFEE+BuKKQEDGgPTb02kOg1xz6cC19C0nbQ2lJLn0VveRW6HHL7CYs7Wv4f27zm+H3n519/3ZRVETeDfp//nrDofej8NltN79cTacNk8eB5J398PysAb/QzDQsR2Di0zT8/N3zrO6gZ9bLBiQA58Eqp59Zz3OympGGCr69zk4SwTlrNTLMnsA3el6NWLB+qsHJhH1lYL4Hz/FxHoVZBbgGbFDKXN5PhEWtUv6xgo1J6ejw4tP8vPXqZd3brjbHL1I5uwTs46jkmRU9yWLe/ui23UWtWn2TLFcsXl+aQjbH6A+pf/BdgTZ9FkFfnNwz/RW2FOwEs5bHKm0+YvfG7Yf3qJuC/3YBVH7S7eRiB53sQwu7qM2uzz3mFwU70YsIIYQQQgghhBBCCCGEEEIIIYQQkdsAAAD//7ILTbU=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x1) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 0s ago: executing program 9 (id=15073): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) close(r0) move_mount(r0, 0x0, 0xffffffffffffff9c, 0x0, 0x45) kernel console output (not intermixed with test programs): ret_from_fork+0x3fc/0x770 [ 1410.536034][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 1410.536097][ C1] ? __switch_to_asm+0x39/0x70 [ 1410.536128][ C1] ? __switch_to_asm+0x33/0x70 [ 1410.536159][ C1] ? __pfx_kthread+0x10/0x10 [ 1410.536191][ C1] ret_from_fork_asm+0x1a/0x30 [ 1410.536241][ C1] [ 1410.536252][ C1] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 1410.598770][ T30] audit: type=1800 audit(1757016631.197:314): pid=6739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.14295" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 1410.603379][ C1] CPU: 1 UID: 0 PID: 3531 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) [ 1410.603407][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1410.603424][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 1410.603473][ C1] Call Trace: [ 1410.603484][ C1] [ 1410.603495][ C1] dump_stack_lvl+0x189/0x250 [ 1410.603532][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1410.603563][ C1] ? __pfx_queue_work_on+0x10/0x10 [ 1410.603588][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 1410.603624][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1410.603672][ C1] f2fs_handle_critical_error+0x37c/0x540 [ 1410.603715][ C1] f2fs_write_end_io+0x886/0xb60 [ 1410.603760][ C1] blk_update_request+0x57e/0xe60 [ 1410.603809][ C1] blk_mq_end_request+0x3e/0x70 [ 1410.603841][ C1] blk_done_softirq+0x10a/0x160 [ 1410.603873][ C1] handle_softirqs+0x286/0x870 [ 1410.603903][ C1] ? do_softirq+0xec/0x180 [ 1410.603934][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 1410.603967][ C1] ? nsim_dev_trap_report_work+0x7c7/0xb80 [ 1410.604008][ C1] do_softirq+0xec/0x180 [ 1410.604031][ C1] [ 1410.604040][ C1] [ 1410.604051][ C1] ? __pfx_do_softirq+0x10/0x10 [ 1410.604072][ C1] ? devlink_trap_report+0x216/0x6a0 [ 1410.604120][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1410.604148][ C1] ? lockdep_softirqs_on+0x13b/0x1c0 [ 1410.604188][ C1] __local_bh_enable_ip+0x17d/0x1c0 [ 1410.604213][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 1410.604239][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1410.604267][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 1410.604298][ C1] ? nsim_dev_trap_report_work+0x7c7/0xb80 [ 1410.604340][ C1] nsim_dev_trap_report_work+0x7c7/0xb80 [ 1410.604399][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 1410.604426][ C1] process_scheduled_works+0xae1/0x17b0 [ 1410.604485][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 1410.604518][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1410.604557][ C1] worker_thread+0x8a0/0xda0 [ 1410.604586][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1410.604630][ C1] ? __kthread_parkme+0x7b/0x200 [ 1410.604669][ C1] kthread+0x711/0x8a0 [ 1410.604704][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1410.604729][ C1] ? __pfx_kthread+0x10/0x10 [ 1410.604757][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1410.604790][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 1410.604823][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1410.604852][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 1410.604886][ C1] ? __pfx_kthread+0x10/0x10 [ 1410.604918][ C1] ret_from_fork+0x3fc/0x770 [ 1410.604949][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 1410.604982][ C1] ? __switch_to_asm+0x39/0x70 [ 1410.605013][ C1] ? __switch_to_asm+0x33/0x70 [ 1410.605043][ C1] ? __pfx_kthread+0x10/0x10 [ 1410.605075][ C1] ret_from_fork_asm+0x1a/0x30 [ 1410.605129][ C1] [ 1410.605140][ C1] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 1410.923491][ T6731] loop1: detected capacity change from 0 to 32768 [ 1410.933198][ C1] CPU: 1 UID: 0 PID: 3531 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) [ 1410.933228][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1410.933246][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 1410.933290][ C1] Call Trace: [ 1410.933301][ C1] [ 1410.933312][ C1] dump_stack_lvl+0x189/0x250 [ 1410.933348][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1410.933379][ C1] ? __pfx_queue_work_on+0x10/0x10 [ 1410.933405][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 1410.933442][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1410.933490][ C1] f2fs_handle_critical_error+0x37c/0x540 [ 1410.933536][ C1] f2fs_write_end_io+0x886/0xb60 [ 1410.933581][ C1] blk_update_request+0x57e/0xe60 [ 1410.933629][ C1] blk_mq_end_request+0x3e/0x70 [ 1410.933662][ C1] blk_done_softirq+0x10a/0x160 [ 1410.933694][ C1] handle_softirqs+0x286/0x870 [ 1410.933728][ C1] ? do_softirq+0xec/0x180 [ 1410.933759][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 1410.933791][ C1] ? nsim_dev_trap_report_work+0x7c7/0xb80 [ 1410.933832][ C1] do_softirq+0xec/0x180 [ 1410.933855][ C1] [ 1410.933864][ C1] [ 1410.933875][ C1] ? __pfx_do_softirq+0x10/0x10 [ 1410.933897][ C1] ? devlink_trap_report+0x216/0x6a0 [ 1410.933939][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1410.933967][ C1] ? lockdep_softirqs_on+0x13b/0x1c0 [ 1410.934007][ C1] __local_bh_enable_ip+0x17d/0x1c0 [ 1410.934032][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 1410.934058][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1410.934090][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 1410.934121][ C1] ? nsim_dev_trap_report_work+0x7c7/0xb80 [ 1410.934162][ C1] nsim_dev_trap_report_work+0x7c7/0xb80 [ 1410.934222][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 1410.934250][ C1] process_scheduled_works+0xae1/0x17b0 [ 1410.934308][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 1410.934341][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1410.934380][ C1] worker_thread+0x8a0/0xda0 [ 1410.934410][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1410.934454][ C1] ? __kthread_parkme+0x7b/0x200 [ 1410.934493][ C1] kthread+0x711/0x8a0 [ 1410.934528][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1410.934553][ C1] ? __pfx_kthread+0x10/0x10 [ 1410.934581][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1410.934613][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 1410.934646][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1410.934674][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 1410.934709][ C1] ? __pfx_kthread+0x10/0x10 [ 1410.934742][ C1] ret_from_fork+0x3fc/0x770 [ 1410.934772][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 1410.934805][ C1] ? __switch_to_asm+0x39/0x70 [ 1410.934837][ C1] ? __switch_to_asm+0x33/0x70 [ 1410.934868][ C1] ? __pfx_kthread+0x10/0x10 [ 1410.934900][ C1] ret_from_fork_asm+0x1a/0x30 [ 1410.934951][ C1] [ 1410.934988][ C1] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 1411.027301][ T6731] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.14289 (6731) [ 1411.032586][T14560] F2FS-fs (loop6): do_checkpoint failed err:-5, stop checkpoint [ 1411.034885][ T1710] usb 3-1: new high-speed USB device number 114 using dummy_hcd [ 1411.591798][ T6731] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1411.637308][ T6731] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 1411.976836][ T1710] usb 3-1: Using ep0 maxpacket: 32 [ 1412.034504][ T1710] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 1412.053153][ T6731] BTRFS info (device loop1): rebuilding free space tree [ 1412.060603][ T1710] usb 3-1: config 0 has no interface number 0 [ 1412.123854][ T1710] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1412.148899][ T1710] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1412.188700][ T1710] usb 3-1: Product: syz [ 1412.199624][ T1710] usb 3-1: Manufacturer: syz [ 1412.204707][ T6731] BTRFS info (device loop1): setting nodatasum [ 1412.242896][ T1710] usb 3-1: SerialNumber: syz [ 1412.243136][ T6731] BTRFS info (device loop1): allowing degraded mounts [ 1412.282615][ T6731] BTRFS info (device loop1): enabling ssd optimizations [ 1412.312168][ T1710] usb 3-1: config 0 descriptor?? [ 1412.345033][ T6731] BTRFS info (device loop1): enabling free space tree [ 1412.365270][ T6731] BTRFS info (device loop1): force clearing of disk cache [ 1412.372646][ T6731] BTRFS info (device loop1): doing ref verification [ 1412.378787][ T1710] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1412.412796][ T6731] BTRFS info (device loop1): force zlib compression, level 3 [ 1412.674676][ T5878] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1412.704995][ T6777] loop7: detected capacity change from 0 to 1764 [ 1412.871686][ T6750] loop8: detected capacity change from 0 to 32768 [ 1412.970889][ T1710] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1412.999764][ T6750] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1413.100565][ T1710] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1413.152044][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1413.167810][ T1710] usb 3-1: USB disconnect, device number 114 [ 1413.211375][ T1710] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1413.298209][ T1710] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1413.369210][ T1710] quatech2 3-1:0.51: device disconnected [ 1413.569814][ T6750] XFS (loop8): Ending clean mount [ 1413.599289][ T6750] XFS (loop8): Quotacheck needed: Please wait. [ 1413.877721][ T6750] XFS (loop8): Quotacheck: Done. [ 1413.913661][ T6804] loop1: detected capacity change from 0 to 16 [ 1413.964032][ T6804] erofs (device loop1): mounted with root inode @ nid 36. [ 1414.197954][T21266] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1414.259932][ T6781] loop6: detected capacity change from 0 to 32768 [ 1414.365262][ T6810] loop1: detected capacity change from 0 to 128 [ 1414.451323][ T6810] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1414.488419][ T6781] read_mapping_page failed! [ 1414.539200][ T6810] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1414.643376][ T6810] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1414.668238][ T6795] loop0: detected capacity change from 0 to 32768 [ 1414.721272][ T110] read_mapping_page failed! [ 1414.745555][ T6810] ext4 filesystem being mounted at /2445/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1414.965081][ T6810] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2" [ 1414.988777][ T30] audit: type=1800 audit(1757016635.250:315): pid=6810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.14315" name="file1" dev="loop1" ino=12 res=0 errno=0 [ 1415.165664][ T30] audit: type=1326 audit(1757016635.416:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6819 comm="syz.8.14314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e6a38ebe9 code=0x7ffc0000 [ 1415.244212][ T5878] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1415.276327][ T30] audit: type=1326 audit(1757016635.416:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6819 comm="syz.8.14314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e6a38ebe9 code=0x7ffc0000 [ 1415.440218][ T30] audit: type=1326 audit(1757016635.425:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6819 comm="syz.8.14314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4e6a38ebe9 code=0x7ffc0000 [ 1415.518186][ T30] audit: type=1326 audit(1757016635.425:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6819 comm="syz.8.14314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e6a38ebe9 code=0x7ffc0000 [ 1415.544442][ T30] audit: type=1326 audit(1757016635.425:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6819 comm="syz.8.14314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f4e6a38ebe9 code=0x7ffc0000 [ 1415.596811][ T30] audit: type=1326 audit(1757016635.425:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6819 comm="syz.8.14314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e6a38ebe9 code=0x7ffc0000 [ 1415.862323][ T6834] loop0: detected capacity change from 0 to 512 [ 1415.971961][ T6834] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 1415.979914][ T6834] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 1416.003943][ T6841] loop1: detected capacity change from 0 to 256 [ 1416.063448][ T6834] System zones: 0-1, 15-15, 18-18, 34-34 [ 1416.154813][ T6834] EXT4-fs (loop0): orphan cleanup on readonly fs [ 1416.165301][ T6841] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 1416.178165][ T6834] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 1416.179976][ T6846] loop6: detected capacity change from 0 to 1024 [ 1416.262784][ T6846] EXT4-fs: Ignoring removed nobh option [ 1416.284949][ T6834] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1416.345429][ T6834] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 1416.366909][ T6846] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c856c018, mo2=0102] [ 1416.405356][ T6834] EXT4-fs (loop0): 1 truncate cleaned up [ 1416.417114][ T6846] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1416.440819][ T6834] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1416.601203][ T6834] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 1416.662009][ T6834] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 1416.735840][T14560] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1416.928119][ T5883] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1417.274779][ T6879] netlink: 8 bytes leftover after parsing attributes in process `syz.8.14337'. [ 1418.020318][ T6901] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1418.666638][ T90] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 1418.884043][ T6926] loop1: detected capacity change from 0 to 512 [ 1418.891337][ T6926] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1418.899131][ T90] usb 7-1: config 0 has too many interfaces: 33, using maximum allowed: 32 [ 1418.920687][ T90] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1418.955867][ T90] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 33 [ 1419.005420][ T6926] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 1419.025703][ T90] usb 7-1: New USB device found, idVendor=1039, idProduct=12b6, bcdDevice=af.00 [ 1419.037239][ T90] usb 7-1: New USB device strings: Mfr=99, Product=0, SerialNumber=0 [ 1419.041424][ T6926] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e128, mo2=0002] [ 1419.045340][ T90] usb 7-1: Manufacturer: syz [ 1419.065297][ T90] usb 7-1: config 0 descriptor?? [ 1419.086352][ T6887] loop2: detected capacity change from 0 to 40427 [ 1419.108488][ T6887] F2FS-fs (loop2): invalid crc value [ 1419.149967][ T6926] EXT4-fs (loop1): orphan cleanup on readonly fs [ 1419.194428][ T6926] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0 [ 1419.240824][ T6926] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1419.297507][ T6926] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 1419.314109][ T6050] usb 7-1: USB disconnect, device number 28 [ 1419.334300][ T6926] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.14356: bg 0: block 40: padding at end of block bitmap is not set [ 1419.438452][ T6887] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 1419.452824][ T6926] EXT4-fs (loop1): Remounting filesystem read-only [ 1419.473059][ T6887] F2FS-fs (loop2): Start checkpoint disabled! [ 1419.507441][ T6887] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 1419.509913][ T6926] EXT4-fs (loop1): 1 truncate cleaned up [ 1419.580767][ T6926] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1419.905984][ T5878] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1420.406736][ T6962] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 1420.576939][ T6938] loop7: detected capacity change from 0 to 32768 [ 1420.589615][ T6942] loop8: detected capacity change from 0 to 32768 [ 1420.627889][ T6938] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.14360 (6938) [ 1420.729518][ T6938] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1420.788244][ T6942] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode. [ 1420.788606][ T6938] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm [ 1420.966661][ T6942] (syz.8.14361,6942,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214 [ 1421.151490][ T6938] BTRFS info (device loop7): enabling ssd optimizations [ 1421.199790][ T6938] BTRFS info (device loop7): enabling free space tree [ 1421.241563][ T6997] loop1: detected capacity change from 0 to 1024 [ 1421.305521][T21266] (syz-executor,21266,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 76 [ 1421.338725][ T6997] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1421.369568][ T7002] loop0: detected capacity change from 0 to 256 [ 1421.410601][T21266] ocfs2: Unmounting device (7,8) on (node local) [ 1421.547540][ T7002] FAT-fs (loop0): Directory bread(block 64) failed [ 1421.585665][ T7002] FAT-fs (loop0): Directory bread(block 65) failed [ 1421.643249][ T7002] FAT-fs (loop0): Directory bread(block 66) failed [ 1421.678751][ T7002] FAT-fs (loop0): Directory bread(block 67) failed [ 1421.685406][ T7002] FAT-fs (loop0): Directory bread(block 68) failed [ 1421.710614][ T7013] netlink: 120 bytes leftover after parsing attributes in process `syz.2.14379'. [ 1421.738625][ T7002] FAT-fs (loop0): Directory bread(block 69) failed [ 1421.776798][ T7002] FAT-fs (loop0): Directory bread(block 70) failed [ 1421.800001][ T7002] FAT-fs (loop0): Directory bread(block 71) failed [ 1421.877255][ T7002] FAT-fs (loop0): Directory bread(block 72) failed [ 1421.932977][T15448] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1421.970665][ T7002] FAT-fs (loop0): Directory bread(block 73) failed [ 1421.971515][ T90] IPVS: starting estimator thread 0... [ 1422.133167][ T7020] IPVS: using max 28 ests per chain, 67200 per kthread [ 1422.252483][ T1549] usb 2-1: new high-speed USB device number 116 using dummy_hcd [ 1422.449925][ T1549] usb 2-1: Using ep0 maxpacket: 8 [ 1422.503728][ T7022] loop6: detected capacity change from 0 to 4096 [ 1422.534138][ T1549] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 1422.542414][ T1549] usb 2-1: config 179 has no interface number 0 [ 1422.615427][ T1549] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 1422.670763][ T7022] ntfs3(loop6): Failed to load $Volume (-22). [ 1422.684051][ T1549] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 1422.792018][ T1549] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1422.848508][ T1549] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 1422.907631][ T1549] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1422.993763][ T1549] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 1423.065498][ T1549] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1423.102665][ T7046] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14393'. [ 1423.132403][ T7019] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1423.155651][ T7046] netlink: 28 bytes leftover after parsing attributes in process `syz.6.14393'. [ 1423.430261][ T1549] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input86 [ 1423.637186][ T7059] loop6: detected capacity change from 0 to 1024 [ 1423.705001][ T7064] loop2: detected capacity change from 0 to 256 [ 1423.722241][ T6050] usb 2-1: USB disconnect, device number 116 [ 1423.722336][ C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 1423.735359][ T7064] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1423.736655][ C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1423.790989][ T7064] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 1423.858343][ T7064] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 1423.987550][T24870] hfsplus: b-tree write err: -5, ino 4 [ 1424.173531][ T7074] loop0: detected capacity change from 0 to 1024 [ 1424.516202][ T6050] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 1424.712821][ T6050] usb 7-1: Using ep0 maxpacket: 16 [ 1424.746432][ T6050] usb 7-1: config 0 has an invalid interface number: 8 but max is 0 [ 1424.773580][ T7097] loop7: detected capacity change from 0 to 1024 [ 1424.798148][ T6050] usb 7-1: config 0 has no interface number 0 [ 1424.804297][ T6050] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1424.850380][ T7097] EXT4-fs: Ignoring removed bh option [ 1424.862852][ T6050] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1424.879107][ T7097] EXT4-fs: inline encryption not supported [ 1424.909682][ T6050] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1424.932605][ T7097] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1424.956359][ T6050] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1424.990464][ T6050] usb 7-1: Product: syz [ 1425.059770][ T7097] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0001] [ 1425.068390][ T6050] usb 7-1: SerialNumber: syz [ 1425.123765][ T6050] usb 7-1: config 0 descriptor?? [ 1425.155076][ T7097] EXT4-fs error (device loop7): ext4_ext_check_inode:523: inode #11: comm syz.7.14412: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0) [ 1425.190882][ T6050] cm109 7-1:0.8: invalid payload size 0, expected 4 [ 1425.244513][ T6050] input: CM109 USB driver as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.8/input/input87 [ 1425.263579][ T7097] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.14412: couldn't read orphan inode 11 (err -117) [ 1425.355269][ T7097] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1425.513680][ C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1425.525355][ C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1425.532556][ C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1425.539800][ C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1425.550315][ C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1425.557577][ C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1425.564737][ C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1425.571936][ C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1425.579246][ C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 1425.586973][ C0] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 1425.596730][ T6052] usb 7-1: USB disconnect, device number 29 [ 1425.634982][ T6052] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1425.678450][ T7097] System zones: 0-1, 3-12 [ 1425.717975][ T7097] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 1425.889160][T15448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1426.048175][ T7140] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1426.260166][ T6052] usb 9-1: new high-speed USB device number 22 using dummy_hcd [ 1426.488633][ T6052] usb 9-1: Using ep0 maxpacket: 8 [ 1426.545573][ T6052] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 1426.573208][ T6052] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1426.634447][ T6052] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1426.713084][ T6052] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 1426.769476][ T6052] usb 9-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00 [ 1426.800582][ T6052] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1426.857081][ T6052] usb 9-1: config 0 descriptor?? [ 1427.225287][ T1710] usb 3-1: new high-speed USB device number 115 using dummy_hcd [ 1427.321224][ T6052] hid (null): unknown global tag 0x9f [ 1427.354082][ T6052] hid (null): unknown global tag 0xc [ 1427.380297][ T6052] redragon 0003:0C45:760B.0005: unexpected long global item [ 1427.409492][ T1710] usb 3-1: Using ep0 maxpacket: 32 [ 1427.422391][ T6052] redragon 0003:0C45:760B.0005: probe with driver redragon failed with error -22 [ 1427.438076][ T6050] kernel write not supported for file /amidi2 (pid: 6050 comm: kworker/0:7) [ 1427.461594][ T1710] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 1427.484199][ T1710] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1427.508299][ T1710] usb 3-1: config 0 descriptor?? [ 1427.554031][ T1710] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 1427.577332][ T1549] usb 9-1: USB disconnect, device number 22 [ 1427.578729][ T7143] loop1: detected capacity change from 0 to 32768 [ 1428.202065][ T1549] usb 3-1: USB disconnect, device number 115 [ 1428.341716][ T90] usb 8-1: new full-speed USB device number 34 using dummy_hcd [ 1428.568117][ T90] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 1428.583375][ T90] usb 8-1: config 0 has no interface number 0 [ 1428.587954][ T7214] loop1: detected capacity change from 0 to 512 [ 1428.600829][ T7217] netlink: 'syz.6.14455': attribute type 1 has an invalid length. [ 1428.619861][ T90] usb 8-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 1428.677127][ T7214] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 1428.686620][ T90] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1428.718040][ T90] usb 8-1: config 0 descriptor?? [ 1428.734300][ T7214] EXT4-fs (loop1): orphan cleanup on readonly fs [ 1428.749534][ T90] usb 8-1: selecting invalid altsetting 1 [ 1428.757674][ T7214] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.14454: Block bitmap for bg 0 marked uninitialized [ 1428.852896][ T90] dvb_ttusb_budget: ttusb_init_controller: error [ 1428.859277][ T90] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 1428.871783][ T7214] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 1428.917667][ T7214] EXT4-fs (loop1): 1 orphan inode deleted [ 1428.978749][ T7214] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1429.143139][ T90] DVB: Unable to find symbol cx22700_attach() [ 1429.292635][ T5878] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1429.317904][ T90] DVB: Unable to find symbol tda10046_attach() [ 1429.344096][ T90] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 1429.353193][ T7227] loop8: detected capacity change from 0 to 8192 [ 1429.419223][ T7227] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1429.430995][ T90] usb 8-1: USB disconnect, device number 34 [ 1429.452208][ T7241] team0: Device is already in use. [ 1429.731387][ T7245] loop6: detected capacity change from 0 to 1024 [ 1429.868611][ T7245] hfsplus: xattr exists yet [ 1430.236059][ T7258] netlink: 36 bytes leftover after parsing attributes in process `syz.1.14473'. [ 1430.333460][ T7261] comedi comedi3: 8255: I/O port conflict (0x40404f26,4) [ 1430.340571][ T7261] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 1430.379801][ T7261] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffe,4) [ 1430.407679][ T7261] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 1430.464436][ T7261] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffff7,4) [ 1430.484487][ T7261] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 1430.507056][ T7261] comedi comedi3: 8255: I/O port conflict (0x21,4) [ 1430.528399][ T7261] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 1430.548578][ T7261] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 1430.585543][ T7261] comedi comedi3: 8255: I/O port conflict (0x400,4) [ 1430.603396][ T30] audit: type=1326 audit(1757016649.660:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7268 comm="syz.2.14478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0978ebe9 code=0x7ffc0000 [ 1430.610095][ T7261] comedi comedi3: 8255: I/O port conflict (0x800006,4) [ 1430.633463][ T90] usb 9-1: new high-speed USB device number 23 using dummy_hcd [ 1430.654153][ T7261] comedi comedi3: 8255: I/O port conflict (0x7,4) [ 1430.687853][ T30] audit: type=1326 audit(1757016649.697:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7268 comm="syz.2.14478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f0a0978ebe9 code=0x7ffc0000 [ 1430.706513][ T7261] comedi comedi3: 8255: I/O port conflict (0xb,4) [ 1430.762931][ T7261] comedi comedi3: 8255: I/O port conflict (0x80402,4) [ 1430.773918][ T7261] comedi comedi3: 8255: I/O port conflict (0xd,4) [ 1430.784890][ T7261] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 1430.802722][ T7261] comedi comedi3: 8255: I/O port conflict (0x41,4) [ 1430.809878][ T90] usb 9-1: Using ep0 maxpacket: 16 [ 1430.817111][ T90] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 1430.830174][ T30] audit: type=1326 audit(1757016649.697:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7268 comm="syz.2.14478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0978ebe9 code=0x7ffc0000 [ 1430.865082][ T7261] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 1430.865921][ T90] usb 9-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 1430.871548][ T7261] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 1430.894873][ T7237] loop0: detected capacity change from 0 to 32768 [ 1430.918828][ T90] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1430.921158][ T30] audit: type=1326 audit(1757016649.697:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7268 comm="syz.2.14478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0978ebe9 code=0x7ffc0000 [ 1430.935479][ T7237] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.14462 (7237) [ 1430.965947][ T7261] comedi comedi3: 8255: I/O port conflict (0x8000003,4) [ 1430.994062][ T7261] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffa,4) [ 1430.999665][ T90] usb 9-1: config 0 descriptor?? [ 1431.078501][ T30] audit: type=1326 audit(1757016649.697:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7268 comm="syz.2.14478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f0a0978ebe9 code=0x7ffc0000 [ 1431.189129][ T30] audit: type=1326 audit(1757016649.697:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7268 comm="syz.2.14478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0978ebe9 code=0x7ffc0000 [ 1431.200163][ T7237] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1431.265363][ T7279] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0 [ 1431.277552][ T7237] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 1431.283622][ T7281] IPVS: stopping backup sync thread 7279 ... [ 1431.317854][ T30] audit: type=1326 audit(1757016649.697:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7268 comm="syz.2.14478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0978ebe9 code=0x7ffc0000 [ 1431.535226][ T90] logitech 0003:046D:C293.0006: hidraw0: USB HID vff.fa Device [HID 046d:c293] on usb-dummy_hcd.8-1/input0 [ 1431.607087][ T90] logitech 0003:046D:C293.0006: no inputs found [ 1431.623055][ T7303] loop6: detected capacity change from 0 to 512 [ 1431.673245][ T7237] BTRFS info (device loop0): rebuilding free space tree [ 1431.774286][ T7237] BTRFS info (device loop0): setting nodatasum [ 1431.802558][ T7237] BTRFS info (device loop0): allowing degraded mounts [ 1431.806607][ T90] usb 9-1: USB disconnect, device number 23 [ 1431.829982][ T7237] BTRFS info (device loop0): enabling ssd optimizations [ 1431.885519][ T7237] BTRFS info (device loop0): enabling free space tree [ 1431.892349][ T7237] BTRFS info (device loop0): force clearing of disk cache [ 1431.942793][ T7310] fido_id[7310]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 1431.943670][ T7237] BTRFS info (device loop0): doing ref verification [ 1432.064817][ T7237] BTRFS info (device loop0): force zlib compression, level 3 [ 1432.503412][ T5883] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1432.637308][ T30] audit: type=1326 audit(1757016651.543:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7332 comm="syz.8.14500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e6a38ebe9 code=0x7ffc0000 [ 1432.659827][ C1] vkms_vblank_simulate: vblank timer overrun [ 1432.758114][ T30] audit: type=1326 audit(1757016651.543:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7332 comm="syz.8.14500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e6a38ebe9 code=0x7ffc0000 [ 1432.850114][ T30] audit: type=1326 audit(1757016651.543:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7332 