last executing test programs: 5.151384709s ago: executing program 1 (id=1348): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0xc1105511, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x40025b0c, &(0x7f0000000040)) 3.394808453s ago: executing program 1 (id=1362): r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000200)=@userptr={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "020037e0"}, 0x0, 0x2, {0x0}, 0x0, 0x0, 0xffffffffffffffff}) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000280)=@fd={0x5, 0x1, 0x4, 0x2000, 0x2, {}, {0x4, 0x0, 0x5, 0x2, 0x7, 0x2, "3852ccbf"}, 0x4, 0x4, {}, 0x9, 0x0, r1}) 3.327996835s ago: executing program 0 (id=1363): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800000000000000bc000000bc0000000300000006"], 0x0, 0xd7, 0x0, 0x0, 0x7, 0x10000}, 0x28) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68af5f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c000580080001400800000808"], 0x1ec}}, 0x0) 3.253188956s ago: executing program 0 (id=1364): syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x200408, &(0x7f0000000280)=ANY=[@ANYBLOB='nodots,nodots,dots,dots,nodots,errors=continue,time_offset=0xfffffffffffffa93,dots,showexec,nodots,dots,gid=', @ANYRESHEX=0xee00, @ANYBLOB="2c646f74732c646f74732c6e66732c6e6f646f74732c646f74732c6e6f646f74732c646f74732c646f74732c6e6f646f74732c646f74732c646f74732c646f74732c636865636b3d72656c617865642c74696d655f6f66667365743d3078303030303030303030303030303437612c646f6e745f686173682c7365636c6162656c2c667373c322e2a50762a3d3fcae283b43ea02757569643d31643067586564382d353166312d62326634"], 0x1, 0x1d3, &(0x7f0000001a00)="$eJzs3cFqE1EUBuAzsTapIHYniOCAG1dBfYKKRBAHRCULXSm0bhoRks3oxvoWPqAPIF11IyNmxsaWZGxjzJj0+zb5yTmTey+ESTY5eX3z3f7u+9Hbr9e/RKeTRGsnduIoie1oxS8HAQCsk6OiiG9FsdH0PgCA5ak+/8dmtHyvu94XBwBYPS9evnryIMt6z9O0E3F4kPfzfvlY1h89znp307HtyVWHed6/dFy/V9bTk/XLcSUitiLr3Z9a34w7t8fXf/5Ze/g0O1Vvx+6/Pz4AAAAAAAAAAAAAAAAAAAAAADSimx6bOt+n251VL9Nv84FOze/ZiBuGAwIAAAAAAAAAAAAAAAAAAMCZjD583H8zGOwNJ6EdESefmS8U12YuMS2kEfH3i543tGJ5a61aSP6PbZwzRDV1oqbn1mLe4c+u/qkn5nvlzYio79mqP+AiwuQe0W7m1gQAAAAAAAAAAAAAAAAAABdO9VvfZDhqeicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Jzy//8He8N5wqeIOENztVTS8FEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYYz8CAAD//x8yIRo=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000005c0)={'#! ', './file0/file0'}, 0x11) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) 3.05225029s ago: executing program 0 (id=1366): r0 = mq_open(&(0x7f00000005c0)='eth0\x00#\x13\xaeu\xe0\xfb\x050*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\x19\xf1\xcce\xab\x80M\xc9\xcf\xaeR\xb69k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3\xff\a\x00\x00\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\aY\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3Cs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\x96{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\x03\x00\x00\x00y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\x8e\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9\xb3\x83\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|c\xf3\x8b\xc2E\x00\x00\x00\x00\x00\x00', 0x42, 0x0, 0x0) r1 = syz_io_uring_setup(0xd2, &(0x7f0000000880)={0x0, 0xdff9, 0x800, 0x1000}, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_CLOSE={0x13, 0x4e3b947d338dce40, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0) 2.928618102s ago: executing program 0 (id=1368): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x8, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @main=@item_4={0x3, 0x0, 0x9, "5cd37607"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000600), 0x6828, 0x0) ioctl$EVIOCSKEYCODE_V2(r1, 0x40284504, &(0x7f0000000000)={0x5, 0xe, 0x401, 0x8, "c400523a6f29960fce66e2e7aadce2988b5ec056b7577f87586a324b565ffcbb"}) 2.342531994s ago: executing program 1 (id=1373): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00'}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001300000008000300", @ANYRES32=r2, @ANYBLOB="06001200000000000600b50085010200040013000a00060008021100000000000c0043"], 0x48}, 0x1, 0x0, 0x0, 0x45}, 0x0) 2.236616506s ago: executing program 1 (id=1374): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x2, {[@main=@item_012={0x1, 0x0, 0x0, ')'}]}}, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000940)={0x84, &(0x7f00000004c0)={0x0, 0x14, 0xd, "5e6424818327b2369deca65eb2"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.180305947s ago: executing program 3 (id=1375): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0xfd, 0x0, 0x0, 0xfc}, 0xe) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000540)={r1, @in={{0x2, 0x4e20, @multicast1}}, [0x3, 0x0, 0x7, 0x0, 0x3, 0x8, 0x8, 0x5, 0x1, 0x7, 0x0, 0x8, 0xffffffff, 0x2, 0x8]}, &(0x7f0000000280)=0x100) 2.170791777s ago: executing program 3 (id=1376): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10) 1.988749161s ago: executing program 3 (id=1378): set_mempolicy(0x4005, &(0x7f0000000080)=0x4, 0x8) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) 1.732248856s ago: executing program 3 (id=1379): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10) r1 = epoll_create1(0x0) epoll_pwait(r1, &(0x7f0000000100)=[{}], 0x1, 0xfffeffff, 0x0, 0x443c000000000000) 1.379118533s ago: executing program 3 (id=1381): syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000280)='./file2\x00', 0x3200c00, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRES16, @ANYBLOB="dd085975f0516531a170f3908238b45d5bb98f33da2737fcd016c7a8adccfd58f4b77b762af149cbe65cab6d918eeb4cf7e8953ab7961e2ba2a8095289d8e8e2720060208c8ab2026d9533170ad66162a4b44e7065995926e98e3a5afb814da7f465a8d5c0d1b239bd946e2ac2943ac76f9c8896f164bfb2cbbbc6ab3d55ea57edae688303cfb823489ce8321563d840ddc4b7e8356fd480efecd33b2eaaab7c2cb77bfd12f7b03b28737921f25dfa3304841cf820b621aae58f47ae06e4328c738f8eaf18935cd0d11d8d0a2749a9d922d0c5d26a9283e000edf44e992d09c8a10d3812df72ea4089ded541bdf7e450cd27a6854a31bc5096", @ANYRESHEX], 0x2, 0xa95, &(0x7f0000001040)="$eJzs3U2MG1cBAOA33vUmmx/ilIRuk9Am/LTlp7vNZgk/ETRVcyFqKm6VKi5Rmpao24BIJWhViSQnbrSqwhWKOJVDBQipvaCoJy6VaCQuPRUOHIiCVIkDlCZG633Pa7+1GXuzWdvr75PePr95Y783szPj8cy89wIwtiqNvwsLM0UIV95+7cQ/7v/79NKUR5pz1Bp/J1tS1RBCEdOT2ed9MLEc3/zw5TOd4iLMN/6mdHjiRvO920MIF8PBcDXUwr4r1159d/7xU5dOXj703hvHrt+ZpQcAgPHynavHFvb+9c/7d3/05r3Hw5bm9HR+XovpHfG8/3g88U/n/5XQni5aQqupbL7JGCrZfBOr5rtZby2nms032aX8qexzq838/W3zbSkpf6JlWqflhlGWtuNaKCqzbelKZXZ2+Td5aPyunypmz59bfObCgCoKrLt/3RdCOCj0G+r1+k8aK3AI6iIIaw31XYM+AgEsy+8XrnIxv7Jwe5qfNtlb+TcerXR+P6yDjd7+lT9a5f/6kiMO62ezbk1pudJ+tCOm8/sI+fNL/e7/6fPy+xHVHuvZ7T7CqNxf6FbPiQ2ux1p1q3++XWxW34xxWg/fyvJb95/8fzoq/2Ogs39v1PX/16cHfq1zKRwcgjps6lAdgjoIPYf6oA9AwNBaeW5uWT1K+flzfXn+lpL8rSX50yX520ryt5fkwzj7/Qs/C68UK7/z89/0/V4PS9fZdsb4E33WJ78e2W/5+XO//brd8vPniWGYvXX6ybNfe/qpa8vP/xfN7f9W3N4PxnQt7ltX4wzpemF+Xb357H+tvZxKl/nuyuqzc9X89eUS97TPV+xZ+ZzQcpxZVY+Z9vft6jbfgfb5atl80zFszeqbn59sy96Xzj/ScTWtr8lseavZckxl9UjHld0xzusBa5G2x27P/6ftcyZUi2fOLZ59OKbTdvqnieqWpemHWz/0NxtTd+D29Nr+Zya0t//Z0ZxerbQeF3atTC9ajwu1bPr8crJ5mzxNPxLT6XvuexPTjemzZ76/+PR6LzyMuQsvvvTc6cXFsz/0Ir2YHonVko6cw1KfXl58XB+Kaozli8nnTi/eU4TQ87vKjhyb9clBGB9zLzz/g7kLL7700LnnTz979tmz548cPXpkfv7o148szDXO6+daz+6BzWTlS3/QNQEAAAAAAAAAAAB69aOTJ6795Z2vvr/c/n+l/V9q/5+e/E3t/3+atf/P28mnVgGpHeDuDvmNcffeaq/HVDZfNYZPZvXdk5WzN3vfp2LcHMcvtv9P7e3zfl1Tfe7Opuf996b5su4EVvWXMpX1QdIcLzA22P9MTF+O8a8CDFAx3XlyjLv0b70znz/1T6FfitGU/m9pa0j9mKT23936dUrH/90bUEfW30a0PRz0MgKd/XPox/9sORMfeF3+b6jX78jnTm7scgz/ehbWMdTrRvEAhsOgx/9M1z1TfP6P3966FNJsNx5tP17m/ZfC7Rj28SeVv7nG/2yOf9fT8a9D7+pt/Tz3PrrCf35x/f2WYsO+Xo+/+fKnfqD3lJfZ6qNYflr+B0Jv5ddfz8rPbwj16L9Z+dt6LH/V8h9YW/kfx/LTanvws72Wv1zjotJej/y6cbr/l183Tm5my5/69ux7+dc4UOOtWD6Ms+7jzPY6gu1w6jT+7+QQjv/bTf4cxldiOh0I03MO+Tdyv/VPz1ek74G92ecXJd9vozJOcTfjPv7vN2Jctj+k8X/T9ljrkK60pKsd1u2obyuw2Xww9Pf/RixcHII6CEMahmMM7NZQr9cH2pG3XsQHa9Drf9B3nwdd/qDXf5l8/N/8HD4f/7eS/YDIx//N35+P/5vn5+Pr5fn5+L/5+szH/83z784+N7+CPVOSf09J/r6S/P0r+dOd8g+UvP/TJfmHSvLvLcm/ryT/rpL8iZL8z5Xkf74k//6S/AdL8r9Qkr/ZNdqjtOxU47b8MM7y9nn2fxgf6f5Pt/1/T0k+MLp+/ubhx5763Xdry+3/p5q/19J9vOMxXY2/nX8c0/l979CSXsp7J6b/luUP+/UOGCd5/xn59/sDJfnA6ErPedm/YQwVnXvsye+3deu3qtt5PqPlizH+Uoy/HOOHYjwb47kYH47x/AbVjzvjsd/+4dgrxcrv/V1Zfq/Pk+ftgfJ+oo70WJ/8+kC/z7Pn/fj163bLX2NzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIGpNP4uLMwUIVx5+7UTT546N7c05ZHmHLXG38mWVLX5vhAejvFEjH8ZX9z88OUzrfGtGBdhPhShaE4PT9xolrQ9hHAxHAxXQy3su3Lt1XfnHz916eTlQ++9cez6nVsDAAAAsPn9LwAA//+Lmhih") munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90) getdents(r0, &(0x7f0000000040)=""/61, 0x3d) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 1.175733357s ago: executing program 3 (id=1384): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x5b24, 0x0) 1.059231449s ago: executing program 2 (id=1385): mkdir(&(0x7f0000000000)='./file0\x00', 0x10) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) write$P9_RLERRORu(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="5300000007000046009d406383460953", @ANYRES32, @ANYRES8=r0], 0x53) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 972.230771ms ago: executing program 0 (id=1386): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x449f, 0x100, 0x0, 0x215}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x8000}) io_uring_enter(r0, 0x3516, 0x483, 0x0, 0x0, 0x0) 852.861793ms ago: executing program 0 (id=1387): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4f3, 0x755, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000040)={0x20, 0x23, 0x7, {0x7, 0xf, "00e4000000"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hidraw(&(0x7f0000000280), 0x82, 0x2) ioctl$HIDIOCGFEATURE(r1, 0xc0404807, 0x0) 792.264054ms ago: executing program 2 (id=1388): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f00000000c0)=ANY=[], 0x1, 0x1513, &(0x7f0000002d00)="$eJzs3Au4TlW3OPAx5pxLm9Cb5D7HHIs3uUySJJeERJIkSZJbQpIkSUhscktCEnJPcg/JLST3+y33kHySJAkJSeb/0df3d77Td0595+sc5zl7/J5nPXuOvd4x1lh77Od911rPs/c37QdWrlulYm1mhn8J/vVLKgCkAEAfALgGACIAKJGlRBbAIZBeY+q/dhDx53poypXuQFxJMv+0Teaftsn80zaZf9om80/bZP5pm8w/bZP5C5GWbZma81rZ0u72P/f8H+T5//868vn/f8jhIqO+WFfk+g7/RIrMP22T+adtMv+0Teaftsn80zaZ//9xEUCF/2S3zD9tk/kLkZZd6efPsl3Z7Ur//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPxtfaX7EkIIIYQQQgghxJ8nXHWlOxBCCCGEEEIIIcR/PwQFGgxEkA6ughRIDxngasgImSAzXAMJuBaywHWQFa6HbJAdckBOyAW5IQ9YIHDAEENeyAdJuAHyw41QAApCISgMHopAUbgJisHNUBxugRJwK5SE26AUlIYyUBZuh3JwB5SHClAR7oRKcBdUhipwN1SFe6Aa3AvV4T6oAfdDTXgAasGDUBsegjrwMNSFR6AePAr1oQE0hEbQ+L+U/yJ0hpegC3SFVOgG3eFl6AE9oRf0hj7wCvSFV6EfvAb9YQAMhNdhELwBg+FNGAJDYRi8BcNhBIyEUTAaxsBYeBvGwTswHt6FCTARJsFkmAJTYRq8B9NhBsyE92EWfACzYQ7MhXkwHz6EBbAQFsFHsBg+hiWwFJbBclgBK2EVrIY1sBbWwXrYABthE2yGLfAJbIVtsB12wE7YBbvhU9gDe2EffAb74fN/Mv/sv8vvgICAChUaNJgO02EKpmAGzIAZMSNmxsyYwARmwSyYFbNiNsyGOTAH5sJcmAfzICEhI2NezItJTGJ+zI8FsAAWwkLo0WNRLIrF8GYsjsWxBJbAklgSS2FpLI1lsSyWw3JYHstjRayIlbASVsbKeDfejfdgNayG1REBoAbWxJpYC2thbayNdbAO1sW6WA/rYX2sjw2xITbGxtgEm2BTbIrNsTm2wBbYEltiK2yFrbE1tsE22BbbYjtsh+2xPXbAjtgRX8QX8SV8CbtiJdUNu2N37IE9sBf2xt74CvbFV/FVfA374wAciK/j6/gGDsYzOASH4jAchuXUCByJo5DVGByLY3EcjsPxOB4n4ESciJNxCk7FaTgNp+MMnIHv4yz8AD/AOTgH5+F8nI8LcCEuwkW4GM/iElyKy3A5rsCVuAJX4xpcjetwPa7DjbgRN+Nm/AQ/wW24DXfgDtyFu/BT/BT34l7sj/txPx7AA3gQD+IhPISH8TAewSN4FI/iMTyGx/E4nsCTeApP4mk8jWfwLJ7Dc3gez+MFfD7XV3V2FVzbH9QlRhmVTqVTKSpFZVAZVEaVUWVWmVVCJVQWlUVlVVlVNpVN5VA5VC6VS+VReRQpUqxilVflVUmVVPlVflVAFVCFVCHllVdFVVFVTBVTxVVxVULdqkqq21QpVVo182VVWVVONfflVQVVUVVUldRdqrKqoqqoqqqqqqaqqeqquqqhaqia6gFVS3XDXviQujSZumoA1lMDsb5qoBqqRuoNfEw1UYOxqWqmmqsn1FAcgi1VE99KPa1aq5HYRj2rRuFzqp0ag+3VC6qD6qg6qRdVZ9XUd0n361ugmow9VE/VS/VWmeAudWlildVrqr8aoAaq19U8fEMNVm+qIWqoGqbeUsPVCDVSjVKj1Rg1Vr2txql31Hj1rpqgJqpJarKaoqaqaeo9NV3NUDPV+2qW+kDNVnPUXDVPzVcfqgVqoVqkPlKL1cdqiVqqlqnlaoVaqVap1WqNWqvWqfVqg9qoNqnNaov6RG1V29R2tUPtVLvUbvWp2qP2qn3qM7Vffa4OqL+og+oLdUh9qQ6rr9QR9bU6qr5Rx9S36rj6Tp1QJ9Up9b06rX5QZ9RZdU79qM6rn9QF9bO6qIICjVpprY2OdDp9lU7R6XUGfbXOqDPpzPoandDX6iz6Op1VX6+z6ew6h86pc+ncOo+2mrTTrGOdV+fTSX2Dzq9v1AV0QV1IF9ZeF9FF9U26mL5ZF9e36BL6Vl1S36ZL6dK6jC6rb9fl9B26vK6gK+o7dSV9l66sq+i7dVV9j66m79XV9X26hr5f19QP6Fr6QV1bP6Tr6Id1Xf2Irqcf1fV1A91QN9KN9WO6iX5cN9XNdHP9hG6hn9Qt9VO6lX5at9bP6Db6Wd1WP6fb6ed1e/2C7qA76k76Z31RB91Fd9Wpupvurl/WPXRP3Uv31n30K7qvflX306/p/nqAHqhf14P0G3qwflMP0UP1MP2WHq5H6JF6lB6tx+ix+m09Tr+jx+t39QQ9UU/Sk/UUPVX3+rXSzD+Q/84/yO/3y9E36y36E71Vb9Pb9Q69U+/Su/VuvUfv0fv0Pr1f79cH9AF9UB/Uh/QhfVgf1kf0EX1UH9XH9DF9XB/XJ/RJ/aP+Xp/WP+gz+qw+q3/U5/V5feHXnwEYNMpoY0xk0pmrTIpJbzKYq01Gk8lkNteYhLnWZDHXmazmepPNZDc5TE6Ty+Q2eYw1ZJxhE5u8Jp9JmhtMfnOjKWAKmkKmsPGmiClqbvqX83+vv8amsWlimpimpqlpbpqbFqaFaWlamlamlWltWps2po1pa9qadqadaW/amw6mg+lkOpnOprPpYrqYVJNqupuXTQ/T0/QyvU0f84rpa/qafqaf6W/6m4FmoBlkBpnBZrAZYoaYYWaYGW6Gm5FmpBltRpuxZqwZZ8aZ8Wa8mWAmmElmkplipphpZpqZbqabmWammWVmmdlmtplr5pr5Zr5ZYBaYRWaRWWwWmyVmqVlqlpvlZqVZaVab1WatWWvWm/Vmo9lolpgtZovZaraa7Wa72Wl2mt1mt9lj9ph9Zp/Zb/abA+aAOWgOmkPmkDlsDpsj5og5ao6aY+aYOW6OmxPmhDllTpnT5rQ5Y86Yc+acOW/OmwvmgrloLl667ItUpCITmShdlC5KiVKiDFGGKGOUMcocZY4SUSLKEmWJskbXR9mi7FGOKGeUK8odpYKNKHIRR3GUN8oXJaMbovzRjVGBqGBUKCoc+ahIVDS6KSoW3RwVj26JSkS3RiWj26JSUemoTFQ2uj0qF90RlY8qRBWjO6NK0V1R5ahKdHdUNbonqhbdG1WP7otqRPdHNaMHolrRg1Ht6KGoTvRwVDd6JKoXPRrVjxpEDaNGUeM/tX4IZ7I/7rvYrjbVdrPd7cu2h+1pe9neto99xfa1r9p+9jXb3w6wA+3rdpB9ww62b9ohdqgdZt+yw+0IO9KOsqPtGDvWvm3H2XfsePuunWAn2kl2sp1ip9pp9j073c6wM+37dpb9wM62c+xcO8/Otx/aBXahXWQ/sovtx3aJXWqX2eV2hV1pV9nVdo1da9fZ9XaD3Wg32c12i/3EbrXb7Ha7w+60u+xu+6ndY/faffYzu99+bg/Yv9iD9gt7yH5pD9uv7BH7tT1qv7HH7Lf2uP3OnrAn7Sn7vT1tf7Bn7Fl7zv5oz9uf7AX7s71ow6WL+0sf72TIUDpKRymUQhkoA2WkjJSZMlOCEpSFslBWykrZKBvloByUi3JRHspDlzAx5aW8lKQk5af8VIAKUCEqRJ48FaWiVIyKUXEqTiWoBJWkklSKSlEZKkO30+10B91BFagC3Ul30l10F1WhKlSVqlI1qkbVqTrVoBpUk2pSLapFtak21aE6VJfqUj2qR/WpPjWkhtSYGlMTakJNqSk1p+bUglpQS2pJragVtabW1IbaUFtqS+2oHbWn9tSBOlAn6kSdqTN1oS6USqnUnbpTD+pBvagX9aE+1Jf6Uj/qR/2pPw2kgTSIBtFgGkxDaCgNo7doOI2gkTSKRtMYGktjaRyNo/E0nibQBJpEk2gKTaFpNI2m03SaSTNpFs2i2TSb5tJcmk/zaQEtoEW0iBbTYlpCS2gZLaMVtIJW0SpaQ2toHa2jDbSBNtEm2kJbaCttpe20nXbSTtpNu2kP7aF9tI/20346QAfoIB2kQ3SIDtNhOkJH6CgdpWN0jI7TcTpBJ+gUnaLTdJrO0Bk6R+foPP1EF+hnukiBUpyCDO5ql9FlcpndNS7FpXcZ3F8vmC7FOVxOl8vldnmcddlc9r+LyTlXwBV0hVxh510RV9Td9Ju4lCvtyriy7nZXzt3hyv8mrurucdXcva66u89VcXf/XVzD3e9qukdcLfeoq+0auDqukavrHnH13KOuvmvgGrpGroV70rV0T7lW7mnX2j3zm3iBW+jWuLVunVvv9ri97pz70R1137jz7ifXxXV1fdwrrq971fVzr7n+bsBv4mHuLTfcjXAj3Sg32o35TTzJTXZT3FQ3zb3nprsZv4nnuw/dLLfIzXZz3Fw375f4Uk+L3EdusfvYLXFL3TK33K1wK90qt/r/97rcbXSb3Ga3233qtrptbrvb4Xa6Xb/El85jn/vM7XefuyPua3fQfeEOuWPusPvql/jS+R1z37rj7jt3wp10p9z37rT7wZ1xZ385/0vn/r372V10wQEjK9ZsOOJ0fBWncHrOwFdzRs7EmfkaTvC1nIWv46x8PWfj7JyDc3Iuzs152DKxY+aY83I+TvINnJ9v5AJckAtxYfZchIvyTVyMb+bifAuX4Fu5JN/Gpbg0l+GyfDuX4zu4PFfginwnVwqBK3MVvpur8j1cje/l6nwf1+D7uSY/wLX4Qa7ND3Edfpjr8iNcjx/l+tyAG3IjbsyPcRN+nJtyM27OT3ALfpJb8lPcip/m1vwMt+FnuS0/x+34eW7PL3AH7sid+EXuzC9xF+7KqdyNu/PL3IN7ci/uzX34Fe7Lr3I/fo378wAeyK/zIH6DB/ObPISH8jB+i4fzCB7Jo3g0j+Gx/DaP43d4PL/LE3giT+LJPIWn8jR+j6fzDJ7J7/Ms/oBn8xyey/N4Pn/IC3ghL+KPeDF/zEt4KS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW/gT3srbeDvv4J28i3fzp7yH9/I+/oz38+d8gP/CB/kLPsRf8mH+io/w13yUv+Fj/C0f5+/4BJ/kU/w9n+Yf+Ayf5XP8I5/nn/gC/8wXOTDEGKtYxyaO4nTxVXFKnD7OEF8dZ4wzxZnja+JEfG2cJb4uzhpfH2eLs8c54pxxrjh3nCe2McUu5jiO88b54mR8Q5w/vjEuEBeMC8WFYx8XiYvGN8XF4pvj4vEtcYn41rhkfFtcKi4dP3Jf2fj2uFx8R1w+rhBXjO+MK8V3xZXjKvHdcdX4nrhafG9cPb4vLh7fH9eMH4hrxQ/GteOH4jrxw3Hd+JG4XvxoXD9uEDeMG8WN48fiJvHjcdO4Wdw8fiJuET8Zt4yfilvFT8et42d+d39q3C3uHr8cvxyHcK+em5yXnJ/8MLkguTC5KPlRcnHy4+SS5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTmZAhVrgKPXnntjY98On+VT/HpfQZ/tc/oM/nM/hqf8Nf6LP46n9Vf77P57D6Hz+lz+dw+j7eevPPsY5/X5/NJf4PP72/0BXxBX8gX9t4X8UV9I9/YN/ZN/OO+qW/mm/sn/BP+Sf+kf8o/5Z/2rf0zvo1/1rf1z/l2/nn/vH/Bd/AdfSf/ou/sX/JdfFef6lN9d9/d9/A9fC/fy/fxfXxf39f38/18f9/fD/QD/SA/yA/2g/0QP8QP88P8cD/cj/Qj/Wg/2o/1Y/04P86P9+P9BD/BT/KT/BQ/xU/z0/x0P93P9DP9rAKz/Gw/28/1c/18P98v8Av8Ir/IL/aL/RK/xC/zy/wKv8Kv8qv8Gr/Gr/Pr/Aa/wW/ym/wWv8Vv9Vv9dr/d7/Q7/W6/2+/xe/w+v8/v9/v9AX/AH/QH/SH/pT/sv/JH/Nf+qP/GH/Pf+uP+O3/Cn/Sn/Pf+tP/Bn/Fn/Tn/oz/vf/IX/M/+og9+bOLtxLjEO4nxiXcTExITE5MSkxNTElMT0xLvJaYnZiRmJt5PzEp8kJidmJOYm5iXmJ/4MLEgsTCxKPFRYnHi48SSxNLEssTyxIrEykQIubfGIW/IF5LhhpA/3BgKhIKhUCgcfCgSioabQrFwcygebgklwq2hZLgtlAqlQ5nwaKgfGoSGoVFoHB4LTcLjoWloFpqHJ0KL8GRoGZ4KrcLToXV4JrQJz4a24bnQLjwf2ocXQofQMXQKL4bO4aXQJXQNqaFb6B5eDj1Cz9Ar9A59wiuhb3g19Auvhf5hQBgYXg+DwhthcHgzDAlDw7DwVhgeRoSRYVQYHcaEseHtMC68E8aHd8OEMDFMCpPDlDA1TAvvhelhRpgZ3g+zwgdhdpgT5oZ5YX74MCwIC8Oi8FFYHD4OS8LSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvCJ2Fr2Ba2hx1hZ9gVdodPw56wN+wLn4X94fNwIPwlHAxfhEPhy3A4fBWOhK/D0fBNOBa+DcfDd+FEOBlOhe/D6fBDOBPOhnPhx3A+/BQuhJ/DRfmbNSGEEEKIP0T/zv5u/+B76QBA/bruDgCZtuU8/O9rbsj213VPlatFAgCe7tr+ob9tlSqlpqb++tolGqJ8cwAg8ff1/xYvhebwJLSCZlDsH/bXU3U8z79TP3krQIZ/k5MCl+PL9W/+D+o/9sSwBSXjc1n+k/pzAArku5yTHi7Hl+sX/w/qZ2/yO/2n/2IsQNN/k5MRLseX6xeFx+EZaPV3r/wDAxZCCCGEEEIIkSb0VGXa/t7986X781zmcs5VcDn+vftzIYQQQgghhBBCXHnPdez01GOtWjVr+8cW+OtzgX8u609b1Nq299lLh78yR5fFf3mBAPC/oA1Z/PHFFX5jEkIIIYQQQvzpLl/0X+lOhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKItOt/4t+JXelzFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIa60/xcAAP//daA1bQ==") mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000)) renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x0) 683.947286ms ago: executing program 2 (id=1389): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), r0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000840)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000000)={0x30, r2, 0x1, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_RANN_INTERVAL={0x6, 0x10, 0x2}, @NL80211_MESHCONF_HWMP_ROOTMODE={0x5, 0xe, 0x4}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x18000}, 0x0) 622.569527ms ago: executing program 2 (id=1390): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000240)={@val={0x3, 0x800}, @val={0x0, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x1400, 0x0, 0x2, 0x1, 0x0, @private=0xa010100, @local}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x15, 0x4, 0x3, 0x9, 0xd, 0x66, 0x81, 0x0, 0x89, 0x2, @empty, @multicast2, {[@generic={0x7, 0x9, "b5e129e4e85851"}, @lsrr={0x83, 0xf, 0x8b, [@multicast2, @loopback, @rand_addr=0x64010100]}, @ra={0x94, 0x4}, @rr={0x7, 0xb, 0x8, [@loopback, @multicast1]}, @lsrr={0x83, 0x13, 0xc, [@private=0xa010100, @multicast1, @rand_addr=0x64010101, @remote]}, @lsrr={0x83, 0x3, 0x33}]}}}}}, 0x7e) 367.130513ms ago: executing program 2 (id=1391): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x3000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ea, &(0x7f00000003c0)="$eJzsmb2LE0EYxp+Z3eydhyg2FjYWHniit9ndqFxzxQmWgnCKWgZvPU73LpKskAQEg42NpYVga2NpYWFl4V9gq4UKgoUp7YSR+djdyWYT4gdG9P3BzT7z9c68L9yzsAFBEP8tHz98ff/w3NqlUwD2YxkLZvyzo5/i4Oj6d4/vnHy0fv7J87dPX+8duPuyHI/JPWL28z0ArzYcpGCuOXFk93IRNtO4DI4TRl8Bg6/lN6HQnRgM18yam5Zu7TMiif3rrWTrxk4SB7IJZRPJpmGfLy81HDBsAVhUtxOCWfOdXv9WM0nidlnURHbO2NSPimn1U/fb4FhHVj0hOICrD+4PZN/UBgF4Xr8QHKHRDTBsGr2GBfi+X5TEyv+IW8R3Zsl/vuKZEodW/9Sh4Locf0Pu/7Co/ZY4rDwi/6HzkcPDzAPtNZ/mnvvPC2VcAMam3iwlyYVfiOxVFCoXhT9JZz9u+ZMLN/ePerp7u97p9Vd3dpvb8Xa8F0WNs8HpIDgT1ZUR6XaK/y0qf1qy4tcmrPWYh24zTdthF0jbYd6PdGs57uaL1he1hyv/41g5pmMw887KX5QlmPnj6inVilO98t7EnAiCIAiCIAiCIAiCIAiCIKo5Cgb9S5hg5oNoFdFF9YXyewAAAP//L0Rm/Q==") socket$inet6(0xa, 0x80002, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x1a4) fadvise64(r0, 0xe0ffff, 0x9, 0x3) openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) 246.862165ms ago: executing program 2 (id=1392): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$UHID_INPUT(r1, &(0x7f00000016c0)={0x8, {"488085fddf7e1378d3ad4adb6e165913c1f7ae15c9b4ed75d7413838ff0d9381cead5adbe8228d9ba29fe815a6f64afca949ca64011b9d8c93b4272d6428962fe017b1cb68796b7b800b25eb3013496be2e3e973309e6842f2df0e5309a233d16ced2bc26cd6f7db616268621fe160c1644afc707a535571e0a936469f5dd6d60c6962109cd8de336fc0938bcd412788f01c1d84e33d5eaa3e140944ddefde0366395044cf0f095786b3f1fd27c0eaf2d0df657acf52c9220297bc28779a85ac06d4f14c31cbfced5519b61ddf599c08c7f10e385e4a6637e44ce117631e6d561c5118ad8e21bba948e572e54c67516e0f2a504f05f23e00d9b04160dac7e52d6caacf617d94e200e9c97771d56fe7b2ad6b69247904463f36b11e74b41ea9e63e77ded5af1406fe0f01f2350e756fd41c94f9dee22f611720853d7f8fd755903f1c3e044bd704bd4255c570cc0c82cacec7b9b7720cd6b2cd96e583ff1ddb0ad39155daa2f29a4f61298b44ea802bbac9b1f552cf0279f52ff200178468b94b293f7052817d89adb9130a3eaec5ceeeb386a31a7d9807f069ad07e3488e99a0b7f7f92fc2a63226175432a93ae4dc820e702d21bdec10a773c7b3de3f0ec4b5f8af60a159aaa4231ed4e79883acf5d2eed3a0fd3445d46d7fbbd47f2c610d96d6435293b103db15b8e7383e63e9d672410f5248183d4e608e7aee4d9dbfd040fb3fae39faec3cc0f5410d0d479bc1b7addd255ba502a52fa858eb6574530fd16c01e1138b19258e1c40b9a29a8672f418159f663bc8fe634e3a0d23dde1ced471cfb1decc1a9464667771b795229b1906651e9e5e4402c7e75182b1432acb4b54c499358585aa83fca804fbdd12dfd3b9e95b0ac718cadb879a2898d86c4ed914a59918df6ba519de4599f662811202158e418cef0d103ed4e77833d4dea6e59f7fef1c86f818121655dd1b2cb3717c892a289797049911356b5dd5dc0c50caadd0dd0318994d730fd6e6953e01730fb2682ab3f7ca8b4d596574456f59b95f34ff6f79db68b495010b8816a7b55229b35a2790f25c42ef1efcc5271c66500fc285de61516fc401518ba1ae388f90b0a5760e01031ceed37d1eb8a792f4a196a9fa0ff1579358bfe5c63744027d1a01e0a4602c79c2fe727034a4d810f0a2c30dc5a4c122e510e4d6348774754bf1f924c1d5a31dccf345a6c752389cc38e46e968e3b2815e2ecc3e5827f198f5d836b5783e9d7cc5bc5ba1715d23a4c35157b28e997010c627cbcebda89d08ac88e3d2f387c87af78b2a565dd5704bf3c12e4019d91890ad4f660345b384b59fad6d9f56f1fcf35babe5a9fbd8dd3908be450edf05ca8a3154fb3ac1af485508c61a7ba322ac06928e7d660fee6bfef74c9c4f22bbab318077446163a3230a3d486ce6d71aed12e2581e4208eed1a540560921ac89e9372482594351a5ff0cf9e95e80f0a69c4d621638c9056ae0bdfc44895f061767aba8400da865b73b5488c690694af744372c00d87bba4664a60f13f1453337113055d7b659a87208c1e663e4d35f0ebcfe70459f5ec5812434468cec38d3fbcf90598de986b3d49ad45e7b3b230fc389b5278ed6242abe9c44a8c74438968cc9b7a253d89c5b14f7a917b86a6d51f5d5380f2a7606dbe1867fd781fab284d153e20f5bf1a2c8156b93e60dc8945eb8385d937537b785f6f6af81ea0131398c77819ddea78eadf6b6f019db772e69e9cde3540ddc95625987b4a4e1dbbf15bc0217abac6cc3ff0650ed11fa612b90afaab842be4c2bd9967702b023e8ecd5f4a0e62af56f7320241a8516bcdf344a4421eed035b8c5a126820c5dc3962f5df4bf369bd6260eb09aa8e1310bf6f28aba0e3236f699721daa26950de7fa8fd8c3d2adebc101e304d0ed1af839c74b6cc42a6d7244f6b31ed08f6f12f62569b2c0602cc371962bff74b9b3c5f6326247d4ffec7f2d0a073e5a678e76f4243533001b1c0de6739c5c6ec0195fa9a8e898c2068bb614c40c403324e84cdbc530121217ba49f300aa8d5056d170d0a6bc8827ee20d55401b9f401b12e212cf630781139978b5fb38fdf768fec87b79f7a70d6083c3df98019ebd09b7941708e06c8d9fa930a1fdb993e0061343c87b4cf47dd36f9a3d603ca986f5144af403b7b04a93f5808a8c192df5e4c17af1ec23eddd1e7fc91109e6a4cfe5e23435bcabf3915ce5242cb6f7974e97c8ad3773e3a510afa52c4193c36fd1b99a02ece5b19ad35eb8fa97b57fd1641b463de79cdd2aac5d5b4060a040ad1d5752d70015b74d556fb4ef0cc8747591edc8858707616104f0ec342fb3a9b95df31b6f84e56387aae80a72d8dd670be7aaeef54065d6e2d7837481ce5622ee3c115d02d50efdb20aaf25b636d6d6c7e49f50a4b30ae243ecf1187ffe851c52bb1849c5e5c0979b758b747aebfdab58d8fd60faa5d5005f401c661256183dd4e7cba38b4ccf03506398eab901595dc2de27ab231abdddffc9d120abd8025b77ac47f39b6373a38a09bc045559578ccdf0402385177d499333d06d2cd3f604689d50dcd01b04ffbcb545385da389e4b6102ee77febb8a34a906f822601e61d2d3fc9e206caf3753f65422a5ff31dc3b3c4d09aa9a90f9ebc858ee2e4df6a730948e436586c665a3c64aab00aa757d252eec5b8bea5035a5b9f644cb84a991286edc2a394cef9fd40ad085aa99680aea363dc163c2ef40e0f289e0b79dc600f31ae510bbd74f963632ff25230a1ec866fed0db0d0af59c5b9f4a18659f5a218c3d0db80700719a61e59efbd5f996145139e5654a9290bf504eb7453775b8c6190ff51d4c04ce9384060f1dd34799fee04c0f951ae15cb589f80dc544c05421d60f51cbc78df7dceff213575bfebe2bb307d196ef0a5cf3c2608fbb969a574e6dce9132246447a84cab6dd4923281cf40bc19c29585a02bc0d2d491907e5b528a1cfc7b2fe88dc2520ea49903423cb7a0d23530daa7217e7f312d4ec67c02fc74ab8d91b8ead50bfe9508b0f7d70e88868ee1a5f38349054374ae463d1148e0ca238c0f9fe7b40f6fba87498697f3220612ea66feb18a29f1df04234ac3d69e0706d0deef321d09ee16de188a32f4c41635cf48ee35a42140fc08b42c2e0e289a3c73fd4b0e656a72b29b99093127a17aaa199610787787abb0f4613dd03332a9306b9b5e98e9c839ffce5e72c44b288593bee47253613dc0fc3e583ab9aac7e1a161dfc36bd038d533eb6829b22dc1a01f055c16f83c1b1abe049b5744508456658c6df44c13d6ab1a18d76a55740cdcfca4a1dd81b54d9c4e71cef9f4b55f1ebc7751766175d631f9607f22a613377f6d96afaddbc66cbeef20ae578468f33265516ee711e2591e1af272a35bf5cedc78aec6e330bf6f3f3b9cdb7d373754125c9caea6a4d344d098c7332175b09441cc11040e5b71e9b975b2aaaaa5f8c5f502b00ad3ade9de204602aa227c9f11da55107b79802c09d246050c6580d92559a47935cfb59b47e88aa8095ea1ac34578697ffe89c440a2369f6661db2c24f1056d553e200184b927b359efba5db1e69e7f2cf5e4dd9c9bbc3e085fc38c43f436aa47abcc1e9986fc0226262588110c5b27c6fe9b8072cd8204c500883d3b9feaed80d5d87929d01b9bad995ed58a1be3ccad600840c6424625f4f4c221c8e1cd11af1a5ac153954ac6b441692f296ac2d529233d317fecf3fbfa53f77c8ea47d1385e3ca4b8b55fd2467cac15af1bfa04fb41784305a4b9aed6880cfba9629d6dabd22b2bd90c1aad0f2e0dff0777112b1e313447cf9417a52a58b17cc73ab03d4841ec9b1dc3f75d0fb5ece65c99982b338bb2f42b68104d94c826247814bd68e7c9664e8b2a9fdaf7fde4730960b43a496cb818badfbc97d1e51aa7817657e49536e69cacb3c4abb27dfe10d5c962fabdd3056d290a2b969e7f61d144e22539c5e2027b57c8e099db6ab8f0fdda7412b393af60e3299478744e9071801c4c39b0c87d4f237ade73b955812f254e641844e985d40f3e4df51bf7a9c81f02d22ad8296fe94d4664f3c0d113974ba222dab68c4407e9d5359205a5fec059d4370e0d15fd040ced32baa7e8586d38680a4c2e4e5679c0d374636e9dc0fd9a06808671f08e8c19b0bed18540de8107855f410f8954e078755a8c7b0822c25e2534887c9593aa1e008e78244cfec5b347a847ecf61cb207dcb2170b663a54d98ffeea991a9d944e4a8302bf37231bf3558c6b2fcaf925becb663bb574341bc81bbc50e9f0108c5d8a7783caf25bcb3bc24368e8a4915785652877555d22f7d6cbcb12049180ee4c49502d41c0fb00e31f3835b53e622e85290ee5a641eb9215567fed4782484ba8ccb43d81d3ef3ca5d8a2e3389864c15946e3d5dad607447f35a5396c27e99e20a1b98393169d85e788e9c4f9367649b308094479bc0ad8d68f0dc655724e2d9f599557f567fe7fd11f87b37df7ce0530e40d7e0ab06c2b273716e2598bd6e816c18c2e3c038b199e58424a5d72759af13e121e21d263fa0f24577a32b4356919cc22c5d1929b15590a53861aaf68aaa9ed404d1e64c3c6b0fa19e0a5299bd46867aff993b87ce96fd493fa2b125ea23907f9598acc33cd7e90c2383d5af5d232d979766ac2743c93d947db811d38df20742fa1db7c6f2306ec008ca9d53faf1a7cc2372d42437f906ef6ff9db785ac575c97e4f568e57414a0881ffe1b8dee59240305e28ab5f4f2c990c959009b022a656386229c7a71b3fcbc381a1f3511751ef19653d8e7dd0de12f630c719413a84b385802f5e8e2680cc2afa7fbb1cd1193a1e5af32ad07b24ba1c05904d3325634d10aa685d97f9c1d58377cfa46f17f0f57c7d48ce0917a8b4f5bccdf60e52764b7a826e6ccab1b70821a74cc5cc2e15532d3ef346aaf9c31fe0e0776bb1e3f4f5f276bcf53f5ea9018609b18b47497dba8e73676d2fc2fba47472ffba25ba7ddca1e9754b516eff05a05eaba9e7752f8d97f99684e3a53ded2d2c1913a6e488c65f57f8d85d261c762c37015c756e0aeed54edda41236bae33ed83c688478bcd94ce9e67971c0f8e588f1a3a4cd3f7da5e571c1984d9c9a10bb7eaf8414cbabf5fb97a17a67d10ae1a7ab96a8df88da1e82e797e67b534f765a5dcac76bb769d9547f375cfbea8d9f434f48d60e05df8797919fef5cb01a04177ed092a37f71f7948279bc4c35e3239e943a1507cff0b7152dd95c27e573e0191cfe1bc9f3862e5329ddcd160c61fc5bb82b57d8086e1e74abfc36bb43404357c50eb150fcaea9aac90fa0c413ea9f8538055a45b77d5a7548f6a4f2414714495576a1de459a55ab298a2a2fa33459da0d205e4b91d340c0721226e546f323bb878605590b66516fa51fd635e5eaa580486f6fb543b6b5236871aa3dedcb44e7d73d9bf704420fc0bb9b1a0f21e848ed9161e9bf1ae3bc628861b5007f0a38884a178dc85dbf034e9234fe603698cda4811dfcb73253335ca7cee533957578a9b97f149ae6dbd43c4aae8a16da135830f7a1c5b913838d5c28936f45f2d9ed991ec7a3ab83df4dd6fe2ff720a6b8abf40927bf8835bfa25effb92eadea47ae1629193ee5707767b13771cb105f231be2af8380a85b9de42f682d22d17c926ccbe39ea3fa7a5d3c0f6b3dc7802b927a36cd04ade3e02bf8ce06a52585388fb8f49df4dda68e9eb426da9c0909d5b9cf4b16c2e3f78331c8683a1698033ea0b1ed4dd33edeecd89c4f14caf84d52336e500", 0x1000}}, 0xfffffff0) 162.064397ms ago: executing program 1 (id=1393): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 0s ago: executing program 1 (id=1394): syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000380)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x55a8, &(0x7f00000014c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64asumCJWPBPEEisWPIbWMASdogFiB1SkWcm0KQNtI3jqO3zSDNn5vj1mXdGlqUzYzmAZ9ZC+sdvSZyIIxExFxHHk8i3k3KJuBNxsRj7QkScjIjKPUtS5v9OHIyIoxFxYlK8qJmUL31xenzq/K9v//7t94cOHPvymx/29cSBffViRPRXi+3b/SJmnSLeKPONcTeP/XPjMq5uqdHPivzt9kpe4XZjc1wjj2c7xfhs9dZwEq/3Gs1J7HSv5/nVQXHA4bizWWfyhvRGYy3fb7VX8tgdZnnsbBTHXd8ovts2hqOiTqus90lePkajzVjk2+vt4nxWb+axORiV+aJu1mqvT+K4jOXhopn1Wvk8Vh7zIj8B3ukObq2n4/basJsN0vO1+ku1+oVqfS1rtUftc9VGv3XhXLrY6U2GVUftRv9iJ8s6vXatmfWX0sVOs1mt19PFS+2VbmOQ1uu1s7Uz1fNL5dbp9I2rH6S9Vro4ia91B7dG3d4wvZ6tpcU7ltLl2tmXl9JT9fS9K9fSa+9evnzl2vsfXfrw6qtX3nq9HHTftNLF5TPLy9X6mepyfekZOv9Py0k/wvknD07/9OPuLhsUdviAAbCz+/r/2N7/h/4fmLrd9P/9m+X+3vT/8TD9f0yz/5+0VPr//+5/K4/U/56YSv87H/r/PTx/2JXH6/8PTn0eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADM3M/zX72ZbywU+8fK/P/K1HPlfhIRlYi4+wBzcXBLzbmyzvwO4+e3zeG7JPIKk2McKpejEXGxXP78/15fBQAAAHh6fX3n5OdFt16sFvZ7QsxScdOmcvzjKdVLImJ+4ZcpVatMVs9PqVj++T4Q61Oqlt/AOjylYsUttwPTqvZQ5raEw/eEpAiVmU4HAACYia2dwGy7EAAAAGbps3999ZWZzYMZS2LzUebms+D8l/f/PBA8Mlnd3fbjfgAAAOBJkuz3BAAAAIA9l/f//v8PAAAAnm7F//8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NzPjdpAFAfgZ4OB/FNQlHtayQ3KSAk55hgoIE1QAmkhDVADkXJICStYYc8ieRek1TLGWvR9ku2d8ernGeDyxtIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXfpbree/f375dWnObn+ZPLMBAAAATtlW63n9x7Rpv0v9H1LXp9QuIqKMiFO1+yBGrcxByqnO/H/1aAx/IuqEQ/84HW8j4ms67j52/SkAAADA7dosV7OmWm9OaQngX7+j4kqaRZvy/bdMeUVEVNP/mdLKw+lzprD69z2MH5nS6gWsSaawZsltePreKNdD2gaty8NMFvWXWLfKbp4LAAD0qV0JnKlCAAAAuAHf+x4A1/C0tC+Op+N7xnFzSS8E37RaAAAAwCtU9D0AAAAAoHN1/d/N/n+TF+3/V9j/DwAAALJr9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS9tqPd8sV7Nz9xfPzNntL5NvRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9+zPOwqEQBiEwd71ncnc/7DSoKGxSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABvfveX/xNT40wy99pYeh5J1k6NrVNj79w4+sP4+jUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+Pt3wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsW//vm1UcQDA3/lspylUhIAiEUAFdYCFpm5p6YoQKGLgT0CKUqcEXAptBlpFlCxsKHMXBAsSQkigsOV/6NxIXcrWIUOQmBiC7lf6nJgmpO05TT8f6fl9/Xx5P86Wla/fHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQWX83vNIo4zR7GCviqu32xuJsVq9tqzOry3cms5LFyUjVeuz1+mZ/oL0aPzk+MbyJAAAAcFgc2/WItMrvQwh3WyvTWd0Yy/P/VnVMlvP/UHaVlG3b8/61jcUj5UuTVf7/x+/3XtwaaCzNx8k6nZvvdU/tnEpz38t8wj236xHN/Mznv72k+RvS+HDphfVWfj6T727der+dhyN1zBYA2I+TVV0G1f9DWd0Z5sQAeGo0o8S7yv/TseHOCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAO60vhmSpOQgiTzftxZm1jcXZQ/c3yncnVspy7eXM57jProhVCmJvvdU/VuJaDqzqb1z+b6fW6V65eqzs4HkIY8NKNvf15Wk7/P49phxD6Wk68NKCfj/cw1rZ+dgTlxzPUew5Hs/XtenDS15LsOOHvbRaG8QGoK2iU78/jGGK09ve9P6g+e4++5//zXTLyaL6SAAA41FplyTLRu62V6awtGQ9h88f+/P+NKA59ef/mjaKleL4a5f/3Pjl3Ox4rzv87Na3vSTC1cOmLqavXrr81f2nmYvdi9/O3T3fe6Zw5f/bs+an8t5KpudDwiwkAAAAPoV2WOP8fHbD/fzSKwwP2/4st4SL///L7ztfxWKn8f6D7m37DngkAAMDTqL0VPf/a338lA45I2u3w1czCwpVO8bj1/HTxWOt092mkLHH+n44Pe1YAAABAHdaXkr79/wtRHB6w/x9f///szy//GveZFtcWXA4hdE/OXu5dqG85B1r/Tb8/pY/jRuV8oPawVwoAAMCwjJYl3v9vjWf5f2PrkodGCOHNEyH8U97DH/aY/6cffPtLPFZ8/f+ZWld58DQmivOR1xMhNCeGPSMAAAAOsyNlyZL9P1sr05/+dvSjtuv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr2bwAAAP//aR4tAA==") mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file7\x00', 0x1c0) syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file7/file0\x00', 0x100000, 0x0, 0x0, 0x0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x2) kernel console output (not intermixed with test programs): trings: Mfr=0, Product=0, SerialNumber=0 [ 170.702598][ T1186] usb 3-1: config 0 descriptor?? [ 170.712069][ T1186] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 170.730461][ T7518] program syz.0.565 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 171.073557][ T7528] loop0: detected capacity change from 0 to 4096 [ 171.116059][ T1186] cpia1 3-1:0.0: unexpected state after lo power cmd: 00 [ 171.118557][ T7528] ntfs: volume version 3.1. [ 171.135900][ T7532] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 171.162300][ T8] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 171.178758][ T7528] ntfs: (device loop0): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -28). [ 171.204027][ T7528] ntfs: (device loop0): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -28). [ 171.217441][ T7528] ntfs: (device loop0): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x43, attribute type 0x80, because the allocation of clusters failed with error code -28. [ 171.379703][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 171.397784][ T8] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 171.409875][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.436961][ T7538] input: syz0 as /devices/virtual/input/input10 [ 171.440038][ T8] usb 2-1: config 0 descriptor?? [ 171.518596][ T1186] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0) [ 171.733412][ T1186] usb 3-1: USB disconnect, device number 8 [ 171.852275][ T6720] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 171.874130][ T8] keytouch 0003:0926:3333.000D: fixing up Keytouch IEC report descriptor [ 171.884248][ T7540] loop3: detected capacity change from 0 to 32768 [ 171.891660][ T7540] XFS: attr2 mount option is deprecated. [ 171.893220][ T8] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.000D/input/input11 [ 171.906563][ T7540] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 171.917893][ T7540] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 171.950406][ T7540] XFS (loop3): Ending clean mount [ 171.962356][ T7540] XFS (loop3): Quotacheck needed: Please wait. [ 172.014969][ T8] keytouch 0003:0926:3333.000D: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 172.015422][ T7540] XFS (loop3): Quotacheck: Done. [ 172.042299][ T6720] usb 1-1: Using ep0 maxpacket: 16 [ 172.051635][ T6720] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 172.062845][ T6720] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 172.071942][ T6720] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.083646][ T6720] usb 1-1: config 0 descriptor?? [ 172.102475][ C0] usb 2-1: input irq status -75 received [ 172.127505][ T5797] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 172.312021][ T1186] usb 2-1: USB disconnect, device number 8 [ 172.534299][ T6720] mcp2221 0003:04D8:00DD.000E: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 172.937458][ T1186] usb 1-1: USB disconnect, device number 12 [ 173.693561][ T7578] netlink: 24 bytes leftover after parsing attributes in process `syz.3.590'. [ 173.811484][ T8] kernel write not supported for file /347/gid_map (pid: 8 comm: kworker/0:0) [ 174.205587][ T7580] loop0: detected capacity change from 0 to 32768 [ 174.225169][ T7580] XFS: ikeep mount option is deprecated. [ 174.252803][ T7580] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 174.291994][ T7580] XFS (loop0): Ending clean mount [ 174.301082][ T7580] XFS (loop0): Quotacheck needed: Please wait. [ 174.377549][ T7580] XFS (loop0): Quotacheck: Done. [ 174.411486][ T7580] XFS (loop0): User initiated shutdown received. [ 174.432276][ T7580] XFS (loop0): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 174.462274][ T7580] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 174.536138][ T5793] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 174.712293][ T1186] usb 2-1: new low-speed USB device number 9 using dummy_hcd [ 174.868988][ T7595] loop3: detected capacity change from 0 to 40427 [ 174.887477][ T7595] F2FS-fs (loop3): invalid crc value [ 174.899842][ T7595] F2FS-fs (loop3): Found nat_bits in checkpoint [ 174.908735][ T1186] usb 2-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 174.943007][ T1186] usb 2-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0 [ 174.971484][ T1186] usb 2-1: config 0 interface 0 has no altsetting 0 [ 174.982217][ T1186] usb 2-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00 [ 174.991333][ T1186] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.026275][ T1186] usb 2-1: config 0 descriptor?? [ 175.038425][ T7595] F2FS-fs (loop3): Start checkpoint disabled! [ 175.059925][ T7595] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 175.094896][ T7595] syz.3.596: attempt to access beyond end of device [ 175.094896][ T7595] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 175.276875][ T7621] syz_tun: entered promiscuous mode [ 175.286906][ T7621] syz_tun: left promiscuous mode [ 175.308163][ T11] kworker/u4:0: attempt to access beyond end of device [ 175.308163][ T11] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 175.327595][ T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 175.338094][ T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 175.444439][ T1186] holtek_mouse 0003:04D9:A067.000F: unbalanced delimiter at end of report description [ 175.483492][ T1186] holtek_mouse 0003:04D9:A067.000F: hid parse failed: -22 [ 175.496277][ T1186] holtek_mouse: probe of 0003:04D9:A067.000F failed with error -22 [ 175.649330][ T6720] usb 2-1: USB disconnect, device number 9 [ 175.719191][ T7633] pim6reg1: entered promiscuous mode [ 175.725601][ T7633] pim6reg1: entered allmulticast mode [ 175.822280][ T1186] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 175.882599][ T7636] loop2: detected capacity change from 0 to 8192 [ 176.014698][ T1186] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.025876][ T1186] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 176.046010][ T1186] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 176.055587][ T1186] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.069486][ T1186] usb 1-1: config 0 descriptor?? [ 176.118314][ C1] sd 0:0:1:0: [sda] tag#1946 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 176.129001][ C1] sd 0:0:1:0: [sda] tag#1946 CDB: Write(6) 0a 00 00 00 05 00 00 00 02 00 00 00 [ 176.243700][ T7649] loop1: detected capacity change from 0 to 256 [ 176.251781][ T7649] FAT-fs (loop1): Unrecognized mount option "uni_x" or missing value [ 176.260268][ T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 176.452586][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 176.461777][ T9] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.476459][ T9] usb 4-1: config 0 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 176.496432][ T1186] kovaplus 0003:1E7D:2D50.0010: item fetching failed at offset 2/5 [ 176.504614][ T9] usb 4-1: config 0 interface 0 has no altsetting 0 [ 176.511369][ T9] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00 [ 176.522537][ T1186] kovaplus 0003:1E7D:2D50.0010: parse failed [ 176.529048][ T1186] kovaplus: probe of 0003:1E7D:2D50.0010 failed with error -22 [ 176.538198][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.553295][ T9] usb 4-1: config 0 descriptor?? [ 176.700659][ T1186] usb 1-1: USB disconnect, device number 13 [ 176.786749][ T7667] input: syz1 as /devices/virtual/input/input12 [ 176.981315][ T9] corsair 0003:1B1C:1B34.0011: hidraw0: USB HID v0.05 Device [HID 1b1c:1b34] on usb-dummy_hcd.3-1/input0 [ 177.188496][ T7679] loop2: detected capacity change from 0 to 4096 [ 177.197118][ T7679] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 177.209232][ T7681] netlink: 176 bytes leftover after parsing attributes in process `syz.1.632'. [ 177.249707][ T7679] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 177.369650][ T7684] loop0: detected capacity change from 0 to 2048 [ 177.386042][ T6720] usb 4-1: USB disconnect, device number 9 [ 177.397696][ T7684] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 177.570776][ T7692] netlink: 16 bytes leftover after parsing attributes in process `syz.0.637'. [ 177.651144][ T7697] netlink: 4 bytes leftover after parsing attributes in process `syz.0.639'. [ 177.671412][ T7697] ipvlan2: entered promiscuous mode [ 178.081149][ T7713] loop0: detected capacity change from 0 to 64 [ 178.415332][ T7729] loop0: detected capacity change from 0 to 128 [ 178.550703][ T7733] loop1: detected capacity change from 0 to 128 [ 178.565905][ T28] audit: type=1326 audit(1757458301.109:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7699 comm="syz.2.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64f9d8ebe9 code=0x7fc00000 [ 178.603001][ T7733] EXT4-fs: Ignoring removed nobh option [ 178.624053][ T7733] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 178.682361][ T7733] ext4 filesystem being mounted at /122/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 178.873826][ T5786] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 179.246358][ T7768] loop1: detected capacity change from 0 to 64 [ 179.271610][ T7768] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 179.740827][ T7745] loop0: detected capacity change from 0 to 40427 [ 179.752385][ T6720] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 179.752502][ T7745] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 179.773654][ T7745] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 179.784733][ T7745] F2FS-fs (loop0): invalid crc value [ 179.802098][ T7745] F2FS-fs (loop0): Found nat_bits in checkpoint [ 179.873411][ T7745] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 179.880526][ T7745] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 179.942282][ T6720] usb 4-1: Using ep0 maxpacket: 32 [ 179.973284][ T6720] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 179.983520][ T6720] usb 4-1: config 0 has no interface number 0 [ 180.004923][ T6720] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 180.021661][ T6720] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 180.042320][ T6720] usb 4-1: Product: syz [ 180.046563][ T6720] usb 4-1: Manufacturer: syz [ 180.051196][ T6720] usb 4-1: SerialNumber: syz [ 180.074828][ T6720] usb 4-1: config 0 descriptor?? [ 180.096260][ T6720] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 180.316071][ T6720] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 180.365309][ T6720] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 180.493146][ T7782] loop1: detected capacity change from 0 to 40427 [ 180.505089][ T7782] F2FS-fs (loop1): invalid crc value [ 180.519126][ T7782] F2FS-fs (loop1): Found nat_bits in checkpoint [ 180.532600][ C1] quatech-serial ttyUSB0: qt2_process_read_urb - port change to invalid port: 97 [ 180.590739][ T7782] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 180.663192][ T5786] syz-executor: attempt to access beyond end of device [ 180.663192][ T5786] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 180.679073][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 180.768019][ C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 180.782459][ T6720] usb 4-1: USB disconnect, device number 10 [ 180.799305][ T6720] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 180.829815][ T6720] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 180.861744][ T6720] quatech2 4-1:0.51: device disconnected [ 181.233772][ T7806] loop1: detected capacity change from 0 to 256 [ 181.462716][ T7802] loop0: detected capacity change from 0 to 32768 [ 181.732276][ T27] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 181.922313][ T27] usb 4-1: Using ep0 maxpacket: 8 [ 181.931277][ T27] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 181.939718][ T27] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 181.949617][ T27] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 181.959712][ T27] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 181.970082][ T27] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 181.983979][ T27] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 181.993335][ T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.142535][ T55] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 182.212647][ T27] usb 4-1: usb_control_msg returned -32 [ 182.218750][ T27] usbtmc 4-1:16.0: can't read capabilities [ 182.342322][ T55] usb 3-1: Using ep0 maxpacket: 8 [ 182.359846][ T55] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 182.388836][ T55] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 182.400770][ T55] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 182.416083][ T55] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 182.430796][ T55] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 182.445075][ T55] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.472280][ T7828] IPVS: length: 91 != 24 [ 182.684623][ T55] usb 3-1: usb_control_msg returned -32 [ 182.691205][ T7823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 182.710040][ T55] usbtmc 3-1:16.0: can't read capabilities [ 182.716465][ T7823] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 182.756683][ T55] usb 3-1: USB disconnect, device number 9 [ 182.766089][ T7826] loop0: detected capacity change from 0 to 32768 [ 182.792067][ T7826] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 182.850515][ T7826] XFS (loop0): Ending clean mount [ 182.863465][ T7826] XFS (loop0): Quotacheck needed: Please wait. [ 182.927318][ T7826] XFS (loop0): Quotacheck: Done. [ 182.934488][ T7847] loop2: detected capacity change from 0 to 7 [ 182.943278][ T7847] Dev loop2: unable to read RDB block 7 [ 182.948943][ T7847] loop2: unable to read partition table [ 182.955511][ T7847] loop2: partition table beyond EOD, truncated [ 182.961739][ T7847] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 183.037576][ T5793] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 184.488808][ T1186] usb 4-1: USB disconnect, device number 11 [ 184.773062][ T7888] loop2: detected capacity change from 0 to 32768 [ 184.783199][ T7888] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.700 (7888) [ 184.805287][ T7888] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 184.818409][ T7888] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 184.829548][ T7888] BTRFS info (device loop2): using free space tree [ 184.877234][ T7888] BTRFS info (device loop2): enabling ssd optimizations [ 184.884601][ T7888] BTRFS info (device loop2): auto enabling async discard [ 185.036409][ T5790] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 185.541955][ T7934] loop3: detected capacity change from 0 to 512 [ 185.574923][ T7934] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 185.588734][ T7934] ext4 filesystem being mounted at /166/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 185.700513][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.816499][ T7943] loop2: detected capacity change from 0 to 1024 [ 185.847048][ T7943] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.859573][ T7943] ext4 filesystem being mounted at /194/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 185.892432][ T28] audit: type=1800 audit(1757458308.419:15): pid=7943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.712" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 185.980945][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.392290][ T23] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 186.472226][ T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 186.584879][ T23] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 186.595673][ T23] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 186.608768][ T23] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 186.623024][ T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 186.631087][ T23] usb 3-1: SerialNumber: syz [ 186.633111][ T7969] loop0: detected capacity change from 0 to 32768 [ 186.643877][ T7969] XFS: ikeep mount option is deprecated. [ 186.649621][ T7969] XFS: ikeep mount option is deprecated. [ 186.655950][ T7969] XFS: noikeep mount option is deprecated. [ 186.672275][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 186.679253][ T7969] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 186.690426][ T9] usb 2-1: config 105 has too many interfaces: 47, using maximum allowed: 32 [ 186.699781][ T9] usb 2-1: config 105 has an invalid descriptor of length 0, skipping remainder of the config [ 186.710556][ T9] usb 2-1: config 105 has 0 interfaces, different from the descriptor's value: 47 [ 186.723000][ T9] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 186.732649][ T9] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 186.740828][ T9] usb 2-1: Manufacturer: syz [ 186.777330][ T7969] XFS (loop0): Ending clean mount [ 186.864882][ T23] usb 3-1: 0:2 : does not exist [ 186.904384][ T23] usb 3-1: USB disconnect, device number 10 [ 186.967608][ T9] usb 2-1: USB disconnect, device number 10 [ 186.983305][ T5793] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 187.927088][ T7983] loop0: detected capacity change from 0 to 40427 [ 187.958270][ T7983] F2FS-fs (loop0): invalid crc value [ 187.995049][ T7983] F2FS-fs (loop0): Found nat_bits in checkpoint [ 188.098498][ T7983] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 188.124823][ T7983] F2FS-fs (loop0): Stopped filesystem due to reason: 0 [ 188.615923][ T8014] loop1: detected capacity change from 0 to 32768 [ 188.664318][ T8014] loop1: p9 p11 p16 [ 188.692844][ T8019] loop3: detected capacity change from 0 to 8 [ 188.729878][ T8019] SQUASHFS error: Failed to read block 0x4e8: -5 [ 188.738364][ T8019] SQUASHFS error: Failed to read block 0x4de: -5 [ 188.744996][ T8019] SQUASHFS error: Failed to read block 0x4de: -5 [ 188.752981][ T8019] SQUASHFS error: Failed to read block 0x4de: -5 [ 188.760521][ T28] audit: type=1800 audit(1757458311.299:16): pid=8019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.737" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 190.096803][ T8049] loop1: detected capacity change from 0 to 4096 [ 190.392651][ T8038] loop3: detected capacity change from 0 to 40427 [ 190.420247][ T8038] F2FS-fs (loop3): Invalid log blocks per segment (83886089) [ 190.442200][ T8038] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 190.453234][ T8046] loop0: detected capacity change from 0 to 32768 [ 190.463896][ T8038] F2FS-fs (loop3): invalid crc value [ 190.476494][ T8038] F2FS-fs (loop3): Found nat_bits in checkpoint [ 190.579972][ T8038] F2FS-fs (loop3): Start checkpoint disabled! [ 190.586796][ T8051] loop2: detected capacity change from 0 to 32768 [ 190.601987][ T8051] (syz.2.751,8051,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 190.602413][ T8038] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 190.622047][ T8051] (syz.2.751,8051,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 190.646254][ T8038] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 190.675853][ T8051] JBD2: Ignoring recovery information on journal [ 190.685369][ T28] audit: type=1800 audit(1757458313.229:17): pid=8038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.745" name="bus" dev="loop3" ino=10 res=0 errno=0 [ 190.725440][ T8051] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 190.883891][ T8063] IPVS: ovf: FWM 3 0x00000003 - no destination available [ 190.897120][ T9] IPVS: starting estimator thread 0... [ 190.994247][ T1318] kworker/u4:6: attempt to access beyond end of device [ 190.994247][ T1318] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 191.003277][ T8064] IPVS: using max 17 ests per chain, 40800 per kthread [ 191.022418][ T1318] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 191.029965][ T1318] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 191.136822][ T5790] ocfs2: Unmounting device (7,2) on (node local) [ 191.417038][ T8072] loop1: detected capacity change from 0 to 4096 [ 191.450951][ T8072] NILFS (loop1): invalid segment: Checksum error in segment payload [ 191.476315][ T8072] NILFS (loop1): trying rollback from an earlier position [ 191.527719][ T8072] NILFS (loop1): recovery complete [ 191.556676][ T8073] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 191.625149][ T27] hid-generic 0000:0004:0000.0012: unknown main item tag 0x0 [ 191.635649][ T27] hid-generic 0000:0004:0000.0012: unknown main item tag 0x0 [ 191.645001][ T27] hid-generic 0000:0004:0000.0012: unknown main item tag 0x0 [ 191.691383][ T27] hid-generic 0000:0004:0000.0012: hidraw0: HID v0.05 Device [syz0] on syz0 [ 191.794723][ T8081] netlink: 'syz.3.760': attribute type 1 has an invalid length. [ 191.852426][ T23] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 192.043542][ T8090] loop0: detected capacity change from 0 to 2048 [ 192.059893][ T23] usb 3-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e [ 192.075830][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.088816][ T23] usb 3-1: Product: syz [ 192.094873][ T23] usb 3-1: Manufacturer: syz [ 192.099734][ T23] usb 3-1: SerialNumber: syz [ 192.107055][ T8090] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 192.120014][ T23] usb 3-1: config 0 descriptor?? [ 192.148732][ T28] audit: type=1800 audit(1757458314.689:18): pid=8090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.764" name=90F239201AF3D6ACEFFA46D6B98D2723FF75C6844CC73870F0813A3D7B5F9E6899C7013003F2AB7E296EA40F93A73AF69E584D6307717C85E26BD9B9EED02E7F59E4A759C36E3A8A7648B289A410783C012701FD4E8192B39B9E dev="loop0" ino=1368 res=0 errno=0 [ 192.184249][ C0] vkms_vblank_simulate: vblank timer overrun [ 192.743042][ T23] mos7840 3-1:0.0: required endpoints missing [ 192.765955][ T23] usb 3-1: USB disconnect, device number 11 [ 192.788724][ T8096] loop1: detected capacity change from 0 to 40427 [ 192.812368][ T27] IPVS: starting estimator thread 0... [ 192.820907][ T8096] F2FS-fs (loop1): build fault injection attr: rate: 694, type: 0x7ffff [ 192.842514][ T8096] F2FS-fs (loop1): invalid crc value [ 192.860859][ T8096] F2FS-fs (loop1): Found nat_bits in checkpoint [ 192.912359][ T8106] IPVS: using max 21 ests per chain, 50400 per kthread [ 192.971928][ T8096] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 192.994070][ T8115] loop3: detected capacity change from 0 to 16 [ 192.997538][ T8096] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_new_node_page+0x13a/0x910 [ 193.018747][ T28] audit: type=1804 audit(1757458315.559:19): pid=8096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.768" name="/newroot/171/file0/file1" dev="loop1" ino=10 res=1 errno=0 [ 193.026880][ T8115] erofs: (device loop3): mounted with root inode @ nid 36. [ 193.079395][ T5786] syz-executor: attempt to access beyond end of device [ 193.079395][ T5786] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 193.101834][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 193.211026][ T8117] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 193.230838][ T8117] infiniband sLò2: RDMA CMA: cma_listen_on_dev, error -98 [ 193.530712][ T8112] loop0: detected capacity change from 0 to 32768 [ 193.556866][ T8120] loop2: detected capacity change from 0 to 1024 [ 193.594311][ T8120] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 193.608050][ T8120] EXT4-fs (loop2): group descriptors corrupted! [ 193.628755][ T8112] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 193.646081][ T8126] loop3: detected capacity change from 0 to 128 [ 193.756652][ T8126] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 193.790562][ T8126] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 193.881885][ T5793] ocfs2: Unmounting device (7,0) on (node local) [ 193.893934][ T5797] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 194.155868][ T8139] loop0: detected capacity change from 0 to 256 [ 194.183900][ T8139] FAT-fs (loop0): Directory bread(block 1285) failed [ 194.219553][ T8139] FAT-fs (loop0): Directory bread(block 1285) failed [ 194.232563][ T8139] FAT-fs (loop0): FAT read failed (blocknr 1281) [ 194.256732][ T8139] FAT-fs (loop0): Directory bread(block 1285) failed [ 194.266305][ T8139] FAT-fs (loop0): Directory bread(block 1285) failed [ 194.278828][ T8139] FAT-fs (loop0): Directory bread(block 1285) failed [ 194.290407][ T8139] FAT-fs (loop0): Directory bread(block 1285) failed [ 194.297848][ T8139] FAT-fs (loop0): Directory bread(block 1285) failed [ 194.305232][ T8139] FAT-fs (loop0): Directory bread(block 1285) failed [ 