comm="syz.8.14500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f4e6a38ebe9 code=0x7ffc0000 [ 1433.391701][ T7349] loop0: detected capacity change from 0 to 2048 [ 1433.407413][ T7321] loop1: detected capacity change from 0 to 32768 [ 1433.466638][ T7349] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1434.265980][ T7366] loop1: detected capacity change from 0 to 1024 [ 1434.360316][ T7347] loop7: detected capacity change from 0 to 32768 [ 1434.425182][ T7366] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1434.487800][ T7366] ext4 filesystem being mounted at /2473/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1434.546886][ T7347] ocfs2: Mounting device (7,7) on (node local, slot 0) with writeback data mode. [ 1434.628984][ T7366] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: block 1: comm syz.1.14514: lblock 1 mapped to illegal pblock 1 (length 15) [ 1434.651804][ T12] (kworker/u8:0,12,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2 [ 1434.757985][ T7366] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117 [ 1434.813342][ T7366] EXT4-fs (loop1): This should not happen!! Data will be lost [ 1434.813342][ T7366] [ 1434.835287][T15448] ocfs2: Unmounting device (7,7) on (node local) [ 1435.023236][ T5878] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1435.969558][ T7417] loop1: detected capacity change from 0 to 128 [ 1435.989769][ T7414] loop7: detected capacity change from 0 to 2048 [ 1436.014316][ T7417] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 1436.027605][ T7414] UDF-fs: error (device loop7): udf_process_sequence: Primary Volume Descriptor not found! [ 1436.077972][ T7414] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1436.090757][ T7417] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1436.110664][ T7384] loop8: detected capacity change from 0 to 32768 [ 1436.193672][ T7384] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.14520 (7384) [ 1436.288374][ T7384] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1436.299064][ T7424] loop2: detected capacity change from 0 to 512 [ 1436.329766][ T7384] BTRFS info (device loop8): using sha256 (sha256-lib) checksum algorithm [ 1436.521966][ T7424] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1436.560108][ T7424] ext4 filesystem being mounted at /2581/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1436.631538][ T7384] BTRFS info (device loop8): enabling ssd optimizations [ 1436.671170][ T7384] BTRFS info (device loop8): enabling free space tree [ 1436.829994][ T5880] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1436.977860][T21266] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1437.662107][ T7476] loop1: detected capacity change from 0 to 256 [ 1437.711426][ T7476] exfat: Deprecated parameter 'utf8' [ 1437.717001][ T7476] exfat: Deprecated parameter 'namecase' [ 1437.753720][ T7476] exfat: Deprecated parameter 'namecase' [ 1437.775161][ T7476] exfat: Deprecated parameter 'utf8' [ 1437.837611][ T7476] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 1438.250429][ T7458] loop6: detected capacity change from 0 to 32768 [ 1438.332898][ T7458] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1438.483844][ T7458] XFS (loop6): Ending clean mount [ 1438.518952][ T7458] XFS (loop6): Quotacheck needed: Please wait. [ 1438.689437][ T7466] loop7: detected capacity change from 0 to 40427 [ 1438.726836][ T7466] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12 [ 1438.751879][ T7466] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 1438.760468][ T7503] loop2: detected capacity change from 0 to 512 [ 1438.776378][ T7458] XFS (loop6): Quotacheck: Done. [ 1438.830581][ T7466] F2FS-fs (loop7): invalid crc value [ 1438.862304][ T7503] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1439.071043][ T5880] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1439.086348][T14560] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1439.217798][ T7466] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1439.273352][ T7466] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 1439.318978][ T7515] netlink: 'syz.8.14570': attribute type 8 has an invalid length. [ 1439.324840][ T7466] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 1439.679620][ T7492] loop1: detected capacity change from 0 to 40427 [ 1439.720309][ T7492] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 1439.739309][ T7492] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1439.971333][ T7530] loop6: detected capacity change from 0 to 256 [ 1440.006734][ T43] usb 3-1: new high-speed USB device number 116 using dummy_hcd [ 1440.079698][ T7530] FAT-fs (loop6): Directory bread(block 64) failed [ 1440.094401][ T7530] FAT-fs (loop6): Directory bread(block 65) failed [ 1440.129776][ T7530] FAT-fs (loop6): Directory bread(block 66) failed [ 1440.136370][ T7530] FAT-fs (loop6): Directory bread(block 67) failed [ 1440.144143][ T7492] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1440.169844][ T7530] FAT-fs (loop6): Directory bread(block 68) failed [ 1440.182117][ T7492] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1440.191570][ T43] usb 3-1: Using ep0 maxpacket: 16 [ 1440.196866][ T7530] FAT-fs (loop6): Directory bread(block 69) failed [ 1440.203476][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1440.203522][ T43] usb 3-1: New USB device found, idVendor=0458, idProduct=5019, bcdDevice= 0.00 [ 1440.203550][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1440.207828][ T7492] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1440.241380][ T43] usb 3-1: config 0 descriptor?? [ 1440.268564][ T7530] FAT-fs (loop6): Directory bread(block 70) failed [ 1440.309920][ T7530] FAT-fs (loop6): Directory bread(block 71) failed [ 1440.316564][ T7530] FAT-fs (loop6): Directory bread(block 72) failed [ 1440.354842][ T7530] FAT-fs (loop6): Directory bread(block 73) failed [ 1440.488814][ T5878] syz-executor: attempt to access beyond end of device [ 1440.488814][ T5878] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1440.517379][ T5878] CPU: 0 UID: 0 PID: 5878 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1440.517411][ T5878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1440.517427][ T5878] Call Trace: [ 1440.517438][ T5878] [ 1440.517449][ T5878] dump_stack_lvl+0x189/0x250 [ 1440.517492][ T5878] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1440.517523][ T5878] ? __pfx_queue_work_on+0x10/0x10 [ 1440.517548][ T5878] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 1440.517586][ T5878] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1440.517643][ T5878] f2fs_handle_critical_error+0x37c/0x540 [ 1440.517692][ T5878] f2fs_write_end_io+0x886/0xb60 [ 1440.517745][ T5878] __submit_merged_bio+0x27a/0x6a0 [ 1440.517790][ T5878] __submit_merged_write_cond+0x255/0x530 [ 1440.517838][ T5878] f2fs_write_data_pages+0x261d/0x3000 [ 1440.517879][ T5878] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1440.517958][ T5878] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1440.518017][ T5878] ? arch_stack_walk+0xfc/0x150 [ 1440.518102][ T5878] ? __mod_zone_page_state+0xd7/0x140 [ 1440.518153][ T5878] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1440.518181][ T5878] ? folios_put_refs+0x560/0x640 [ 1440.518225][ T5878] ? __pfx_folios_put_refs+0x10/0x10 [ 1440.518252][ T5878] ? rcu_is_watching+0x15/0xb0 [ 1440.518290][ T5878] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1440.518322][ T5878] ? __lock_acquire+0xab9/0xd20 [ 1440.518384][ T5878] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1440.518427][ T5878] do_writepages+0x32e/0x550 [ 1440.518470][ T5878] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1440.518505][ T5878] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1440.518533][ T5878] ? do_raw_spin_unlock+0x122/0x240 [ 1440.518572][ T5878] filemap_fdatawrite+0x199/0x240 [ 1440.518609][ T5878] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 1440.518707][ T5878] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1440.518743][ T5878] ? do_raw_spin_unlock+0x122/0x240 [ 1440.518782][ T5878] f2fs_sync_dirty_inodes+0x31f/0x830 [ 1440.518833][ T5878] f2fs_write_checkpoint+0x95a/0x1df0 [ 1440.518896][ T5878] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1440.518988][ T5878] ? call_rcu+0x6ff/0x9c0 [ 1440.519013][ T5878] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1440.519041][ T5878] ? lockdep_hardirqs_on+0x9c/0x150 [ 1440.519088][ T5878] ? kill_f2fs_super+0x298/0x6c0 [ 1440.519124][ T5878] kill_f2fs_super+0x2c3/0x6c0 [ 1440.519161][ T5878] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1440.519184][ T5878] ? radix_tree_delete_item+0x2b6/0x400 [ 1440.519231][ T5878] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1440.519260][ T5878] ? shrinker_free+0x2ce/0x3e0 [ 1440.519293][ T5878] deactivate_locked_super+0xbc/0x130 [ 1440.519329][ T5878] cleanup_mnt+0x425/0x4c0 [ 1440.519356][ T5878] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1440.519384][ T5878] ? lockdep_hardirqs_on+0x9c/0x150 [ 1440.519426][ T5878] task_work_run+0x1d4/0x260 [ 1440.519467][ T5878] ? __pfx_task_work_run+0x10/0x10 [ 1440.519498][ T5878] ? __x64_sys_umount+0x122/0x160 [ 1440.519541][ T5878] ? exit_to_user_mode_loop+0x40/0x110 [ 1440.519584][ T5878] exit_to_user_mode_loop+0xec/0x110 [ 1440.519622][ T5878] do_syscall_64+0x2bd/0x3b0 [ 1440.519644][ T5878] ? lockdep_hardirqs_on+0x9c/0x150 [ 1440.519681][ T5878] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1440.519704][ T5878] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1440.519732][ T5878] ? exc_page_fault+0x9f/0xf0 [ 1440.519772][ T5878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1440.519796][ T5878] RIP: 0033:0x7f993e18ff17 [ 1440.519819][ T5878] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 1440.519841][ T5878] RSP: 002b:00007ffcb08d3d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1440.519867][ T5878] RAX: 0000000000000000 RBX: 00007f993e211c05 RCX: 00007f993e18ff17 [ 1440.519885][ T5878] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb08d3e50 [ 1440.519902][ T5878] RBP: 00007ffcb08d3e50 R08: 0000000000000000 R09: 0000000000000000 [ 1440.519918][ T5878] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb08d4ee0 [ 1440.519936][ T5878] R13: 00007f993e211c05 R14: 000000000014cb9a R15: 00007ffcb08d4f20 [ 1440.519981][ T5878] [ 1440.545508][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 1440.545529][ T30] audit: type=1326 audit(1757016658.827:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7520 comm="syz.8.14573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e6a38ebe9 code=0x7fc00000 [ 1440.594846][ T5878] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 1440.940647][ T43] hid (null): report_id 0 is invalid [ 1441.001862][ T43] kye 0003:0458:5019.0007: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 1441.019092][ T43] kye 0003:0458:5019.0007: report_id 0 is invalid [ 1441.031735][ T43] kye 0003:0458:5019.0007: item 0 0 1 8 parsing failed [ 1441.086369][ T43] kye 0003:0458:5019.0007: parse failed [ 1441.093414][ T43] kye 0003:0458:5019.0007: probe with driver kye failed with error -22 [ 1441.165213][ T43] usb 3-1: USB disconnect, device number 116 [ 1441.454166][ T7552] tmpfs: Cannot change global quota limit on remount [ 1442.073957][ T7543] loop8: detected capacity change from 0 to 32768 [ 1442.195939][ T7543] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1442.313632][ T7548] loop0: detected capacity change from 0 to 32768 [ 1442.390244][ T7548] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1442.422701][ T7587] loop1: detected capacity change from 0 to 256 [ 1442.596634][ T7543] XFS (loop8): Ending clean mount [ 1442.640685][ T7543] XFS (loop8): Quotacheck needed: Please wait. [ 1442.682217][ T6052] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 1442.687343][ T7548] XFS (loop0): Ending clean mount [ 1442.732914][ T7548] XFS (loop0): Quotacheck needed: Please wait. [ 1442.733823][ T7598] Bluetooth: MGMT ver 1.23 [ 1442.845297][ T7543] XFS (loop8): Quotacheck: Done. [ 1442.866463][ T6052] usb 7-1: Using ep0 maxpacket: 8 [ 1442.903009][ T6052] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 1442.918869][ T6052] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 1442.954247][ T7548] XFS (loop0): Quotacheck: Done. [ 1442.974824][ T6052] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1442.987603][ T6052] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1442.999411][ T6052] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1443.012476][ T6052] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 1443.025496][ T30] audit: type=1800 audit(1757016661.135:338): pid=7548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.14582" name="file1" dev="loop0" ino=9286 res=0 errno=0 [ 1443.032888][ T6052] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 1443.081822][ T6052] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1443.097308][ T6052] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1443.166947][T21266] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1443.180613][ T5883] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1443.203912][ T6052] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1443.221659][ T6052] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 1443.262231][ T6052] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 1443.303142][ T6052] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1443.315126][ T6052] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1443.326431][ T6052] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1443.344752][ T6052] usb 7-1: string descriptor 0 read error: -22 [ 1443.351047][ T6052] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 1443.375466][ T6052] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1443.457249][ T7615] loop7: detected capacity change from 0 to 512 [ 1443.500390][ T6052] adutux 7-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 1443.576467][ T7615] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1443.664711][ T7615] ext4 filesystem being mounted at /1730/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1443.833615][ T7615] EXT4-fs error (device loop7): ext4_get_first_dir_block:3529: inode #12: comm syz.7.14607: Attempting to read directory block (0) that is past i_size (3) [ 1444.054406][ T7628] loop2: detected capacity change from 0 to 512 [ 1444.085509][T15448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1444.148687][ T7628] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1444.219130][ T7628] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.14610: bg 0: block 248: padding at end of block bitmap is not set [ 1444.331467][ T7628] Quota error (device loop2): write_blk: dquota write failed [ 1444.358340][ T7628] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 1444.393433][ T7628] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.14610: Failed to acquire dquot type 1 [ 1444.424534][ T7628] EXT4-fs (loop2): 1 truncate cleaned up [ 1444.442230][ T7628] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1444.577000][ T5880] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1445.224159][ T7647] loop8: detected capacity change from 0 to 40427 [ 1445.234233][ T7653] loop2: detected capacity change from 0 to 32768 [ 1445.240843][ T7647] F2FS-fs: heap/no_heap options were deprecated [ 1445.259467][ T7647] F2FS-fs (loop8): Mismatch start address, segment0(0) cp_blkaddr(512) [ 1445.269053][ T7653] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.14621 (7653) [ 1445.290257][ T7647] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock [ 1445.317626][ T7647] F2FS-fs (loop8): invalid crc value [ 1445.322955][ T7653] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1445.366298][ T7653] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 1445.380761][ T6052] usb 2-1: new high-speed USB device number 117 using dummy_hcd [ 1445.534310][ T7647] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 1445.560854][ T7647] F2FS-fs (loop8): Start checkpoint disabled! [ 1445.577437][ T6052] usb 2-1: Using ep0 maxpacket: 16 [ 