194.315425][ T8139] FAT-fs (loop0): Directory bread(block 1285) failed [ 194.342294][ T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 194.367025][ T8142] loop2: detected capacity change from 0 to 1024 [ 194.479564][ T1318] hfsplus: b-tree write err: -5, ino 4 [ 194.532294][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 194.544750][ T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 194.555857][ T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 194.589002][ T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 194.612537][ T9] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 194.635838][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.642369][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.653464][ T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 194.663484][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 194.682318][ T9] usb 2-1: SerialNumber: syz [ 194.696324][ T9] hub 2-1:1.0: bad descriptor, ignoring hub [ 194.703092][ T9] hub: probe of 2-1:1.0 failed with error -5 [ 194.711941][ T9] cdc_ether: probe of 2-1:1.0 failed with error -22 [ 194.835717][ T8138] loop3: detected capacity change from 0 to 32768 [ 194.869917][ T8138] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 194.954063][ T8138] XFS (loop3): Ending clean mount [ 194.966296][ T8138] XFS (loop3): Quotacheck needed: Please wait. [ 195.029359][ T8138] XFS (loop3): Quotacheck: Done. [ 195.260257][ T5797] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 195.306099][ T8169] loop0: detected capacity change from 0 to 2048 [ 195.359726][ T8169] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 195.523514][ T28] audit: type=1800 audit(1757458318.059:20): pid=8169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.791" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 195.614711][ T8169] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.931067][ T8193] loop2: detected capacity change from 0 to 1764 [ 196.206394][ T8205] pim6reg1: entered promiscuous mode [ 196.211923][ T8205] pim6reg1: entered allmulticast mode [ 196.254645][ T28] audit: type=1326 audit(1757458318.799:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8206 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b7e18ebe9 code=0x7ffc0000 [ 196.287637][ T28] audit: type=1326 audit(1757458318.799:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8206 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b7e18ebe9 code=0x7ffc0000 [ 196.311096][ T28] audit: type=1326 audit(1757458318.799:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8206 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f6b7e18ebe9 code=0x7ffc0000 [ 196.339909][ T28] audit: type=1326 audit(1757458318.799:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8206 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b7e18ebe9 code=0x7ffc0000 [ 196.363707][ T6720] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 196.372178][ T28] audit: type=1326 audit(1757458318.819:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8206 comm="syz.3.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b7e18ebe9 code=0x7ffc0000 [ 196.475555][ T8213] loop2: detected capacity change from 0 to 256 [ 196.483157][ T8213] exfat: Deprecated parameter 'namecase' [ 196.500298][ T8213] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1cbb2d6c, utbl_chksum : 0xe619d30d) [ 196.567908][ T8215] loop3: detected capacity change from 0 to 256 [ 196.576602][ T6720] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.590991][ T6720] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.602586][ T6720] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 196.632374][ T8215] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d) [ 196.646716][ T6720] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 196.656759][ T6720] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.671827][ T6720] usb 1-1: config 0 descriptor?? [ 196.684967][ T28] audit: type=1800 audit(1757458319.229:26): pid=8215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.811" name="file2" dev="loop3" ino=1048614 res=0 errno=0 [ 197.022736][ T5826] usb 2-1: USB disconnect, device number 11 [ 197.109556][ T6720] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving [ 197.138902][ T6720] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 197.366355][ T5826] usb 1-1: USB disconnect, device number 14 [ 198.302433][ T8275] loop0: detected capacity change from 0 to 2048 [ 198.337560][ T8275] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 198.432226][ T6720] usb 3-1: new full-speed USB device number 12 using dummy_hcd [ 198.634465][ T6720] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 198.642875][ T6720] usb 3-1: config 0 has no interface number 0 [ 198.649055][ T6720] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 198.674407][ T8284] loop3: detected capacity change from 0 to 8192 [ 198.681097][ T6720] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.698362][ T8284] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 198.723351][ T6720] usb 3-1: config 0 descriptor?? [ 198.734419][ T6720] usb 3-1: selecting invalid altsetting 1 [ 198.753526][ T6720] dvb_ttusb_budget: ttusb_init_controller: error [ 198.766117][ T6720] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 198.975733][ T6720] DVB: Unable to find symbol cx22700_attach() [ 199.058089][ T6720] DVB: Unable to find symbol tda10046_attach() [ 199.068856][ T6720] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 199.080667][ T6720] usb 3-1: USB disconnect, device number 12 [ 199.482623][ T8302] netlink: 12 bytes leftover after parsing attributes in process `syz.3.849'. [ 199.616543][ T8305] loop2: detected capacity change from 0 to 128 [ 200.549489][ T8317] loop3: detected capacity change from 0 to 256 [ 200.959397][ T8321] loop3: detected capacity change from 0 to 512 [ 201.087580][ T8321] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.857: casefold flag without casefold feature [ 201.133641][ T8321] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.857: couldn't read orphan inode 15 (err -117) [ 201.198096][ T8321] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 201.266900][ T8333] loop2: detected capacity change from 0 to 512 [ 201.330935][ T8333] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 201.391082][ T8333] EXT4-fs (loop2): 1 truncate cleaned up [ 201.416889][ T8333] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.513772][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.535370][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.413745][ T8359] loop0: detected capacity change from 0 to 64 [ 202.608666][ T8363] loop3: detected capacity change from 0 to 512 [ 202.648294][ T8363] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 202.661260][ T8363] ext4 filesystem being mounted at /214/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 202.716883][ T8363] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #2: comm syz.3.875: corrupted inode contents [ 202.777126][ T8363] EXT4-fs error (device loop3): ext4_dirty_inode:6106: inode #2: comm syz.3.875: mark_inode_dirty error [ 202.842741][ T8363] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #2: comm syz.3.875: corrupted inode contents [ 202.880862][ T8375] loop2: detected capacity change from 0 to 2048 [ 202.894043][ T8363] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.875: mark_inode_dirty error [ 202.929453][ T8375] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 202.953759][ T8367] loop0: detected capacity change from 0 to 8192 [ 202.968527][ T8353] loop1: detected capacity change from 0 to 32768 [ 202.975572][ T8367] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 202.978871][ T8353] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.869 (8353) [ 203.005566][ T8367] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 203.019447][ T8367] REISERFS (device loop0): using ordered data mode [ 203.026146][ T28] audit: type=1800 audit(1757458325.569:27): pid=8375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.879" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 203.044061][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.046971][ T8367] reiserfs: using flush barriers [ 203.065816][ T8367] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 203.086273][ T8353] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 203.096980][ T8353] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 203.107193][ T8367] REISERFS (device loop0): checking transaction log (loop0) [ 203.114681][ T8353] BTRFS info (device loop1): setting nodatacow, compression disabled [ 203.123374][ T8353] BTRFS info (device loop1): max_inline at 0 [ 203.129954][ T8353] BTRFS info (device loop1): enabling disk space caching [ 203.152622][ T8367] REISERFS (device loop0): Using r5 hash to sort names [ 203.160511][ T8367] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 203.182242][ T8353] BTRFS info (device loop1): turning off barriers [ 203.188747][ T8353] BTRFS info (device loop1): turning on flush-on-commit [ 203.224503][ T8353] BTRFS info (device loop1): doing ref verification [ 203.231197][ T8353] BTRFS info (device loop1): force clearing of disk cache [ 203.241729][ T8367] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 3257, free_space(entry_count) 2 [ 203.262870][ T8367] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 540. Fsck? [ 203.276767][ T8353] BTRFS info (device loop1): enabling ssd optimizations [ 203.283508][ T8367] REISERFS (device loop0): Remounting filesystem read-only [ 203.291167][ T8367] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 3 0x0 SD] stat data [ 203.306641][ T8353] BTRFS info (device loop1): max_inline at 4096 [ 203.313066][ T8353] BTRFS info (device loop1): disk space caching is enabled [ 203.334729][ T8383] netlink: 48 bytes leftover after parsing attributes in process `syz.3.881'. [ 203.448899][ T8353] BTRFS info (device loop1): auto enabling async discard [ 203.470039][ T8353] BTRFS info (device loop1): rebuilding free space tree [ 203.541456][ T8353] BTRFS info (device loop1): disabling free space tree [ 203.563622][ T8353] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 203.598014][ T8353] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 203.712077][ T8375] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 203.759720][ T8374] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 160 with max blocks 1984 with error 28 [ 203.781943][ T8374] EXT4-fs (loop2): This should not happen!! Data will be lost [ 203.781943][ T8374] [ 203.796139][ T8374] EXT4-fs (loop2): Total free blocks count 0 [ 203.805031][ T8374] EXT4-fs (loop2): Free/Dirty block details [ 203.811600][ T8374] EXT4-fs (loop2): free_blocks=2415919504 [ 203.824288][ T8374] EXT4-fs (loop2): dirty_blocks=1984 [ 203.829726][ T8374] EXT4-fs (loop2): Block reservation details [ 203.858157][ T8374] EXT4-fs (loop2): i_reserved_data_blocks=124 [ 203.902333][ T5826] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 204.022604][ T5786] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 204.104334][ T5826] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 204.133879][ T5826] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 204.141290][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.163912][ T5826] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 204.192253][ T5826] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 204.200326][ T5826] usb 4-1: SerialNumber: syz [ 204.460680][ T5826] usb 4-1: 0:2 : does not exist [ 204.516742][ T5826] usb 4-1: USB disconnect, device number 12 [ 204.674326][ T8418] netlink: 'syz.2.887': attribute type 11 has an invalid length. [ 204.949502][ T8430] netdevsim netdevsim2: Direct firmware load for ./file0/file1 failed with error -2 [ 204.961478][ T8430] netdevsim netdevsim2: Falling back to sysfs fallback for: ./file0/file1 [ 205.155789][ T5826] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 205.355159][ T5826] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 205.365956][ T5826] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 205.379537][ T5826] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 205.389731][ T5826] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.605519][ T8440] loop3: detected capacity change from 0 to 4096 [ 205.611691][ T5826] usb 1-1: usb_control_msg returned -32 [ 205.620100][ T5826] usbtmc 1-1:16.0: can't read capabilities [ 205.624719][ T8440] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 205.643320][ T8440] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.750649][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.085183][ T8455] loop1: detected capacity change from 0 to 256 [ 206.338327][ T8448] loop2: detected capacity change from 0 to 32768 [ 206.378886][ T8448] syz.2.900: attempt to access beyond end of device [ 206.378886][ T8448] loop14: rw=0, sector=8, nr_sectors = 8 limit=0 [ 206.398590][ T8448] lbmIODone: I/O error in JFS log [ 206.406319][ T8448] *** Log Format Error ! *** [ 206.411580][ T8448] lmLogInit: exit(-22) [ 206.420704][ T8448] lmLogOpen: exit(-22) [ 206.431594][ T8448] jfs_dirty_inode called on read-only volume [ 206.447097][ T8448] Is remount racy? [ 206.589358][ T8453] loop3: detected capacity change from 0 to 40427 [ 206.598605][ T8453] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 206.612566][ T8453] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 206.623587][ T8453] F2FS-fs (loop3): invalid crc value [ 206.635588][ T8453] F2FS-fs (loop3): Found nat_bits in checkpoint [ 206.676668][ T8453] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 206.683981][ T8453] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 207.182339][ T5792] Bluetooth: hci2: command 0x0c1a tx timeout [ 207.193269][ T5826] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 207.394281][ T5826] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 207.406760][ T5826] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 207.417903][ T5826] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 207.427868][ T5826] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 207.436134][ T5826] usb 2-1: SerialNumber: syz [ 207.655569][ T5826] usb 2-1: 0:2 : does not exist [ 207.678452][ T5826] usb 2-1: USB disconnect, device number 12 [ 207.897712][ T9] usb 1-1: USB disconnect, device number 15 [ 208.356376][ T28] audit: type=1326 audit(1757458330.899:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f074e78ebe9 code=0x7fc00000 [ 208.396122][ T28] audit: type=1326 audit(1757458330.899:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f074e78ebe9 code=0x7fc00000 [ 208.441938][ T28] audit: type=1326 audit(1757458330.899:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f074e78ebe9 code=0x7fc00000 [ 208.468133][ T8499] netdevsim netdevsim1 : renamed from netdevsim0 (while UP) [ 208.487887][ T28] audit: type=1326 audit(1757458330.899:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f074e78ebe9 code=0x7fc00000 [ 208.491867][ T8492] loop0: detected capacity change from 0 to 32768 [ 208.518585][ T28] audit: type=1326 audit(1757458330.899:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f074e78ebe9 code=0x7fc00000 [ 208.541398][ T28] audit: type=1326 audit(1757458330.899:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f074e78ebe9 code=0x7fc00000 [ 208.564083][ T28] audit: type=1326 audit(1757458330.899:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f074e78ebe9 code=0x7fc00000 [ 208.587863][ T8492] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 208.621383][ T8492] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 208.753352][ C0] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc. [ 208.819725][ T5793] ocfs2: Unmounting device (7,0) on (node local) [ 208.871524][ T8510] loop3: detected capacity change from 0 to 64 [ 209.070215][ T8515] loop0: detected capacity change from 0 to 64 [ 209.101363][ T8517] loop3: detected capacity change from 0 to 512 [ 209.168895][ T8517] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.185103][ T8517] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 209.328822][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.342400][ T5789] Bluetooth: hci2: command 0x0c1a tx timeout [ 209.507063][ T8534] loop3: detected capacity change from 0 to 512 [ 209.518971][ T8534] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 209.550230][ T8534] EXT4-fs (loop3): 1 truncate cleaned up [ 209.561251][ T8534] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.696799][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.811838][ T8544] netlink: 'syz.3.938': attribute type 4 has an invalid length. [ 211.019116][ T8548] loop0: detected capacity change from 0 to 32768 [ 211.067508][ T8548] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 211.201194][ T8548] XFS (loop0): Ending clean mount [ 211.217978][ T8559] loop3: detected capacity change from 0 to 40427 [ 211.219305][ T8548] XFS (loop0): Quotacheck needed: Please wait. [ 211.227370][ T8559] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 211.240757][ T8559] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 211.250286][ T8559] F2FS-fs (loop3): heap/no_heap options were deprecated [ 211.266759][ T8559] F2FS-fs (loop3): invalid crc value [ 211.292718][ T8559] F2FS-fs (loop3): Found nat_bits in checkpoint [ 211.367438][ T8548] XFS (loop0): Quotacheck: Done. [ 211.402531][ T8559] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 211.409737][ T8559] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 211.464634][ T8559] syz.3.946: attempt to access beyond end of device [ 211.464634][ T8559] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 211.493663][ T8559] F2FS-fs (loop3): Remounting filesystem read-only [ 211.558225][ T5793] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 212.215354][ T8583] loop0: detected capacity change from 0 to 1024 [ 212.283817][ T8583] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 212.359700][ T8575] loop2: detected capacity change from 0 to 32768 [ 212.398432][ T8575] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.948 (8575) [ 212.410294][ T8583] EXT4-fs error (device loop0): ext4_xattr_set_entry:1677: inode #15: comm syz.0.951: corrupted xattr entries [ 212.442422][ T8575] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 212.457661][ T8583] EXT4-fs error (device loop0): ext4_xattr_block_set:2222: inode #15: comm syz.0.951: bad block 129 [ 212.470396][ T8588] loop3: detected capacity change from 0 to 128 [ 212.477052][ T8575] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 212.501140][ T8588] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002] [ 212.527325][ T8575] BTRFS info (device loop2): enabling disk space caching [ 212.534981][ T8588] System zones: 1-3, 19-19, 35-36 [ 212.541459][ T8575] BTRFS info (device loop2): disabling tree log [ 212.566628][ T8588] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 212.581343][ T8575] BTRFS info (device loop2): setting nodatasum [ 212.602307][ T8575] BTRFS info (device loop2): turning off barriers [ 212.608899][ T8575] BTRFS info (device loop2): turning on flush-on-commit [ 212.620327][ T8581] loop1: detected capacity change from 0 to 40427 [ 212.625968][ T8588] ext4 filesystem being mounted at /236/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 212.631201][ T8575] BTRFS info (device loop2): doing ref verification [ 212.666884][ T8575] BTRFS info (device loop2): force clearing of disk cache [ 212.674560][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 212.676748][ T8575] BTRFS info (device loop2): enabling ssd optimizations [ 212.693541][ T8581] F2FS-fs (loop1): invalid crc value [ 212.701655][ T8581] F2FS-fs (loop1): Found nat_bits in checkpoint [ 212.708197][ T8575] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8) [ 212.752357][ T8575] BTRFS info (device loop2): use lzo compression, level 0 [ 212.759592][ T8575] BTRFS info (device loop2): disk space caching is enabled [ 212.800239][ T8581] F2FS-fs (loop1): Start checkpoint disabled! [ 212.816316][ T5797] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 212.826862][ T8581] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 212.875861][ T28] audit: type=1800 audit(1757458335.409:35): pid=8581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.953" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 212.913639][ T28] audit: type=1804 audit(1757458335.409:36): pid=8581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.953" name="/newroot/207/file0/file1" dev="loop1" ino=10 res=1 errno=0 [ 212.936174][ T8575] BTRFS info (device loop2): auto enabling async discard [ 212.957221][ T8575] BTRFS info (device loop2): rebuilding free space tree [ 212.994422][ T8575] BTRFS info (device loop2): disabling free space tree [ 213.017676][ T8575] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 213.039668][ T8575] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 213.098262][ T48] kworker/u4:3: attempt to access beyond end of device [ 213.098262][ T48] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 213.115014][ T48] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 213.123830][ T48] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 213.246167][ T8575] BTRFS warning (device loop2): can't clear the compat:0 feature bit while mounted [ 213.256695][ T28] audit: type=1800 audit(1757458335.789:37): pid=8575 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.948" name="file1" dev="loop2" ino=260 res=0 errno=0 [ 213.343777][ T5790] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 214.301076][ T8629] loop2: detected capacity change from 0 to 2048 [ 214.356511][ T8629] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 214.633081][ T8633] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 214.650531][ T8631] loop1: detected capacity change from 0 to 8192 [ 214.665914][ T8622] loop3: detected capacity change from 0 to 32768 [ 214.683143][ T8622] XFS: ikeep mount option is deprecated. [ 214.728337][ T8622] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 214.785958][ T8642] netlink: 'syz.0.966': attribute type 10 has an invalid length. [ 214.797999][ T8642] macvlan0: entered allmulticast mode [ 214.829153][ T8642] veth1_vlan: entered allmulticast mode [ 214.870364][ T8622] XFS (loop3): Ending clean mount [ 214.879117][ T8622] XFS (loop3): Quotacheck needed: Please wait. [ 214.919708][ T8642] veth1_vlan: left allmulticast mode [ 214.970775][ T8622] XFS (loop3): Quotacheck: Done. [ 215.006605][ T8622] XFS (loop3): User initiated shutdown received. [ 215.013187][ T8622] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 215.026774][ T8622] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 215.096612][ T5797] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 215.156685][ T8652] netlink: 64 bytes leftover after parsing attributes in process `syz.1.970'. [ 215.177322][ T8652] netlink: 8 bytes leftover after parsing attributes in process `syz.1.970'. [ 215.395741][ T8649] loop0: detected capacity change from 0 to 8192 [ 215.454097][ T8649] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 215.467467][ T8649] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 215.471301][ T8656] loop2: detected capacity change from 0 to 4096 [ 215.476857][ T8649] REISERFS (device loop0): using ordered data mode [ 215.490348][ T8649] reiserfs: using flush barriers [ 215.521832][ T8656] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 215.525317][ T8649] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 215.564227][ T8649] REISERFS (device loop0): checking transaction log (loop0) [ 215.590617][ T8656] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.808941][ T8649] REISERFS (device loop0): Using tea hash to sort names [ 215.818329][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.828095][ T8649] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 215.972439][ T8667] loop2: detected capacity change from 0 to 1024 [ 216.004310][ T8667] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 216.073898][ T28] audit: type=1800 audit(1757458338.619:38): pid=8667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.976" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 216.134481][ T28] audit: type=1804 audit(1757458338.649:39): pid=8667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.976" name="/newroot/261/file1/file1" dev="loop2" ino=15 res=1 errno=0 [ 216.194467][ T28] audit: type=1800 audit(1757458338.649:40): pid=8667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.976" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 216.217073][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.341877][ T8665] loop1: detected capacity change from 0 to 32768 [ 216.402727][ T8665] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 216.521226][ T8665] XFS (loop1): Ending clean mount [ 216.536045][ T8683] nbd: illegal input index -1 [ 216.551022][ T8665] XFS (loop1): Quotacheck needed: Please wait. [ 216.680110][ T8665] XFS (loop1): Quotacheck: Done. [ 216.890581][ T5786] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 217.357720][ T8689] loop3: detected capacity change from 0 to 32768 [ 217.376895][ T8689] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 217.444338][ T8689] XFS (loop3): Ending clean mount [ 217.452377][ T8689] XFS (loop3): Quotacheck needed: Please wait. [ 217.489863][ T8689] XFS (loop3): Quotacheck: Done. [ 217.564450][ T5797] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 217.819690][ T8717] loop3: detected capacity change from 0 to 512 [ 217.850496][ T8717] EXT4-fs error (device loop3): ext4_get_branch:178: inode #13: block 2: comm syz.3.990: invalid block [ 217.894540][ T8717] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.990: invalid indirect mapped block 10 (level 1) [ 217.927835][ T8717] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.990: invalid indirect mapped block 8 (level 1) [ 217.935910][ T8722] input: syz0 as /devices/virtual/input/input13 [ 217.947327][ T8717] EXT4-fs (loop3): 1 truncate cleaned up [ 217.971593][ T8717] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 218.069178][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.580727][ T8724] loop2: detected capacity change from 0 to 32768 [ 218.631640][ T8724] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 218.893189][ T5790] (syz-executor,5790,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72 [ 218.913103][ T8743] vlan2: entered allmulticast mode [ 218.918309][ T8743] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 218.935989][ T5790] ocfs2: Unmounting device (7,2) on (node local) [ 218.979697][ T8728] loop3: detected capacity change from 0 to 32768 [ 219.049065][ T8728] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 219.183728][ T8728] XFS (loop3): Ending clean mount [ 219.208883][ T8728] XFS (loop3): Quotacheck needed: Please wait. [ 219.286935][ T8728] XFS (loop3): Quotacheck: Done. [ 219.368817][ T8762] loop2: detected capacity change from 0 to 512 [ 219.389954][ T8762] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2244: inode #15: comm syz.2.1000: corrupted in-inode xattr: invalid ea_ino [ 219.423632][ T5792] Bluetooth: hci2: command 0x0c1a tx timeout [ 219.432332][ T8762] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1000: couldn't read orphan inode 15 (err -117) [ 219.435450][ T5797] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 219.462204][ T8762] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.777643][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.137740][ T8777] loop3: detected capacity change from 0 to 512 [ 220.244633][ T8777] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.1016: corrupted in-inode xattr: invalid ea_ino [ 220.314020][ T8777] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1016: couldn't read orphan inode 15 (err -117) [ 220.368239][ T8777] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 220.597379][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.063189][ T8773] loop0: detected capacity change from 0 to 131072 [ 221.074436][ T8788] vlan2: entered allmulticast mode [ 221.081068][ T8773] F2FS-fs (loop0): Test dummy encryption mode enabled [ 221.091088][ T8788] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 221.108318][ T8773] F2FS-fs (loop0): invalid crc value [ 221.154154][ T8773] F2FS-fs (loop0): Found nat_bits in checkpoint [ 221.210086][ T8773] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 221.229017][ T8779] loop2: detected capacity change from 0 to 32768 [ 221.284872][ T8779] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 221.375614][ T8803] input: syz0 as /devices/virtual/input/input14 [ 221.474550][ T8779] XFS (loop2): Ending clean mount [ 221.490305][ T8779] XFS (loop2): Quotacheck needed: Please wait. [ 221.556335][ T8779] XFS (loop2): Quotacheck: Done. [ 221.864999][ T5790] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 222.537789][ T8818] loop0: detected capacity change from 0 to 512 [ 222.556744][ T8818] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz.0.1015: invalid block [ 222.569250][ T8818] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1015: invalid indirect mapped block 10 (level 1) [ 222.587851][ T8818] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1015: invalid indirect mapped block 8 (level 1) [ 222.609004][ T8818] EXT4-fs (loop0): 1 truncate cleaned up [ 222.617360][ T8818] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 222.704722][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.850098][ T8816] loop1: detected capacity change from 0 to 32768 [ 222.879622][ T8816] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 222.955602][ T8816] XFS (loop1): Ending clean mount [ 222.968391][ T8816] XFS (loop1): Quotacheck needed: Please wait. [ 223.029472][ T8816] XFS (loop1): Quotacheck: Done. [ 223.142637][ T5826] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 223.163139][ T5786] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 223.332655][ T5826] usb 1-1: Using ep0 maxpacket: 32 [ 223.339795][ T5826] usb 1-1: config 0 has an invalid interface number: 184 but max is 0 [ 223.348042][ T5826] usb 1-1: config 0 has no interface number 0 [ 223.354281][ T5826] usb 1-1: config 0 interface 184 has no altsetting 0 [ 223.365477][ T5826] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 223.374864][ T5826] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.382951][ T5826] usb 1-1: Product: syz [ 223.387232][ T5826] usb 1-1: Manufacturer: syz [ 223.391867][ T5826] usb 1-1: SerialNumber: syz [ 223.399789][ T5826] usb 1-1: config 0 descriptor?? [ 223.408317][ T5826] smsc75xx v1.0.0 [ 224.219720][ T5826] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71 [ 224.230793][ T5826] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 224.240999][ T5826] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 224.251926][ T5826] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 224.263025][ T5826] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 224.273462][ T5826] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 224.283161][ T5826] smsc75xx: probe of 1-1:0.184 failed with error -71 [ 224.293235][ T5826] usb 1-1: USB disconnect, device number 16 [ 224.857130][ T8839] input: syz0 as /devices/virtual/input/input15 [ 225.491614][ T8837] loop1: detected capacity change from 0 to 131072 [ 225.499808][ T8837] F2FS-fs (loop1): Test dummy encryption mode enabled [ 225.508578][ T8837] F2FS-fs (loop1): invalid crc value [ 225.517456][ T8837] F2FS-fs (loop1): Found nat_bits in checkpoint [ 225.556252][ T8837] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 226.431061][ T8858] loop2: detected capacity change from 0 to 512 [ 226.465519][ T8858] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 2: comm syz.2.1031: invalid block [ 226.488222][ T8858] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1031: invalid indirect mapped block 10 (level 1) [ 226.512027][ T8858] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1031: invalid indirect mapped block 8 (level 1) [ 226.555526][ T8858] EXT4-fs (loop2): 1 truncate cleaned up [ 226.565163][ T8858] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.630239][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.898875][ T8899] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.950939][ T8900] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.958428][ T8900] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.019495][ T8901] netlink: 'syz.2.1046': attribute type 4 has an invalid length. [ 228.264662][ T8889] loop3: detected capacity change from 0 to 32768 [ 228.328799][ T8889] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 228.439283][ T8889] XFS (loop3): Ending clean mount [ 228.457881][ T8889] XFS (loop3): Quotacheck needed: Please wait. [ 228.521398][ T8889] XFS (loop3): Quotacheck: Done. [ 228.723138][ T5797] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 229.592520][ T8961] ALSA: mixer_oss: invalid OSS volume 'Shared_Hugetlb:' [ 229.599637][ T8961] ALSA: mixer_oss: invalid OSS volume 'Private_Hugetlb:' [ 229.614846][ T8963] loop3: detected capacity change from 0 to 512 [ 229.630293][ T8963] EXT4-fs: Ignoring removed nobh option [ 229.661407][ T8963] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1073: iget: bad i_size value: 38620345925642 [ 229.712357][ T8963] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1073: couldn't read orphan inode 15 (err -117) [ 229.729444][ T8963] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 229.890246][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.175339][ T8992] netlink: 'syz.0.1082': attribute type 12 has an invalid length. [ 230.183567][ T8992] netlink: 'syz.0.1082': attribute type 29 has an invalid length. [ 230.191590][ T8992] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1082'. [ 230.201530][ T8992] netlink: 'syz.0.1082': attribute type 2 has an invalid length. [ 230.209890][ T8992] netlink: 'syz.0.1082': attribute type 3 has an invalid length. [ 230.344591][ T6720] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 230.441576][ T8998] loop1: detected capacity change from 0 to 512 [ 230.459985][ T8999] loop0: detected capacity change from 0 to 1024 [ 230.485298][ T8998] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.530636][ T8998] ext4 filesystem being mounted at /239/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 230.548130][ T6720] usb 4-1: Using ep0 maxpacket: 32 [ 230.573634][ T6720] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 230.592696][ T8999] hfsplus: xattr searching failed [ 230.598127][ T6720] usb 4-1: config 0 has no interface number 0 [ 230.617330][ T8999] hfsplus: xattr searching failed [ 230.624866][ T8999] hfsplus: xattr searching failed [ 230.627612][ T6720] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 230.642298][ T6720] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.666986][ T6720] usb 4-1: Product: syz [ 230.671260][ T6720] usb 4-1: Manufacturer: syz [ 230.686387][ T6720] usb 4-1: SerialNumber: syz [ 230.703163][ T6720] usb 4-1: config 0 descriptor?? [ 230.722829][ T6720] smsc95xx v2.0.0 [ 230.735590][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.992206][ T9] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 231.144537][ T6720] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 231.155570][ T6720] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 231.192393][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 231.200317][ T9] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 231.210740][ T9] usb 1-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 231.222171][ T9] usb 1-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 231.231962][ T9] usb 1-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 231.245081][ T9] usb 1-1: config 7 interface 0 has no altsetting 0 [ 231.251755][ T9] usb 1-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 231.261005][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.570020][ T6720] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 231.581183][ T6720] smsc95xx: probe of 4-1:0.67 failed with error -71 [ 231.592313][ T6720] usb 4-1: USB disconnect, device number 13 [ 231.727194][ T9] input: HID 0458:5010 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:7.0/0003:0458:5010.0014/input/input16 [ 231.816914][ T9] kye 0003:0458:5010.0014: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.0-1/input0 [ 231.946130][ T6720] usb 1-1: USB disconnect, device number 17 [ 232.521268][ T9026] loop0: detected capacity change from 0 to 256 [ 232.529794][ T9026] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 232.540580][ T9026] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 232.559597][ T9026] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 232.603330][ T9026] exFAT-fs (loop0): invalid start cluster (2155889475) [ 232.662447][ T6720] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 232.845681][ T6720] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 232.856465][ T6720] usb 2-1: New USB device found, idVendor=0582, idProduct=0000, bcdDevice= 0.00 [ 232.865835][ T6720] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.894436][ T6720] snd-usb-audio: probe of 2-1:27.0 failed with error -22 [ 233.101948][ T6720] usb 2-1: USB disconnect, device number 13 [ 233.555465][ T9040] loop3: detected capacity change from 0 to 512 [ 233.565336][ T9040] EXT4-fs (loop3): Test dummy encryption mode enabled [ 233.574460][ T9040] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 233.596566][ T9040] EXT4-fs (loop3): 1 truncate cleaned up [ 233.605755][ T9040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.683050][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.416851][ T9074] loop1: detected capacity change from 0 to 2048 [ 234.438956][ T9074] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 234.470707][ T9077] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 234.664278][ T9081] loop0: detected capacity change from 0 to 4096 [ 234.695743][ T9081] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 234.858493][ T9084] loop1: detected capacity change from 0 to 4096 [ 235.489537][ T9105] loop2: detected capacity change from 0 to 8192 [ 235.512613][ T9105] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 235.542393][ T9105] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 235.572077][ T9105] REISERFS (device loop2): using ordered data mode [ 235.578868][ T9105] reiserfs: using flush barriers [ 235.608723][ T9105] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 235.646380][ T9105] REISERFS (device loop2): checking transaction log (loop2) [ 235.724990][ T9104] loop1: detected capacity change from 0 to 32768 [ 235.756119][ T9094] loop3: detected capacity change from 0 to 40427 [ 235.768405][ T9094] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 235.778177][ T9094] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 235.791987][ T9094] F2FS-fs (loop3): invalid crc value [ 235.816988][ T9105] REISERFS (device loop2): Using tea hash to sort names [ 235.825797][ T9105] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 235.839890][ T9105] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 235.975639][ T9094] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 235.995023][ T9094] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 236.119754][ T9094] syz.3.1128: attempt to access beyond end of device [ 236.119754][ T9094] loop3: rw=2049, sector=53248, nr_sectors = 136 limit=40427 [ 236.279510][ T5797] syz-executor: attempt to access beyond end of device [ 236.279510][ T5797] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 236.305144][ T5797] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 236.319730][ T9119] loop1: detected capacity change from 0 to 1024 [ 236.377874][ T28] audit: type=1800 audit(1757458358.919:41): pid=9119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1135" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 236.409377][ T9119] syz.1.1135: attempt to access beyond end of device [ 236.409377][ T9119] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 236.427703][ T9119] Buffer I/O error on dev loop1, logical block 2889, async page read [ 236.437229][ T9119] syz.1.1135: attempt to access beyond end of device [ 236.437229][ T9119] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 236.456381][ T9119] Buffer I/O error on dev loop1, logical block 2889, async page read [ 236.465036][ T9119] syz.1.1135: attempt to access beyond end of device [ 236.465036][ T9119] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 236.478801][ T9119] Buffer I/O error on dev loop1, logical block 2889, async page read [ 236.494166][ T9124] syz.1.1135: attempt to access beyond end of device [ 236.494166][ T9124] loop1: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 237.153774][ T9126] loop3: detected capacity change from 0 to 32768 [ 237.220368][ T9126] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 237.249370][ T9135] loop2: detected capacity change from 0 to 128 [ 237.284273][ T9135] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 237.313451][ T9135] ext4 filesystem being mounted at /296/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 237.339882][ T9126] XFS (loop3): Ending clean mount [ 237.351446][ T9126] XFS (loop3): Quotacheck needed: Please wait. [ 237.410483][ T9126] XFS (loop3): Quotacheck: Done. [ 237.424433][ T5790] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 237.552278][ T9] usb 2-1: new full-speed USB device number 14 using dummy_hcd [ 237.577586][ T5797] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 237.620310][ T9142] loop2: detected capacity change from 0 to 512 [ 237.734322][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 237.754361][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 237.770228][ T9] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 237.780292][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.795742][ T9] usb 2-1: config 0 descriptor?? [ 238.005609][ T9148] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1144'. [ 238.238811][ T9] savu 0003:1E7D:2D5A.0015: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 238.525257][ T6720] usb 2-1: USB disconnect, device number 14 [ 238.942648][ T9154] loop3: detected capacity change from 0 to 1024 [ 238.950158][ T9154] EXT4-fs: Ignoring removed oldalloc option [ 238.956344][ T9154] EXT4-fs: Ignoring removed orlov option [ 238.962387][ T9154] EXT4-fs: Ignoring removed nomblk_io_submit option [ 238.977668][ T9154] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 239.401952][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.444720][ T9165] Bluetooth: hci0: expected 2 bytes, got 7 bytes [ 239.570619][ T9170] loop3: detected capacity change from 0 to 2048 [ 239.614059][ T9170] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 239.628935][ T9170] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 239.723738][ T9170] overlayfs: failed to create directory ./bus/index (errno: 28); mounting read-only [ 239.743760][ T9170] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 239.942231][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.232698][ T55] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 240.442186][ T55] usb 3-1: Using ep0 maxpacket: 16 [ 240.454703][ T55] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 240.469589][ T55] usb 3-1: config 0 has no interface number 0 [ 240.492197][ T55] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 240.509625][ T55] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 240.531828][ T55] usb 3-1: Product: syz [ 240.541197][ T55] usb 3-1: Manufacturer: syz [ 240.557992][ T55] usb 3-1: SerialNumber: syz [ 240.581121][ T55] usb 3-1: config 0 descriptor?? [ 240.611193][ T55] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 241.638302][ T55] gspca_spca1528: reg_w err -71 [ 241.643546][ T55] spca1528: probe of 3-1:0.1 failed with error -71 [ 241.663100][ T9184] loop1: detected capacity change from 0 to 2048 [ 241.669351][ T55] usb 3-1: USB disconnect, device number 13 [ 241.750742][ T9184] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #2: comm syz.1.1155: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 241.804128][ T9184] EXT4-fs (loop1): get root inode failed [ 241.809934][ T9184] EXT4-fs (loop1): mount failed [ 241.955692][ T5792] Bluetooth: hci0: unexpected event for opcode 0x2062 [ 242.687829][ T9196] loop0: detected capacity change from 0 to 40427 [ 242.702206][ T9196] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 242.710109][ T9196] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 242.726564][ T9196] F2FS-fs (loop0): invalid crc value [ 242.748931][ T9196] F2FS-fs (loop0): Found nat_bits in checkpoint [ 242.806534][ T9196] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 242.814893][ T9196] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 242.898404][ T5793] syz-executor: attempt to access beyond end of device [ 242.898404][ T5793] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 242.925867][ T5793] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 242.936402][ T5793] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 243.098986][ T9218] loop1: detected capacity change from 0 to 1024 [ 243.140328][ T9218] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 243.153944][ T9218] ext4 filesystem being mounted at /260/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 243.191798][ T9218] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: block 3: comm syz.1.1171: lblock 3 mapped to illegal pblock 3 (length 13) [ 243.209198][ T9218] EXT4-fs (loop1): Remounting filesystem read-only [ 243.273853][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.538673][ T9226] loop1: detected capacity change from 0 to 8192 [ 243.610227][ T9226] loop1: p1 p2 p3 p4 [ 243.614868][ T9226] loop1: partition table partially beyond EOD, truncated [ 243.622263][ T9226] loop1: p1 size 3523149824 extends beyond EOD, truncated [ 243.638648][ T9226] loop1: p2 start 4293394688 is beyond EOD, truncated [ 243.657917][ T9226] loop1: p3 start 150994944 is beyond EOD, truncated [ 243.677313][ T9226] loop1: p4 size 50331648 extends beyond EOD, truncated [ 243.760314][ T9234] loop0: detected capacity change from 0 to 512 [ 243.790892][ T9234] EXT4-fs: Ignoring removed nobh option [ 243.798926][ T9234] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 243.818811][ T9234] EXT4-fs (loop0): 1 truncate cleaned up [ 243.833677][ T9234] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 243.896975][ T9237] loop1: detected capacity change from 0 to 128 [ 243.944089][ T28] audit: type=1800 audit(1757458366.489:42): pid=9234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1176" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 243.970223][ T9234] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2244: inode #15: comm syz.0.1176: corrupted in-inode xattr: overlapping e_value [ 243.987445][ T9234] EXT4-fs (loop0): Remounting filesystem read-only [ 243.994161][ T9234] EXT4-fs warning (device loop0): ext4_xattr_set_entry:1781: inode #15: comm syz.0.1176: unable to update i_inline_off [ 244.047481][ T9239] loop3: detected capacity change from 0 to 1024 [ 244.079675][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.177747][ T9239] hfsplus: b-tree write err: -5, ino 3 [ 244.742326][ T1186] usb 4-1: new full-speed USB device number 14 using dummy_hcd [ 244.891633][ T9259] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1186'. [ 244.906625][ T9259] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1186'. [ 244.920233][ T9259] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1186'. [ 244.946222][ T1186] usb 4-1: config 0 has an invalid interface number: 7 but max is 0 [ 244.962220][ T1186] usb 4-1: config 0 has no interface number 0 [ 244.978697][ T1186] usb 4-1: config 0 interface 7 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 245.002310][ T1186] usb 4-1: config 0 interface 7 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 245.016962][ T1186] usb 4-1: config 0 interface 7 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 245.034649][ T1186] usb 4-1: config 0 interface 7 has no altsetting 0 [ 245.042067][ T1186] usb 4-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00 [ 245.056266][ T1186] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 245.092458][ T1186] usb 4-1: config 0 descriptor?? [ 245.269562][ T9255] loop0: detected capacity change from 0 to 32768 [ 245.281792][ T9255] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 245.295459][ T9255] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 245.329684][ T9255] XFS (loop0): Ending clean mount [ 245.342594][ T9255] XFS (loop0): Quotacheck needed: Please wait. [ 245.353404][ T9] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 245.390534][ T9255] XFS (loop0): Quotacheck: Done. [ 245.481850][ T5793] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 245.521878][ T9273] pim6reg: entered allmulticast mode [ 245.532284][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 245.538161][ T9273] pim6reg: left allmulticast mode [ 245.540302][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 245.555513][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 245.569901][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 245.582859][ T9] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 245.592435][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 245.605765][ T9] usb 3-1: config 0 descriptor?? [ 245.747607][ T1186] usb 4-1: USB disconnect, device number 14 [ 245.992449][ T5792] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 246.003430][ T5792] Bluetooth: hci0: Injecting HCI hardware error event [ 246.013088][ T5789] Bluetooth: hci0: hardware error 0x00 [ 246.027227][ T9] HID 045e:07da: Invalid code 65791 type 1 [ 246.033349][ T5826] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 246.047274][ T9] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0017/input/input17 [ 246.064738][ T9] microsoft 0003:045E:07DA.0017: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 246.238628][ T5826] usb 2-1: config index 0 descriptor too short (expected 39, got 27) [ 246.248050][ T5826] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 246.261613][ T5826] usb 2-1: config 0 interface 0 has no altsetting 0 [ 246.261911][ T6720] usb 3-1: USB disconnect, device number 14 [ 246.273375][ T5826] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 246.291654][ T5826] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 246.300328][ T5826] usb 2-1: Product: syz [ 246.305117][ T5826] usb 2-1: Manufacturer: syz [ 246.309765][ T5826] usb 2-1: SerialNumber: syz [ 246.317236][ T5826] usb 2-1: config 0 descriptor?? [ 246.324589][ T5826] hub 2-1:0.0: bad descriptor, ignoring hub [ 246.336193][ T5826] hub: probe of 2-1:0.0 failed with error -5 [ 246.346068][ T5826] usb 2-1: selecting invalid altsetting 0 [ 246.630131][ T9278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 246.642267][ T55] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 246.653058][ T9278] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 246.855090][ T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 246.878437][ T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 246.888998][ T55] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 246.906743][ T55] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 246.916148][ T55] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.937110][ T55] usb 4-1: config 0 descriptor?? [ 247.201342][ T9284] loop0: detected capacity change from 0 to 32768 [ 247.210417][ T9284] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1194 (9284) [ 247.226175][ T9284] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 247.236518][ T9284] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 247.245262][ T9284] BTRFS info (device loop0): force clearing of disk cache [ 247.252482][ T9284] BTRFS info (device loop0): turning on sync discard [ 247.259243][ T9284] BTRFS info (device loop0): enabling auto defrag [ 247.266078][ T9284] BTRFS info (device loop0): max_inline at 0 [ 247.272307][ T9284] BTRFS info (device loop0): enabling disk space caching [ 247.279421][ T9284] BTRFS info (device loop0): disk space caching is enabled [ 247.323130][ T9284] BTRFS info (device loop0): enabling ssd optimizations [ 247.339054][ T9284] BTRFS info (device loop0): rebuilding free space tree [ 247.361662][ T9284] BTRFS info (device loop0): disabling free space tree [ 247.368967][ T9284] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 247.377169][ T55] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 247.382185][ T9284] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 247.386907][ T55] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 247.405070][ T55] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 247.412752][ T55] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 247.420327][ T55] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 247.428658][ T55] plantronics 0003:047F:FFFF.0018: unknown main item tag 0x0 [ 247.437441][ T55] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving [ 247.452159][ T55] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 247.576867][ T1318] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 247.651855][ T5793] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 247.680037][ T55] usb 4-1: USB disconnect, device number 15 [ 248.062644][ T5789] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 248.281726][ T9309] loop3: detected capacity change from 0 to 2048 [ 248.290154][ T9309] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 248.299967][ T9309] NILFS (loop3): mounting unchecked fs [ 248.318941][ T9309] NILFS (loop3): recovery complete [ 248.325628][ T9310] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 248.944542][ T9325] loop2: detected capacity change from 0 to 512 [ 248.959766][ T9325] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e028, mo2=0002] [ 248.968299][ T9325] System zones: 1-12 [ 248.977591][ T9325] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1202: invalid indirect mapped block 8 (level 2) [ 248.996303][ T9325] EXT4-fs (loop2): Remounting filesystem read-only [ 249.007148][ T9325] EXT4-fs (loop2): 1 truncate cleaned up [ 249.014943][ T9325] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.067417][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.224039][ T9335] sctp: [Deprecated]: syz.2.1207 (pid 9335) Use of struct sctp_assoc_value in delayed_ack socket option. [ 249.224039][ T9335] Use struct sctp_sack_info instead [ 249.844147][ T9353] xt_CT: You must specify a L4 protocol and not use inversions on it [ 249.894537][ T9355] loop3: detected capacity change from 0 to 128 [ 249.926181][ T28] audit: type=1800 audit(1757458372.469:43): pid=9355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1218" name="file1" dev="loop3" ino=1048642 res=0 errno=0 [ 249.951979][ T9355] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 249.960947][ T9355] FAT-fs (loop3): Filesystem has been set read-only [ 249.968439][ T9355] syz.3.1218: attempt to access beyond end of device [ 249.968439][ T9355] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 249.983019][ T9355] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 249.991090][ T9355] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 249.999600][ T9355] syz.3.1218: attempt to access beyond end of device [ 249.999600][ T9355] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 