1445.593958][ T7653] BTRFS info (device loop2): enabling ssd optimizations [ 1445.626511][ T6052] usb 2-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 1445.640572][ T7653] BTRFS info (device loop2): enabling free space tree [ 1445.648572][ T6052] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1445.658726][ T6052] usb 2-1: Product: syz [ 1445.663397][ T6052] usb 2-1: Manufacturer: syz [ 1445.669739][ T7647] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0 [ 1445.685364][ T6052] usb 2-1: SerialNumber: syz [ 1445.691683][ T7647] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6 [ 1445.719258][ T6052] usb 2-1: config 0 descriptor?? [ 1445.736389][ T6052] ssu100 2-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 1445.898809][ T5880] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1446.261238][ T43] usb 7-1: USB disconnect, device number 30 [ 1446.404854][ T6052] ssu100 2-1:0.0: probe with driver ssu100 failed with error -71 [ 1446.466723][ T6052] usb 2-1: USB disconnect, device number 117 [ 1446.892552][ T7698] random: crng reseeded on system resumption [ 1447.117453][ T7702] loop7: detected capacity change from 0 to 512 [ 1447.189950][ T7702] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.14635: invalid indirect mapped block 4294967295 (level 1) [ 1447.237265][ T7704] loop1: detected capacity change from 0 to 4096 [ 1447.266930][ T7702] EXT4-fs (loop7): Remounting filesystem read-only [ 1447.284811][ T7702] EXT4-fs (loop7): 2 truncates cleaned up [ 1447.293146][ T7702] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1447.477416][T15448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1447.491535][ T7711] loop8: detected capacity change from 0 to 256 [ 1447.653834][ T7711] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 1447.781874][ T7690] loop2: detected capacity change from 0 to 32768 [ 1448.330843][ T7732] loop8: detected capacity change from 0 to 128 [ 1448.808959][ T7745] netlink: 20 bytes leftover after parsing attributes in process `syz.6.14656'. [ 1448.982276][ T7748] Bluetooth: MGMT ver 1.23 [ 1449.064873][ T7752] loop6: detected capacity change from 0 to 128 [ 1449.101817][ T7752] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 1449.122441][ T7723] loop0: detected capacity change from 0 to 32768 [ 1449.173226][ T7752] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 1449.187763][ T7723] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.14644 (7723) [ 1449.313760][ T7752] EXT4-fs warning (device loop6): ext4_dirblock_csum_verify:375: inode #2: comm syz.6.14660: No space for directory leaf checksum. Please run e2fsck -D. [ 1449.362763][ T7723] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1449.377631][ T7752] EXT4-fs error (device loop6): htree_dirblock_to_tree:1051: inode #2: comm syz.6.14660: Directory block failed checksum [ 1449.410351][ T7723] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm [ 1449.570270][T14560] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1449.753725][ T7723] BTRFS info (device loop0): allowing degraded mounts [ 1449.772187][ T7723] BTRFS info (device loop0): enabling ssd optimizations [ 1449.790930][ T7723] BTRFS info (device loop0): enabling free space tree [ 1449.803292][ T7723] BTRFS info (device loop0): force zlib compression, level 3 [ 1450.106412][ T5883] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1450.140966][ T7794] loop8: detected capacity change from 0 to 128 [ 1450.280233][ T7794] FAT-fs (loop8): error, corrupted directory (invalid entries) [ 1450.304867][ T7794] FAT-fs (loop8): Filesystem has been set read-only [ 1450.613857][ T7799] loop6: detected capacity change from 0 to 2048 [ 1450.665535][ T7799] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found [ 1450.705435][ T7799] UDF-fs: Scanning with blocksize 512 failed [ 1450.822540][ T7799] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1450.876341][ T7804] loop8: detected capacity change from 0 to 4096 [ 1450.901388][ T7804] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512). [ 1451.090525][ T7804] ntfs3(loop8): Mark volume as dirty due to NTFS errors [ 1451.137703][ T7782] loop2: detected capacity change from 0 to 40427 [ 1451.199791][ T7782] F2FS-fs (loop2): build fault injection rate: 14 [ 1451.217188][ T7782] F2FS-fs (loop2): build fault injection type: 0x3bfe8c [ 1451.264581][ T7782] F2FS-fs (loop2): invalid crc value [ 1451.285940][ C0] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60 [ 1451.340618][ C0] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60 [ 1451.805814][ T7782] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1451.875984][ T7782] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0 [ 1451.920417][ T7782] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1452.063735][ T7782] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40 [ 1452.128237][ T7782] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_convert_inline_inode+0x6bd/0x880 [ 1452.222699][ T7843] loop7: detected capacity change from 0 to 64 [ 1452.369561][ T5880] syz-executor: attempt to access beyond end of device [ 1452.369561][ T5880] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1452.420819][ T5880] CPU: 0 UID: 0 PID: 5880 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1452.420854][ T5880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1452.420871][ T5880] Call Trace: [ 1452.420881][ T5880] [ 1452.420892][ T5880] dump_stack_lvl+0x189/0x250 [ 1452.420935][ T5880] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1452.420967][ T5880] ? __pfx_queue_work_on+0x10/0x10 [ 1452.420992][ T5880] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 1452.421030][ T5880] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1452.421079][ T5880] f2fs_handle_critical_error+0x37c/0x540 [ 1452.421125][ T5880] f2fs_write_end_io+0x886/0xb60 [ 1452.421173][ T5880] __submit_merged_bio+0x27a/0x6a0 [ 1452.421218][ T5880] __submit_merged_write_cond+0x255/0x530 [ 1452.421262][ T5880] f2fs_write_data_pages+0x261d/0x3000 [ 1452.421298][ T5880] ? __lock_acquire+0xab9/0xd20 [ 1452.421381][ T5880] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1452.421472][ T5880] ? __mod_zone_page_state+0xd7/0x140 [ 1452.421519][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.421548][ T5880] ? folios_put_refs+0x560/0x640 [ 1452.421591][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.421619][ T5880] ? __lock_acquire+0xab9/0xd20 [ 1452.421665][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.421692][ T5880] ? do_raw_spin_lock+0x121/0x290 [ 1452.421730][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.421764][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.421791][ T5880] ? do_raw_spin_unlock+0x122/0x240 [ 1452.421823][ T5880] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1452.421863][ T5880] do_writepages+0x32e/0x550 [ 1452.421904][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.421937][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.421964][ T5880] ? do_raw_spin_unlock+0x122/0x240 [ 1452.422001][ T5880] filemap_fdatawrite+0x199/0x240 [ 1452.422037][ T5880] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 1452.422122][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.422155][ T5880] ? do_raw_spin_unlock+0x122/0x240 [ 1452.422192][ T5880] f2fs_sync_dirty_inodes+0x31f/0x830 [ 1452.422237][ T5880] f2fs_write_checkpoint+0x95a/0x1df0 [ 1452.422294][ T5880] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1452.422382][ T5880] ? kill_f2fs_super+0x298/0x6c0 [ 1452.422416][ T5880] kill_f2fs_super+0x2c3/0x6c0 [ 1452.422449][ T5880] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1452.422472][ T5880] ? radix_tree_delete_item+0x2b6/0x400 [ 1452.422518][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.422545][ T5880] ? shrinker_free+0x2ce/0x3e0 [ 1452.422577][ T5880] deactivate_locked_super+0xbc/0x130 [ 1452.422611][ T5880] cleanup_mnt+0x425/0x4c0 [ 1452.422639][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.422666][ T5880] ? lockdep_hardirqs_on+0x9c/0x150 [ 1452.422707][ T5880] task_work_run+0x1d4/0x260 [ 1452.422746][ T5880] ? __pfx_task_work_run+0x10/0x10 [ 1452.422777][ T5880] ? __x64_sys_umount+0x122/0x160 [ 1452.422818][ T5880] ? exit_to_user_mode_loop+0x40/0x110 [ 1452.422860][ T5880] exit_to_user_mode_loop+0xec/0x110 [ 1452.422897][ T5880] do_syscall_64+0x2bd/0x3b0 [ 1452.422919][ T5880] ? lockdep_hardirqs_on+0x9c/0x150 [ 1452.422956][ T5880] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1452.422979][ T5880] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1452.423007][ T5880] ? exc_page_fault+0x9f/0xf0 [ 1452.423046][ T5880] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1452.423070][ T5880] RIP: 0033:0x7f0a0978ff17 [ 1452.423091][ T5880] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 1452.423112][ T5880] RSP: 002b:00007ffe3d2b58e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1452.423138][ T5880] RAX: 0000000000000000 RBX: 00007f0a09811c05 RCX: 00007f0a0978ff17 [ 1452.423156][ T5880] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe3d2b59a0 [ 1452.423173][ T5880] RBP: 00007ffe3d2b59a0 R08: 0000000000000000 R09: 0000000000000000 [ 1452.423188][ T5880] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe3d2b6a30 [ 1452.423206][ T5880] R13: 00007f0a09811c05 R14: 000000000014f64e R15: 00007ffe3d2b6a70 [ 1452.423245][ T5880] [ 1452.423256][ T5880] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 1453.687487][ T7849] loop1: detected capacity change from 0 to 32768 [ 1453.769606][ T7849] [ 1453.769606][ T7849] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1453.769606][ T7849] [ 1453.788790][ T7882] loop0: detected capacity change from 0 to 128 [ 1453.843283][ T7849] find_entry called with index = 0 [ 1453.889193][ T7849] read_mapping_page failed! [ 1453.915750][ T7849] ERROR: (device loop1): txCommit: [ 1453.915750][ T7849] [ 1453.931287][ T7882] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1453.981463][ T7882] ext4 filesystem being mounted at /2385/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1454.011631][ T7859] loop6: detected capacity change from 0 to 32768 [ 1454.013254][ T7885] jfs_unlink: dtDelete returned -116 [ 1454.111020][ T7885] jfs_unlink: dtDelete returned -116 [ 1454.151757][ T7888] loop8: detected capacity change from 0 to 512 [ 1454.294561][ T4283] ERROR: (device loop1): diWrite: ixpxd invalid [ 1454.294561][ T4283] [ 1454.304447][ T7890] tipc: Enabling of bearer rejected, media not registered [ 1454.326327][ T4283] ERROR: (device loop1): txCommit: [ 1454.326327][ T4283] [ 1454.336628][ T7888] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 546, start 22000003) [ 1454.364256][ T4283] jfs_write_inode: jfs_commit_inode failed! [ 1454.375053][ T5883] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1454.399812][ T5878] [ 1454.399812][ T5878] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1454.399812][ T5878] [ 1454.428132][ T7888] FAT-fs (loop8): Filesystem has been set read-only [ 1454.450523][ T5878] [ 1454.450523][ T5878] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1454.450523][ T5878] [ 1454.470627][ T7888] FAT-fs (loop8): error, invalid access to FAT (entry 0x22000003) [ 1454.695904][ T90] usb 3-1: new full-speed USB device number 117 using dummy_hcd [ 1454.923213][ T90] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1454.973515][ T90] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1454.998745][ T90] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 1455.085582][ T90] usb 3-1: New USB device found, idVendor=056a, idProduct=005d, bcdDevice= 0.00 [ 1455.127948][ T90] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1455.167402][ T90] usb 3-1: config 0 descriptor?? [ 1455.477992][ T7920] loop8: detected capacity change from 0 to 256 [ 1455.500991][ T7920] exfat: Deprecated parameter 'utf8' [ 1455.537860][ T7920] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 1455.911633][ T90] usb 3-1: USB disconnect, device number 117 [ 1456.124657][ T7937] loop8: detected capacity change from 0 to 256 [ 1456.148218][ T7937] exfat: Deprecated parameter 'utf8' [ 1456.167522][ T7937] exfat: Deprecated parameter 'namecase' [ 1456.190563][ T7937] exfat: Deprecated parameter 'utf8' [ 1456.298314][ T7937] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 1456.340825][ T7940] loop1: detected capacity change from 0 to 1024 [ 1456.426586][ T7940] hfsplus: bad catalog entry type [ 1456.548342][ T36] hfsplus: b-tree write err: -5, ino 4 [ 1456.920034][ T7924] loop6: detected capacity change from 0 to 40427 [ 1456.995264][ T7924] F2FS-fs (loop6): invalid crc value [ 1457.379180][ T7924] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1457.406771][ T7924] F2FS-fs (loop6): Start checkpoint disabled! [ 1457.457395][ T6052] usb 2-1: new high-speed USB device number 118 using dummy_hcd [ 1457.479601][ T7924] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 1457.717797][ T6052] usb 2-1: Using ep0 maxpacket: 8 [ 1457.728970][ T6052] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 1457.737250][ T6052] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 1457.786493][ T6052] usb 2-1: config 0 has no interface number 0 [ 1457.796559][T14582] kworker/u8:3: attempt to access beyond end of device [ 1457.796559][T14582] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1457.813467][ T6052] usb 2-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1457.857006][ T6052] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1457.857451][T14582] CPU: 1 UID: 0 PID: 14582 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) [ 1457.857480][T14582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1457.857497][T14582] Workqueue: writeback wb_workfn (flush-7:6) [ 1457.857532][T14582] Call Trace: [ 1457.857543][T14582] [ 1457.857554][T14582] dump_stack_lvl+0x189/0x250 [ 1457.857593][T14582] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1457.857624][T14582] ? __pfx_queue_work_on+0x10/0x10 [ 1457.857649][T14582] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 1457.857685][T14582] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1457.857737][T14582] f2fs_handle_critical_error+0x37c/0x540 [ 1457.857785][T14582] f2fs_write_end_io+0x886/0xb60 [ 1457.857837][T14582] __submit_merged_bio+0x27a/0x6a0 [ 1457.857882][T14582] __submit_merged_write_cond+0x255/0x530 [ 1457.857929][T14582] f2fs_write_data_pages+0x261d/0x3000 [ 1457.858018][T14582] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1457.858078][T14582] ? __pfx_f2fs_available_free_memory+0x10/0x10 [ 1457.858109][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.858193][T14582] ? __pfx_f2fs_balance_fs_bg+0x10/0x10 [ 1457.858229][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.858256][T14582] ? look_up_lock_class+0x74/0x170 [ 1457.858309][T14582] ? trace_f2fs_writepages+0x7f/0x200 [ 1457.858346][T14582] ? f2fs_write_node_pages+0x478/0x6e0 [ 1457.858389][T14582] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 1457.858435][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.858472][T14582] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1457.858514][T14582] do_writepages+0x32e/0x550 [ 1457.858555][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.858582][T14582] ? reacquire_held_locks+0x127/0x1d0 [ 1457.858608][T14582] ? writeback_sb_inodes+0x384/0x1010 [ 1457.858654][T14582] __writeback_single_inode+0x145/0xff0 [ 1457.858686][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.858713][T14582] ? do_raw_spin_unlock+0x122/0x240 [ 1457.858751][T14582] writeback_sb_inodes+0x6c7/0x1010 [ 1457.858824][T14582] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1457.858918][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.858945][T14582] ? rcu_is_watching+0x15/0xb0 [ 1457.858971][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.859012][T14582] wb_writeback+0x43b/0xaf0 [ 1457.859057][T14582] ? queue_io+0x2e1/0x590 [ 1457.859100][T14582] ? __pfx_wb_writeback+0x10/0x10 [ 1457.859146][T14582] ? _raw_spin_unlock_irq+0x23/0x50 [ 1457.859189][T14582] wb_workfn+0x409/0xef0 [ 1457.859239][T14582] ? __pfx_wb_workfn+0x10/0x10 [ 