250.014473][ T28] audit: type=1800 audit(1757458372.559:44): pid=9355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1218" name="file2" dev="loop3" ino=1048643 res=0 errno=0 [ 250.039364][ T9355] FAT-fs (loop3): error, invalid FAT chain (i_pos 548, last_block 8) [ 250.051174][ T9355] FAT-fs (loop3): error, corrupted file size (i_pos 548, 522) [ 250.407401][ T9363] loop3: detected capacity change from 0 to 32768 [ 250.429879][ T9363] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 250.487878][ T5797] ocfs2: Unmounting device (7,3) on (node local) [ 250.582405][ T6720] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 250.634464][ T9370] 9pnet: p9_errstr2errno: server reported unknown error @00000000000000000000004 [ 250.757680][ T9374] loop2: detected capacity change from 0 to 1024 [ 250.766555][ T9374] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 250.772219][ T6720] usb 1-1: Using ep0 maxpacket: 32 [ 250.784898][ T9374] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 250.818751][ T6720] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 250.837929][ T9374] EXT4-fs (loop2): orphan cleanup on readonly fs [ 250.849386][ T9374] EXT4-fs error (device loop2): ext4_free_blocks:6676: comm syz.2.1224: Freeing blocks not in datazone - block = 0, count = 4096 [ 250.865369][ T6720] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 250.872411][ T9374] EXT4-fs (loop2): 1 orphan inode deleted [ 250.880046][ T6720] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 250.883148][ T9374] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 250.926819][ T6720] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.954821][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.963571][ T6720] usb 1-1: config 0 descriptor?? [ 251.018701][ T5826] usb 2-1: USB disconnect, device number 15 [ 251.090362][ T9380] loop2: detected capacity change from 0 to 2048 [ 251.106621][ T9380] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 251.183590][ T28] audit: type=1804 audit(1757458373.719:45): pid=9380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1226" name="/newroot/324/file0/file1" dev="loop2" ino=1346 res=1 errno=0 [ 251.239075][ T9384] loop3: detected capacity change from 0 to 2048 [ 251.295492][ T9384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.415483][ T6720] savu 0003:1E7D:2D5A.0019: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 251.566504][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.774983][ T9] usb 1-1: USB disconnect, device number 18 [ 251.797191][ T9403] netlink: 'syz.1.1236': attribute type 10 has an invalid length. [ 252.074409][ T9403] team0 (unregistering): Port device team_slave_0 removed [ 252.092012][ T9403] team0 (unregistering): Port device team_slave_1 removed [ 252.212600][ T5826] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 252.245538][ T9409] loop1: detected capacity change from 0 to 128 [ 252.253267][ T9409] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 252.392382][ T5826] usb 3-1: Using ep0 maxpacket: 16 [ 252.409143][ T5826] usb 3-1: config 162 has an invalid interface number: 251 but max is 0 [ 252.428084][ T5826] usb 3-1: config 162 has an invalid descriptor of length 0, skipping remainder of the config [ 252.444072][ T5826] usb 3-1: config 162 has no interface number 0 [ 252.450925][ T5826] usb 3-1: config 162 interface 251 altsetting 0 endpoint 0xB has invalid maxpacket 632, setting to 64 [ 252.464661][ T5826] usb 3-1: config 162 interface 251 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 1023 [ 252.502293][ T5826] usb 3-1: config 162 interface 251 altsetting 0 has an invalid endpoint with address 0xEE, skipping [ 252.530093][ T5826] usb 3-1: config 162 interface 251 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 252.543507][ T5826] usb 3-1: config 162 interface 251 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 252.557934][ T5826] usb 3-1: config 162 interface 251 altsetting 0 has 6 endpoint descriptors, different from the interface descriptor's value: 10 [ 252.574650][ T5826] usb 3-1: New USB device found, idVendor=0bb4, idProduct=10bf, bcdDevice=4e.35 [ 252.591851][ T5826] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.600192][ T5826] usb 3-1: Product: syz [ 252.628639][ T5826] usb 3-1: Manufacturer: syz [ 252.652478][ T5826] usb 3-1: SerialNumber: syz [ 252.670278][ T9405] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 252.682622][ T9405] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 252.694545][ T9405] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 253.961945][ T9429] loop1: detected capacity change from 0 to 40427 [ 253.971354][ T9429] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 253.978106][ T9429] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 253.991777][ T9429] F2FS-fs (loop1): Found nat_bits in checkpoint [ 254.033600][ T9429] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 254.040718][ T9429] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 254.076296][ T28] audit: type=1800 audit(1757458376.619:46): pid=9429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1246" name="bus" dev="loop1" ino=10 res=0 errno=0 [ 254.096858][ T28] audit: type=1800 audit(1757458376.619:47): pid=9429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1246" name="bus" dev="loop1" ino=10 res=0 errno=0 [ 254.118483][ T5786] syz-executor: attempt to access beyond end of device [ 254.118483][ T5786] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 254.137448][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 254.425477][ T6720] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 254.491641][ T9439] loop1: detected capacity change from 0 to 8192 [ 254.614155][ T6720] usb 1-1: Using ep0 maxpacket: 16 [ 254.622853][ T6720] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 254.634119][ T6720] usb 1-1: config 0 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 254.647138][ T6720] usb 1-1: config 0 interface 0 has no altsetting 0 [ 254.653889][ T6720] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00 [ 254.663259][ T6720] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.675076][ T6720] usb 1-1: config 0 descriptor?? [ 254.939293][ T5826] usb 3-1: USB disconnect, device number 15 [ 255.067774][ T9448] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 255.105061][ T6720] corsair 0003:1B1C:1B34.001A: hidraw0: USB HID v0.05 Device [HID 1b1c:1b34] on usb-dummy_hcd.0-1/input0 [ 255.538537][ T27] usb 1-1: USB disconnect, device number 19 [ 255.682247][ T55] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 255.866063][ T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.895567][ T55] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 255.905691][ T55] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.920573][ T55] usb 4-1: config 0 descriptor?? [ 256.067091][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.073707][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.250825][ T9471] loop1: detected capacity change from 0 to 2048 [ 256.267631][ T9471] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 256.298185][ T28] audit: type=1800 audit(1757458378.839:48): pid=9471 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1262" name=90F239201AF3D6ACEFFA46D6B98D2723FF75C6844CC73870F0813A3D7B5F9E6899C7013003F2AB7E296EA40F93A73AF69E584D6307717C85E26BD9B9EED02E7F59E4A759C36E3A8A7648B289A410783C012701FD4E8192B39B9E dev="loop1" ino=1368 res=0 errno=0 [ 256.349288][ T55] keytouch 0003:0926:3333.001B: fixing up Keytouch IEC report descriptor [ 256.367756][ T55] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.001B/input/input18 [ 256.452391][ T6720] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 256.473903][ T55] keytouch 0003:0926:3333.001B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0 [ 256.593218][ C1] usb 4-1: input irq status -75 received [ 256.672290][ T6720] usb 1-1: Using ep0 maxpacket: 16 [ 256.680608][ T6720] usb 1-1: config 105 has too many interfaces: 47, using maximum allowed: 32 [ 256.689605][ T6720] usb 1-1: config 105 has an invalid descriptor of length 0, skipping remainder of the config [ 256.699995][ T6720] usb 1-1: config 105 has 0 interfaces, different from the descriptor's value: 47 [ 256.710863][ T6720] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 256.720290][ T6720] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 256.728404][ T6720] usb 1-1: Manufacturer: syz [ 256.799226][ T5826] usb 4-1: USB disconnect, device number 16 [ 256.972584][ T6720] usb 1-1: USB disconnect, device number 20 [ 257.254326][ T9489] pim6reg1: entered promiscuous mode [ 257.259699][ T9489] pim6reg1: entered allmulticast mode [ 257.621691][ T9485] loop2: detected capacity change from 0 to 40427 [ 257.640792][ T9485] F2FS-fs (loop2): build fault injection attr: rate: 694, type: 0x7ffff [ 257.652555][ T9500] netlink: 'syz.0.1275': attribute type 1 has an invalid length. [ 257.660383][ T9485] F2FS-fs (loop2): invalid crc value [ 257.674205][ T9485] F2FS-fs (loop2): Found nat_bits in checkpoint [ 257.745907][ T9485] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 257.812455][ T9] IPVS: starting estimator thread 0... [ 257.855843][ T9485] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_page of f2fs_new_node_page+0x13a/0x910 [ 257.884059][ T28] audit: type=1804 audit(1757458380.419:49): pid=9485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1267" name="/newroot/333/file0/file1" dev="loop2" ino=10 res=1 errno=0 [ 257.916626][ T9509] IPVS: using max 17 ests per chain, 40800 per kthread [ 257.946322][ T9510] loop0: detected capacity change from 0 to 4096 [ 257.962843][ T5790] syz-executor: attempt to access beyond end of device [ 257.962843][ T5790] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 257.996057][ T5790] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 258.012880][ T9510] NILFS (loop0): invalid segment: Checksum error in segment payload [ 258.022867][ T9510] NILFS (loop0): trying rollback from an earlier position [ 258.084522][ T9510] NILFS (loop0): recovery complete [ 258.105172][ T9513] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 258.520248][ T9508] loop1: detected capacity change from 0 to 32768 [ 258.539045][ T9508] (syz.1.1278,9508,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 258.573036][ T9508] (syz.1.1278,9508,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 258.647870][ T9508] JBD2: Ignoring recovery information on journal [ 258.737949][ T9508] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 258.818895][ T9515] loop3: detected capacity change from 0 to 32768 [ 259.059502][ T5786] ocfs2: Unmounting device (7,1) on (node local) [ 259.450910][ T9526] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1285'. [ 259.499471][ T9519] loop2: detected capacity change from 0 to 40427 [ 259.532523][ T9519] F2FS-fs (loop2): Invalid log blocks per segment (83886089) [ 259.550255][ T9519] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 259.571063][ T9519] F2FS-fs (loop2): invalid crc value [ 259.588872][ T9519] F2FS-fs (loop2): Found nat_bits in checkpoint [ 259.676597][ T9519] F2FS-fs (loop2): Start checkpoint disabled! [ 259.695079][ T9519] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 259.714530][ T9519] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 259.724893][ T9532] netlink: 'syz.1.1287': attribute type 11 has an invalid length. [ 259.766882][ T9530] loop3: detected capacity change from 0 to 8192 [ 259.777783][ T28] audit: type=1800 audit(1757458382.319:50): pid=9519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1280" name="bus" dev="loop2" ino=10 res=0 errno=0 [ 259.807530][ T9530] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 259.825572][ T9530] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 259.841682][ T9530] REISERFS (device loop3): using ordered data mode [ 259.874729][ T9530] reiserfs: using flush barriers [ 259.897285][ T9530] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 259.965782][ T9530] REISERFS (device loop3): checking transaction log (loop3) [ 260.004061][ T9530] REISERFS (device loop3): Using r5 hash to sort names [ 260.024295][ T9530] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 260.041219][ T9545] loop0: detected capacity change from 0 to 128 [ 260.056994][ T1318] kworker/u4:6: attempt to access beyond end of device [ 260.056994][ T1318] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 260.074390][ T1318] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 260.081810][ T1318] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 260.091110][ T9545] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 260.097327][ T9530] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 3257, free_space(entry_count) 2 [ 260.126925][ T9545] hpfs: filesystem error: improperly stopped [ 260.133150][ T9545] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 260.140920][ T9545] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories [ 260.153879][ T9545] hpfs: You really don't want any checks? You are crazy... [ 260.167237][ T9545] hpfs: hpfs_map_sector(): read error [ 260.172809][ T9545] hpfs: code page support is disabled [ 260.182023][ T9545] hpfs: hpfs_map_4sectors(): unaligned read [ 260.189183][ T9545] hpfs: hpfs_map_4sectors(): unaligned read [ 260.201385][ T9530] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 540. Fsck? [ 260.217907][ T9545] hpfs: filesystem error: unable to find root dir [ 260.227829][ T9530] REISERFS (device loop3): Remounting filesystem read-only [ 260.240681][ T9530] REISERFS error (device loop3): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 3 0x0 SD] stat data [ 260.257856][ T9545] hpfs: hpfs_map_4sectors(): unaligned read [ 260.700062][ T9555] loop0: detected capacity change from 0 to 1024 [ 260.777591][ T9555] hfsplus: xattr searching failed [ 261.075839][ T9566] loop0: detected capacity change from 0 to 1024 [ 261.125697][ T9566] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 261.140479][ T9566] ext4 filesystem being mounted at /341/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 261.177077][ T9568] overlayfs: missing 'lowerdir' [ 261.214324][ T9551] loop1: detected capacity change from 0 to 40427 [ 261.224478][ T9551] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 261.231499][ T9551] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 261.271115][ T9551] F2FS-fs (loop1): heap/no_heap options were deprecated [ 261.294414][ T9551] F2FS-fs (loop1): invalid crc value [ 261.314542][ T9551] F2FS-fs (loop1): Found nat_bits in checkpoint [ 261.321903][ T9576] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: block 1: comm syz.0.1301: lblock 1 mapped to illegal pblock 1 (length 15) [ 261.380286][ T9576] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 117 [ 261.394024][ T9576] EXT4-fs (loop0): This should not happen!! Data will be lost [ 261.394024][ T9576] [ 261.406680][ T9551] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 261.417805][ T9581] nbd: illegal input index -1 [ 261.423996][ T9551] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 261.516437][ T5793] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.571372][ T9551] syz.1.1295: attempt to access beyond end of device [ 261.571372][ T9551] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 261.602545][ T9551] F2FS-fs (loop1): Remounting filesystem read-only [ 261.871683][ T9595] loop2: detected capacity change from 0 to 4096 [ 262.207517][ T9590] loop0: detected capacity change from 0 to 32768 [ 262.253063][ T9590] loop0: p9 p11 p16 [ 262.323509][ T9601] Bluetooth: hci0: load_link_keys: too big key_count value 3072 [ 262.602262][ T27] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 262.758666][ T9613] loop1: detected capacity change from 0 to 2048 [ 262.780447][ T9613] EXT4-fs (loop1): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 262.804530][ T27] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 262.822257][ T27] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 262.837775][ T27] usb 3-1: New USB device found, idVendor=0525, idProduct=a481, bcdDevice= 0.40 [ 262.854189][ T27] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=1 [ 262.862383][ T9613] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, [ 262.862699][ T27] usb 3-1: Manufacturer: syz [ 262.862719][ T27] usb 3-1: SerialNumber: syz [ 262.874028][ T27] usb 3-1: bad CDC descriptors [ 262.876377][ T9613] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 262.899332][ T9613] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 262.914476][ T9613] EXT4-fs (loop1): This should not happen!! Data will be lost [ 262.914476][ T9613] [ 262.931543][ T9613] EXT4-fs (loop1): Total free blocks count 0 [ 262.933023][ T9606] loop3: detected capacity change from 0 to 32768 [ 262.937939][ T9613] EXT4-fs (loop1): Free/Dirty block details [ 262.946778][ T9616] EXT4-fs error (device loop1): ext4_lookup:1858: inode #16: comm syz.1.1318: iget: bad i_size value: 8796093031208 [ 262.961462][ T9613] EXT4-fs (loop1): free_blocks=2415919104 [ 262.969168][ T9613] EXT4-fs (loop1): dirty_blocks=32 [ 262.973298][ T9606] JBD2: Ignoring recovery information on journal [ 262.980785][ T9613] EXT4-fs (loop1): Block reservation details [ 262.987019][ T9613] EXT4-fs (loop1): i_reserved_data_blocks=2 [ 263.021032][ T9606] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 263.052757][ T5786] EXT4-fs (loop1): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 263.098261][ T55] usb 3-1: USB disconnect, device number 16 [ 263.124387][ T5797] ocfs2: Unmounting device (7,3) on (node local) [ 263.156015][ T9620] loop1: detected capacity change from 0 to 128 [ 263.168804][ T9620] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 263.218197][ T9620] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 263.387102][ T9625] loop3: detected capacity change from 0 to 1024 [ 263.417329][ T9625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 263.509948][ T5797] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.613441][ T9636] netlink: 'syz.3.1323': attribute type 39 has an invalid length. [ 263.704924][ T9638] input: syz0 as /devices/virtual/input/input19 [ 263.792211][ T5826] usb 1-1: new full-speed USB device number 21 using dummy_hcd [ 263.974334][ T5826] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 263.996065][ T5826] usb 1-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config [ 264.012434][ T5826] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 264.027168][ T5826] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12336, setting to 64 [ 264.041753][ T5826] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 264.051410][ T5826] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 264.062587][ T5826] usb 1-1: Product: syz [ 264.066816][ T5826] usb 1-1: Manufacturer: syz [ 264.093404][ T5826] cdc_wdm 1-1:1.0: skipping garbage [ 264.098697][ T5826] cdc_wdm 1-1:1.0: skipping garbage [ 264.120958][ T5826] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 264.140310][ T5826] cdc_wdm 1-1:1.0: Unknown control protocol [ 264.298834][ T5826] usb 1-1: USB disconnect, device number 21 [ 264.405067][ T9659] loop2: detected capacity change from 0 to 4096 [ 264.455952][ T9662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1335'. [ 264.577282][ T9659] ntfs3: loop2: ino=1e, "file1" attr_set_size [ 264.784940][ T9676] atomic_op ffff88807af42998 conn xmit_atomic 0000000000000000 [ 265.278632][ T9693] tipc: Started in network mode [ 265.289510][ T9693] tipc: Node identity ff75fd7589343b37, cluster identity 4711 [ 265.297291][ T9693] tipc: Enabling of bearer rejected, failed to enable media [ 265.517765][ T9698] loop0: detected capacity change from 0 to 256 [ 265.530711][ T9698] exfat: Deprecated parameter 'utf8' [ 265.536308][ T55] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 265.557863][ T9698] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 265.722449][ T55] usb 2-1: Using ep0 maxpacket: 8 [ 265.732704][ T55] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 265.755761][ T55] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 265.783476][ T55] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 265.803699][ T55] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 265.841503][ T55] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 265.852988][ T55] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.080974][ T55] usb 2-1: GET_CAPABILITIES returned 0 [ 266.090569][ T55] usbtmc 2-1:16.0: can't read capabilities [ 266.134490][ T9680] loop2: detected capacity change from 0 to 131072 [ 266.143133][ T9680] F2FS-fs (loop2): Invalid log sectorsize (67108873) [ 266.149894][ T9680] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 266.160261][ T9680] F2FS-fs (loop2): invalid crc value [ 266.199620][ T9680] F2FS-fs (loop2): Found nat_bits in checkpoint [ 266.251497][ T9680] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 266.258804][ T9680] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 266.297631][ T7824] usb 2-1: USB disconnect, device number 16 [ 266.940716][ T9722] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1363'. [ 266.955002][ T9722] netlink: 'syz.0.1363': attribute type 1 has an invalid length. [ 267.098765][ T9727] loop0: detected capacity change from 0 to 256 [ 267.672861][ T55] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 267.682055][ T9733] loop2: detected capacity change from 0 to 32768 [ 267.695825][ T9733] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 scanned by syz.2.1357 (9733) [ 267.715831][ T9733] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 267.726422][ T9733] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 267.735332][ T9733] BTRFS info (device loop2): setting nodatacow, compression disabled [ 267.743507][ T9733] BTRFS info (device loop2): turning on flush-on-commit [ 267.750510][ T9733] BTRFS info (device loop2): using free space tree [ 267.761318][ T9746] mmap: syz.3.1372 (9746) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 267.794889][ T9733] BTRFS info (device loop2): enabling ssd optimizations [ 267.801914][ T9733] BTRFS info (device loop2): auto enabling async discard [ 267.882355][ T55] usb 1-1: Using ep0 maxpacket: 16 [ 267.905812][ T55] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 267.936780][ T55] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 267.967044][ T55] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 268.000116][ T55] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 268.068379][ T55] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.124705][ T55] usb 1-1: config 0 descriptor?? [ 268.214512][ T5790] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 268.402625][ T5826] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 268.547075][ T55] HID 045e:07da: Invalid code 65791 type 1 [ 268.597061][ T55] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.001C/input/input20 [ 268.601512][ T5826] usb 2-1: Using ep0 maxpacket: 32 [ 268.635479][ T55] microsoft 0003:045E:07DA.001C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 268.643837][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 268.658782][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 268.677454][ T5826] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 268.692346][ T5826] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.704312][ T5826] usb 2-1: config 0 descriptor?? [ 268.751485][ T55] usb 1-1: USB disconnect, device number 22 [ 268.994326][ T9786] loop3: detected capacity change from 0 to 2048 [ 269.019242][ T9788] loop2: detected capacity change from 0 to 2048 [ 269.028011][ T9789] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 269.067907][ T9788] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 269.138453][ T5826] ft260 0003:0403:6030.001D: unknown main item tag 0x0 [ 269.169736][ T1014] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 269.188914][ T1014] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 269.201469][ T1014] EXT4-fs (loop2): This should not happen!! Data will be lost [ 269.201469][ T1014] [ 269.211935][ T1014] EXT4-fs (loop2): Total free blocks count 0 [ 269.218692][ T1014] EXT4-fs (loop2): Free/Dirty block details [ 269.224883][ T1014] EXT4-fs (loop2): free_blocks=4096 [ 269.230120][ T1014] EXT4-fs (loop2): dirty_blocks=512 [ 269.235453][ T1014] EXT4-fs (loop2): Block reservation details [ 269.241450][ T1014] EXT4-fs (loop2): i_reserved_data_blocks=32 [ 269.249187][ T1318] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 480 with error 28 [ 269.334998][ T5826] ft260 0003:0403:6030.001D: chip code: 6424 8183 [ 269.387827][ T9798] 9pnet: p9_errstr2errno: server reported unknown error @cƒF Sÿÿÿÿ [ 269.432274][ T55] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 269.477936][ T9802] loop2: detected capacity change from 0 to 256 [ 269.487580][ T9802] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 269.499006][ T9802] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 269.519365][ T9802] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 269.537679][ T5826] ft260 0003:0403:6030.001D: failed to retrieve system status [ 269.546507][ T5826] ft260: probe of 0003:0403:6030.001D failed with error -71 [ 269.557283][ T5826] usb 2-1: USB disconnect, device number 17 [ 269.634693][ T55] usb 4-1: Using ep0 maxpacket: 8 [ 269.650887][ T55] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 269.661915][ T55] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 269.674330][ T55] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 269.684466][ T55] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 269.692509][ T9806] syzkaller1: entered promiscuous mode [ 269.694782][ T55] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 269.701347][ T9806] syzkaller1: entered allmulticast mode [ 269.713169][ T55] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 269.713200][ T55] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.752219][ T1186] usb 1-1: new full-speed USB device number 23 using dummy_hcd [ 269.878499][ T9808] loop2: detected capacity change from 0 to 16 [ 269.888302][ T9808] erofs: (device loop2): mounted with root inode @ nid 36. [ 269.907147][ T9808] syz.2.1391: attempt to access beyond end of device [ 269.907147][ T9808] loop2: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 269.922022][ T9808] syz.2.1391: attempt to access beyond end of device [ 269.922022][ T9808] loop2: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 269.932852][ T55] usb 4-1: usb_control_msg returned -32 [ 269.941116][ T55] usbtmc 4-1:16.0: can't read capabilities [ 269.942311][ T9808] syz.2.1391: attempt to access beyond end of device [ 269.942311][ T9808] loop2: rw=0, sector=8, nr_sectors = 16 limit=16 [ 269.967239][ T1186] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 269.978452][ T1186] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 269.991051][ T1186] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.005006][ T1186] usb 1-1: config 0 descriptor?? [ 270.011099][ T9801] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 270.047136][ T9809] page:ffffea0000b776c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2dddb [ 270.058486][ T9809] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 270.065872][ T9809] page_type: 0xffffffff() [ 270.070310][ T9809] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 270.079170][ T9809] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 270.087936][ T9809] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg && !mem_cgroup_disabled()) [ 270.097364][ T9809] page_owner tracks the page as allocated [ 270.104073][ T9809] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x100cc0(GFP_USER), pid 5790, tgid 5790 (syz-executor), ts 270027518254, free_ts 270027389692 [ 270.120281][ T9809] post_alloc_hook+0x1cd/0x210 [ 270.125234][ T9809] get_page_from_freelist+0x195c/0x19f0 [ 270.131249][ T9809] __alloc_pages+0x1e3/0x460 [ 270.136078][ T9809] __get_free_pages+0xc/0x30 [ 270.140782][ T9809] kasan_populate_vmalloc_pte+0x35/0x100 [ 270.146654][ T9809] __apply_to_page_range+0x878/0xdb0 [ 270.152050][ T9809] alloc_vmap_area+0x1b4a/0x1c70 [ 270.157157][ T9809] __get_vm_area_node+0x162/0x370 [ 270.162321][ T9809] __vmalloc_node_range+0x36e/0x1320 [ 270.167706][ T9809] vzalloc+0x79/0x90 [ 270.171722][ T9809] alloc_counters+0xd0/0x690 [ 270.176445][ T9809] do_ipt_get_ctl+0xa91/0x1140 [ 270.181319][ T9809] nf_getsockopt+0x262/0x280 [ 270.186056][ T9809] ip_getsockopt+0x1c1/0x210 [ 270.190740][ T9809] do_sock_getsockopt+0x368/0x440 [ 270.195912][ T9809] __x64_sys_getsockopt+0x1d6/0x280 [ 270.201204][ T9809] page last free stack trace: [ 270.205970][ T9809] free_unref_page_prepare+0x7ce/0x8e0 [ 270.211882][ T9809] free_unref_page+0x32/0x2e0 [ 270.216715][ T9809] vfree+0x1a6/0x320 [ 270.220730][ T9809] do_ipt_get_ctl+0xea1/0x1140 [ 270.225719][ T9809] nf_getsockopt+0x262/0x280 [ 270.230403][ T9809] ip_getsockopt+0x1c1/0x210 [ 270.235512][ T9809] do_sock_getsockopt+0x368/0x440 [ 270.240598][ T9809] __x64_sys_getsockopt+0x1d6/0x280 [ 270.246068][ T9809] do_syscall_64+0x55/0xb0 [ 270.250560][ T9809] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 270.257380][ T9809] ------------[ cut here ]------------ [ 270.262957][ T9809] WARNING: CPU: 0 PID: 9809 at include/linux/memcontrol.h:764 folio_lruvec_lock_irqsave+0x212/0x270 [ 270.273855][ T9809] Modules linked in: [ 270.277919][ T9809] CPU: 0 PID: 9809 Comm: syz-executor Not tainted syzkaller #0 [ 270.285605][ T9809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 270.295769][ T9809] RIP: 0010:folio_lruvec_lock_irqsave+0x212/0x270 [ 270.302289][ T9809] Code: 4c 89 f7 e8 c0 32 f9 ff 48 8b 04 24 49 89 06 e9 1c ff ff ff 48 89 df 48 c7 c6 80 ba b6 8a e8 05 a9 e1 ff c6 05 a9 8f 51 0c 01 <0f> 0b e9 1b fe ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 9d fe [ 270.322011][ T9809] RSP: 0018:ffffc90003697898 EFLAGS: 00010246 [ 270.328280][ T9809] RAX: 32468d5c32086800 RBX: ffffea0000b776c0 RCX: 32468d5c32086800 [ 270.336750][ T9809] RDX: 0000000000000004 RSI: ffffffff8aaacc20 RDI: ffffffff8afc70c0 [ 270.344969][ T9809] RBP: ffffc90003697940 R08: ffffffff8e4a922f R09: 1ffffffff1c95245 [ 270.353051][ T9809] R10: dffffc0000000000 R11: fffffbfff1c95246 R12: ffff8880b8e36e68 [ 270.361077][ T9809] R13: dffffc0000000000 R14: ffff8880234fa000 R15: 0000000000000000 [ 270.369269][ T9809] FS: 000055556de1f500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 270.378406][ T9809] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 270.385272][ T9809] CR2: 000055556de1f7d0 CR3: 000000001b649000 CR4: 00000000003506f0 [ 270.393356][ T9809] Call Trace: [ 270.396677][ T9809] [ 270.399670][ T9809] ? folio_memcg+0x127/0x480 [ 270.404377][ T9809] folio_batch_move_lru+0x2d8/0x6b0 [ 270.409640][ T9809] ? __mod_lruvec_page_state+0xa5/0x420 [ 270.415291][ T9809] ? folio_add_lru+0xd50/0xd50 [ 270.420107][ T9809] ? lru_add_drain_cpu+0x8c0/0x8c0 [ 270.425325][ T9809] ? __mod_lruvec_page_state+0xa5/0x420 [ 270.430939][ T9809] ? __mod_lruvec_page_state+0x23f/0x420 [ 270.436927][ T9809] ? folio_batch_add_and_move+0x9a/0x2b0 [ 270.442961][ T9809] ? folio_add_lru+0xd50/0xd50 [ 270.447783][ T9809] ? folio_add_lru+0x320/0xd50 [ 270.452675][ T9809] folio_add_lru+0x434/0xd50 [ 270.457322][ T9809] do_wp_page+0x1e4c/0x3630 [ 270.461896][ T9809] ? do_wp_page+0x16a7/0x3630 [ 270.466751][ T9809] ? folio_put+0xd0/0xd0 [ 270.471060][ T9809] ? do_raw_spin_lock+0x121/0x2c0 [ 270.476630][ T9809] ? __rwlock_init+0x150/0x150 [ 270.481457][ T9809] ? handle_mm_fault+0xd1/0x4920 [ 270.486495][ T9809] handle_mm_fault+0x12d4/0x4920 [ 270.491497][ T9809] ? handle_mm_fault+0xd1/0x4920 [ 270.496556][ T9809] ? numa_migrate_prep+0x350/0x350 [ 270.501794][ T9809] ? lock_mm_and_find_vma+0x9c/0x300 [ 270.507181][ T9809] do_user_addr_fault+0x738/0x12e0 [ 270.512411][ T9809] exc_page_fault+0x67/0x110 [ 270.517105][ T9809] ? __lock_acquire+0x7c80/0x7c80 [ 270.522236][ T9809] asm_exc_page_fault+0x26/0x30 [ 270.527135][ T9809] RIP: 0010:__put_user_4+0x11/0x20 [ 270.532419][ T9809] Code: 01 ca c3 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb [ 270.552644][ T9809] RSP: 0018:ffffc90003697ef8 EFLAGS: 00050202 [ 270.558895][ T9809] RAX: 0000000000000325 RBX: 0000000000000000 RCX: 000055556de1f7d0 [ 270.567030][ T9809] RDX: 0000000000000000 RSI: ffffffff8aaacc20 RDI: ffffffff8afc70c0 [ 270.575180][ T9809] RBP: 0000000000000000 R08: ffffffff8e4a922f R09: 1ffffffff1c95245 [ 270.583342][ T9809] R10: dffffc0000000000 R11: fffffbfff1c95246 R12: 1ffff1100a158492 [ 270.591369][ T9809] R13: 0000000000000000 R14: ffff888050ac1e00 R15: dffffc0000000000 [ 270.599543][ T9809] schedule_tail+0x93/0xb0 [ 270.604059][ T9809] ret_from_fork+0x24/0x80 [ 270.608542][ T9809] ret_from_fork_asm+0x11/0x20 [ 270.613468][ T9809] [ 270.616526][ T9809] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 270.623835][ T9809] CPU: 0 PID: 9809 Comm: syz-executor Not tainted syzkaller #0 [ 270.631409][ T9809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 270.641505][ T9809] Call Trace: [ 270.644826][ T9809] [ 270.647795][ T9809] dump_stack_lvl+0x16c/0x230 [ 270.652531][ T9809] ? show_regs_print_info+0x20/0x20 [ 270.657790][ T9809] ? load_image+0x3b0/0x3b0 [ 270.662353][ T9809] panic+0x2c0/0x710 [ 270.666305][ T9809] ? bpf_jit_dump+0xd0/0xd0 [ 270.670844][ T9809] ? ret_from_fork_asm+0x11/0x20 [ 270.675816][ T9809] __warn+0x2e0/0x470 [ 270.679822][ T9809] ? folio_lruvec_lock_irqsave+0x212/0x270 [ 270.685652][ T9809] ? folio_lruvec_lock_irqsave+0x212/0x270 [ 270.691473][ T9809] report_bug+0x2be/0x4f0 [ 270.695918][ T9809] ? folio_lruvec_lock_irqsave+0x212/0x270 [ 270.701746][ T9809] ? folio_lruvec_lock_irqsave+0x212/0x270 [ 270.707571][ T9809] ? folio_lruvec_lock_irqsave+0x214/0x270 [ 270.713399][ T9809] handle_bug+0xcf/0x120 [ 270.717665][ T9809] exc_invalid_op+0x1a/0x50 [ 270.722191][ T9809] asm_exc_invalid_op+0x1a/0x20 [ 270.727057][ T9809] RIP: 0010:folio_lruvec_lock_irqsave+0x212/0x270 [ 270.733488][ T9809] Code: 4c 89 f7 e8 c0 32 f9 ff 48 8b 04 24 49 89 06 e9 1c ff ff ff 48 89 df 48 c7 c6 80 ba b6 8a e8 05 a9 e1 ff c6 05 a9 8f 51 0c 01 <0f> 0b e9 1b fe ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 9d fe [ 270.753133][ T9809] RSP: 0018:ffffc90003697898 EFLAGS: 00010246 [ 270.759219][ T9809] RAX: 32468d5c32086800 RBX: ffffea0000b776c0 RCX: 32468d5c32086800 [ 270.767205][ T9809] RDX: 0000000000000004 RSI: ffffffff8aaacc20 RDI: ffffffff8afc70c0 [ 270.775193][ T9809] RBP: ffffc90003697940 R08: ffffffff8e4a922f R09: 1ffffffff1c95245 [ 270.783179][ T9809] R10: dffffc0000000000 R11: fffffbfff1c95246 R12: ffff8880b8e36e68 [ 270.791169][ T9809] R13: dffffc0000000000 R14: ffff8880234fa000 R15: 0000000000000000 [ 270.799172][ T9809] ? folio_lruvec_lock_irqsave+0x20b/0x270 [ 270.804997][ T9809] ? folio_memcg+0x127/0x480 [ 270.809610][ T9809] folio_batch_move_lru+0x2d8/0x6b0 [ 270.814823][ T9809] ? __mod_lruvec_page_state+0xa5/0x420 [ 270.820393][ T9809] ? folio_add_lru+0xd50/0xd50 [ 270.825191][ T9809] ? lru_add_drain_cpu+0x8c0/0x8c0 [ 270.830324][ T9809] ? __mod_lruvec_page_state+0xa5/0x420 [ 270.835897][ T9809] ? __mod_lruvec_page_state+0x23f/0x420 [ 270.841555][ T9809] ? folio_batch_add_and_move+0x9a/0x2b0 [ 270.847206][ T9809] ? folio_add_lru+0xd50/0xd50 [ 270.851984][ T9809] ? folio_add_lru+0x320/0xd50 [ 270.856760][ T9809] folio_add_lru+0x434/0xd50 [ 270.861369][ T9809] do_wp_page+0x1e4c/0x3630 [ 270.865902][ T9809] ? do_wp_page+0x16a7/0x3630 [ 270.870608][ T9809] ? folio_put+0xd0/0xd0 [ 270.874879][ T9809] ? do_raw_spin_lock+0x121/0x2c0 [ 270.879932][ T9809] ? __rwlock_init+0x150/0x150 [ 270.884726][ T9809] ? handle_mm_fault+0xd1/0x4920 [ 270.889685][ T9809] handle_mm_fault+0x12d4/0x4920 [ 270.894646][ T9809] ? handle_mm_fault+0xd1/0x4920 [ 270.899705][ T9809] ? numa_migrate_prep+0x350/0x350 [ 270.904853][ T9809] ? lock_mm_and_find_vma+0x9c/0x300 [ 270.910159][ T9809] do_user_addr_fault+0x738/0x12e0 [ 270.915301][ T9809] exc_page_fault+0x67/0x110 [ 270.920006][ T9809] ? __lock_acquire+0x7c80/0x7c80 [ 270.925048][ T9809] asm_exc_page_fault+0x26/0x30 [ 270.929912][ T9809] RIP: 0010:__put_user_4+0x11/0x20 [ 270.935057][ T9809] Code: 01 ca c3 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb [ 270.955050][ T9809] RSP: 0018:ffffc90003697ef8 EFLAGS: 00050202 [ 270.961149][ T9809] RAX: 0000000000000325 RBX: 0000000000000000 RCX: 000055556de1f7d0 [ 270.969134][ T9809] RDX: 0000000000000000 RSI: ffffffff8aaacc20 RDI: ffffffff8afc70c0 [ 270.977120][ T9809] RBP: 0000000000000000 R08: ffffffff8e4a922f R09: 1ffffffff1c95245 [ 270.985106][ T9809] R10: dffffc0000000000 R11: fffffbfff1c95246 R12: 1ffff1100a158492 [ 270.993177][ T9809] R13: 0000000000000000 R14: ffff888050ac1e00 R15: dffffc0000000000 [ 271.001177][ T9809] schedule_tail+0x93/0xb0 [ 271.005620][ T9809] ret_from_fork+0x24/0x80 [ 271.010056][ T9809] ret_from_fork_asm+0x11/0x20 [ 271.014942][ T9809] [ 271.018346][ T9809] Kernel Offset: disabled [ 271.022700][ T9809] Rebooting in 86400 seconds..