1457.859274][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.859301][T14582] ? __lock_acquire+0xab9/0xd20 [ 1457.859354][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.859386][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.859419][T14582] ? _raw_spin_unlock_irq+0x23/0x50 [ 1457.859452][T14582] ? process_scheduled_works+0x9ef/0x17b0 [ 1457.859476][T14582] ? process_scheduled_works+0x9ef/0x17b0 [ 1457.859505][T14582] process_scheduled_works+0xae1/0x17b0 [ 1457.859575][T14582] ? __pfx_process_scheduled_works+0x10/0x10 [ 1457.859612][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.859653][T14582] worker_thread+0x8a0/0xda0 [ 1457.859684][T14582] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1457.859732][T14582] ? __kthread_parkme+0x7b/0x200 [ 1457.859775][T14582] kthread+0x711/0x8a0 [ 1457.859811][T14582] ? __pfx_worker_thread+0x10/0x10 [ 1457.859837][T14582] ? __pfx_kthread+0x10/0x10 [ 1457.859864][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.859897][T14582] ? _raw_spin_unlock_irq+0x23/0x50 [ 1457.859929][T14582] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1457.859956][T14582] ? lockdep_hardirqs_on+0x9c/0x150 [ 1457.859990][T14582] ? __pfx_kthread+0x10/0x10 [ 1457.860024][T14582] ret_from_fork+0x3fc/0x770 [ 1457.860055][T14582] ? __pfx_ret_from_fork+0x10/0x10 [ 1457.860092][T14582] ? __switch_to_asm+0x39/0x70 [ 1457.860127][T14582] ? __switch_to_asm+0x33/0x70 [ 1457.860157][T14582] ? __pfx_kthread+0x10/0x10 [ 1457.860191][T14582] ret_from_fork_asm+0x1a/0x30 [ 1457.860249][T14582] [ 1457.869468][T14582] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 1457.889116][ T6052] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1458.263984][ T7979] loop0: detected capacity change from 0 to 64 [ 1458.373501][ T7979] hfs: filesystem is marked locked, mounting read-only. [ 1458.401601][ T7983] tipc: Started in network mode [ 1458.409932][ T7983] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 1458.426144][ T7979] hfs: walked past end of dir [ 1458.471376][ T7983] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0001 [ 1458.530872][ T7983] tipc: Enabled bearer , priority 10 [ 1458.539767][ T6052] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 1458.559785][ T6052] usb 2-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0 [ 1458.628339][ T6052] usb 2-1: Product: syz [ 1458.658409][ T6052] usb 2-1: config 0 descriptor?? [ 1458.699465][ T7957] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1458.996795][ T7994] netlink: 316 bytes leftover after parsing attributes in process `syz.0.14761'. [ 1459.155867][ T7997] loop8: detected capacity change from 0 to 256 [ 1459.162772][ T8000] netlink: 16186 bytes leftover after parsing attributes in process `syz.6.14754'. [ 1459.269736][ T7997] tmpfs: Cannot retroactively limit inodes [ 1459.363481][ T7971] loop7: detected capacity change from 0 to 32768 [ 1459.410957][ T6052] usb 2-1: USB disconnect, device number 118 [ 1459.473172][ T7971] XFS (loop7): DAX unsupported by block device. Turning off DAX. [ 1459.526057][ T8013] program syz.0.14768 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1459.528423][ T7971] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1459.745717][ T90] tipc: Node number set to 1 [ 1459.818913][ T7971] XFS (loop7): Ending clean mount [ 1459.865768][ T7971] XFS (loop7): Quotacheck needed: Please wait. [ 1460.014799][ T7971] XFS (loop7): Quotacheck: Done. [ 1460.124921][ T43] usb 3-1: new full-speed USB device number 118 using dummy_hcd [ 1460.293998][T24870] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1460.308624][ T43] usb 3-1: too many configurations: 225, using maximum allowed: 8 [ 1460.325255][T15448] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1460.487649][ T43] usb 3-1: New USB device found, idVendor=05ac, idProduct=63de, bcdDevice=31.71 [ 1460.513182][ T43] usb 3-1: New USB device strings: Mfr=38, Product=0, SerialNumber=197 [ 1460.521450][ T43] usb 3-1: Manufacturer: syz [ 1460.541593][ T43] usb 3-1: SerialNumber: syz [ 1460.579188][ T43] usb 3-1: config 0 descriptor?? [ 1460.841181][ T8015] loop0: detected capacity change from 0 to 32768 [ 1460.856641][ T90] usb 3-1: USB disconnect, device number 118 [ 1460.867370][T24870] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1460.971303][ T8015] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1461.096908][ T8015] XFS (loop0): Ending clean mount [ 1461.122182][ T1710] kernel write not supported for file /5051/attr/fscreate (pid: 1710 comm: kworker/0:2) [ 1461.152849][ T8015] XFS (loop0): Quotacheck needed: Please wait. [ 1461.299530][ T8015] XFS (loop0): Quotacheck: Done. [ 1461.309887][ T8035] loop7: detected capacity change from 0 to 4096 [ 1461.411835][ T8035] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512). [ 1461.524806][ T5883] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1461.528204][T24870] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1461.595808][ T8035] ntfs3(loop7): ino=1a, mi_enum_attr [ 1461.601164][ T8035] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 1461.678113][ T8035] ntfs3(loop7): ino=1a, mi_enum_attr [ 1461.756259][ T8035] ntfs3(loop7): Failed to initialize $Extend/$Reparse. [ 1462.087841][T24870] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1462.302918][ T30] audit: type=1326 audit(1757016678.933:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8052 comm="syz.1.14785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f993e18ebe9 code=0x7ffc0000 [ 1462.372973][ T2180] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1462.385713][ T2180] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1462.408539][ T2180] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1462.418175][ T30] audit: type=1326 audit(1757016678.933:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8052 comm="syz.1.14785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f993e18ebe9 code=0x7ffc0000 [ 1462.452340][ T30] audit: type=1326 audit(1757016678.933:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8052 comm="syz.1.14785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f993e18ebe9 code=0x7ffc0000 [ 1462.475976][ T30] audit: type=1326 audit(1757016678.933:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8052 comm="syz.1.14785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f993e18ebe9 code=0x7ffc0000 [ 1462.499423][ T2180] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1462.506631][ T30] audit: type=1326 audit(1757016678.933:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8052 comm="syz.1.14785" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f993e18ebe9 code=0x7ffc0000 [ 1462.553375][ T2180] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1462.715305][ T8059] loop7: detected capacity change from 0 to 1024 [ 1462.956979][ T8051] lo speed is unknown, defaulting to 1000 [ 1462.957163][ T8069] netem: incorrect gi model size [ 1462.991184][ T3531] hfsplus: b-tree write err: -5, ino 4 [ 1463.055195][ T8069] netem: change failed [ 1463.199956][ T8075] zonefs (nullb0) ERROR: Not a zoned block device [ 1463.330267][T24870] bridge_slave_1: left allmulticast mode [ 1463.335980][T24870] bridge_slave_1: left promiscuous mode [ 1463.383672][T24870] bridge0: port 2(bridge_slave_1) entered disabled state [ 1463.470593][ T8087] loop6: detected capacity change from 0 to 128 [ 1463.514450][T24870] bridge_slave_0: left allmulticast mode [ 1463.538964][T24870] bridge_slave_0: left promiscuous mode [ 1463.544811][T24870] bridge0: port 1(bridge_slave_0) entered disabled state [ 1463.638196][ T8092] loop2: detected capacity change from 0 to 1024 [ 1463.678163][ T8092] EXT4-fs: Ignoring removed oldalloc option [ 1463.684167][ T8092] EXT4-fs: Ignoring removed bh option [ 1463.836125][ T8092] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1463.864051][ T30] audit: type=1800 audit(1757016680.373:344): pid=8092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.14801" name="file2" dev="loop2" ino=18 res=0 errno=0 [ 1463.884623][ C0] vkms_vblank_simulate: vblank timer overrun [ 1463.910012][ T8092] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.14801: Allocating blocks 497-513 which overlap fs metadata [ 1464.051475][ T5880] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1464.475545][ T8111] loop2: detected capacity change from 0 to 256 [ 1464.802779][ T2180] Bluetooth: hci1: command tx timeout [ 1464.916096][ T8090] loop0: detected capacity change from 0 to 40427 [ 1464.944332][ T8090] F2FS-fs (loop0): Image doesn't support compression [ 1464.966256][ T8090] F2FS-fs (loop0): build fault injection rate: 690 [ 1465.006533][ T8102] loop6: detected capacity change from 0 to 32768 [ 1465.006818][ T8090] F2FS-fs (loop0): invalid crc value [ 1465.117971][ T8102] JBD2: Ignoring recovery information on journal [ 1465.338760][ T8090] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1465.344767][ T8102] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 1465.360036][ T8123] loop2: detected capacity change from 0 to 4096 [ 1465.376653][ T8090] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1465.526093][T14560] ocfs2: Unmounting device (7,6) on (node local) [ 1465.528097][ T5883] syz-executor: attempt to access beyond end of device [ 1465.528097][ T5883] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1465.580473][ T5883] CPU: 0 UID: 0 PID: 5883 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1465.580507][ T5883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1465.580522][ T5883] Call Trace: [ 1465.580533][ T5883] [ 1465.580544][ T5883] dump_stack_lvl+0x189/0x250 [ 1465.580586][ T5883] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1465.580616][ T5883] ? __pfx_queue_work_on+0x10/0x10 [ 1465.580641][ T5883] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 1465.580676][ T5883] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1465.580728][ T5883] f2fs_handle_critical_error+0x37c/0x540 [ 1465.580773][ T5883] f2fs_write_end_io+0x886/0xb60 [ 1465.580824][ T5883] __submit_merged_bio+0x27a/0x6a0 [ 1465.580868][ T5883] __submit_merged_write_cond+0x255/0x530 [ 1465.580913][ T5883] f2fs_write_data_pages+0x261d/0x3000 [ 1465.580950][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.581026][ T5883] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1465.581125][ T5883] ? __mod_zone_page_state+0xd7/0x140 [ 1465.581173][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.581199][ T5883] ? folios_put_refs+0x560/0x640 [ 1465.581244][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.581270][ T5883] ? __lock_acquire+0xab9/0xd20 [ 1465.581318][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.581344][ T5883] ? do_raw_spin_lock+0x121/0x290 [ 1465.581387][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.581420][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.581447][ T5883] ? do_raw_spin_unlock+0x122/0x240 [ 1465.581478][ T5883] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1465.581518][ T5883] do_writepages+0x32e/0x550 [ 1465.581560][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.581593][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.581619][ T5883] ? do_raw_spin_unlock+0x122/0x240 [ 1465.581656][ T5883] filemap_fdatawrite+0x199/0x240 [ 1465.581693][ T5883] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 1465.581786][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.581821][ T5883] ? do_raw_spin_unlock+0x122/0x240 [ 1465.581858][ T5883] f2fs_sync_dirty_inodes+0x31f/0x830 [ 1465.581911][ T5883] f2fs_write_checkpoint+0x95a/0x1df0 [ 1465.581977][ T5883] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1465.582071][ T5883] ? kill_f2fs_super+0x298/0x6c0 [ 1465.582107][ T5883] kill_f2fs_super+0x2c3/0x6c0 [ 1465.582143][ T5883] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1465.582166][ T5883] ? radix_tree_delete_item+0x2b6/0x400 [ 1465.582212][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.582240][ T5883] ? shrinker_free+0x2ce/0x3e0 [ 1465.582273][ T5883] deactivate_locked_super+0xbc/0x130 [ 1465.582308][ T5883] cleanup_mnt+0x425/0x4c0 [ 1465.582335][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.582368][ T5883] ? lockdep_hardirqs_on+0x9c/0x150 [ 1465.582409][ T5883] task_work_run+0x1d4/0x260 [ 1465.582448][ T5883] ? __pfx_task_work_run+0x10/0x10 [ 1465.582479][ T5883] ? __x64_sys_umount+0x122/0x160 [ 1465.582522][ T5883] ? exit_to_user_mode_loop+0x40/0x110 [ 1465.582564][ T5883] exit_to_user_mode_loop+0xec/0x110 [ 1465.582602][ T5883] do_syscall_64+0x2bd/0x3b0 [ 1465.582626][ T5883] ? lockdep_hardirqs_on+0x9c/0x150 [ 1465.582662][ T5883] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1465.582684][ T5883] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1465.582711][ T5883] ? exc_page_fault+0x9f/0xf0 [ 1465.582752][ T5883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1465.582777][ T5883] RIP: 0033:0x7fcfc118ff17 [ 1465.582799][ T5883] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 1465.582818][ T5883] RSP: 002b:00007fff0d1c85d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1465.582843][ T5883] RAX: 0000000000000000 RBX: 00007fcfc1211c05 RCX: 00007fcfc118ff17 [ 1465.582861][ T5883] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff0d1c8690 [ 1465.582878][ T5883] RBP: 00007fff0d1c8690 R08: 0000000000000000 R09: 0000000000000000 [ 1465.582893][ T5883] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff0d1c9720 [ 1465.582911][ T5883] R13: 00007fcfc1211c05 R14: 0000000000152610 R15: 00007fff0d1c9760 [ 1465.582955][ T5883] [ 1465.589587][ T8123] ntfs3(loop2): failed to convert "0080" to cp860 [ 1465.615898][ T5883] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 1465.673631][ T8123] ntfs3(loop2): failed to convert name for inode 1e. [ 1466.028731][ T8123] ntfs3(loop2): ino=1f, mi_enum_attr [ 1466.039173][ T8123] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 1466.573574][ C0] vkms_vblank_simulate: vblank timer overrun [ 1467.009554][ C0] vkms_vblank_simulate: vblank timer overrun [ 1467.055975][ T2180] Bluetooth: hci1: command tx timeout [ 1467.081845][ T8146] loop0: detected capacity change from 0 to 512 [ 1467.103365][ T8146] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1467.162574][ T8146] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.14816: corrupted in-inode xattr: e_value out of bounds [ 1467.239763][ T8146] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.14816: couldn't read orphan inode 15 (err -117) [ 1467.263385][ T8146] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1467.279324][T24870] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1467.291877][T24870] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1467.310337][T24870] bond0 (unregistering): Released all slaves [ 1467.393441][ T5883] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1467.575569][T24870] tipc: Disabling bearer [ 1467.586771][T24870] tipc: Left network mode [ 1467.649585][ T8154] loop6: detected capacity change from 0 to 136 [ 1467.661329][ C0] vkms_vblank_simulate: vblank timer overrun [ 1467.730773][ T8142] loop2: detected capacity change from 0 to 32768 [ 1467.886389][ T8157] team0: Port device vlan0 added [ 1467.898223][T24870] IPVS: stopping backup sync thread 23058 ... [ 1467.981254][ T8142] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1468.158083][ T8142] XFS (loop2): Ending clean mount [ 1468.164908][ T8173] netlink: 'syz.1.14823': attribute type 1 has an invalid length. [ 1468.203742][ T8173] netlink: 184 bytes leftover after parsing attributes in process `syz.1.14823'. [ 1468.272130][ T8173] netlink: 'syz.1.14823': attribute type 1 has an invalid length. [ 1468.294204][ T5880] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1468.329020][ T8176] Bluetooth: MGMT ver 1.23 [ 1468.687464][ T8051] chnl_net:caif_netlink_parms(): no params data found [ 1468.960673][ T8197] loop1: detected capacity change from 0 to 65 [ 1468.981504][ T8185] loop2: detected capacity change from 0 to 4096 [ 1469.021534][ T8197] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 1469.026588][ T8185] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 1469.048935][ T8197] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway [ 1469.258062][ T8185] ntfs3(loop2): ino=19, mi_enum_attr [ 1469.263422][ T8185] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 1469.326222][ T2180] Bluetooth: hci1: command tx timeout [ 1469.465759][ T8185] ntfs3(loop2): failed to convert "c46c" to cp852 [ 1469.494201][ T8185] ntfs3(loop2): ino=20, mi_enum_attr [ 1469.667202][ T8212] netlink: 'syz.7.14834': attribute type 4 has an invalid length. [ 1469.701326][ T8212] netlink: 3657 bytes leftover after parsing attributes in process `syz.7.14834'. [ 1470.264893][ T8051] bridge0: port 1(bridge_slave_0) entered blocking state [ 1470.289070][ T8051] bridge0: port 1(bridge_slave_0) entered disabled state [ 1470.316896][ T8051] bridge_slave_0: entered allmulticast mode [ 1470.322613][ T8230] loop7: detected capacity change from 0 to 64 [ 1470.336695][ T8051] bridge_slave_0: entered promiscuous mode [ 1470.380605][ T8218] netlink: 20 bytes leftover after parsing attributes in process `syz.1.14837'. [ 1470.623515][T24870] hsr_slave_0: left promiscuous mode [ 1470.663711][T24870] hsr_slave_1: left promiscuous mode [ 1470.681565][T24870] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1470.719710][T24870] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1470.725329][ T8243] loop2: detected capacity change from 0 to 64 [ 1470.736194][T24870] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1470.799302][ T8245] loop1: detected capacity change from 0 to 256 [ 1470.806964][T24870] veth1_macvtap: left promiscuous mode [ 1470.815274][T24870] veth0_macvtap: left promiscuous mode [ 1470.840522][T24870] veth1_vlan: left promiscuous mode [ 1470.862594][T24870] veth0_vlan: left promiscuous mode [ 1471.086324][ T8250] netlink: 'syz.2.14849': attribute type 10 has an invalid length. [ 1471.561910][ T2180] Bluetooth: hci1: command tx timeout [ 1471.736425][T24870] team0 (unregistering): Port device team_slave_1 removed [ 1471.797882][T24870] team0 (unregistering): Port device team_slave_0 removed [ 1472.402987][ T8051] bridge0: port 2(bridge_slave_1) entered blocking state [ 1472.412453][ T8051] bridge0: port 2(bridge_slave_1) entered disabled state [ 1472.420427][ T8051] bridge_slave_1: entered allmulticast mode [ 1472.427930][ T8051] bridge_slave_1: entered promiscuous mode [ 1472.523986][ T8250] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1472.563410][ T8250] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 1472.601935][ T8254] loop6: detected capacity change from 0 to 164 [ 1472.867044][ T8051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1472.999568][ T8051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1473.284610][ T8275] loop1: detected capacity change from 0 to 512 [ 1473.384230][ T8051] team0: Port device team_slave_0 added [ 1473.405645][ T8275] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.14860: corrupted in-inode xattr: invalid ea_ino [ 1473.419005][ T8051] team0: Port device team_slave_1 added [ 1473.489424][ T8284] loop0: detected capacity change from 0 to 256 [ 1473.495956][ T8282] loop7: detected capacity change from 0 to 1024 [ 1473.524902][ T8275] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.14860: couldn't read orphan inode 15 (err -117) [ 1473.558266][ T8284] FAT-fs (loop0): Directory bread(block 64) failed [ 1473.575875][ T8284] FAT-fs (loop0): Directory bread(block 65) failed [ 1473.583289][ T8284] FAT-fs (loop0): Directory bread(block 66) failed [ 1473.594990][ T8275] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1473.640316][ T8284] FAT-fs (loop0): Directory bread(block 67) failed [ 1473.684361][ T8284] FAT-fs (loop0): Directory bread(block 68) failed [ 1473.702126][ T8284] FAT-fs (loop0): Directory bread(block 69) failed [ 1473.748004][ T8284] FAT-fs (loop0): Directory bread(block 70) failed [ 1473.793232][ T8284] FAT-fs (loop0): Directory bread(block 71) failed [ 1473.802379][ T8051] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1473.820407][ T8252] hfsplus: b-tree write err: -5, ino 4 [ 1473.851501][ T8051] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1473.853838][ T8284] FAT-fs (loop0): Directory bread(block 72) failed [ 1474.044588][ T8051] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1474.059773][ T8284] FAT-fs (loop0): Directory bread(block 73) failed [ 1474.147378][ T5878] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1474.361972][ T8051] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1474.404373][ T8051] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1474.574119][ T8307] loop2: detected capacity change from 0 to 512 [ 1474.605818][ T8051] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1474.611572][ T8307] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1474.666727][ T8307] EXT4-fs: Ignoring removed i_version option [ 1474.783988][ T8307] EXT4-fs (loop2): 1 orphan inode deleted [ 1474.848574][ T8307] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1474.967777][T24870] IPVS: stop unused estimator thread 0... [ 1475.139071][ T8051] hsr_slave_0: entered promiscuous mode [ 1475.170797][ T8051] hsr_slave_1: entered promiscuous mode [ 1475.177617][ T8051] debugfs: 'hsr0' already exists in 'hsr' [ 1475.180304][ T1549] usb 2-1: new full-speed USB device number 119 using dummy_hcd [ 1475.191472][ T8051] Cannot create hsr debugfs directory [ 1475.212866][ T5880] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1475.412503][ T1549] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 1475.439786][ T1549] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1475.499836][ T1549] usb 2-1: New USB device found, idVendor=5543, idProduct=0047, bcdDevice= 0.00 [ 1475.569926][ T1549] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1475.614286][ T1549] usb 2-1: config 0 descriptor?? [ 1475.646662][ T8326] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1476.121656][ T8357] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 1476.327727][ T1549] usb 2-1: string descriptor 0 read error: -71 [ 1476.382615][ T1549] uclogic 0003:5543:0047.0009: failed retrieving string descriptor #200: -71 [ 1476.416222][ T1549] uclogic 0003:5543:0047.0009: failed retrieving pen parameters: -71 [ 1476.424359][ T1549] uclogic 0003:5543:0047.0009: failed probing pen v2 parameters: -71 [ 1476.490562][ T1549] uclogic 0003:5543:0047.0009: failed probing parameters: -71 [ 1476.498248][ T1549] uclogic 0003:5543:0047.0009: probe with driver uclogic failed with error -71 [ 1476.630594][ T8051] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1476.637764][ T1549] usb 2-1: USB disconnect, device number 119 [ 1476.732474][ T8051] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1476.787528][ T8051] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1476.843955][ T8051] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1477.107251][ T8349] loop7: detected capacity change from 0 to 32768 [ 1477.194348][ T8349] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.14888 (8349) [ 1477.315810][ T8349] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1477.358389][ T8349] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm [ 1477.445484][ T8051] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1477.489111][ T8051] 8021q: adding VLAN 0 to HW filter on device team0 [ 1477.606210][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 1477.614000][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1477.687403][ T8414] loop6: detected capacity change from 0 to 164 [ 1477.782162][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 1477.789373][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1477.834655][ T8414] Unable to read rock-ridge attributes [ 1477.843293][ T8349] BTRFS info (device loop7): enabling ssd optimizations [ 1477.866951][ T8414] Unable to read rock-ridge attributes [ 1477.882299][ T8349] BTRFS info (device loop7): enabling free space tree [ 1478.108874][ T8051] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1478.375744][T15448] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1478.412670][ T8432] loop2: detected capacity change from 0 to 64 [ 1478.887602][ T8441] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14914'. [ 1479.317857][ T1710] usb 3-1: new high-speed USB device number 119 using dummy_hcd [ 1479.515431][ T8422] loop0: detected capacity change from 0 to 32768 [ 1479.519036][ T1710] usb 3-1: Using ep0 maxpacket: 8 [ 1479.539272][ T1710] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1479.542560][ T8422] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 1479.595235][ T1710] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1479.614233][ T8051] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1479.620800][ T8422] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 1479.627964][ T8461] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14920'. [ 1479.642387][ T1710] usb 3-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 1479.666863][ T1710] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1479.719718][ T8455] sp0: Synchronizing with TNC [ 1479.720066][ T1710] usb 3-1: config 0 descriptor?? [ 1479.841839][ T8422] (syz.0.14907,8422,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=0, inode=281474976710721, rec_len=32768, name_len=1 [ 1480.115018][ T8468] loop1: detected capacity change from 0 to 1024 [ 1480.117305][ T5883] ocfs2: Unmounting device (7,0) on (node local) [ 1480.226540][ T1710] cherry 0003:046A:0027.000A: fixing up Cherry Cymotion report descriptor [ 1480.281728][ T8468] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 1480.353980][ T1710] hid_parser_main: 50 callbacks suppressed [ 1480.354007][ T1710] cherry 0003:046A:0027.000A: unknown main item tag 0x0 [ 1480.395348][ T8468] ext4 filesystem being mounted at /2535/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1480.422989][ T8478] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14924'. [ 1480.437824][ T8475] sp0: Synchronizing with TNC [ 1480.458158][ T1710] cherry 0003:046A:0027.000A: unknown main item tag 0x0 [ 1480.473716][ T8478] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14924'. [ 1480.490466][ T1710] cherry 0003:046A:0027.000A: unknown main item tag 0x0 [ 1480.520838][ T8478] netlink: 'syz.7.14924': attribute type 18 has an invalid length. [ 1480.536207][ T1710] cherry 0003:046A:0027.000A: unknown main item tag 0x6 [ 1480.563857][ T1710] cherry 0003:046A:0027.000A: unknown main item tag 0x5 [ 1480.582445][ T1710] cherry 0003:046A:0027.000A: unknown main item tag 0x4 [ 1480.595511][ T1710] cherry 0003:046A:0027.000A: unknown main item tag 0x0 [ 1480.653171][ T5878] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1480.665526][ T1710] cherry 0003:046A:0027.000A: unknown main item tag 0x0 [ 1480.734933][ T1710] cherry 0003:046A:0027.000A: hidraw0: USB HID v0.00 Device [HID 046a:0027] on usb-dummy_hcd.2-1/input0 [ 1480.789565][ T8485] loop6: detected capacity change from 0 to 512 [ 1480.836620][ T1710] usb 3-1: USB disconnect, device number 119 [ 1480.865531][ T8485] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 1480.915041][ T8485] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1481.082504][ T8486] fido_id[8486]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 1481.196771][ T8485] FAT-fs (loop6): FAT read failed (blocknr 128) [ 1481.476676][ T8051] veth0_vlan: entered promiscuous mode [ 1481.563013][ T8051] veth1_vlan: entered promiscuous mode [ 1481.696791][ T8508] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14935'. [ 1481.778569][ T8051] veth0_macvtap: entered promiscuous mode [ 1481.800990][ T8051] veth1_macvtap: entered promiscuous mode [ 1481.867537][ T8051] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1481.896181][ T6052] usb 7-1: new high-speed USB device number 31 using dummy_hcd [ 1481.916874][ T8051] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1481.948566][ T1143] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1481.961796][ T1143] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1482.007759][ T1143] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1482.066034][ T1143] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1482.091396][ T6052] usb 7-1: New USB device found, idVendor=0757, idProduct=0a00, bcdDevice= 0.00 [ 1482.100476][ T6052] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1482.164993][ T8518] loop1: detected capacity change from 0 to 1024 [ 1482.205321][ T6052] usb 7-1: config 0 descriptor?? [ 1482.350606][ T8490] loop0: detected capacity change from 0 to 32768 [ 1482.357471][ T3531] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1482.384189][ T12] hfsplus: b-tree write err: -5, ino 4 [ 1482.415850][ T3531] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1482.544101][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1482.575351][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1482.673934][ T6052] nti 0003:0757:0A00.000B: unknown main item tag 0x0 [ 1482.715399][ T6052] nti 0003:0757:0A00.000B: unknown main item tag 0x0 [ 1482.748619][ T6052] nti 0003:0757:0A00.000B: hidraw0: USB HID v0.00 Device [HID 0757:0a00] on usb-dummy_hcd.6-1/input0 [ 1482.927038][ T8519] usb 7-1: USB disconnect, device number 31 [ 1483.018227][ T8529] fido_id[8529]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 1483.099730][ T8531] loop9: detected capacity change from 0 to 4096 [ 1483.229363][ T8536] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1483.846966][ T8525] loop1: detected capacity change from 0 to 32768 [ 1483.965249][ T8525] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1484.058915][ T8525] XFS (loop1): Ending clean mount [ 1484.116986][ T8525] XFS (loop1): Quotacheck needed: Please wait. [ 1484.133381][ T8569] loop0: detected capacity change from 0 to 16 [ 1484.216069][ T8569] erofs (device loop0): mounted with root inode @ nid 36. [ 1484.294994][ T8525] XFS (loop1): Quotacheck: Done. [ 1484.403444][ T30] audit: type=1800 audit(1757016699.325:345): pid=8525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.14942" name="file1" dev="loop1" ino=6150 res=0 errno=0 [ 1484.543027][ T5878] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 1484.717399][ T8581] loop2: detected capacity change from 0 to 2048 [ 1485.281977][ T8588] loop7: detected capacity change from 0 to 2048 [ 1485.353737][ T8591] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1485.438960][ T8588] NILFS (loop7): failed to count free inodes: err=-34 [ 1485.697567][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1485.778314][T15448] NILFS (loop7): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 1485.806475][T15448] NILFS error (device loop7): nilfs_bmap_truncate: broken bmap (inode number=16) [ 1485.895620][T15448] Remounting filesystem read-only [ 1485.936998][T15448] NILFS (loop7): error -5 truncating bmap (ino=16) [ 1485.984902][ T8583] loop6: detected capacity change from 0 to 32768 [ 1486.004735][ T8598] loop1: detected capacity change from 0 to 164 [ 1486.056777][T15448] NILFS (loop7): disposed unprocessed dirty file(s) when detaching log writer [ 1486.073710][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1486.088292][ T8583] [ 1486.088292][ T8583] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1486.088292][ T8583] [ 1486.168991][ T8598] Unable to read rock-ridge attributes [ 1486.171173][ T8583] ERROR: (device loop6): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 4 [ 1486.171173][ T8583] [ 1486.491646][ T36] [ 1486.491646][ T36] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1486.491646][ T36] [ 1486.543096][ T36] [ 1486.543096][ T36] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1486.543096][ T36] [ 1486.597533][T14560] [ 1486.597533][T14560] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1486.597533][T14560] [ 1486.655981][ T110] [ 1486.655981][ T110] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1486.655981][ T110] [ 1486.688525][T14560] [ 1486.688525][T14560] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1486.688525][T14560] [ 1486.772797][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1486.813113][ T8614] loop7: detected capacity change from 0 to 64 [ 1486.879107][ T90] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 1487.052728][ T43] usb 3-1: new high-speed USB device number 120 using dummy_hcd [ 1487.061918][ T90] usb 10-1: Using ep0 maxpacket: 8 [ 1487.111833][ T90] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 1487.145601][ T90] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1487.170035][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1487.197839][ T90] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1487.229731][ T90] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 1487.241403][ T43] usb 3-1: Using ep0 maxpacket: 16 [ 1487.277921][ T43] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1487.303017][ T90] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1487.316600][ T43] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1487.345487][ T90] usb 10-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1487.355313][ T43] usb 3-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00 [ 1487.400525][T24483] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1487.414250][T24483] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1487.421089][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1487.429704][T24483] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1487.431849][ T90] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1487.446830][T24483] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1487.461610][T24483] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1487.492211][ T43] usb 3-1: config 0 descriptor?? [ 1487.584118][ T90] usb 10-1: config 0 descriptor?? [ 1487.591666][ T8608] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 1487.806331][ T8622] lo speed is unknown, defaulting to 1000 [ 1487.936755][ T2180] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 1487.951656][ T2180] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 1487.958693][ T2180] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 1487.965743][ T2180] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 1487.972646][ T2180] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 1487.980266][ T2180] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 1487.987528][ T2180] Bluetooth: hci6: Received unexpected HCI Event 0x00 [ 1488.004352][ T8617] loop1: detected capacity change from 0 to 32768 [ 1488.011135][ T43] hid_parser_main: 3 callbacks suppressed [ 1488.011195][ T43] kye 0003:0458:0153.000C: unknown main item tag 0x0 [ 1488.011228][ T43] kye 0003:0458:0153.000C: unknown main item tag 0x0 [ 1488.011253][ T43] kye 0003:0458:0153.000C: unknown main item tag 0x0 [ 1488.011278][ T43] kye 0003:0458:0153.000C: unknown main item tag 0x0 [ 1488.011304][ T43] kye 0003:0458:0153.000C: unknown main item tag 0x0 [ 1488.018532][ T43] kye 0003:0458:0153.000C: hidraw0: USB HID v0.05 Device [HID 0458:0153] on usb-dummy_hcd.2-1/input0 [ 1488.169064][ T1710] usb 10-1: USB disconnect, device number 2 [ 1488.177759][T24483] Bluetooth: hci6: Opcode 0x0c03 failed: -71 [ 1488.198954][ T8617] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 1488.248806][ T43] usb 3-1: USB disconnect, device number 120 [ 1488.282473][ T8617] (syz.1.14980,8617,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=0, inode=65, rec_len=16, name_len=1 [ 1488.314554][ T13] dummy0: left promiscuous mode [ 1488.343839][ T8617] (syz.1.14980,8617,1):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2 [ 1488.357119][ T13] bridge0: port 3(dummy0) entered disabled state [ 1488.395178][ T8617] (syz.1.14980,8617,1):ocfs2_mknod:301 ERROR: status = -2 [ 1488.407860][ T13] bridge_slave_1: left allmulticast mode [ 1488.426670][ T13] bridge_slave_1: left promiscuous mode [ 1488.433957][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 1488.442176][ T8617] (syz.1.14980,8617,0):ocfs2_mknod:505 ERROR: status = -2 [ 1488.450114][ T8617] (syz.1.14980,8617,0):ocfs2_create:678 ERROR: status = -2 [ 1488.517920][ T8636] fido_id[8636]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 1488.544485][ T13] bridge_slave_0: left allmulticast mode [ 1488.572625][ T13] bridge_slave_0: left promiscuous mode [ 1488.596162][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 1488.638671][ T5878] ocfs2: Unmounting device (7,1) on (node local) [ 1489.046389][ T6052] usb 2-1: new high-speed USB device number 120 using dummy_hcd [ 1489.094984][ T8652] [U]  [ 1489.254546][ T6052] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1489.290414][ T6052] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1489.312103][ T6052] usb 2-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00 [ 1489.348330][ T6052] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1489.429388][ T6052] usb 2-1: config 0 descriptor?? [ 1489.468682][ T8660] loop2: detected capacity change from 0 to 512 [ 1489.490733][ T8660] EXT4-fs: Ignoring removed bh option [ 1489.569242][ T8660] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 1489.698838][T24483] Bluetooth: hci4: command tx timeout [ 1489.865548][ C0] vkms_vblank_simulate: vblank timer overrun [ 1489.872399][ T8660] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6 [ 1489.888884][ T6052] logitech 0003:046D:C623.000D: unknown main item tag 0x0 [ 1489.954411][ T6052] logitech 0003:046D:C623.000D: hidraw0: USB HID v0.00 Device [HID 046d:c623] on usb-dummy_hcd.1-1/input0 [ 1489.960852][ T8660] loop2: detected capacity change from 0 to 16 [ 1490.059682][ T8660] erofs (device loop2): mounted with root inode @ nid 36. [ 1490.119752][ T5959] usb 2-1: USB disconnect, device number 120 [ 1490.183222][ T8663] fido_id[8663]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1490.192707][ T8654] loop6: detected capacity change from 0 to 32768 [ 1490.879911][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1490.905257][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1490.917826][ T13] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 1490.927928][ T13] bond0 (unregistering): Released all slaves [ 1490.945531][ T13] bond1 (unregistering): Released all slaves [ 1490.961998][ T13] bond2 (unregistering): Released all slaves [ 1491.146266][ C0] vkms_vblank_simulate: vblank timer overrun [ 1491.166856][ T13] : left promiscuous mode [ 1491.398745][ T13] : left promiscuous mode [ 1491.533380][ T8688] loop6: detected capacity change from 0 to 64 [ 1491.573809][ T8684] netlink: 'syz.2.15006': attribute type 2 has an invalid length. [ 1491.609005][ T8693] loop7: detected capacity change from 0 to 22 [ 1491.609817][ T8691] loop1: detected capacity change from 0 to 1024 [ 1491.656497][ T8693] MTD: Attempt to mount non-MTD device "/dev/loop7" [ 1491.694833][ T8691] EXT4-fs: Ignoring removed i_version option [ 1491.707728][ T8693] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1491.751685][ T8691] EXT4-fs: Ignoring removed nobh option [ 1491.843213][ T8691] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1491.938847][T24483] Bluetooth: hci4: command tx timeout [ 1492.164314][ T5878] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1492.393689][ T8713] netlink: 8 bytes leftover after parsing attributes in process `syz.9.15016'. [ 1492.406907][ T8622] chnl_net:caif_netlink_parms(): no params data found [ 1492.477949][ T30] audit: type=1326 audit(1757016706.784:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8716 comm="syz.1.15017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f993e18ebe9 code=0x7ffc0000 [ 1492.601342][ T30] audit: type=1326 audit(1757016706.821:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8716 comm="syz.1.15017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f993e18ebe9 code=0x7ffc0000 [ 1492.714674][ T30] audit: type=1326 audit(1757016706.821:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8716 comm="syz.1.15017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f993e18ebe9 code=0x7ffc0000 [ 1492.836834][ T8519] usb 7-1: new high-speed USB device number 32 using dummy_hcd [ 1493.011386][ T8519] usb 7-1: Using ep0 maxpacket: 16 [ 1493.022678][ T8519] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1493.042619][ T8519] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1493.052442][ T8519] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1493.092886][ T8519] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1493.100043][ T4283] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 1493.107765][ T8519] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1493.130375][ T8519] usb 7-1: config 0 descriptor?? [ 1493.186686][ T4283] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 1493.198729][ T5959] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 1493.551071][ T8754] loop1: detected capacity change from 0 to 1024 [ 1493.593651][ T8754] EXT4-fs: Ignoring removed nobh option [ 1493.602037][ T8519] microsoft 0003:045E:07DA.000E: ignoring exceeding usage max [ 1493.629567][ T8754] EXT4-fs: Ignoring removed bh option [ 1493.657959][ T8519] microsoft 0003:045E:07DA.000E: unsupported Resolution Multiplier 0 [ 1493.666630][ T43] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 1493.713867][ T8519] microsoft 0003:045E:07DA.000E: implement() called with n (152) > 32! (kworker/0:3) [ 1493.732103][ T8754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1493.747273][ T43] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 1493.784716][ T8622] bridge0: port 1(bridge_slave_0) entered blocking state [ 1493.800963][ T8622] bridge0: port 1(bridge_slave_0) entered disabled state [ 1493.817161][ T8622] bridge_slave_0: entered allmulticast mode [ 1493.825953][ T8622] bridge_slave_0: entered promiscuous mode [ 1493.844958][ T8519] microsoft 0003:045E:07DA.000E: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.6-1/input0 [ 1493.935139][ T8519] microsoft 0003:045E:07DA.000E: no inputs found [ 1493.941555][ T8519] microsoft 0003:045E:07DA.000E: could not initialize ff, continuing anyway [ 1493.994747][ T8622] bridge0: port 2(bridge_slave_1) entered blocking state [ 1494.001054][ T5878] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1494.023452][ T8519] usb 7-1: USB disconnect, device number 32 [ 1494.027023][ T8622] bridge0: port 2(bridge_slave_1) entered disabled state [ 1494.083443][ T8622] bridge_slave_1: entered allmulticast mode [ 1494.113518][ T8622] bridge_slave_1: entered promiscuous mode [ 1494.133828][ T8757] fido_id[8757]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 1494.180912][ T2180] Bluetooth: hci4: command tx timeout [ 1494.311636][ T8736] loop2: detected capacity change from 0 to 32768 [ 1494.395134][ T13] hsr_slave_0: left promiscuous mode [ 1494.406292][ T8736] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1494.428470][ T13] hsr_slave_1: left promiscuous mode [ 1494.441420][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1494.456475][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1494.512541][ T8736] XFS (loop2): Ending clean mount [ 1494.568702][ T13] veth1_macvtap: left promiscuous mode [ 1494.576314][ T13] veth0_macvtap: left promiscuous mode [ 1494.582910][ T13] veth0_vlan: left promiscuous mode [ 1494.679520][ T8752] loop7: detected capacity change from 0 to 32768 [ 1494.700244][ T8773] loop1: detected capacity change from 0 to 64 [ 1494.758786][ T5880] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1494.808101][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz.6.15033'. [ 1495.298017][ T13] pimreg (unregistering): left allmulticast mode [ 1495.672954][ T8787] loop2: detected capacity change from 0 to 512 [ 1495.708209][ T13] pim6reg (unregistering): left allmulticast mode [ 1495.758515][ T8787] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 1495.797625][ T8788] loop1: detected capacity change from 0 to 4096 [ 1495.808742][ T8787] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1495.815804][ T8788] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 1495.825540][ T8787] Quota error (device loop2): v2_read_file_info: Block with free entry 1 out of range (1, 6). [ 1495.838655][ T8787] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 1495.869373][ C0] vkms_vblank_simulate: vblank timer overrun [ 1495.881664][ T8787] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 1495.894134][ T8787] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.15034: bg 0: block 40: padding at end of block bitmap is not set [ 1495.922627][ T8787] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 1495.944849][ T8787] EXT4-fs (loop2): 1 truncate cleaned up [ 1495.979450][ T8787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1495.997653][ T8788] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 1496.130100][ T8787] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 1496.138760][ T4283] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22. [ 1496.202366][ T5878] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 1496.217462][ T5878] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 1496.224610][ T5878] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 1496.274389][ T12] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22. [ 1496.276794][ T5880] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1496.428810][ T8801] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1496.440855][ T2180] Bluetooth: hci4: command tx timeout [ 1496.959551][ C0] vkms_vblank_simulate: vblank timer overrun [ 1497.065145][ T6052] usb 3-1: new high-speed USB device number 121 using dummy_hcd [ 1497.207315][ T13] team0 (unregistering): Port device team_slave_1 removed [ 1497.260998][ T6052] usb 3-1: Using ep0 maxpacket: 8 [ 1497.268974][ T13] team0 (unregistering): Port device team_slave_0 removed [ 1497.280950][ T6052] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1497.290530][ T6052] usb 3-1: config 4 interface 0 has no altsetting 0 [ 1497.303789][ T6052] usb 3-1: string descriptor 0 read error: -22 [ 1497.310298][ T6052] usb 3-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 1497.321931][ T6052] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1497.380317][ T6052] usb 3-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 1497.427975][ T6052] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1497.440681][ T6052] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 1497.448919][ T8812] binder: 8811:8812 ioctl c018620c 200000000000 returned -22 [ 1497.452291][ T6052] usb 3-1: media controller created [ 1497.526082][ T6052] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1497.622022][ T8810] usb 3-1: dvb_usb_au6610: wlen=0, aborting [ 1497.648253][ T6052] zl10353_read_register: readreg error (reg=127, ret==0) [ 1497.750325][ T6052] usb 3-1: USB disconnect, device number 121 [ 1497.996505][ C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 1498.097293][ T8814] loop1: detected capacity change from 0 to 32768 [ 1498.186956][ T8814] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 1498.245425][ T8814] XFS (loop1): Ending clean mount [ 1498.264225][ T13] dummy0 (unregistering): left allmulticast mode [ 1498.285115][ T8814] XFS (loop1): Quotacheck needed: Please wait. [ 1498.466010][ T8814] XFS (loop1): Quotacheck: Done. [ 1498.564246][ T5878] XFS (loop1): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 1498.616445][ T6052] usb 3-1: new high-speed USB device number 122 using dummy_hcd [ 1498.630140][ T8622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1498.664642][ T8778] netlink: 72 bytes leftover after parsing attributes in process `syz.7.15035'. [ 1498.828060][ T6052] usb 3-1: Using ep0 maxpacket: 8 [ 1498.840452][ T6052] usb 3-1: config index 0 descriptor too short (expected 30, got 18) [ 1498.856852][ T8800] macsec0: entered promiscuous mode [ 1498.876490][ T6052] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 1498.891510][ T8800] macsec0: entered allmulticast mode [ 1498.902259][ T6052] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1498.911896][ T8800] veth1_macvtap: entered allmulticast mode [ 1498.928990][ T6052] usb 3-1: Product: syz [ 1498.933184][ T6052] usb 3-1: Manufacturer: syz [ 1498.943539][ T8622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1498.981744][ T6052] usb 3-1: SerialNumber: syz [ 1499.004694][ T6052] usb 3-1: config 0 descriptor?? [ 1499.060254][ T6052] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 1499.086180][ T6052] usb 3-1: setting power ON [ 1499.103823][ T6052] dvb-usb: bulk message failed: -22 (2/0) [ 1499.125901][ T6052] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1499.147578][ T6052] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 1499.167277][ T6052] usb 3-1: media controller created [ 1499.262672][ T8824] dvb-usb: bulk message failed: -22 (3/0) [ 1499.265765][ T6052] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1499.304428][ T8824] cxusb: i2c wr: len=80 is too big! [ 1499.304428][ T8824] [ 1499.334638][ T8622] team0: Port device team_slave_0 added [ 1499.352917][ T8835] loop7: detected capacity change from 0 to 1024 [ 1499.378029][ T8830] netlink: 96 bytes leftover after parsing attributes in process `syz.6.15054'. [ 1499.382229][ T6052] usb 3-1: selecting invalid altsetting 6 [ 1499.414964][ T6052] usb 3-1: digital interface selection failed (-22) [ 1499.448800][ T8622] team0: Port device team_slave_1 added [ 1499.478675][ T6052] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 1499.510239][ T6052] usb 3-1: setting power OFF [ 1499.515800][ T6052] dvb-usb: bulk message failed: -22 (2/0) [ 1499.544267][ T8835] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1499.574546][ T6052] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 1499.583868][ T6052] (NULL device *): no alternate interface [ 1499.624708][ T8835] netlink: 36 bytes leftover after parsing attributes in process `syz.7.15055'. [ 1499.823868][ T8849] loop6: detected capacity change from 0 to 16 [ 1499.889145][ T6052] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 1499.941009][ T6052] usb 3-1: USB disconnect, device number 122 [ 1499.961797][T15448] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1500.143378][ T8622] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1500.177566][ T8858] loop9: detected capacity change from 0 to 512 [ 1500.194109][ T8622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1500.283976][ T8858] EXT4-fs: Ignoring removed bh option [ 1500.351143][ T8858] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem [ 1500.372960][ T8622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1500.459305][ T8622] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1500.506178][ T8622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1500.690547][ T8622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1500.805491][ T8858] EXT4-fs (loop9): failed to open journal device unknown-block(0,0) -6 [ 1500.877724][ T8858] loop9: detected capacity change from 0 to 16 [ 1500.887672][ T8849] erofs (device loop6): mounted with root inode @ nid 36. [ 1500.954488][ T8858] erofs (device loop9): mounted with root inode @ nid 36. [ 1501.182091][ T8884] loop2: detected capacity change from 0 to 64 [ 1501.260537][ T8887] loop7: detected capacity change from 0 to 64 [ 1501.304198][ T8622] hsr_slave_0: entered promiscuous mode [ 1501.358128][ T8887] [ 1501.360504][ T8887] ====================================================== [ 1501.367513][ T8887] WARNING: possible circular locking dependency detected [ 1501.374560][ T8887] syzkaller #0 Not tainted [ 1501.378965][ T8887] ------------------------------------------------------ [ 1501.385973][ T8887] syz.7.15071/8887 is trying to acquire lock: [ 1501.392116][ T8887] ffff88802963c878 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xda/0x1230 [ 1501.402953][ T8887] [ 1501.402953][ T8887] but task is already holding lock: [ 1501.410311][ T8887] ffff888026b780b0 (&tree->tree_lock#2/1){+.+.}-{4:4}, at: hfs_find_init+0x184/0x200 [ 1501.419825][ T8887] [ 1501.419825][ T8887] which lock already depends on the new lock. [ 1501.419825][ T8887] [ 1501.430214][ T8887] [ 1501.430214][ T8887] the existing dependency chain (in reverse order) is: [ 1501.439301][ T8887] [ 1501.439301][ T8887] -> #1 (&tree->tree_lock#2/1){+.+.}-{4:4}: [ 1501.447398][ T8887] lock_acquire+0x120/0x360 [ 1501.452513][ T8887] __mutex_lock+0x187/0x1350 [ 1501.457611][ T8887] hfs_find_init+0x184/0x200 [ 1501.462712][ T8887] hfs_extend_file+0x2ee/0x1230 [ 1501.468105][ T8887] hfs_bmap_reserve+0x107/0x430 [ 1501.473480][ T8887] hfs_cat_create+0x1b3/0x640 [ 1501.478686][ T8887] hfs_create+0x66/0xe0 [ 1501.483381][ T8887] path_openat+0x14f4/0x3830 [ 1501.488508][ T8887] do_filp_open+0x1fa/0x410 [ 1501.493640][ T8887] do_sys_openat2+0x121/0x1c0 [ 1501.498826][ T8887] __x64_sys_open+0x11e/0x150 [ 1501.504012][ T8887] do_syscall_64+0xfa/0x3b0 [ 1501.509023][ T8887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1501.515420][ T8887] [ 1501.515420][ T8887] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{4:4}: [ 1501.524625][ T8887] validate_chain+0xb9b/0x2140 [ 1501.529898][ T8887] __lock_acquire+0xab9/0xd20 [ 1501.535091][ T8887] lock_acquire+0x120/0x360 [ 1501.540115][ T8887] __mutex_lock+0x187/0x1350 [ 1501.545210][ T8887] hfs_extend_file+0xda/0x1230 [ 1501.550619][ T8887] hfs_bmap_reserve+0x107/0x430 [ 1501.555985][ T8887] __hfs_ext_write_extent+0x1fa/0x470 [ 1501.561879][ T8887] __hfs_ext_cache_extent+0x6b/0x9b0 [ 1501.567682][ T8887] hfs_extend_file+0x316/0x1230 [ 1501.573055][ T8887] hfs_get_block+0x3d7/0xbd0 [ 1501.578161][ T8887] __block_write_begin_int+0x6b5/0x1900 [ 1501.584222][ T8887] cont_write_begin+0x789/0xb50 [ 1501.589581][ T8887] hfs_write_begin+0x66/0xb0 [ 1501.594689][ T8887] generic_perform_write+0x2c5/0x900 [ 1501.600492][ T8887] generic_file_write_iter+0x117/0x550 [ 1501.606465][ T8887] vfs_write+0x5c9/0xb30 [ 1501.611223][ T8887] ksys_write+0x145/0x250 [ 1501.616066][ T8887] do_syscall_64+0xfa/0x3b0 [ 1501.621088][ T8887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1501.627487][ T8887] [ 1501.627487][ T8887] other info that might help us debug this: [ 1501.627487][ T8887] [ 1501.637695][ T8887] Possible unsafe locking scenario: [ 1501.637695][ T8887] [ 1501.645124][ T8887] CPU0 CPU1 [ 1501.650469][ T8887] ---- ---- [ 1501.655816][ T8887] lock(&tree->tree_lock#2/1); [ 1501.660675][ T8887] lock(&HFS_I(tree->inode)->extents_lock); [ 1501.669168][ T8887] lock(&tree->tree_lock#2/1); [ 1501.676548][ T8887] lock(&HFS_I(tree->inode)->extents_lock); [ 1501.682515][ T8887] [ 1501.682515][ T8887] *** DEADLOCK *** [ 1501.682515][ T8887] [ 1501.690636][ T8887] 5 locks held by syz.7.15071/8887: [ 1501.695810][ T8887] #0: ffff88802878db38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x247/0x320 [ 1501.704864][ T8887] #1: ffff8880336dc428 (sb_writers#16){.+.+}-{0:0}, at: vfs_write+0x211/0xb30 [ 1501.713844][ T8887] #2: ffff88802963c3a0 (&sb->s_type->i_mutex_key#35){+.+.}-{4:4}, at: generic_file_write_iter+0xeb/0x550 [ 1501.725172][ T8887] #3: ffff88802963c1f8 (&HFS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfs_extend_file+0xda/0x1230 [ 1501.735892][ T8887] #4: ffff888026b780b0 (&tree->tree_lock#2/1){+.+.}-{4:4}, at: hfs_find_init+0x184/0x200 [ 1501.745838][ T8887] [ 1501.745838][ T8887] stack backtrace: [ 1501.751738][ T8887] CPU: 0 UID: 0 PID: 8887 Comm: syz.7.15071 Not tainted syzkaller #0 PREEMPT(full) [ 1501.751763][ T8887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1501.751779][ T8887] Call Trace: [ 1501.751790][ T8887] [ 1501.751801][ T8887] dump_stack_lvl+0x189/0x250 [ 1501.751835][ T8887] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1501.751867][ T8887] ? __pfx__printk+0x10/0x10 [ 1501.751902][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.751928][ T8887] ? print_lock_name+0xde/0x100 [ 1501.751959][ T8887] print_circular_bug+0x2ee/0x310 [ 1501.751987][ T8887] check_noncircular+0x134/0x160 [ 1501.752014][ T8887] validate_chain+0xb9b/0x2140 [ 1501.752037][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.752067][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.752091][ T8887] ? look_up_lock_class+0x74/0x170 [ 1501.752126][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.752150][ T8887] ? register_lock_class+0x51/0x320 [ 1501.752185][ T8887] __lock_acquire+0xab9/0xd20 [ 1501.752227][ T8887] ? hfs_extend_file+0xda/0x1230 [ 1501.752258][ T8887] lock_acquire+0x120/0x360 [ 1501.752289][ T8887] ? hfs_extend_file+0xda/0x1230 [ 1501.752329][ T8887] __mutex_lock+0x187/0x1350 [ 1501.752350][ T8887] ? hfs_extend_file+0xda/0x1230 [ 1501.752382][ T8887] ? do_raw_spin_lock+0x121/0x290 [ 1501.752414][ T8887] ? hfs_extend_file+0xda/0x1230 [ 1501.752445][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.752472][ T8887] ? __pfx___mutex_lock+0x10/0x10 [ 1501.752490][ T8887] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 1501.752521][ T8887] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 1501.752555][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.752579][ T8887] ? register_lock_class+0x51/0x320 [ 1501.752615][ T8887] hfs_extend_file+0xda/0x1230 [ 1501.752652][ T8887] ? __pfx_hfs_extend_file+0x10/0x10 [ 1501.752684][ T8887] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1501.752708][ T8887] ? do_syscall_64+0xfa/0x3b0 [ 1501.752729][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.752754][ T8887] ? rcu_is_watching+0x15/0xb0 [ 1501.752776][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.752801][ T8887] ? trace_contention_end+0x39/0x120 [ 1501.752824][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.752848][ T8887] ? __mutex_lock+0x335/0x1350 [ 1501.752869][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.752893][ T8887] ? hfs_brec_find+0x18e/0x500 [ 1501.752922][ T8887] hfs_bmap_reserve+0x107/0x430 [ 1501.752960][ T8887] __hfs_ext_write_extent+0x1fa/0x470 [ 1501.752996][ T8887] __hfs_ext_cache_extent+0x6b/0x9b0 [ 1501.753030][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.753054][ T8887] ? hfs_find_init+0x184/0x200 [ 1501.753081][ T8887] hfs_extend_file+0x316/0x1230 [ 1501.753118][ T8887] ? __pfx_hfs_extend_file+0x10/0x10 [ 1501.753151][ T8887] ? percpu_ref_get_many+0x19/0x140 [ 1501.753183][ T8887] ? percpu_ref_get_many+0x19/0x140 [ 1501.753220][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.753253][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.753278][ T8887] ? __lock_acquire+0xab9/0xd20 [ 1501.753310][ T8887] hfs_get_block+0x3d7/0xbd0 [ 1501.753348][ T8887] ? __pfx_hfs_get_block+0x10/0x10 [ 1501.753379][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.753404][ T8887] ? do_raw_spin_unlock+0x122/0x240 [ 1501.753432][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.753457][ T8887] ? _raw_spin_unlock+0x28/0x50 [ 1501.753483][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.753512][ T8887] __block_write_begin_int+0x6b5/0x1900 [ 1501.753544][ T8887] ? folio_add_lru+0x1b2/0x3d0 [ 1501.753568][ T8887] ? __pfx_hfs_get_block+0x10/0x10 [ 1501.753601][ T8887] ? __pfx___block_write_begin_int+0x10/0x10 [ 1501.753632][ T8887] cont_write_begin+0x789/0xb50 [ 1501.753664][ T8887] ? __pfx_cont_write_begin+0x10/0x10 [ 1501.753689][ T8887] ? __pfx___might_resched+0x10/0x10 [ 1501.753710][ T8887] ? __mark_inode_dirty+0x3d2/0xe10 [ 1501.753734][ T8887] ? folio_unlock+0x101/0x160 [ 1501.753769][ T8887] hfs_write_begin+0x66/0xb0 [ 1501.753800][ T8887] ? __pfx_hfs_get_block+0x10/0x10 [ 1501.753833][ T8887] generic_perform_write+0x2c5/0x900 [ 1501.753866][ T8887] ? __pfx_generic_perform_write+0x10/0x10 [ 1501.753891][ T8887] ? file_update_time+0x2da/0x490 [ 1501.753917][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.753941][ T8887] ? __generic_file_write_iter+0xf9/0x230 [ 1501.753965][ T8887] ? generic_file_write_iter+0x103/0x550 [ 1501.753993][ T8887] generic_file_write_iter+0x117/0x550 [ 1501.754020][ T8887] ? __pfx_generic_file_write_iter+0x10/0x10 [ 1501.754046][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.754070][ T8887] ? register_lock_class+0x51/0x320 [ 1501.754103][ T8887] ? __pfx_aa_file_perm+0x10/0x10 [ 1501.754130][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.754155][ T8887] ? __lock_acquire+0xab9/0xd20 [ 1501.754188][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.754221][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.754246][ T8887] ? rcu_read_lock_any_held+0xb3/0x120 [ 1501.754269][ T8887] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 1501.754300][ T8887] vfs_write+0x5c9/0xb30 [ 1501.754331][ T8887] ? __pfx_generic_file_write_iter+0x10/0x10 [ 1501.754358][ T8887] ? __pfx_vfs_write+0x10/0x10 [ 1501.754391][ T8887] ? __fget_files+0x2a/0x420 [ 1501.754412][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.754439][ T8887] ksys_write+0x145/0x250 [ 1501.754469][ T8887] ? __pfx_ksys_write+0x10/0x10 [ 1501.754496][ T8887] ? rcu_is_watching+0x15/0xb0 [ 1501.754520][ T8887] ? do_syscall_64+0xbe/0x3b0 [ 1501.754542][ T8887] do_syscall_64+0xfa/0x3b0 [ 1501.754561][ T8887] ? lockdep_hardirqs_on+0x9c/0x150 [ 1501.754592][ T8887] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1501.754613][ T8887] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1501.754638][ T8887] ? exc_page_fault+0x9f/0xf0 [ 1501.754669][ T8887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1501.754691][ T8887] RIP: 0033:0x7ff17d38ebe9 [ 1501.754711][ T8887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1501.754730][ T8887] RSP: 002b:00007ff17e238038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1501.754752][ T8887] RAX: ffffffffffffffda RBX: 00007ff17d5c5fa0 RCX: 00007ff17d38ebe9 [ 1501.754769][ T8887] RDX: 0000000000001006 RSI: 0000200000000940 RDI: 0000000000000004 [ 1501.754784][ T8887] RBP: 00007ff17d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1501.754798][ T8887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1501.754811][ T8887] R13: 00007ff17d5c6038 R14: 00007ff17d5c5fa0 R15: 00007fff337b8408 [ 1501.754837][ T8887] [ 1502.384367][ T8622] hsr_slave_1: entered promiscuous mode [ 1502.390483][ T8622] debugfs: 'hsr0' already exists in 'hsr' [ 1502.396986][ T8622] Cannot create hsr debugfs directory [ 1502.491185][ T13] IPVS: stop unused estimator thread 0... [ 1502.625089][ T8894] loop6: detected capacity change from 0 to 16 [ 1502.632063][ T8894] MTD: Attempt to mount non-MTD device "/dev/loop6" [ 1502.642834][T15448] hfs: node 4:3 still has 1 user(s)! [ 1503.038444][ T8622] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1503.053977][ T8622] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1503.065226][ T8622] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1503.077858][ T8622] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1503.158807][ T8622] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1503.178191][ T8622] 8021q: adding VLAN 0 to HW filter on device team0 [ 1503.190292][T14582] bridge0: port 1(bridge_slave_0) entered blocking state [ 1503.197519][T14582] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1503.218458][T14582] bridge0: port 2(bridge_slave_1) entered blocking state [ 1503.225653][T14582] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1503.446271][ T8622] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1503.689586][ T8622] veth0_vlan: entered promiscuous mode [ 1503.708256][ T8622] veth1_vlan: entered promiscuous mode [ 1503.741053][ T8622] veth0_macvtap: entered promiscuous mode [ 1503.760245][ T8622] veth1_macvtap: entered promiscuous mode [ 1503.783521][ T8622] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1503.797309][ T8622] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1503.817256][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1503.835386][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1503.849923][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1503.873111][ T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1503.904595][ T8622] ieee80211 phy67: Selected rate control algorithm 'minstrel_ht' [ 1503.944935][T14582] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1503.955204][ T8622] ieee80211 phy68: Selected rate control algorithm 'minstrel_ht' [ 1503.969999][T14582] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1504.017016][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1504.024909][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1507.699077][ C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured!