last executing test programs: 3.422442095s ago: executing program 5 (id=633): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a40)={0x14, r1, 0x1}, 0x14}}, 0x0) 3.201607627s ago: executing program 5 (id=636): prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x10) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00') preadv(r0, &(0x7f0000000340)=[{&(0x7f0000000180)=""/112, 0x70}], 0x1, 0x0, 0x0) 3.121675842s ago: executing program 4 (id=637): r0 = memfd_create(&(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaaSc\xf3]WhI\xf4\x89\x85!mPl\x90\xa5\x93\x19\f\x9a\xae\xd5a\x9bU5\x1a\x86\x9d)5y\xef\x90\xea5\x81\xfeO;\xd4zh?\xbdW\xe0\x84\xe6\x9d\xcb\xcd\xb6\xad3\x7fWY\x02\xa2\x8baG\x00\x0e\x8e/\xc1\xaf\xd0\xbcH9\x04\x00\x00\x00z\x16\xdf\xf3hLpLaA\x89n]>,^M\x82\x8e\xe40\x97_\x809y)Z\xeb\x9d\xbawv\xe9\xc0\x16\xdc\xf5\xcb\xdb\x96\xd6\xba@\xa7\x1bl\xca\xe0\x1e3\x81\xc6S\x86\xf7\xf0\xba\x1b\x14N\xa2\x04\xdb\xb5X\xe4y\xef\xe8\xdb\xd5r\x11\xfb\xe4v\xbcV\xbb\x00\x96CR\xe0~5\x16=:A2\x9c\b\xd9\xa0CB\r\xe9\xb8$\xfe\x8d\xb1Gg\xa9\xac<\xbf\x10]\b9\xd9\x89\xaf\xa6\xd1\x10\x1fq\xba\x06_NW\xdb67Xv(\xa8\xce\x1b\xe6\xbd\x947\x8f)8\xe5\xb3\xac;\x7f+\xf67\xea\x1ei\x92w-)\xa1B/M\x0e7:9\xdb~V\xb7\xd5\x13^v\x14\xe6O\xea\x00\x87\x8dkG\xdf%\xebe\x83\xb97\x01| \xb3\xd8W\xe8o\x17\x97\xd9\x14o\x92\xb9\x9a\x8c\xd7\xcf\xa2\x11\xc3\xa5\xb3\xd2\xdeQ\xa7\x05\x7f\x99Lq(\xcd\\\xa2y\x14or\x1efn\xf2\x97\x96c\xda7\t,', 0x5) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000002, 0x4010012, r0, 0x0) ftruncate(r0, 0x0) 2.981735243s ago: executing program 3 (id=638): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xdf}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port1\x00', 0x31, 0x20055, 0xfcffffff, 0xe33, 0x4000000, 0x32, 0x5, 0x0, 0x5}) 2.921523071s ago: executing program 4 (id=640): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x13, &(0x7f0000000000)={&(0x7f0000000140)=@bridge_delneigh={0x30, 0x1c, 0x1, 0x0, 0x3, {0x7, 0x0, 0x0, r1, 0x80, 0xb2}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}}, @NDA_VLAN={0x6, 0x5, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x4bd5c6fa5c6152b9}, 0x40800) 2.778584319s ago: executing program 5 (id=642): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x21041, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x3) ioctl$TCFLSH(r0, 0x540b, 0x2) 2.637520675s ago: executing program 3 (id=643): syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000040)='./file2\x00', 0x2080c2, &(0x7f0000001340)=ANY=[], 0x1, 0xac5, &(0x7f00000001c0)="$eJzs3V2MXFUBAOBzZ3e2f1s7xVa2tEARDfjDLltaBSu0hCZqTGoTH0zAl6aU2nSpxhIihIRCojExBBJCn3woxhdfIGoM8GIqD4aYQIzRkPiExNcaSXwgRhizs+fMzp7O9M5sd3dmdr4vOXvm3nPvPefO3rlz597zE4CRVWn83b9/YwjhpTdePHLjy289Pz/nUHOJWuPveMtUNYRQxOnxbHvvjS3EH33w1Il2cRH2Nf6m6XD0cnPdLSGE82FvuBRq4bmHLoy/+9rRd14JZx4/duTt11dn7xcVq50BAAAMgGOXDu7f+Y8/797+31dvOhw2NOen6/NanJ6M1/2H44Vyul6uhKXTRUtoNZEtNx5DJVturM1yrflUs+XGO+Q/kW232mG5DSX5j7XMa7ffMMzScVwLRWV6yXSlMj298Js8NH7XTxTTZ0/PPXKuTwUFVtx/bg4h7BVGM+y+pf9lEPoZ6tv6fQYCWJA/L7zC+ZV9Utfc2nh3+V++v9J+/RbVFS0ho+BnP971rdCH4z8n/8HO/5fPqKnAylmHR9Nft7bsV/ocTcbp/DlCXn+p189/2l7+PKLba4BOzxGG5flCp3KOrXE5lqtT+fPjYr26N8bpfbgvS4+fg8bjtPx/Oiz/Y6C9D4fl/n8YgDIIwlXCrqL/Zeg11Pt8/gEGV15vrh6l9LxeX56+oSR9Y0n6ppL0zSXpoct0GEW/fez58EKxeL8r/03f6/2wyWwTn+ixPPn9yF7zz+v9dq+6Ivnn9YlhoG3544W7H37wLwv1/4vm8f9xPN73xula/Gxdiguk+4X5ffVm3f/a0mwqHZa7LivO1jbLN17vWLpcsWNxO6HlPHNFOabSGgt3dLd1Wm7P0u3XsuU2xbAxK29+fbI5Wy/Vn04nxcklpVnc32rLfvx76+J5LJUjnVe2xzgvByxHOh6X1v+fP/oa9f+bj7GmQrV45PTcyTvjdPq8vTVW3TA/f3atCw5cs27b/0yFpe1/Jpvzq5XW88K2xflF63mhls3f12H+XXE6fc99b2xTY/70ie/PPbyk5PGH/NMr8z7AKDr3xJNnjs/Nnfzhar6Yz2iVs1iHL8L5EAagGMt9kY6wQSmPF928SP+143P9OiMBa2XmsUd/MHPuiSfvOP3o8VMnT508O3tg9u57DszOfumemcZ1/Uzr1f16rC4Mo2vx27/fJQEAAAAAAAAAAAC6der9mYt/e/PLf19o/7/Y/i+1/081f1P7/59m7f+zZv7NCsKpHWBqx3dFe/usg9WJbLlqDJ/Mtr8jy2dntt6nYtwcxy+2/0/Z5f26pvJcn83P++9Ny01l8/P+UiayPkiK8JPNreX7dIyf/d9CF0S/CNBHxab2s2Nc1r91OtZT/xT6pRhO6f+WjobUj8mWeCik9t6pv5LU/0M6/29fm2KywtaiXWG/9xFo71/D0v/3ckK6iOl3OQRhQEO9bhQPYDD0e/zPdN8zxWd//42N8yEtdvn+pefLvP9SuBaDPv7kesv/mT7nn+ti/M8VHV64Of5d1+e/bMS8/AFQlw4++81/tmQbbug2/3z809QP9I7e8v9qzD/tzW2hu/zrL2f55w+EunRvlv/mLvO/Yv/3LC//+2L+6W27/dZu818ocVFZWo78vnF6/pfuG38ny/9Qtv+pb8+e93+ZAzUejvnDKBuWcWZ7NSzj/3aS18M4EKfTiTDVc8jHO+m1/Kl+Rfoe2Jltvyj5frvq+L9D8DC4TfnrT9frPx+VcVy+EuOyz8Nk/J+m47HWZrrSMl1t896u13MNDKv31uHzv8Y5bADKIaxA2DQAZbj2sPC12jovfRlebb0/rH7Z6vV6X/v01aFwf/X7/e/30+d+59/v979MPv5vfg2fj/+bp+fj/347S8/H/83Xz8fXy9Pz8X/z93NL+/TmL9Prs+3m4wNPlaTvKkm/oSR9d0n6npL0G0vSbylJv6kk/eaS9OtK0m8NXw+t8vTPlKz/2c7pH7Yu2mn920u2/7mS9PUutUcZ1f2HUZa3z/P5h9GRnv90+vzvKEkHhteFV2cfePA3360ttP+faN4PSc/xDsfpavzt/KM4nT/3Di3T82lvxun3s/RBv98BoyTvPyP/fr+tJB0YXqmel883jKCifSXN/Hlbs9+qGKd+qzpd5zNcPh/jL8T4izG+I8bTMZ6J8WyM961R+VgdD/z6dwdfKBZ/72/L0rutT563B8r7ibqry/Lk9wd6rc+e9+PXq2vNf5nNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPqm0vi7f/9UEcJLb7x45OKfvvar+TmHmkvUGn/HW6aqzfVCuDPGYzG+GF989MFTJ1rjj2NchH2hCEVzfjh6uZnTlhDC+bA3XAq18NxDF8bffe3oO6+EM48fO/L266v3DiwoVjsDAAAA6KP/BwAA//8LwBbF") mkdir(&(0x7f00000000c0)='./file1\x00', 0x154) mount(0x0, 0x0, 0x0, 0x0, 0x0) 2.596271289s ago: executing program 4 (id=644): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000500)={0x14, r1, 0x1, 0x0, 0x0, {0x7}}, 0x14}}, 0x0) 2.575787163s ago: executing program 5 (id=645): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) close(r0) move_mount(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', r0, 0x0, 0x262) 2.261463277s ago: executing program 5 (id=649): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000040)=0x7, 0x4) 2.224254029s ago: executing program 4 (id=650): r0 = syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x0) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000100)=0x21) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000280)={"54ec36e6", 0x3, 0x6, 0x6, 0x10001, 0xfffff14e, "785144b84ef7ebe60630484ac7b0c8", "8000", "cd5ca376", "b4538793", ["1a99d11773947bbc54a7e33f", "7d2dd431950208ccfab8907c", "113bd782b5dd4faa927d715f", "6e36525b23ac564cef69ea62"]}) 1.838389934s ago: executing program 4 (id=653): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000000000000040c0000200c00000002000000000000796a961d50a876d15aca28b96ace9c624cd2b1e1da940c996b489798e990a8aec24732cac8f2e78dd6d917cf2c33fb397c9822f528c0ed4c090021df7a627d7602e08bc40bb11e53bbe9bc26b4ccf9b0ae47e3ddb3d51c264eee11c306dbc1a0a1cc1454855cc769da838044863431043e0b4e42fbb6dd729c0420a8cce601bd8a382d7ddd870e91c4b7febbb4a1af6c7624a7e63977535062aa9d6d192d976a8e28e08975bd766cddfbc754c4d49ec59d4ec55e144549e4ea2afdff6b7b940000000000000000000000000000003cadf888851c752f09ab2e05510dcae74a1196fc40c1f4202de07f776c1149c230f0d79984e676cf28607b13881ef7978c8c4ef9447a7ec9147adf2e78b2dc"], &(0x7f0000001f80)=""/226, 0x26, 0x81, 0x2}, 0x20) 1.758642999s ago: executing program 0 (id=654): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x11, 0x60, &(0x7f0000000580)={'filter\x00', 0x7, 0x4, 0x3f0, 0x110, 0x110, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@arp={@local, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff, 0xff, 0xf, 0x1, {@mac=@broadcast, {[0xff]}}, {@empty, {[0x0, 0x0, 0xff, 0xff, 0x0, 0xff]}}, 0x9, 0x8000, 0x4, 0x0, 0x305, 0x9, 'macsec0\x00', 'bridge_slave_0\x00', {0xff}, {0xff}, 0x0, 0x50}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr=0x64010102, @broadcast, 0x1, 0xffffffff}}}, {{@arp={@multicast2, @broadcast, 0xff, 0xffffffff, 0x7, 0x4, {@mac, {[0xff, 0xff, 0xff, 0x0, 0x0, 0xff]}}, {@empty, {[0xff, 0x0, 0xff, 0xff, 0xff, 0xff]}}, 0x1000, 0x6, 0x6, 0x7f, 0x7, 0x5, 'veth1_to_hsr\x00', 'ip6_vti0\x00', {}, {0xff}, 0x0, 0x54}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @loopback, @private=0xa010100, 0x2, 0x1}}}, {{@arp={@rand_addr=0x64010100, @multicast2, 0xffffff00, 0xffffffff, 0xd, 0x7, {@empty, {[0x0, 0x0, 0xff, 0xff]}}, {@empty, {[0x0, 0x0, 0xff, 0x0, 0xff]}}, 0xd073, 0x3, 0x1, 0x5e6, 0x7f, 0x5e77, '\x00', 'veth1_to_bridge\x00', {}, {0xff}, 0x0, 0x201}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0xfffffff4}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) 1.632594499s ago: executing program 3 (id=655): r0 = socket(0x15, 0x5, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c) getsockname$packet(r0, 0x0, &(0x7f0000000500)) 1.558687877s ago: executing program 0 (id=657): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7}) fcntl$lock(r0, 0x24, &(0x7f00000000c0)={0x1, 0x2, 0x7, 0x10000000000007}) 1.549084467s ago: executing program 4 (id=658): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x22, {[@main=@item_4={0x3, 0x0, 0x8, "7df6b1c9"}, @main=@item_4={0x3, 0x0, 0xa, "2c4f7c1c"}, @main=@item_012={0x2, 0x0, 0xa, '\b\x00'}, @local=@item_4={0x3, 0x2, 0x7, "b53ea1ab"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @local=@item_012={0x2, 0x2, 0x1, "f5f0"}, @local=@item_4={0x3, 0x2, 0x3, "09007a15"}, @global=@item_012={0x2, 0x1, 0x4, "e516"}]}}, 0x0}, 0x0) 1.487329971s ago: executing program 1 (id=659): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x2d, 0x0, 0x0, 0xcbf, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, 0x700, 0x8, 0x101, 0xd66}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x2, 0x4038a09, 0x4, @loopback={0xe0}, @mcast2={0xff, 0x5}, 0x0, 0x0, 0x0, 0x5}}) 1.343783765s ago: executing program 0 (id=660): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000002c0)={'rose0\x00', 0x1}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000300)={'rose0\x00', 0x4000}) 1.244482033s ago: executing program 5 (id=661): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "0100"}, @global=@item_012={0x2, 0x1, 0x0, "0100"}, @main=@item_4, @local=@item_012={0x2, 0x2, 0x2, "90a0"}, @global=@item_4={0x3, 0x1, 0x2}, @main=@item_4={0x3, 0x0, 0xb, "813e2503"}, @local=@item_4={0x3, 0x2, 0x1, "dde84050"}, @local=@item_4={0x3, 0x2, 0x3, "5d8c3dda"}]}}, 0x0}, 0x0) 1.239254562s ago: executing program 2 (id=662): r0 = syz_open_dev$admmidi(&(0x7f0000000000), 0x2, 0x1a9882) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000040)={0x0, 0x10001, 0x3c, 0x0, 0x9}) close(0x3) 1.227843083s ago: executing program 1 (id=663): r0 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70fd2d, 0x400, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x6, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0xfffe, 0x4]}}}}]}, 0x88}}, 0x20000000) 1.227679834s ago: executing program 3 (id=664): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xd, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8001}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 1.096956541s ago: executing program 0 (id=665): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000c200000095"], &(0x7f0000000300)='GPL\x00', 0x4, 0x1002, &(0x7f00000014c0)=""/4098, 0x0, 0x1}, 0x94) 1.037621063s ago: executing program 1 (id=666): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r0, 0x6, 0x5, &(0x7f00000001c0)=0x1, 0x4) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10) 1.037040801s ago: executing program 2 (id=667): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r1, 0xf21, 0x70bd28, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) 862.723575ms ago: executing program 3 (id=668): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x1010008, &(0x7f0000000380)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d6e6f6e652c726f6469722c726f6469722c757466383d302c726f6469722c726f6469722c636f6465706167653d3934392c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c696f636861727365743d63703836342c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e39352c73686f72746e616d653d6d697865642c757466383d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c0045c6f02ebfabbe54569b2da8d0e207d1f93a006501170e3dce95ae1ddbfd7a2c2b7a167a54544601bb082596ee4c6ac382ec4bbe6f9622aea661fe27ec8899fe1672be39602f3916a919dab028979c87d0683095df57bf3d709909321748108141ab0f72301af71b1cc07654949ca97d4f249cd01ed9359345de90446a6280f18a98e77d6e401e6038529c3fdc59b7c95b351ead2ec5afbfc83597e30f23e5ebd1f1ec839879700ccacb4a13fcb9955f24ded2420b580b3631bbf33d625fea3a53a4cd51ccbf7ac80e4d354e3b09a5601e4afee865"], 0x1, 0x369, &(0x7f0000000700)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ9nkZy+57znnPtDcntJTp5bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6//+fOazNzEEVr5zIlACAEzZ2///efdW1akQtqsWf1dKnAgCA0+qJp595dGkl4vFGYyZi7c3N5mYzHhrWL12Ol6ITq3EuZuNmRH6h0H2o9B4vXFxZPtdoNHbip7loRsRUP7GZXyksZb38eizEbMz187uXGqlXzi58srK80OiJiN2d3vixVtlsTsfZ/vjfn43V4YVH0UnvKeLiyvL5Rr+D5lqRvxOxN7xv0Z3/fMzGt88Pukmp+ATjyvKVhWLSw/zNZj0uDfbCgXdAAAAAAAAAAAAAAAAAAAAAAADgtsw3BuYG6+ek7nO+Us78/IT63vo4eX5/faC9fH2gVE+R0m+vPdB8K4t96wONrs+zaSFBAAAAAAAAAAAAAAAAAAAAGNjYqkWr01ld39jabpcLO+sbW1MR0Y28/PVHX5yJ8Ta3KFTzIeoRgyEa/WG3262UFY1TFjGennUHLyIffDqYcblNfbAVE6dRP7iq0/nfPT++O4zcnRU9/zlsk8XkDcxK03h4pOe1/+dTOs6OGhTOlyP18dGvppRKkTfK6VeeHe8wKhHV4x+47fZUHNwmdQtfXXvxzmLvtz5Pufvun33y6jvv/9JudbojR+8I1tY3bqZ2q1I0Pt5u6e7qIlKJvFApnwnVw9L39kda2Xe/PnXX298cbfRUjrzaPZ9H2mT55nw8ml7LC91pjlSdGaZP9zeiszo94eS/VeE2jukd7332YUo//HzkIYamxl42Kn/Pqw8AAAAAAAAAAAAAAAAAAFBW+q54X//LvtOHZT342MnPDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+OcPf/y8V9nZjJDIo7I5FBoU/diZk1VfXNyJq//ZmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH/dXAAAA//+g5Vir") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 818.969477ms ago: executing program 0 (id=669): bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), 0x0, 0x404, 0xffffffffffffffff, 0x0, 0x1ba8847c99}, 0x38) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x300, 0xed}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @tracing, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x92f5e}, 0x6d) 762.643965ms ago: executing program 2 (id=670): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x201, 0x3e, 0x0, &(0x7f00000000c0)=[0x2], &(0x7f0000000240)=[0x0], 0x0}) 700.722328ms ago: executing program 1 (id=671): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) sendmmsg$sock(r0, &(0x7f0000006740)=[{{&(0x7f0000000180)=@phonet={0x23, 0x9, 0x9, 0x9}, 0x80, 0x0}}], 0x1, 0x20020000) 490.867634ms ago: executing program 2 (id=672): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000040)={0x80109, "fa02946a000000001dda524f03000000000000000000003673000000002000", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45bebe3f5b53e0ca34dd02acecdc67c5e3126628168", r0}) 353.356983ms ago: executing program 1 (id=673): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f00000003c0)=[{0x4, 0x5, 0xb, 0xb}, {0x2, 0x4, 0x7, 0x4}, {0x2, 0x1, 0x8, 0x3}, {0x1, 0x4, 0x4, 0xc}, {0x5, 0x5, 0xa, 0x7}, {0x5, 0x4, 0x0, 0x3}, {0x5, 0x2, 0x5, 0xa}, {0x4, 0x1, 0xe, 0x1}], 0x10, 0x9}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c00018006000600060600000800028004007280080007"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010) 340.43757ms ago: executing program 0 (id=674): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4c4, &(0x7f0000003700)="$eJzs209sFNUfAPDvbHdpCz9+9McPURB1EY2NxhYKCgcvGE08YGLEgx6bthCkUENrIoRISQweDYl349GrB6/qzXgy8YpHE0NCDBfA05rZnWn3b2nLtgvs55Ns+97sm3nvu/Pe7Nt5uwH0rXL6J4n4T0TciIgdtWxjgXLt393bl6fu3b48FYuVysm/k2q5O2k+k++3LcuMFiIKXyRNB6yZv3jp7OTs7MyFLD++cO6T8fmLl149c27y9MzpmfMTx44dOXzo6OsTr609qDb1pXHd2fv53L4973x0/d2pYr59KPtfH0e3lKPcrilVL3a7sh7bXpdOij1sCGsyEBHp6SpVx/+OGAgnD/pFpVKpDHZ+erHS7GrLFuCRlUSvWwD0Rv5Gn37+zR+bNPV4KNw6XvsAlMZ9N3vUnilGIStTavp8m1vsQv1DEfHh4j/fpI/YoPsQAAD1fjqezwQb5n+XD0TE7rpy/83WUEYi4n8RsTMi/h8RuyLiiazskxHxVNPxyxFRWaH+clO+df5TuPmgMa4knf+9ka1tNc7/8tlfjAxkue0R+YR55mD2moxGafDUmdmZQ/UHTRrXoH5+6/evOtVfrpv/pY+0/nwumLXjZrHpBt305MLkAweeuTUasbfYHH9STAOorQQMV//uiYi9azjuSF36zMvf7VvKlBrLtY+/ZdWsUt2ypWlrF5YqKt9GvFQ7/4vRcP6X25CsvD45PhSzMwfH015wsG0dv/527b1O9d/3/P/wZ/Mubx/98eSDhr3k1tWIrXX9P/L12+X4R5KIZGm9dn7tdVz748uOn2lW1/+vNOyT9v8tyQfVdN4lPptcWLhwKGJLcqJ1+8Tyvnk+L5/GP3qg/fjfme2TvhJPR0TaiZ+JiGcj4rms7fsj4vmIOLBC/L+8+cLH649/Y6XxT7e9/jWc/+X1+vkTeeLiahMDZ/ffuNfh4rG683+kmhrNtrS//iUNF43VNrALLyEAAAA89ApR/e5/YWwpXSiMjdXuAe2KrYXZufmFV07NfXp+uvYbgZEoFfI7XbX7waUkv/85UpefaMofzu4bfz0wXM2PTc3NTvc6eOhz26pjPmkZ/6m/BnrdOmDD+ckP9K+2479uOW339U1sDLCpvP9D/6ob/51+07LomzLweGr//l/a9HYAm6/d+L+yjn2AR0vFWIa+ZvxD/yrG+0vpworlgMeNcQ19afW/4l9PojLY/qmhaC0cQxvTjOE2dfUkkc6selL78Hr2yr/+1bFMFO53nGJDHxuM1jID0ZNzcXp31zt/JfuufLeb+v3K4zSfrm/AC7W51yEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICN8m8AAAD//2+z1xU=") mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) select(0x2, 0x0, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)) 282.728461ms ago: executing program 2 (id=675): mkdir(&(0x7f0000000340)='./file\x00', 0xb1) mkdir(&(0x7f00000000c0)='./file/file0\x00', 0x101) statfs(&(0x7f0000000080)='./file/file0/../\x00', &(0x7f0000001240)) 126.54702ms ago: executing program 3 (id=676): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x6) 107.32775ms ago: executing program 1 (id=677): r0 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000580000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f00007ff000/0x2000)=nil) 0s ago: executing program 2 (id=678): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file0\x00', 0x8c0, &(0x7f0000000100)={[{@nouser_xattr}, {@heartbeat_none}, {@err_ro}, {@resv_level={'resv_level', 0x3d, 0x6}}, {@err_cont}, {@data_writeback}, {@nointr}, {@localalloc={'localalloc', 0x3d, 0x5}}]}, 0x1, 0x4431, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBtpC37Yv9O2hb2LiJjbRqCHQk0oTKaWl0GJNtY0xJtsFti1mYRtYjIce8NbEk4kH46HRxBunhoPX+id48VjPTfTgxcSkEbO7s5QZdsOKLNjm8zkwO89v+M48+8xheOJE5fbcUm5uKVdYyJVnbi6dzn1SLi3PF0O8R5r2f2Dv+qc9nbhO2mjz0D8fOc1cOXfhveunQ/hh9qfH6+vr66GqOzQ1tOnz77/dndl8bIgzdartNm9tt3wYQjixZVxVXSGED74PIQohnE3SRpNjbwjhaKjnXb/7+Y3cLo3mwaPimfyTqXtrw6cmV++vtf7doxC+Lv3/9Vvzv7zUNfzzq7vUPQAAAAAAAAAAAAAAAAAAz7jxq1euvTs4FB5GoXs12vq+7nhybPV+7PquebHzvywAAAAAAAAAAAAAAAAAAAD8Sz19/z8XHW/y/v9YchxpUX/97c6Pkc6ZeOfK2PnBoWT/92hL/htJ0q9nu0J/k33fs/u/n83Ub77/+9Z+dqoxvka/fSGKB1LncTwwEMK3ycbvJ6PDcam8VHntZnl5YXbXhvHMSse/vnt/KjrJhv7txn80037n9///35arqXp+Y/cusedaOv5dLcv1hKit+J/L1NuL+LNz6fh319J6NxcYqU8A330WhS+6t4//WKb9TsX/WAghF1XHmkvNANU1TDW91XqFtHT8D9TSUlNn8oesxr/Z/f9HJv7nM+3v1/y/kv0ioql0/A/W0npSJZ7e//3x9vf/hUz7+xH/6vhXfP+3JR3/Q/XE7lSR2l+y3fl/PNN+p+J/LU7GeSxKXQGrUT291f+rIy0d/54t+U+f/+K21n8XM/X36vmv0W/j+a8x/b8S1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVDr+h2tp6bVzX+1nu/GfzLTfmfgf3Pg0kln//3movgD4xvqvLen4/6eeGG8usVL7WVv/Rduv/y9l2t+P9V91/CtxZ3t9XqTjf6RluWr8f2zj+/9ypl7n4x/CoLX+jqXjf7Rludr937N9/Kcy9Tod/5c72TgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAM2A0OfaFKB5IncfxwEAI55Lzk+FwNF2YzU+XyjMfLYUwlqTnwvHoVqk8XSjl5xbKs8V8oVQqz4RwPsk/EXqipVK5kp8v3Lmw0VZvdLtYWKxMFwuVEMJ4kv5CONpoa3quMl+4E0K4uJH337i8eOd2YSE/O7f41uDg4GCY2BhDf1T8tFJcqNR7r+eGMLlRty/aNLha9qWNsRyJPi4vLy4USrX0y5vqlMozhdKmOlNJ3pehP6osLi/MFCrFfKl8q9HffhpJjmMTV9+/enloS/6NqH4c3dthAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3PRx+86sQQnf9LA4hjDQ+RM3KP3hUPJN/MnVvbfjU5Or9tcetygEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bc7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2KVjlIqBIAzAs2sRK/EYViHpbCOKaGFE8ARaewIPo0fxEt7BwsLWQoS4AclLHmneq76vGdifnR3YAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY5/Kuv79t2ogUhz9VFW+P7x//8+tSX87m7x/sYUZ25+qmP79o2vLvaSM/LUefXR7S76/nh5ipo9fJnkz36c/Q9Oloy1xL+7Y03/jucaRcR0RX8pOUc12v6wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQeOBQAAAACE+VtH0bcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/AgAA//83QB5f") creat(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x24) symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000000)='./file0\x00') kernel console output (not intermixed with test programs): e0: port 2(bridge_slave_1) entered blocking state [ 97.251856][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.283691][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.345758][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.406933][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.414121][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.466130][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.473293][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.513610][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.653061][ T5850] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.702482][ T5853] Bluetooth: hci0: command tx timeout [ 97.717475][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.724653][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.737558][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.744715][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.886765][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.940458][ T5853] Bluetooth: hci1: command tx timeout [ 98.007771][ T5858] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.023972][ T5851] Bluetooth: hci2: command tx timeout [ 98.029460][ T5853] Bluetooth: hci3: command tx timeout [ 98.054580][ T5862] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.100076][ T5853] Bluetooth: hci4: command tx timeout [ 98.124835][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.132020][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.151865][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.182182][ T5853] Bluetooth: hci5: command tx timeout [ 98.201034][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.208234][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.225881][ T5858] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.245960][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.314586][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.321767][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.362229][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.375001][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.382157][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.417556][ T5862] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 98.433046][ T5862] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.469400][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.617083][ T5844] veth0_vlan: entered promiscuous mode [ 98.671998][ T5854] veth0_vlan: entered promiscuous mode [ 98.759790][ T5844] veth1_vlan: entered promiscuous mode [ 98.789017][ T5854] veth1_vlan: entered promiscuous mode [ 98.856328][ T5848] veth0_vlan: entered promiscuous mode [ 98.951631][ T5848] veth1_vlan: entered promiscuous mode [ 98.995366][ T5844] veth0_macvtap: entered promiscuous mode [ 99.026353][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.043325][ T5844] veth1_macvtap: entered promiscuous mode [ 99.056975][ T5854] veth0_macvtap: entered promiscuous mode [ 99.096416][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.132918][ T5854] veth1_macvtap: entered promiscuous mode [ 99.176492][ T5848] veth0_macvtap: entered promiscuous mode [ 99.201029][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.222597][ T5844] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.232829][ T5844] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.241634][ T5844] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.251454][ T5844] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.268969][ T5848] veth1_macvtap: entered promiscuous mode [ 99.296594][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.332710][ T5862] veth0_vlan: entered promiscuous mode [ 99.348804][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.406036][ T5858] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.424829][ T5862] veth1_vlan: entered promiscuous mode [ 99.458023][ T5854] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.475179][ T5854] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.484400][ T5854] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.493436][ T5854] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.535218][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.578827][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.601823][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.611289][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.658625][ T5850] veth0_vlan: entered promiscuous mode [ 99.684190][ T5848] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.694564][ T5848] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.704742][ T5848] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.713560][ T5848] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.746059][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.765692][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.781984][ T5853] Bluetooth: hci0: command tx timeout [ 99.822705][ T5850] veth1_vlan: entered promiscuous mode [ 99.903443][ T5862] veth0_macvtap: entered promiscuous mode [ 99.946104][ T5844] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 99.963005][ T5862] veth1_macvtap: entered promiscuous mode [ 100.007231][ T5948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.017021][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.026400][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.031201][ T5853] Bluetooth: hci1: command tx timeout [ 100.038436][ T5948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.100579][ T5853] Bluetooth: hci3: command tx timeout [ 100.105994][ T5853] Bluetooth: hci2: command tx timeout [ 100.131462][ T5858] veth0_vlan: entered promiscuous mode [ 100.157235][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.175565][ T5850] veth0_macvtap: entered promiscuous mode [ 100.183949][ T5853] Bluetooth: hci4: command tx timeout [ 100.191513][ T5858] veth1_vlan: entered promiscuous mode [ 100.212697][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.232323][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.256669][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.273110][ T5853] Bluetooth: hci5: command tx timeout [ 100.289423][ T5862] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.299053][ T5862] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.308214][ T5862] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.316981][ T5862] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.347954][ T5983] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7'. [ 100.415049][ T5850] veth1_macvtap: entered promiscuous mode [ 100.448476][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.485246][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.549821][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.626997][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.732663][ T5858] veth0_macvtap: entered promiscuous mode [ 100.741886][ T5850] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.799937][ T5850] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.819094][ T5850] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.840324][ T5850] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.916303][ T5858] veth1_macvtap: entered promiscuous mode [ 100.972901][ T5997] netlink: 'syz.1.12': attribute type 1 has an invalid length. [ 100.995326][ T5948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.008330][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.018354][ T5948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.020187][ T5997] netlink: 204 bytes leftover after parsing attributes in process `syz.1.12'. [ 101.084926][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.238910][ T5858] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.260723][ T5858] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.269469][ T5858] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.297510][ T5858] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.321692][ T6001] hsr0: entered promiscuous mode [ 101.382034][ T6000] hsr0: left promiscuous mode [ 101.442495][ T969] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.471467][ T969] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.566834][ T6012] binder: 6009:6012 ioctl 400c620e 200000000380 returned -22 [ 101.725757][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.764154][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.869634][ T5948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.896191][ T5948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.988416][ T969] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.016876][ T969] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.080211][ T5957] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 102.089324][ T969] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.117771][ T969] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.125222][ T5925] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 102.270187][ T5957] usb 4-1: Using ep0 maxpacket: 16 [ 102.291041][ T5925] usb 3-1: Using ep0 maxpacket: 32 [ 102.312568][ T5957] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87 [ 102.313655][ T5925] usb 3-1: config 0 has an invalid interface number: 125 but max is 0 [ 102.358925][ T5957] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 102.401920][ T5957] usb 4-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 102.406591][ T5925] usb 3-1: config 0 has no interface number 0 [ 102.439928][ T5957] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 102.484282][ T5925] usb 3-1: New USB device found, idVendor=1039, idProduct=2120, bcdDevice= 2.a7 [ 102.492830][ T5957] usb 4-1: Product: syz [ 102.497484][ T5957] usb 4-1: Manufacturer: syz [ 102.523778][ T5957] usb 4-1: SerialNumber: syz [ 102.530517][ T5925] usb 3-1: New USB device strings: Mfr=249, Product=255, SerialNumber=3 [ 102.564864][ T5925] usb 3-1: Product: syz [ 102.569040][ T5925] usb 3-1: Manufacturer: syz [ 102.572214][ T5957] usb 4-1: config 0 descriptor?? [ 102.620836][ T5925] usb 3-1: SerialNumber: syz [ 102.675752][ T5925] usb 3-1: config 0 descriptor?? [ 102.907836][ T5957] appledisplay 4-1:0.0: Error while getting initial brightness: -110 [ 102.993572][ C0] usb 4-1: appledisplay_complete - usb_submit_urb failed with result -1 [ 103.003872][ T5957] appledisplay 4-1:0.0: probe with driver appledisplay failed with error -110 [ 103.018915][ T5925] usb 3-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2120) Rev (0X2A7): Eagle II [ 103.100061][ T970] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 103.204411][ T5957] usb 4-1: USB disconnect, device number 2 [ 103.290649][ T970] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.316203][ T970] usb 6-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00 [ 103.353008][ T970] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.402526][ T970] usb 6-1: config 0 descriptor?? [ 103.670188][ T5925] usb 3-1: reset high-speed USB device number 2 using dummy_hcd [ 103.902435][ T970] nintendo 0003:057E:200E.0001: unbalanced collection at end of report description [ 103.988838][ T970] nintendo 0003:057E:200E.0001: HID parse failed [ 104.038944][ T5925] ueagle-atm 3-1:0.125: usbatm_usb_probe: bind failed: -19! [ 104.052138][ T970] nintendo 0003:057E:200E.0001: probe - fail = -22 [ 104.076842][ T970] nintendo 0003:057E:200E.0001: probe with driver nintendo failed with error -22 [ 104.102596][ T5925] usb 3-1: USB disconnect, device number 2 [ 104.188055][ T970] usb 6-1: USB disconnect, device number 2 [ 104.293009][ T5926] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 104.318392][ T6071] netlink: 8 bytes leftover after parsing attributes in process `syz.3.41'. [ 104.480151][ T5926] usb 1-1: Using ep0 maxpacket: 32 [ 104.496579][ T5926] usb 1-1: config 0 has an invalid interface number: 196 but max is 0 [ 104.509555][ T5926] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 104.520916][ T5926] usb 1-1: config 0 has no interface number 0 [ 104.527023][ T5926] usb 1-1: config 0 interface 196 altsetting 1 endpoint 0x2 has invalid wMaxPacketSize 0 [ 104.541148][ T5926] usb 1-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 0 [ 104.552267][ T5926] usb 1-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 104.576217][ T5926] usb 1-1: config 0 interface 196 has no altsetting 0 [ 104.602920][ T5926] usb 1-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 104.646046][ T5926] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.665056][ T5926] usb 1-1: Product: syz [ 104.679882][ T5926] usb 1-1: Manufacturer: syz [ 104.684493][ T5926] usb 1-1: SerialNumber: syz [ 104.742500][ T5926] usb 1-1: config 0 descriptor?? [ 104.898001][ T6078] loop5: detected capacity change from 0 to 2048 [ 104.978920][ C1] raw-gadget.1 gadget.0: ignoring, device is not running [ 104.996128][ T5926] ipheth 1-1:0.196: Unable to find endpoints [ 105.022628][ T5847] Alternate GPT is invalid, using primary GPT. [ 105.029202][ T5926] usb 1-1: USB disconnect, device number 2 [ 105.060649][ T5847] loop5: p1 p2 p3 [ 105.075889][ T6067] loop4: detected capacity change from 0 to 32768 [ 105.157020][ T6078] Alternate GPT is invalid, using primary GPT. [ 105.174677][ T6067] XFS (loop4): DAX unsupported by block device. Turning off DAX. [ 105.194529][ T6078] loop5: p1 p2 p3 [ 105.252953][ T6067] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 105.471999][ T6067] XFS (loop4): Ending clean mount [ 105.503180][ T6067] XFS (loop4): Quotacheck needed: Please wait. [ 105.624978][ T6067] XFS (loop4): Quotacheck: Done. [ 105.741830][ T6097] loop5: detected capacity change from 0 to 4096 [ 105.838782][ T6102] Driver unsupported XDP return value 0 on prog (id 6) dev N/A, expect packet loss! [ 105.962304][ T5850] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 106.148102][ T6109] Zero length message leads to an empty skb [ 106.195561][ T5847] udevd[5847]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 106.196428][ T5843] udevd[5843]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 106.225075][ T5859] udevd[5859]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 106.574686][ T5847] udevd[5847]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 106.594141][ T5859] udevd[5859]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 106.605677][ T5843] udevd[5843]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 106.974981][ T6129] sp0: Synchronizing with TNC [ 107.022152][ T6128] [U] è [ 107.386297][ T5853] Bluetooth: hci3: unexpected cc 0x2007 length: 100 > 2 [ 107.430116][ T5959] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 107.559412][ T6145] loop1: detected capacity change from 0 to 8192 [ 107.586285][ T6145] ======================================================= [ 107.586285][ T6145] WARNING: The mand mount option has been deprecated and [ 107.586285][ T6145] and is ignored by this kernel. Remove the mand [ 107.586285][ T6145] option from the mount to silence this warning. [ 107.586285][ T6145] ======================================================= [ 107.686916][ T5959] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 107.718344][ T5959] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 107.796193][ T5959] usb 6-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00 [ 107.813182][ T6145] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 107.839200][ T5959] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.864354][ T6159] loop0: detected capacity change from 0 to 512 [ 107.895140][ T5959] usb 6-1: config 0 descriptor?? [ 107.941511][ T6138] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 108.006087][ T6159] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 108.078744][ T6159] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.234412][ T6169] netlink: 592 bytes leftover after parsing attributes in process `syz.4.83'. [ 108.353047][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 108.398868][ T5959] logitech 0003:046D:C626.0002: unbalanced delimiter at end of report description [ 108.451079][ T5959] logitech 0003:046D:C626.0002: parse failed [ 108.460594][ T5959] logitech 0003:046D:C626.0002: probe with driver logitech failed with error -22 [ 108.619675][ T5959] usb 6-1: USB disconnect, device number 3 [ 108.789395][ T6184] capability: warning: `syz.4.90' uses deprecated v2 capabilities in a way that may be insecure [ 109.254889][ T6174] loop3: detected capacity change from 0 to 32768 [ 109.288404][ T6174] btrfs: Deprecated parameter 'usebackuproot' [ 109.324603][ T6174] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 109.337814][ T6196] loop0: detected capacity change from 0 to 256 [ 109.373845][ T6196] exfat: Deprecated parameter 'namecase' [ 109.380178][ T6174] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.85 (6174) [ 109.475780][ T6174] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 109.515609][ T6174] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm [ 109.529643][ T6196] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 109.539894][ T6174] BTRFS info (device loop3): using free-space-tree [ 109.635878][ T6199] loop1: detected capacity change from 0 to 4096 [ 109.768311][ T6211] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 109.769568][ T6209] loop4: detected capacity change from 0 to 64 [ 109.839478][ T6199] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=4096, inode=0, rec_len=0, name_len=0 [ 109.874292][ T12] BTRFS warning (device loop3): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 109.951972][ T6174] BTRFS error (device loop3): failed to load root extent [ 109.959061][ T6174] BTRFS warning (device loop3): try to load backup roots slot 1 [ 109.964077][ T6199] Remounting filesystem read-only [ 110.002788][ T59] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 110.017053][ T6199] NILFS error (device loop1): nilfs_readdir: bad page in #2 [ 110.077824][ T6174] BTRFS warning (device loop3): couldn't read tree root [ 110.148126][ T6174] BTRFS warning (device loop3): try to load backup roots slot 2 [ 110.191735][ T36] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 110.241217][ T6174] BTRFS warning (device loop3): couldn't read tree root [ 110.300123][ T6174] BTRFS warning (device loop3): try to load backup roots slot 3 [ 110.397733][ T6174] BTRFS info (device loop3): rebuilding free space tree [ 110.519415][ T6190] loop2: detected capacity change from 0 to 32768 [ 110.551157][ T6174] BTRFS info (device loop3): checking UUID tree [ 110.682596][ T6190] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 110.702888][ T6237] mmap: syz.4.105 (6237) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 110.713693][ T6239] loop0: detected capacity change from 0 to 1024 [ 110.834268][ T6247] loop5: detected capacity change from 0 to 1024 [ 110.869979][ T6239] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 110.881557][ T5854] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 110.938199][ T6190] XFS (loop2): Ending clean mount [ 110.947420][ T6239] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 110.975224][ T6190] XFS (loop2): Quotacheck needed: Please wait. [ 111.011480][ T6239] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.107: Failed to acquire dquot type 0 [ 111.061178][ T5853] Bluetooth: hci4: unknown advertising packet type: 0x72 [ 111.061221][ T5853] Bluetooth: hci4: unknown advertising packet type: 0x30 [ 111.068335][ T5853] Bluetooth: hci4: unknown advertising packet type: 0x6b [ 111.128096][ T6239] EXT4-fs (loop0): 1 truncate cleaned up [ 111.133071][ T6250] loop1: detected capacity change from 0 to 1024 [ 111.184620][ T6250] EXT4-fs: Ignoring removed nobh option [ 111.185792][ T6190] XFS (loop2): Quotacheck: Done. [ 111.227191][ T6250] EXT4-fs: Ignoring removed bh option [ 111.234451][ T6239] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.343552][ T6250] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.460703][ T5853] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 111.469109][ T5853] Bluetooth: hci3: Injecting HCI hardware error event [ 111.477462][ T5853] Bluetooth: hci3: hardware error 0x00 [ 111.518717][ T6239] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 111.581365][ T5862] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 111.659207][ T6257] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 111.688519][ T6257] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 111.704019][ T36] hfsplus: b-tree write err: -5, ino 4 [ 111.798926][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.881036][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.004712][ T6266] netlink: 8 bytes leftover after parsing attributes in process `syz.4.118'. [ 112.101045][ T6266] netlink: 4 bytes leftover after parsing attributes in process `syz.4.118'. [ 112.138328][ T6266] netlink: 'syz.4.118': attribute type 6 has an invalid length. [ 112.424875][ T6277] loop5: detected capacity change from 0 to 1024 [ 112.504656][ T6277] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 112.556003][ T6277] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 112.600483][ T6282] [U]  [ 112.671976][ T6277] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 112.728728][ T6292] netlink: 16 bytes leftover after parsing attributes in process `syz.1.127'. [ 112.827366][ T6277] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.121: bg 0: block 32: padding at end of block bitmap is not set [ 112.883676][ T6277] EXT4-fs (loop5): Remounting filesystem read-only [ 112.977319][ T6299] loop0: detected capacity change from 0 to 64 [ 113.078144][ T5858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.101500][ T6303] capability: warning: `syz.3.131' uses 32-bit capabilities (legacy support in use) [ 113.404055][ T30] audit: type=1326 audit(1751849607.072:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6310 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8718e929 code=0x7ffc0000 [ 113.488567][ T6307] loop2: detected capacity change from 0 to 4096 [ 113.558541][ T30] audit: type=1326 audit(1751849607.132:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6310 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8718e929 code=0x7ffc0000 [ 113.597989][ T6307] NILFS (loop2): invalid segment: Checksum error in segment payload [ 113.648607][ T30] audit: type=1326 audit(1751849607.132:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6310 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdd8718e929 code=0x7ffc0000 [ 113.676304][ T6307] NILFS (loop2): trying rollback from an earlier position [ 113.685016][ T6317] loop5: detected capacity change from 0 to 512 [ 113.725936][ T6307] NILFS (loop2): recovery complete [ 113.768585][ T6321] loop4: detected capacity change from 0 to 1024 [ 113.781096][ T5853] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 113.788386][ T6322] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 113.799204][ T30] audit: type=1326 audit(1751849607.132:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6310 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8718e929 code=0x7ffc0000 [ 113.846136][ T30] audit: type=1326 audit(1751849607.142:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6310 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8718e929 code=0x7ffc0000 [ 113.879451][ T30] audit: type=1326 audit(1751849607.142:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6310 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7fdd8718e929 code=0x7ffc0000 [ 113.901408][ T6317] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.911924][ T6317] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 113.921137][ T30] audit: type=1326 audit(1751849607.142:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6310 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8718e929 code=0x7ffc0000 [ 114.118056][ T59] hfsplus: b-tree write err: -5, ino 4 [ 114.129547][ T30] audit: type=1326 audit(1751849607.142:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6310 comm="syz.1.137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd8718e929 code=0x7ffc0000 [ 114.209072][ T6317] EXT4-fs error (device loop5): ext4_get_first_dir_block:3547: inode #12: comm syz.5.139: directory missing '..' [ 114.369267][ T6332] netlink: 12 bytes leftover after parsing attributes in process `syz.2.145'. [ 114.406722][ T5858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.430459][ T6332] netlink: 'syz.2.145': attribute type 2 has an invalid length. [ 114.460184][ T6332] netlink: 'syz.2.145': attribute type 1 has an invalid length. [ 114.469113][ T6332] netlink: 4 bytes leftover after parsing attributes in process `syz.2.145'. [ 114.497869][ T6328] loop1: detected capacity change from 0 to 8192 [ 114.665628][ T6328] syz.1.143: attempt to access beyond end of device [ 114.665628][ T6328] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 114.738361][ T5209] udevd[5209]: worker [5847] terminated by signal 33 (Unknown signal 33) [ 114.768577][ T5209] udevd[5209]: worker [5847] failed while handling '/devices/virtual/block/loop1' [ 115.116708][ T6342] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 115.130955][ T6315] loop3: detected capacity change from 0 to 32768 [ 115.147395][ T6315] btrfs: Deprecated parameter 'usebackuproot' [ 115.174484][ T6315] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 115.262234][ T6346] loop2: detected capacity change from 0 to 256 [ 115.276042][ T6315] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.138 (6315) [ 115.289118][ T6346] exfat: Deprecated parameter 'namecase' [ 115.289233][ T6346] exfat: Deprecated parameter 'utf8' [ 115.442078][ T6315] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 115.456775][ T6346] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 115.487759][ T6315] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm [ 115.487803][ T6315] BTRFS info (device loop3): using free-space-tree [ 115.702930][ T6315] BTRFS info (device loop3): rebuilding free space tree [ 115.766853][ T6330] loop4: detected capacity change from 0 to 32768 [ 116.018827][ T5854] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 116.037157][ T6372] loop1: detected capacity change from 0 to 1024 [ 116.084877][ T6372] EXT4-fs: Ignoring removed orlov option [ 116.122520][ T6372] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 116.255365][ T6372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.483803][ T6384] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 116.650612][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.958733][ T6393] loop0: detected capacity change from 0 to 1024 [ 117.054866][ T6393] hfsplus: small file entry [ 117.318249][ T6370] loop5: detected capacity change from 0 to 32768 [ 117.481124][ T6409] mkiss: ax0: crc mode is auto. [ 117.508285][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 117.508303][ T30] audit: type=1800 audit(1751849611.182:19): pid=6370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.155" name="file1" dev="loop5" ino=4 res=0 errno=0 [ 117.704826][ T6414] loop1: detected capacity change from 0 to 1024 [ 117.790894][ T6414] hfsplus: bad catalog entry type [ 117.976589][ T12] hfsplus: b-tree write err: -5, ino 4 [ 118.420178][ T5957] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 118.485619][ T6429] loop1: detected capacity change from 0 to 4096 [ 118.529228][ T6429] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 118.612732][ T5957] usb 5-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00 [ 118.665488][ T5957] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.699957][ T5957] usb 5-1: config 0 descriptor?? [ 118.976046][ T6443] netlink: 'syz.0.188': attribute type 5 has an invalid length. [ 119.000816][ T6445] netlink: 8 bytes leftover after parsing attributes in process `syz.3.189'. [ 119.053674][ T6445] netlink: 12 bytes leftover after parsing attributes in process `syz.3.189'. [ 119.130593][ T6445] netlink: 'syz.3.189': attribute type 18 has an invalid length. [ 119.157726][ T5957] logitech 0003:046D:C20E.0003: rdesc size test failed for formula gp [ 119.229627][ T5957] logitech 0003:046D:C20E.0003: hidraw0: USB HID v10.00 Device [HID 046d:c20e] on usb-dummy_hcd.4-1/input0 [ 119.367855][ T5957] usb 5-1: USB disconnect, device number 2 [ 119.587364][ T6451] fido_id[6451]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 119.677401][ T5959] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 119.692551][ T6461] netlink: 4 bytes leftover after parsing attributes in process `syz.1.196'. [ 119.850056][ T5959] usb 1-1: Using ep0 maxpacket: 16 [ 119.877272][ T5959] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 119.907519][ T5959] usb 1-1: config 0 has no interface number 0 [ 119.926024][ T5959] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 119.981641][ T5959] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 120.044930][ T5959] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 120.097672][ T5959] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 120.116672][ T5959] usb 1-1: Product: syz [ 120.132833][ T5959] usb 1-1: SerialNumber: syz [ 120.197848][ T5959] usb 1-1: config 0 descriptor?? [ 120.214464][ T5959] cm109 1-1:0.8: invalid payload size 0, expected 4 [ 120.253103][ T5959] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input5 [ 120.507019][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 120.515320][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 120.522652][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 120.529845][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 120.530313][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 120.530530][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 120.530745][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 120.530962][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 120.531180][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 120.531395][ C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 120.539629][ T5959] usb 1-1: USB disconnect, device number 3 [ 120.542957][ C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 120.555736][ T6479] geneve2: entered promiscuous mode [ 120.628153][ T6479] geneve2: entered allmulticast mode [ 120.688754][ T5959] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 120.797492][ T6488] loop1: detected capacity change from 0 to 16 [ 120.835541][ T6488] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 120.975752][ T6491] tipc: Enabling of bearer rejected, media not registered [ 120.984990][ T6456] loop3: detected capacity change from 0 to 32768 [ 121.085942][ T6456] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 121.177480][ T6492] loop2: detected capacity change from 0 to 4096 [ 121.200021][ T6492] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 121.215434][ T6456] XFS (loop3): Ending clean mount [ 121.256240][ T6456] XFS (loop3): Quotacheck needed: Please wait. [ 121.380136][ T6492] ntfs3(loop2): ino=19, mi_enum_attr [ 121.402890][ T6456] XFS (loop3): Quotacheck: Done. [ 121.408067][ T6492] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 121.448106][ T6492] ntfs3(loop2): failed to convert "c46c" to iso8859-13 [ 121.474062][ T6492] ntfs3(loop2): ino=20, mi_enum_attr [ 121.821118][ T6471] loop4: detected capacity change from 0 to 32768 [ 121.862809][ T6511] loop5: detected capacity change from 0 to 8 [ 121.873136][ T6509] loop1: detected capacity change from 0 to 32768 [ 121.911115][ T6509] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 121.919457][ T6509] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 121.929034][ T5854] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 121.971254][ T6509] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 121.996449][ T6014] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 122.023329][ T6471] JBD2: Ignoring recovery information on journal [ 122.029353][ T6014] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 122.148896][ T6471] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 122.415703][ T6014] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 386ms [ 122.494394][ T6521] tipc: Started in network mode [ 122.499384][ T6521] tipc: Node identity -, cluster identity 4711 [ 122.515158][ T6014] gfs2: fsid=syz:syz.0: jid=0: Done [ 122.553028][ T6509] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 122.621982][ T6509] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 2142 (type: exp=14, found=25614), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1430 [ 122.640111][ T6509] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 122.657798][ T6509] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 122.666863][ T6509] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 122.673663][ T6509] gfs2: fsid=syz:syz.0: File system withdrawn [ 122.679745][ T6509] CPU: 0 UID: 0 PID: 6509 Comm: syz.1.213 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 122.679774][ T6509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 122.679788][ T6509] Call Trace: [ 122.679797][ T6509] [ 122.679806][ T6509] dump_stack_lvl+0x189/0x250 [ 122.679849][ T6509] ? __pfx_dump_stack_lvl+0x10/0x10 [ 122.679880][ T6509] ? __pfx__printk+0x10/0x10 [ 122.679914][ T6509] ? kobject_uevent_env+0x36b/0x8c0 [ 122.679957][ T6509] gfs2_withdraw+0x111e/0x14f0 [ 122.680011][ T6509] ? __pfx_gfs2_withdraw+0x10/0x10 [ 122.680044][ T6509] ? __filemap_get_folio+0x79f/0xaf0 [ 122.680083][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.680110][ T6509] ? folio_unlock+0x101/0x160 [ 122.680149][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.680188][ T6509] gfs2_metatype_check_ii+0x78/0x90 [ 122.680227][ T6509] gfs2_quota_init+0xfc8/0x1230 [ 122.680255][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.680282][ T6509] ? __lock_acquire+0xab9/0xd20 [ 122.680333][ T6509] ? __pfx_gfs2_quota_init+0x10/0x10 [ 122.680357][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.680387][ T6509] ? __pfx_wake_up_bit+0x10/0x10 [ 122.680420][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.680458][ T6509] ? inode_go_inval+0x259/0x2c0 [ 122.680492][ T6509] gfs2_make_fs_rw+0x181/0x2b0 [ 122.680532][ T6509] gfs2_fill_super+0x1a91/0x20e0 [ 122.680587][ T6509] ? __pfx_gfs2_fill_super+0x10/0x10 [ 122.680617][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.680651][ T6509] ? init_locking+0xb8/0x210 [ 122.680680][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.680707][ T6509] ? sb_set_blocksize+0x104/0x180 [ 122.680734][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.680762][ T6509] ? setup_bdev_super+0x4c1/0x5b0 [ 122.680796][ T6509] get_tree_bdev_flags+0x40e/0x4d0 [ 122.680825][ T6509] ? __pfx_gfs2_fill_super+0x10/0x10 [ 122.680859][ T6509] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 122.680890][ T6509] ? rcu_is_watching+0x15/0xb0 [ 122.680928][ T6509] gfs2_get_tree+0x51/0x1e0 [ 122.680966][ T6509] vfs_get_tree+0x92/0x2b0 [ 122.680999][ T6509] do_new_mount+0x24a/0xa40 [ 122.681043][ T6509] __se_sys_mount+0x317/0x410 [ 122.681085][ T6509] ? __pfx___se_sys_mount+0x10/0x10 [ 122.681116][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.681156][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.681183][ T6509] ? __x64_sys_mount+0x20/0xc0 [ 122.681219][ T6509] do_syscall_64+0xfa/0x3b0 [ 122.681242][ T6509] ? lockdep_hardirqs_on+0x9c/0x150 [ 122.681280][ T6509] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.681303][ T6509] ? srso_alias_return_thunk+0x5/0xfbef5 [ 122.681330][ T6509] ? exc_page_fault+0x9f/0xf0 [ 122.681369][ T6509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.681392][ T6509] RIP: 0033:0x7fdd871900ca [ 122.681414][ T6509] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.681434][ T6509] RSP: 002b:00007fdd87f74e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 122.681458][ T6509] RAX: ffffffffffffffda RBX: 00007fdd87f74ef0 RCX: 00007fdd871900ca [ 122.681476][ T6509] RDX: 0000200000000280 RSI: 0000200000001c00 RDI: 00007fdd87f74eb0 [ 122.681493][ T6509] RBP: 0000200000000280 R08: 00007fdd87f74ef0 R09: 00000000000100c0 [ 122.681510][ T6509] R10: 00000000000100c0 R11: 0000000000000246 R12: 0000200000001c00 [ 122.681526][ T6509] R13: 00007fdd87f74eb0 R14: 0000000000012664 R15: 0000200000000440 [ 122.681565][ T6509] [ 123.112993][ T6509] gfs2: fsid=syz:syz.0: can't make FS RW: -5 [ 123.223314][ T5850] ocfs2: Unmounting device (7,4) on (node local) [ 123.558102][ T6527] loop5: detected capacity change from 0 to 4096 [ 123.600069][ T6535] netlink: 'syz.0.223': attribute type 11 has an invalid length. [ 123.646283][ T6527] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 123.870388][ T6527] ntfs3(loop5): ino=19, mi_enum_attr [ 123.971996][ T6539] loop2: detected capacity change from 0 to 4096 [ 123.996586][ T6539] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 124.156075][ T6551] loop4: detected capacity change from 0 to 128 [ 124.224612][ T6551] EXT4-fs (loop4): Test dummy encryption mode enabled [ 124.286396][ T6554] loop0: detected capacity change from 0 to 2048 [ 124.367762][ T6551] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 124.429736][ T6563] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 124.519738][ T6551] ext4 filesystem being mounted at /32/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 124.547460][ T6561] loop3: detected capacity change from 0 to 1764 [ 124.667194][ T6561] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 124.797427][ T5850] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 124.986049][ T6573] loop5: detected capacity change from 0 to 512 [ 125.027180][ T6573] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 125.165009][ T6573] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.285689][ T6573] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 125.368921][ T6573] EXT4-fs: Cannot change journaled quota options when quota turned on [ 125.486361][ T6587] loop2: detected capacity change from 0 to 512 [ 125.591850][ T5858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.612414][ T6587] EXT4-fs: Ignoring removed nomblk_io_submit option [ 125.627346][ T6593] tipc: Started in network mode [ 125.673118][ T6593] tipc: Node identity 0ac127e66004, cluster identity 4711 [ 125.740223][ T6593] tipc: Enabled bearer , priority 10 [ 125.784092][ T6587] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.850951][ T6587] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 126.131089][ T5862] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.571663][ T6618] loop2: detected capacity change from 0 to 4096 [ 126.607497][ T6618] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 126.767772][ T6618] ntfs3(loop2): ino=19, mi_enum_attr [ 126.767827][ T6618] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 126.784368][ T6634] loop4: detected capacity change from 0 to 128 [ 126.861925][ T5957] tipc: Node number set to 1791305702 [ 126.961535][ T5911] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 127.023420][ T6640] random: crng reseeded on system resumption [ 127.157431][ T5911] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.185026][ T5911] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.238623][ T5911] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 127.310833][ T5911] usb 4-1: New USB device found, idVendor=12ba, idProduct=0100, bcdDevice= 0.00 [ 127.345314][ T5911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.393997][ T5911] usb 4-1: config 0 descriptor?? [ 127.464643][ T6650] loop5: detected capacity change from 0 to 2048 [ 127.527817][ T6650] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.626681][ T6650] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 127.702668][ T6650] EXT4-fs (loop5): Remounting filesystem read-only [ 127.977440][ T5911] sony 0003:12BA:0100.0004: item fetching failed at offset 5/7 [ 128.018565][ T5911] sony 0003:12BA:0100.0004: parse failed [ 128.079601][ T5911] sony 0003:12BA:0100.0004: probe with driver sony failed with error -22 [ 128.200377][ T5911] usb 4-1: USB disconnect, device number 3 [ 128.269652][ T6656] loop0: detected capacity change from 0 to 65536 [ 128.288553][ T5858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.350784][ T6656] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 128.359753][ T6656] XFS (loop0): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 128.441828][ T6646] loop4: detected capacity change from 0 to 32768 [ 128.455889][ T6656] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40. [ 128.523124][ T6646] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 128.538518][ T6656] XFS (loop0): Starting recovery (logdev: internal) [ 128.558515][ T6656] XFS (loop0): Ending recovery (logdev: internal) [ 128.573705][ T6656] XFS (loop0): Quotacheck needed: Please wait. [ 128.633925][ T6656] XFS (loop0): Quotacheck: Done. [ 128.714825][ T6646] XFS (loop4): Ending clean mount [ 128.748854][ T5844] XFS (loop0): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 128.797170][ T6646] XFS (loop4): Quotacheck needed: Please wait. [ 128.816276][ T30] audit: type=1400 audit(1751849622.492:20): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=2626200D3A66 pid=6681 comm="syz.1.282" [ 128.921655][ T6646] XFS (loop4): Quotacheck: Done. [ 129.229913][ T5850] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 129.288864][ T6693] loop3: detected capacity change from 0 to 512 [ 129.339032][ T6693] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 129.340752][ T6694] loop2: detected capacity change from 0 to 256 [ 129.363763][ T6693] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it [ 129.470631][ T6693] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.288: Corrupt directory, running e2fsck is recommended [ 129.507994][ T6693] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 129.519325][ T6693] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.288: corrupted in-inode xattr: invalid ea_ino [ 129.620341][ T6693] EXT4-fs (loop3): Remounting filesystem read-only [ 129.661466][ T6693] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.910033][ T6693] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 130.034957][ T5854] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.343724][ T6709] loop5: detected capacity change from 0 to 256 [ 130.412401][ T6711] loop3: detected capacity change from 0 to 2048 [ 130.418322][ T6709] exfat: Deprecated parameter 'utf8' [ 130.476636][ T6715] netlink: 28 bytes leftover after parsing attributes in process `syz.2.298'. [ 130.530716][ T6709] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 130.588210][ T6690] loop1: detected capacity change from 0 to 32768 [ 130.620398][ T6711] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.685437][ T6690] [ 130.685437][ T6690] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 130.685437][ T6690] [ 130.699719][ T6711] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.845943][ T6690] [ 130.845943][ T6690] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 130.845943][ T6690] [ 130.908188][ T6690] [ 130.908188][ T6690] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 130.908188][ T6690] [ 130.919528][ T6690] [ 130.919528][ T6690] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 130.919528][ T6690] [ 130.933423][ T6690] [ 130.933423][ T6690] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 130.933423][ T6690] [ 130.950271][ T6690] [ 130.950271][ T6690] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 130.950271][ T6690] [ 130.997214][ T5854] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.014414][ T6690] [ 131.014414][ T6690] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 131.014414][ T6690] [ 131.076666][ T6690] [ 131.076666][ T6690] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 131.076666][ T6690] [ 131.124566][ T6690] [ 131.124566][ T6690] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 131.124566][ T6690] [ 131.190405][ T109] [ 131.190405][ T109] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 131.190405][ T109] [ 131.334416][ T5848] [ 131.334416][ T5848] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 131.334416][ T5848] [ 131.360986][ T5848] [ 131.360986][ T5848] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 131.360986][ T5848] [ 131.436843][ T6741] loop0: detected capacity change from 0 to 1024 [ 131.598891][ T6741] hfsplus: invalid xattr key length: 0 [ 131.731220][ T6745] netlink: 192 bytes leftover after parsing attributes in process `syz.5.313'. [ 131.789499][ T6745] netlink: 56 bytes leftover after parsing attributes in process `syz.5.313'. [ 131.833436][ T12] hfsplus: b-tree write err: -5, ino 8 [ 131.856927][ T6750] netlink: 'syz.4.315': attribute type 1 has an invalid length. [ 132.040007][ T30] audit: type=1800 audit(1751849625.712:21): pid=6754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.317" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 132.107606][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.118113][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.110140][ T30] audit: type=1326 audit(1751849626.772:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6794 comm="syz.5.336" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f23b338e929 code=0x0 [ 133.275656][ T6805] netlink: 'syz.2.340': attribute type 6 has an invalid length. [ 133.303198][ T6805] netlink: 'syz.2.340': attribute type 1 has an invalid length. [ 133.327928][ T6805] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.340'. [ 133.584754][ T6814] netlink: 48 bytes leftover after parsing attributes in process `syz.3.345'. [ 133.764689][ T6822] loop0: detected capacity change from 0 to 764 [ 134.817092][ T6849] loop0: detected capacity change from 0 to 1024 [ 134.849695][ T6849] hfsplus: request for non-existent node 3 in B*Tree [ 134.869136][ T6849] hfsplus: request for non-existent node 3 in B*Tree [ 134.958435][ T6852] loop5: detected capacity change from 0 to 4096 [ 135.032676][ T6852] NILFS (loop5): invalid segment: Checksum error in segment payload [ 135.069274][ T6852] NILFS (loop5): trying rollback from an earlier position [ 135.181384][ T6852] NILFS (loop5): recovery complete [ 135.196615][ T6857] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 135.360004][ T970] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 135.410370][ T5959] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 135.519901][ T970] usb 2-1: Using ep0 maxpacket: 16 [ 135.527614][ T970] usb 2-1: config 252 has an invalid interface number: 15 but max is 0 [ 135.540103][ T970] usb 2-1: config 252 has no interface number 0 [ 135.565077][ T970] usb 2-1: config 252 interface 15 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64 [ 135.611074][ T970] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=2b.29 [ 135.619555][ T5959] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 135.640190][ T970] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.648610][ T970] usb 2-1: Product: syz [ 135.663672][ T5959] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 135.685344][ T970] usb 2-1: Manufacturer: syz [ 135.705571][ T970] usb 2-1: SerialNumber: syz [ 135.716391][ T5959] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64 [ 135.774146][ T970] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 135.805097][ T5959] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 135.813399][ T6843] loop3: detected capacity change from 0 to 32768 [ 135.822269][ T5959] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.834123][ T5959] usb 1-1: Product: syz [ 135.838961][ T5959] usb 1-1: Manufacturer: syz [ 135.844700][ T5959] usb 1-1: SerialNumber: syz [ 135.859723][ T5959] usb 1-1: config 0 descriptor?? [ 135.867281][ T6856] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 135.914650][ T6856] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 135.980308][ T5959] usb 1-1: ucan: probing device on interface #0 [ 136.000432][ T6014] usb 2-1: USB disconnect, device number 2 [ 136.006451][ T13] usb 2-1: Failed to submit usb control message: -71 [ 136.039390][ T13] usb 2-1: unable to send the bmi data to the device: -71 [ 136.075364][ T13] usb 2-1: unable to get target info from device [ 136.100005][ T13] usb 2-1: could not get target info (-71) [ 136.106082][ T13] usb 2-1: could not probe fw (-71) [ 136.411199][ T5959] usb 1-1: ucan: device reported invalid tx-fifo size [ 136.419678][ T5959] usb 1-1: ucan: probe failed; try to update the device firmware [ 136.649273][ T5959] usb 1-1: USB disconnect, device number 4 [ 136.706688][ T6892] loop5: detected capacity change from 0 to 64 [ 136.766972][ T30] audit: type=1800 audit(1751849630.442:23): pid=6892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.379" name="file1" dev="loop5" ino=21 res=0 errno=0 [ 137.102909][ T6900] netlink: 128 bytes leftover after parsing attributes in process `syz.4.384'. [ 137.143932][ T6900] netlink: 'syz.4.384': attribute type 5 has an invalid length. [ 137.668340][ T6889] syz.3.378 (6889): drop_caches: 2 [ 137.690206][ T970] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 137.869706][ T970] usb 2-1: config 0 has an invalid interface number: 117 but max is 0 [ 137.905857][ T6917] loop0: detected capacity change from 0 to 1764 [ 137.919951][ T970] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 137.934571][ T6920] program syz.4.393 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 137.935800][ T6921] loop3: detected capacity change from 0 to 64 [ 137.962624][ T970] usb 2-1: config 0 has no interface number 0 [ 137.968740][ T970] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 138.031234][ T970] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 138.103335][ T970] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 138.129561][ T970] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 138.148212][ T970] usb 2-1: Product: syz [ 138.163134][ T970] usb 2-1: Manufacturer: syz [ 138.178238][ T6893] loop2: detected capacity change from 0 to 32768 [ 138.188441][ T970] usb 2-1: SerialNumber: syz [ 138.256645][ T970] usb 2-1: config 0 descriptor?? [ 138.311077][ T6893] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 138.311077][ T6893] [ 138.385111][ T6893] ERROR: (device loop2): remounting filesystem as read-only [ 138.436011][ T6893] ialloc: diAlloc returned -5! [ 138.818236][ T6933] loop3: detected capacity change from 0 to 1024 [ 138.893486][ T6933] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 138.968377][ T5926] usb 2-1: USB disconnect, device number 3 [ 139.085450][ T6915] loop5: detected capacity change from 0 to 32768 [ 139.117896][ T6933] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 139.149202][ T6915] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.392 (6915) [ 139.210891][ T6915] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 139.226929][ T6915] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm [ 139.248135][ T5854] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 139.258734][ T6915] BTRFS info (device loop5): using free-space-tree [ 139.350028][ T5959] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 139.593783][ T5959] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 139.606988][ T6965] loop0: detected capacity change from 0 to 1024 [ 139.614226][ T6964] netlink: 8 bytes leftover after parsing attributes in process `syz.3.404'. [ 139.634009][ T5959] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.651168][ T6965] hfsplus: Unknown parameter 'ï{Ü [ 139.651168][ T6965] OB·ìº­è¯—r4´|¡K™¿¦!B‘¸Z"EÂk(–Œañ«Ç3.<8' [ 139.658276][ T5959] usb 5-1: Product: syz [ 139.679133][ T5959] usb 5-1: Manufacturer: syz [ 139.720050][ T5959] usb 5-1: SerialNumber: syz [ 139.753005][ T5959] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 139.825050][ T6014] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 139.947484][ T5858] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 140.409372][ T6983] netlink: 'syz.0.414': attribute type 4 has an invalid length. [ 140.522512][ T5911] usb 5-1: USB disconnect, device number 3 [ 140.905368][ T6014] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 140.957587][ T6014] ath9k_htc: Failed to initialize the device [ 140.989965][ T5911] usb 5-1: ath9k_htc: USB layer deinitialized [ 141.455083][ T6977] loop3: detected capacity change from 0 to 32768 [ 141.522530][ T7008] Bluetooth: MGMT ver 1.23 [ 141.611037][ T6977] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 141.719941][ T6977] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 141.921946][ T5854] ocfs2: Unmounting device (7,3) on (node local) [ 142.145156][ T6987] loop5: detected capacity change from 0 to 40427 [ 142.188503][ T7028] netlink: 'syz.4.435': attribute type 1 has an invalid length. [ 142.231936][ T6987] F2FS-fs (loop5): build fault injection rate: 16 [ 142.234527][ T7028] netlink: 208 bytes leftover after parsing attributes in process `syz.4.435'. [ 142.238793][ T6987] F2FS-fs (loop5): build fault injection type: 0x3bfe8c [ 142.331848][ T6987] F2FS-fs (loop5): invalid crc value [ 142.385701][ T7028] netlink: 'syz.4.435': attribute type 1 has an invalid length. [ 142.422327][ T6987] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970 [ 142.446451][ T7028] netlink: 'syz.4.435': attribute type 2 has an invalid length. [ 142.553129][ C0] F2FS-fs (loop5): inject read IO error in f2fs_read_end_io of blk_update_request+0x5eb/0xe70 [ 142.932684][ T6987] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 143.044821][ T7018] loop0: detected capacity change from 0 to 40427 [ 143.052423][ T6987] F2FS-fs (loop5): inject dquot initialize in f2fs_dquot_initialize of f2fs_create+0x14c/0x5c0 [ 143.110149][ T7018] F2FS-fs (loop0): build fault injection rate: 771 [ 143.172109][ T7018] F2FS-fs (loop0): invalid crc value [ 143.424255][ T7024] loop2: detected capacity change from 0 to 32768 [ 143.497265][ T7020] loop1: detected capacity change from 0 to 40427 [ 143.504037][ T7024] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 143.586041][ T7018] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 143.606983][ T7020] F2FS-fs (loop1): build fault injection rate: 771 [ 143.634534][ T7026] loop3: detected capacity change from 0 to 40427 [ 143.661251][ T7020] F2FS-fs (loop1): invalid crc value [ 143.692769][ T7024] XFS (loop2): Ending clean mount [ 143.701661][ T7026] F2FS-fs (loop3): build fault injection rate: 16 [ 143.708261][ T7026] F2FS-fs (loop3): build fault injection type: 0x3bfe8c [ 143.753558][ T7026] F2FS-fs (loop3): invalid crc value [ 143.801353][ T7026] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970 [ 143.867229][ T5862] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 143.901915][ C0] F2FS-fs (loop3): inject read IO error in f2fs_read_end_io of blk_update_request+0x5eb/0xe70 [ 144.014359][ T5844] syz-executor: attempt to access beyond end of device [ 144.014359][ T5844] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 144.118518][ T5844] CPU: 1 UID: 0 PID: 5844 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 144.118552][ T5844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 144.118566][ T5844] Call Trace: [ 144.118576][ T5844] [ 144.118586][ T5844] dump_stack_lvl+0x189/0x250 [ 144.118627][ T5844] ? __pfx_dump_stack_lvl+0x10/0x10 [ 144.118654][ T5844] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 144.118691][ T5844] ? __pfx_queue_work_on+0x10/0x10 [ 144.118723][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.118750][ T5844] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 144.118785][ T5844] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 144.118822][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.118849][ T5844] ? f2fs_hw_is_readonly+0x39b/0x470 [ 144.118892][ T5844] f2fs_handle_critical_error+0x37c/0x540 [ 144.118938][ T5844] f2fs_write_end_io+0x495/0x810 [ 144.118960][ T5844] ? blkg_put+0x22/0x240 [ 144.119014][ T5844] __submit_merged_bio+0x27a/0x6a0 [ 144.119059][ T5844] __submit_merged_write_cond+0x255/0x530 [ 144.119105][ T5844] f2fs_write_data_pages+0x261d/0x3000 [ 144.119199][ T5844] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 144.119234][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.119333][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.119393][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.119420][ T5844] ? __lock_acquire+0xab9/0xd20 [ 144.119457][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.119484][ T5844] ? do_raw_spin_lock+0x121/0x290 [ 144.119527][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.119560][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.119586][ T5844] ? do_raw_spin_unlock+0x122/0x240 [ 144.119622][ T5844] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 144.119662][ T5844] do_writepages+0x32e/0x550 [ 144.119698][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.119731][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.119757][ T5844] ? do_raw_spin_unlock+0x122/0x240 [ 144.119799][ T5844] filemap_fdatawrite+0x191/0x230 [ 144.119835][ T5844] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 144.119926][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.119962][ T5844] ? do_raw_spin_unlock+0x122/0x240 [ 144.120005][ T5844] f2fs_sync_dirty_inodes+0x31f/0x830 [ 144.120053][ T5844] f2fs_write_checkpoint+0x94a/0x1de0 [ 144.120113][ T5844] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 144.120208][ T5844] ? f2fs_stop_gc_thread+0x7f/0xb0 [ 144.120233][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.120260][ T5844] ? kfree+0x18e/0x440 [ 144.120289][ T5844] ? kill_f2fs_super+0x298/0x6c0 [ 144.120323][ T5844] kill_f2fs_super+0x2c3/0x6c0 [ 144.120358][ T5844] ? __pfx_kill_f2fs_super+0x10/0x10 [ 144.120380][ T5844] ? radix_tree_delete_item+0x2b6/0x400 [ 144.120428][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.120456][ T5844] ? shrinker_free+0x2ce/0x3e0 [ 144.120498][ T5844] deactivate_locked_super+0xbc/0x130 [ 144.120526][ T5844] cleanup_mnt+0x425/0x4c0 [ 144.120565][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.120592][ T5844] ? lockdep_hardirqs_on+0x9c/0x150 [ 144.120635][ T5844] task_work_run+0x1d4/0x260 [ 144.120678][ T5844] ? __pfx_task_work_run+0x10/0x10 [ 144.120713][ T5844] ? __x64_sys_umount+0x122/0x160 [ 144.120750][ T5844] ? exit_to_user_mode_loop+0x40/0x110 [ 144.120783][ T5844] exit_to_user_mode_loop+0xec/0x110 [ 144.120810][ T5844] do_syscall_64+0x2bd/0x3b0 [ 144.120833][ T5844] ? lockdep_hardirqs_on+0x9c/0x150 [ 144.120870][ T5844] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.120893][ T5844] ? srso_alias_return_thunk+0x5/0xfbef5 [ 144.120920][ T5844] ? exc_page_fault+0x9f/0xf0 [ 144.120961][ T5844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.120984][ T5844] RIP: 0033:0x7f8ae178fc57 [ 144.121006][ T5844] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 144.121026][ T5844] RSP: 002b:00007ffdc599ebe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 144.121051][ T5844] RAX: 0000000000000000 RBX: 00007f8ae1810925 RCX: 00007f8ae178fc57 [ 144.121067][ T5844] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdc599eca0 [ 144.121082][ T5844] RBP: 00007ffdc599eca0 R08: 0000000000000000 R09: 0000000000000000 [ 144.121098][ T5844] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdc599fd30 [ 144.121114][ T5844] R13: 00007f8ae1810925 R14: 0000000000023182 R15: 00007ffdc599fd70 [ 144.121161][ T5844] [ 144.579331][ T5844] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 144.583543][ T7032] loop4: detected capacity change from 0 to 32768 [ 144.593679][ T7032] XFS: attr2 mount option is deprecated. [ 144.630191][ T7020] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 144.788796][ T7032] XFS (loop4): DAX unsupported by block device. Turning off DAX. [ 144.873835][ T7032] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 144.938813][ T5848] syz-executor: attempt to access beyond end of device [ 144.938813][ T5848] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 144.970159][ T7026] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 145.068759][ T5848] CPU: 0 UID: 0 PID: 5848 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 145.068791][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 145.068806][ T5848] Call Trace: [ 145.068815][ T5848] [ 145.068825][ T5848] dump_stack_lvl+0x189/0x250 [ 145.068864][ T5848] ? __pfx_dump_stack_lvl+0x10/0x10 [ 145.068898][ T5848] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 145.068935][ T5848] ? __pfx_queue_work_on+0x10/0x10 [ 145.068966][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.068993][ T5848] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 145.069028][ T5848] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 145.069064][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.069090][ T5848] ? f2fs_hw_is_readonly+0x39b/0x470 [ 145.069131][ T5848] f2fs_handle_critical_error+0x37c/0x540 [ 145.069174][ T5848] f2fs_write_end_io+0x495/0x810 [ 145.069195][ T5848] ? blkg_put+0x22/0x240 [ 145.069244][ T5848] __submit_merged_bio+0x27a/0x6a0 [ 145.069285][ T5848] __submit_merged_write_cond+0x255/0x530 [ 145.069327][ T5848] f2fs_write_data_pages+0x261d/0x3000 [ 145.069405][ T5848] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 145.069495][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.069521][ T5848] ? stack_depot_save_flags+0x429/0x900 [ 145.069585][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.069612][ T5848] ? __lock_acquire+0xab9/0xd20 [ 145.069646][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.069673][ T5848] ? do_raw_spin_lock+0x121/0x290 [ 145.069714][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.069745][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.069772][ T5848] ? do_raw_spin_unlock+0x122/0x240 [ 145.069807][ T5848] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 145.069853][ T5848] do_writepages+0x32e/0x550 [ 145.069891][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.069923][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.069949][ T5848] ? do_raw_spin_unlock+0x122/0x240 [ 145.069989][ T5848] filemap_fdatawrite+0x191/0x230 [ 145.070018][ T5848] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 145.070095][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.070127][ T5848] ? do_raw_spin_unlock+0x122/0x240 [ 145.070167][ T5848] f2fs_sync_dirty_inodes+0x31f/0x830 [ 145.070210][ T5848] f2fs_write_checkpoint+0x94a/0x1de0 [ 145.070262][ T5848] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 145.070336][ T5848] ? f2fs_stop_gc_thread+0x7f/0xb0 [ 145.070360][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.070387][ T5848] ? kfree+0x18e/0x440 [ 145.070415][ T5848] ? kill_f2fs_super+0x298/0x6c0 [ 145.070446][ T5848] kill_f2fs_super+0x2c3/0x6c0 [ 145.070478][ T5848] ? __pfx_kill_f2fs_super+0x10/0x10 [ 145.070499][ T5848] ? radix_tree_delete_item+0x2b6/0x400 [ 145.070543][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.070570][ T5848] ? shrinker_free+0x2ce/0x3e0 [ 145.070609][ T5848] deactivate_locked_super+0xbc/0x130 [ 145.070636][ T5848] cleanup_mnt+0x425/0x4c0 [ 145.070673][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.070700][ T5848] ? lockdep_hardirqs_on+0x9c/0x150 [ 145.070740][ T5848] task_work_run+0x1d4/0x260 [ 145.070782][ T5848] ? __pfx_task_work_run+0x10/0x10 [ 145.070816][ T5848] ? __x64_sys_umount+0x122/0x160 [ 145.070851][ T5848] ? exit_to_user_mode_loop+0x40/0x110 [ 145.070881][ T5848] exit_to_user_mode_loop+0xec/0x110 [ 145.070913][ T5848] do_syscall_64+0x2bd/0x3b0 [ 145.070935][ T5848] ? lockdep_hardirqs_on+0x9c/0x150 [ 145.070971][ T5848] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.070993][ T5848] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.071020][ T5848] ? exc_page_fault+0x9f/0xf0 [ 145.071059][ T5848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.071082][ T5848] RIP: 0033:0x7fdd8718fc57 [ 145.071102][ T5848] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 145.071121][ T5848] RSP: 002b:00007ffc67622498 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 145.071145][ T5848] RAX: 0000000000000000 RBX: 00007fdd87210925 RCX: 00007fdd8718fc57 [ 145.071162][ T5848] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc67622550 [ 145.071177][ T5848] RBP: 00007ffc67622550 R08: 0000000000000000 R09: 0000000000000000 [ 145.071192][ T5848] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc676235e0 [ 145.071208][ T5848] R13: 00007fdd87210925 R14: 00000000000235c7 R15: 00007ffc67623620 [ 145.071245][ T5848] [ 145.495336][ C0] vkms_vblank_simulate: vblank timer overrun [ 145.570035][ T7063] loop5: detected capacity change from 0 to 2048 [ 145.580234][ T5848] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 145.589438][ T7063] NILFS (loop5): invalid segment: Sequence number mismatch [ 145.596779][ T7063] NILFS (loop5): trying rollback from an earlier position [ 145.733028][ T7063] NILFS (loop5): recovery complete [ 145.749848][ C1] F2FS-fs (loop3): inject write IO error in f2fs_write_end_io of blk_update_request+0x5eb/0xe70 [ 145.760427][ C1] CPU: 1 UID: 0 PID: 5859 Comm: udevd Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 145.760455][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 145.760468][ C1] Call Trace: [ 145.760477][ C1] [ 145.760486][ C1] dump_stack_lvl+0x189/0x250 [ 145.760523][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 145.760552][ C1] ? __pfx_queue_work_on+0x10/0x10 [ 145.760580][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 145.760617][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 145.760665][ C1] f2fs_handle_critical_error+0x37c/0x540 [ 145.760709][ C1] f2fs_write_end_io+0x495/0x810 [ 145.760731][ C1] ? blkg_put+0x22/0x240 [ 145.760779][ C1] blk_update_request+0x5eb/0xe70 [ 145.760830][ C1] blk_mq_end_request+0x3e/0x70 [ 145.760864][ C1] blk_done_softirq+0x10a/0x160 [ 145.760898][ C1] handle_softirqs+0x286/0x870 [ 145.760931][ C1] ? __irq_exit_rcu+0xca/0x1f0 [ 145.760966][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 145.760999][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.761033][ C1] __irq_exit_rcu+0xca/0x1f0 [ 145.761061][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 145.761094][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.761125][ C1] irq_exit_rcu+0x9/0x30 [ 145.761153][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 145.761189][ C1] [ 145.761197][ C1] [ 145.761207][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 145.761232][ C1] RIP: 0010:debug_lockdep_rcu_enabled+0x2d/0x40 [ 145.761270][ C1] Code: fa 31 c0 83 3d 47 d7 32 04 00 74 1e 83 3d 6a 07 33 04 00 74 15 65 48 8b 0c 25 08 30 a0 92 31 c0 83 b9 ec 0a 00 00 00 0f 94 c0 29 31 a1 f5 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 [ 145.761289][ C1] RSP: 0018:ffffc9000460f8f0 EFLAGS: 00000246 [ 145.761309][ C1] RAX: 0000000000000001 RBX: ffffffff90317501 RCX: ffff888030b15a00 [ 145.761326][ C1] RDX: ffffc9000460fa01 RSI: dffffc0000000000 RDI: ffffc9000460fa30 [ 145.761344][ C1] RBP: dffffc0000000000 R08: ffffc9000460fa18 R09: ffffc9000460fa78 [ 145.761362][ C1] R10: dffffc0000000000 R11: fffff520008c1f51 R12: ffffc9000460fa28 [ 145.761379][ C1] R13: ffffc90004608000 R14: ffffc9000460fa28 R15: ffffffff81729af5 [ 145.761398][ C1] ? unwind_next_frame+0xa5/0x2390 [ 145.761442][ C1] unwind_next_frame+0x195c/0x2390 [ 145.761477][ C1] ? unwind_next_frame+0xa5/0x2390 [ 145.761505][ C1] ? __unwind_start+0xf8/0x760 [ 145.761541][ C1] __unwind_start+0x5b9/0x760 [ 145.761575][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 145.761611][ C1] arch_stack_walk+0xe4/0x150 [ 145.761648][ C1] ? arch_stack_walk+0xe4/0x150 [ 145.761684][ C1] stack_trace_save+0x9c/0xe0 [ 145.761717][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 145.761752][ C1] ? __kasan_kmalloc+0x93/0xb0 [ 145.761780][ C1] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 145.761808][ C1] ? kmem_cache_free+0x166/0x400 [ 145.761835][ C1] ? fput_close_sync+0x119/0x200 [ 145.761870][ C1] ? __x64_sys_close+0x7f/0x110 [ 145.761891][ C1] ? do_syscall_64+0xfa/0x3b0 [ 145.761913][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.761940][ C1] kasan_save_stack+0x3e/0x60 [ 145.762027][ C1] ? fput_close_sync+0x119/0x200 [ 145.762063][ C1] kasan_record_aux_stack+0xbd/0xd0 [ 145.762100][ C1] kmem_cache_free+0x2f6/0x400 [ 145.762135][ C1] fput_close_sync+0x119/0x200 [ 145.762179][ C1] ? __pfx_fput_close_sync+0x10/0x10 [ 145.762218][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.762250][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.762282][ C1] __x64_sys_close+0x7f/0x110 [ 145.762305][ C1] do_syscall_64+0xfa/0x3b0 [ 145.762327][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 145.762363][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.762385][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.762412][ C1] ? exc_page_fault+0x9f/0xf0 [ 145.762452][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.762475][ C1] RIP: 0033:0x7fac5db15a67 [ 145.762494][ C1] Code: 44 00 00 48 83 ec 10 48 63 ff 45 31 c9 45 31 c0 6a 01 31 c9 e8 ca 19 f9 ff 48 83 c4 18 c3 0f 1f 44 00 00 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 61 b3 0d 00 f7 d8 64 89 02 b8 [ 145.762513][ C1] RSP: 002b:00007fff77d905a8 EFLAGS: 00000297 ORIG_RAX: 0000000000000003 [ 145.762536][ C1] RAX: ffffffffffffffda RBX: 0000555be9cb0970 RCX: 00007fac5db15a67 [ 145.762554][ C1] RDX: 00007fac5dbefea0 RSI: 0000555be9c94a10 RDI: 0000000000000009 [ 145.762570][ C1] RBP: 00007fac5dbefff0 R08: 0000000000000000 R09: 0000000000000000 [ 145.762585][ C1] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000000 [ 145.762599][ C1] R13: 00007fff77d90a00 R14: 0000000000000000 R15: 0000555bb31749dd [ 145.762635][ C1] [ 145.762644][ C1] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 145.948308][ T7032] XFS (loop4): Ending clean mount [ 145.950782][ C1] CPU: 1 UID: 0 PID: 5859 Comm: udevd Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 145.950811][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 145.950826][ C1] Call Trace: [ 145.950835][ C1] [ 145.950844][ C1] dump_stack_lvl+0x189/0x250 [ 145.950881][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 145.950910][ C1] ? __pfx_queue_work_on+0x10/0x10 [ 145.950938][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 145.950975][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 145.951024][ C1] f2fs_handle_critical_error+0x37c/0x540 [ 145.951067][ C1] f2fs_write_end_io+0x495/0x810 [ 145.951089][ C1] ? blkg_put+0x22/0x240 [ 145.951136][ C1] blk_update_request+0x5eb/0xe70 [ 145.951191][ C1] blk_mq_end_request+0x3e/0x70 [ 145.951224][ C1] blk_done_softirq+0x10a/0x160 [ 145.951256][ C1] handle_softirqs+0x286/0x870 [ 145.951289][ C1] ? __irq_exit_rcu+0xca/0x1f0 [ 145.951323][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 145.951356][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.951389][ C1] __irq_exit_rcu+0xca/0x1f0 [ 145.951416][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 145.951450][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.951480][ C1] irq_exit_rcu+0x9/0x30 [ 145.951505][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 145.951540][ C1] [ 145.951548][ C1] [ 145.951558][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 145.951583][ C1] RIP: 0010:debug_lockdep_rcu_enabled+0x2d/0x40 [ 145.951621][ C1] Code: fa 31 c0 83 3d 47 d7 32 04 00 74 1e 83 3d 6a 07 33 04 00 74 15 65 48 8b 0c 25 08 30 a0 92 31 c0 83 b9 ec 0a 00 00 00 0f 94 c0 29 31 a1 f5 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 [ 145.951640][ C1] RSP: 0018:ffffc9000460f8f0 EFLAGS: 00000246 [ 145.951661][ C1] RAX: 0000000000000001 RBX: ffffffff90317501 RCX: ffff888030b15a00 [ 145.951677][ C1] RDX: ffffc9000460fa01 RSI: dffffc0000000000 RDI: ffffc9000460fa30 [ 145.951695][ C1] RBP: dffffc0000000000 R08: ffffc9000460fa18 R09: ffffc9000460fa78 [ 145.951713][ C1] R10: dffffc0000000000 R11: fffff520008c1f51 R12: ffffc9000460fa28 [ 145.951731][ C1] R13: ffffc90004608000 R14: ffffc9000460fa28 R15: ffffffff81729af5 [ 145.951749][ C1] ? unwind_next_frame+0xa5/0x2390 [ 145.951794][ C1] unwind_next_frame+0x195c/0x2390 [ 145.951829][ C1] ? unwind_next_frame+0xa5/0x2390 [ 145.951857][ C1] ? __unwind_start+0xf8/0x760 [ 145.951892][ C1] __unwind_start+0x5b9/0x760 [ 145.951925][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 145.951960][ C1] arch_stack_walk+0xe4/0x150 [ 145.951997][ C1] ? arch_stack_walk+0xe4/0x150 [ 145.952031][ C1] stack_trace_save+0x9c/0xe0 [ 145.952063][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 145.952098][ C1] ? __kasan_kmalloc+0x93/0xb0 [ 145.952124][ C1] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 145.952155][ C1] ? kmem_cache_free+0x166/0x400 [ 145.952180][ C1] ? fput_close_sync+0x119/0x200 [ 145.952215][ C1] ? __x64_sys_close+0x7f/0x110 [ 145.952235][ C1] ? do_syscall_64+0xfa/0x3b0 [ 145.952257][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.952284][ C1] kasan_save_stack+0x3e/0x60 [ 145.952371][ C1] ? fput_close_sync+0x119/0x200 [ 145.952406][ C1] kasan_record_aux_stack+0xbd/0xd0 [ 145.952443][ C1] kmem_cache_free+0x2f6/0x400 [ 145.952479][ C1] fput_close_sync+0x119/0x200 [ 145.952519][ C1] ? __pfx_fput_close_sync+0x10/0x10 [ 145.952557][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.952589][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.952621][ C1] __x64_sys_close+0x7f/0x110 [ 145.952645][ C1] do_syscall_64+0xfa/0x3b0 [ 145.952666][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 145.952703][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.952725][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.952751][ C1] ? exc_page_fault+0x9f/0xf0 [ 145.952789][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.952812][ C1] RIP: 0033:0x7fac5db15a67 [ 145.952832][ C1] Code: 44 00 00 48 83 ec 10 48 63 ff 45 31 c9 45 31 c0 6a 01 31 c9 e8 ca 19 f9 ff 48 83 c4 18 c3 0f 1f 44 00 00 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 61 b3 0d 00 f7 d8 64 89 02 b8 [ 145.952850][ C1] RSP: 002b:00007fff77d905a8 EFLAGS: 00000297 ORIG_RAX: 0000000000000003 [ 145.952889][ C1] RAX: ffffffffffffffda RBX: 0000555be9cb0970 RCX: 00007fac5db15a67 [ 145.952906][ C1] RDX: 00007fac5dbefea0 RSI: 0000555be9c94a10 RDI: 0000000000000009 [ 145.952921][ C1] RBP: 00007fac5dbefff0 R08: 0000000000000000 R09: 0000000000000000 [ 145.952936][ C1] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000000 [ 145.952950][ C1] R13: 00007fff77d90a00 R14: 0000000000000000 R15: 0000555bb31749dd [ 145.952986][ C1] [ 145.952995][ C1] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 145.961127][ T7032] XFS (loop4): Quotacheck needed: Please wait. [ 145.966962][ C1] CPU: 1 UID: 0 PID: 5859 Comm: udevd Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 145.966989][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 145.967003][ C1] Call Trace: [ 145.967012][ C1] [ 145.967022][ C1] dump_stack_lvl+0x189/0x250 [ 145.967058][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 145.967087][ C1] ? __pfx_queue_work_on+0x10/0x10 [ 145.967114][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 145.967154][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 145.967202][ C1] f2fs_handle_critical_error+0x37c/0x540 [ 145.967245][ C1] f2fs_write_end_io+0x495/0x810 [ 145.967267][ C1] ? blkg_put+0x22/0x240 [ 145.967313][ C1] blk_update_request+0x5eb/0xe70 [ 145.967363][ C1] blk_mq_end_request+0x3e/0x70 [ 145.967396][ C1] blk_done_softirq+0x10a/0x160 [ 145.967428][ C1] handle_softirqs+0x286/0x870 [ 145.967461][ C1] ? __irq_exit_rcu+0xca/0x1f0 [ 145.967495][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 145.967527][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.967561][ C1] __irq_exit_rcu+0xca/0x1f0 [ 145.967588][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 145.967621][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.967651][ C1] irq_exit_rcu+0x9/0x30 [ 145.967676][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 145.967712][ C1] [ 145.967719][ C1] [ 145.967729][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 145.967754][ C1] RIP: 0010:debug_lockdep_rcu_enabled+0x2d/0x40 [ 145.967792][ C1] Code: fa 31 c0 83 3d 47 d7 32 04 00 74 1e 83 3d 6a 07 33 04 00 74 15 65 48 8b 0c 25 08 30 a0 92 31 c0 83 b9 ec 0a 00 00 00 0f 94 c0 29 31 a1 f5 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 [ 145.967810][ C1] RSP: 0018:ffffc9000460f8f0 EFLAGS: 00000246 [ 145.967830][ C1] RAX: 0000000000000001 RBX: ffffffff90317501 RCX: ffff888030b15a00 [ 145.967847][ C1] RDX: ffffc9000460fa01 RSI: dffffc0000000000 RDI: ffffc9000460fa30 [ 145.967865][ C1] RBP: dffffc0000000000 R08: ffffc9000460fa18 R09: ffffc9000460fa78 [ 145.967882][ C1] R10: dffffc0000000000 R11: fffff520008c1f51 R12: ffffc9000460fa28 [ 145.967900][ C1] R13: ffffc90004608000 R14: ffffc9000460fa28 R15: ffffffff81729af5 [ 145.967918][ C1] ? unwind_next_frame+0xa5/0x2390 [ 145.967963][ C1] unwind_next_frame+0x195c/0x2390 [ 145.967998][ C1] ? unwind_next_frame+0xa5/0x2390 [ 145.968026][ C1] ? __unwind_start+0xf8/0x760 [ 145.968061][ C1] __unwind_start+0x5b9/0x760 [ 145.968095][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 145.968130][ C1] arch_stack_walk+0xe4/0x150 [ 145.968171][ C1] ? arch_stack_walk+0xe4/0x150 [ 145.968205][ C1] stack_trace_save+0x9c/0xe0 [ 145.968237][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 145.968272][ C1] ? __kasan_kmalloc+0x93/0xb0 [ 145.968298][ C1] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 145.968325][ C1] ? kmem_cache_free+0x166/0x400 [ 145.968351][ C1] ? fput_close_sync+0x119/0x200 [ 145.968386][ C1] ? __x64_sys_close+0x7f/0x110 [ 145.968407][ C1] ? do_syscall_64+0xfa/0x3b0 [ 145.968429][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.968456][ C1] kasan_save_stack+0x3e/0x60 [ 145.968542][ C1] ? fput_close_sync+0x119/0x200 [ 145.968577][ C1] kasan_record_aux_stack+0xbd/0xd0 [ 145.968614][ C1] kmem_cache_free+0x2f6/0x400 [ 145.968649][ C1] fput_close_sync+0x119/0x200 [ 145.968690][ C1] ? __pfx_fput_close_sync+0x10/0x10 [ 145.968728][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.968760][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.968793][ C1] __x64_sys_close+0x7f/0x110 [ 145.968816][ C1] do_syscall_64+0xfa/0x3b0 [ 145.968838][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 145.968873][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.968895][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 145.968922][ C1] ? exc_page_fault+0x9f/0xf0 [ 145.968960][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.968982][ C1] RIP: 0033:0x7fac5db15a67 [ 145.969001][ C1] Code: 44 00 00 48 83 ec 10 48 63 ff 45 31 c9 45 31 c0 6a 01 31 c9 e8 ca 19 f9 ff 48 83 c4 18 c3 0f 1f 44 00 00 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 61 b3 0d 00 f7 d8 64 89 02 b8 [ 145.969020][ C1] RSP: 002b:00007fff77d905a8 EFLAGS: 00000297 ORIG_RAX: 0000000000000003 [ 145.969042][ C1] RAX: ffffffffffffffda RBX: 0000555be9cb0970 RCX: 00007fac5db15a67 [ 145.969059][ C1] RDX: 00007fac5dbefea0 RSI: 0000555be9c94a10 RDI: 0000000000000009 [ 145.969075][ C1] RBP: 00007fac5dbefff0 R08: 0000000000000000 R09: 0000000000000000 [ 145.969089][ C1] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000000 [ 145.969103][ C1] R13: 00007fff77d90a00 R14: 0000000000000000 R15: 0000555bb31749dd [ 145.969143][ C1] [ 145.969152][ C1] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 146.111916][ T7032] XFS (loop4): Quotacheck: Done. [ 146.116231][ C1] CPU: 1 UID: 0 PID: 5859 Comm: udevd Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 146.116258][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 146.116273][ C1] Call Trace: [ 146.116282][ C1] [ 146.116292][ C1] dump_stack_lvl+0x189/0x250 [ 146.116329][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 146.116359][ C1] ? __pfx_queue_work_on+0x10/0x10 [ 146.116387][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 146.116423][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 146.116470][ C1] f2fs_handle_critical_error+0x37c/0x540 [ 146.116514][ C1] f2fs_write_end_io+0x495/0x810 [ 146.116535][ C1] ? blkg_put+0x22/0x240 [ 146.116582][ C1] blk_update_request+0x5eb/0xe70 [ 146.116632][ C1] blk_mq_end_request+0x3e/0x70 [ 146.116665][ C1] blk_done_softirq+0x10a/0x160 [ 146.116698][ C1] handle_softirqs+0x286/0x870 [ 146.116731][ C1] ? __irq_exit_rcu+0xca/0x1f0 [ 146.116765][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 146.116797][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.116831][ C1] __irq_exit_rcu+0xca/0x1f0 [ 146.116857][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 146.116891][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.116921][ C1] irq_exit_rcu+0x9/0x30 [ 146.116946][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 146.116981][ C1] [ 146.116989][ C1] [ 146.116999][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 146.117024][ C1] RIP: 0010:debug_lockdep_rcu_enabled+0x2d/0x40 [ 146.117062][ C1] Code: fa 31 c0 83 3d 47 d7 32 04 00 74 1e 83 3d 6a 07 33 04 00 74 15 65 48 8b 0c 25 08 30 a0 92 31 c0 83 b9 ec 0a 00 00 00 0f 94 c0 29 31 a1 f5 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 [ 146.117081][ C1] RSP: 0018:ffffc9000460f8f0 EFLAGS: 00000246 [ 146.117102][ C1] RAX: 0000000000000001 RBX: ffffffff90317501 RCX: ffff888030b15a00 [ 146.117119][ C1] RDX: ffffc9000460fa01 RSI: dffffc0000000000 RDI: ffffc9000460fa30 [ 146.117141][ C1] RBP: dffffc0000000000 R08: ffffc9000460fa18 R09: ffffc9000460fa78 [ 146.117158][ C1] R10: dffffc0000000000 R11: fffff520008c1f51 R12: ffffc9000460fa28 [ 146.117176][ C1] R13: ffffc90004608000 R14: ffffc9000460fa28 R15: ffffffff81729af5 [ 146.117194][ C1] ? unwind_next_frame+0xa5/0x2390 [ 146.117239][ C1] unwind_next_frame+0x195c/0x2390 [ 146.117274][ C1] ? unwind_next_frame+0xa5/0x2390 [ 146.117302][ C1] ? __unwind_start+0xf8/0x760 [ 146.117337][ C1] __unwind_start+0x5b9/0x760 [ 146.117371][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 146.117405][ C1] arch_stack_walk+0xe4/0x150 [ 146.117442][ C1] ? arch_stack_walk+0xe4/0x150 [ 146.117476][ C1] stack_trace_save+0x9c/0xe0 [ 146.117509][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 146.117543][ C1] ? __kasan_kmalloc+0x93/0xb0 [ 146.117569][ C1] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 146.117596][ C1] ? kmem_cache_free+0x166/0x400 [ 146.117622][ C1] ? fput_close_sync+0x119/0x200 [ 146.117657][ C1] ? __x64_sys_close+0x7f/0x110 [ 146.117678][ C1] ? do_syscall_64+0xfa/0x3b0 [ 146.117700][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.117727][ C1] kasan_save_stack+0x3e/0x60 [ 146.117814][ C1] ? fput_close_sync+0x119/0x200 [ 146.117849][ C1] kasan_record_aux_stack+0xbd/0xd0 [ 146.117886][ C1] kmem_cache_free+0x2f6/0x400 [ 146.117921][ C1] fput_close_sync+0x119/0x200 [ 146.117961][ C1] ? __pfx_fput_close_sync+0x10/0x10 [ 146.117999][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.118032][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.118064][ C1] __x64_sys_close+0x7f/0x110 [ 146.118087][ C1] do_syscall_64+0xfa/0x3b0 [ 146.118109][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 146.118148][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.118170][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.118196][ C1] ? exc_page_fault+0x9f/0xf0 [ 146.118235][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.118257][ C1] RIP: 0033:0x7fac5db15a67 [ 146.118277][ C1] Code: 44 00 00 48 83 ec 10 48 63 ff 45 31 c9 45 31 c0 6a 01 31 c9 e8 ca 19 f9 ff 48 83 c4 18 c3 0f 1f 44 00 00 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 61 b3 0d 00 f7 d8 64 89 02 b8 [ 146.118295][ C1] RSP: 002b:00007fff77d905a8 EFLAGS: 00000297 ORIG_RAX: 0000000000000003 [ 146.118318][ C1] RAX: ffffffffffffffda RBX: 0000555be9cb0970 RCX: 00007fac5db15a67 [ 146.118335][ C1] RDX: 00007fac5dbefea0 RSI: 0000555be9c94a10 RDI: 0000000000000009 [ 146.118351][ C1] RBP: 00007fac5dbefff0 R08: 0000000000000000 R09: 0000000000000000 [ 146.118365][ C1] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000000 [ 146.118379][ C1] R13: 00007fff77d90a00 R14: 0000000000000000 R15: 0000555bb31749dd [ 146.118415][ C1] [ 146.118424][ C1] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 146.230592][ T7071] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 146.235545][ C1] CPU: 1 UID: 0 PID: 5859 Comm: udevd Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 146.235573][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 146.235587][ C1] Call Trace: [ 146.235597][ C1] [ 146.235607][ C1] dump_stack_lvl+0x189/0x250 [ 146.235645][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 146.235674][ C1] ? __pfx_queue_work_on+0x10/0x10 [ 146.235702][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 146.235738][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 146.235786][ C1] f2fs_handle_critical_error+0x37c/0x540 [ 146.235829][ C1] f2fs_write_end_io+0x495/0x810 [ 146.235850][ C1] ? blkg_put+0x22/0x240 [ 146.235897][ C1] blk_update_request+0x5eb/0xe70 [ 146.235948][ C1] blk_mq_end_request+0x3e/0x70 [ 146.235981][ C1] blk_done_softirq+0x10a/0x160 [ 146.236014][ C1] handle_softirqs+0x286/0x870 [ 146.236046][ C1] ? __irq_exit_rcu+0xca/0x1f0 [ 146.236080][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 146.236113][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.236150][ C1] __irq_exit_rcu+0xca/0x1f0 [ 146.236177][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 146.236211][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.236241][ C1] irq_exit_rcu+0x9/0x30 [ 146.236266][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 146.236301][ C1] [ 146.236309][ C1] [ 146.236319][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 146.236344][ C1] RIP: 0010:debug_lockdep_rcu_enabled+0x2d/0x40 [ 146.236382][ C1] Code: fa 31 c0 83 3d 47 d7 32 04 00 74 1e 83 3d 6a 07 33 04 00 74 15 65 48 8b 0c 25 08 30 a0 92 31 c0 83 b9 ec 0a 00 00 00 0f 94 c0 29 31 a1 f5 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 [ 146.236400][ C1] RSP: 0018:ffffc9000460f8f0 EFLAGS: 00000246 [ 146.236421][ C1] RAX: 0000000000000001 RBX: ffffffff90317501 RCX: ffff888030b15a00 [ 146.236437][ C1] RDX: ffffc9000460fa01 RSI: dffffc0000000000 RDI: ffffc9000460fa30 [ 146.236455][ C1] RBP: dffffc0000000000 R08: ffffc9000460fa18 R09: ffffc9000460fa78 [ 146.236473][ C1] R10: dffffc0000000000 R11: fffff520008c1f51 R12: ffffc9000460fa28 [ 146.236491][ C1] R13: ffffc90004608000 R14: ffffc9000460fa28 R15: ffffffff81729af5 [ 146.236508][ C1] ? unwind_next_frame+0xa5/0x2390 [ 146.236554][ C1] unwind_next_frame+0x195c/0x2390 [ 146.236588][ C1] ? unwind_next_frame+0xa5/0x2390 [ 146.236617][ C1] ? __unwind_start+0xf8/0x760 [ 146.236652][ C1] __unwind_start+0x5b9/0x760 [ 146.236685][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 146.236720][ C1] arch_stack_walk+0xe4/0x150 [ 146.236756][ C1] ? arch_stack_walk+0xe4/0x150 [ 146.236791][ C1] stack_trace_save+0x9c/0xe0 [ 146.236823][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 146.236857][ C1] ? __kasan_kmalloc+0x93/0xb0 [ 146.236883][ C1] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 146.236911][ C1] ? kmem_cache_free+0x166/0x400 [ 146.236937][ C1] ? fput_close_sync+0x119/0x200 [ 146.236972][ C1] ? __x64_sys_close+0x7f/0x110 [ 146.236992][ C1] ? do_syscall_64+0xfa/0x3b0 [ 146.237014][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.237041][ C1] kasan_save_stack+0x3e/0x60 [ 146.237128][ C1] ? fput_close_sync+0x119/0x200 [ 146.237168][ C1] kasan_record_aux_stack+0xbd/0xd0 [ 146.237204][ C1] kmem_cache_free+0x2f6/0x400 [ 146.237239][ C1] fput_close_sync+0x119/0x200 [ 146.237279][ C1] ? __pfx_fput_close_sync+0x10/0x10 [ 146.237317][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.237350][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.237382][ C1] __x64_sys_close+0x7f/0x110 [ 146.237405][ C1] do_syscall_64+0xfa/0x3b0 [ 146.237427][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 146.237463][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.237485][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 146.237511][ C1] ? exc_page_fault+0x9f/0xf0 [ 146.237549][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.237572][ C1] RIP: 0033:0x7fac5db15a67 [ 146.237592][ C1] Code: 44 00 00 48 83 ec 10 48 63 ff 45 31 c9 45 31 c0 6a 01 31 c9 e8 ca 19 f9 ff 48 83 c4 18 c3 0f 1f 44 00 00 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 61 b3 0d 00 f7 d8 64 89 02 b8 [ 146.237610][ C1] RSP: 002b:00007fff77d905a8 EFLAGS: 00000297 ORIG_RAX: 0000000000000003 [ 146.237632][ C1] RAX: ffffffffffffffda RBX: 0000555be9cb0970 RCX: 00007fac5db15a67 [ 146.237649][ C1] RDX: 00007fac5dbefea0 RSI: 0000555be9c94a10 RDI: 0000000000000009 [ 146.237665][ C1] RBP: 00007fac5dbefff0 R08: 0000000000000000 R09: 0000000000000000 [ 146.237680][ C1] R10: 0000000000000000 R11: 0000000000000297 R12: 0000000000000000 [ 146.237694][ C1] R13: 00007fff77d90a00 R14: 0000000000000000 R15: 0000555bb31749dd [ 146.237729][ C1] [ 146.237738][ C1] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 146.785110][ T7073] loop0: detected capacity change from 0 to 32768 [ 146.824542][ T5854] F2FS-fs (loop3): do_checkpoint failed err:-5, stop checkpoint [ 147.071861][ T7073] XFS: attr2 mount option is deprecated. [ 147.183841][ T5850] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 148.045346][ T7073] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 148.254150][ T7073] XFS (loop0): Ending clean mount [ 148.265005][ T7073] XFS (loop0): Quotacheck needed: Please wait. [ 148.492139][ T7073] XFS (loop0): Quotacheck: Done. [ 148.715512][ T7099] loop2: detected capacity change from 0 to 512 [ 148.819476][ T7099] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 148.862000][ T7099] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ce01c, mo2=0002] [ 148.889963][ T7099] System zones: 1-12 [ 148.894241][ T7099] EXT4-fs (loop2): orphan cleanup on readonly fs [ 148.901935][ T7099] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.454: invalid indirect mapped block 12 (level 1) [ 148.910602][ T5844] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 148.922913][ T7099] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.454: invalid indirect mapped block 2 (level 2) [ 148.940602][ T7099] EXT4-fs (loop2): 1 truncate cleaned up [ 148.948143][ T7099] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 149.091287][ T7106] loop1: detected capacity change from 0 to 8 [ 149.163937][ T5862] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 149.231430][ T7104] loop5: detected capacity change from 0 to 4096 [ 149.338790][ T7111] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 149.604509][ T7118] netlink: 'syz.4.460': attribute type 3 has an invalid length. [ 149.670016][ T7118] netlink: 'syz.4.460': attribute type 1 has an invalid length. [ 149.732351][ T7118] netlink: 193500 bytes leftover after parsing attributes in process `syz.4.460'. [ 150.040311][ T7129] loop2: detected capacity change from 0 to 256 [ 150.047566][ T7129] exfat: Deprecated parameter 'utf8' [ 150.078421][ T7132] loop1: detected capacity change from 0 to 256 [ 150.079071][ T7129] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 150.095903][ T7132] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 150.169630][ T30] audit: type=1800 audit(1751849643.842:24): pid=7132 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.466" name="file1" dev="loop1" ino=1048615 res=0 errno=0 [ 150.483983][ T7142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.469'. [ 150.537040][ T7142] netlink: 4 bytes leftover after parsing attributes in process `syz.0.469'. [ 150.583624][ T7142] netlink: 'syz.0.469': attribute type 13 has an invalid length. [ 150.874797][ T7121] loop3: detected capacity change from 0 to 32768 [ 150.930277][ T7121] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.461 (7121) [ 150.987448][ T7121] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 151.059415][ T7121] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm [ 151.090813][ T7121] BTRFS info (device loop3): disk space caching is enabled [ 151.118360][ T7121] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 151.273922][ T7169] loop4: detected capacity change from 0 to 2048 [ 151.406263][ T7183] loop5: detected capacity change from 0 to 512 [ 151.443626][ T7121] BTRFS info (device loop3): rebuilding free space tree [ 151.498820][ T7169] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.503586][ T7183] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 151.535680][ T7121] BTRFS info (device loop3): disabling free space tree [ 151.606609][ T7121] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 151.663931][ T7183] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 151.691018][ T7121] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 151.821139][ T36] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 151.881269][ T7183] EXT4-fs warning (device loop5): verify_group_input:156: Last group not full [ 151.910292][ T36] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 151.973126][ T36] EXT4-fs (loop4): This should not happen!! Data will be lost [ 151.973126][ T36] [ 152.025825][ T36] EXT4-fs (loop4): Total free blocks count 0 [ 152.066757][ T36] EXT4-fs (loop4): Free/Dirty block details [ 152.100385][ T36] EXT4-fs (loop4): free_blocks=2415919504 [ 152.120453][ T36] EXT4-fs (loop4): dirty_blocks=16 [ 152.139871][ T36] EXT4-fs (loop4): Block reservation details [ 152.145889][ T36] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 152.167943][ T5854] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 152.169733][ T5858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.216717][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.492355][ T7210] loop5: detected capacity change from 0 to 1024 [ 152.626503][ T7210] hfsplus: bad catalog entry type [ 152.893672][ T5948] hfsplus: b-tree write err: -5, ino 4 [ 152.954843][ T7223] loop0: detected capacity change from 0 to 1024 [ 152.981108][ T970] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 153.101198][ T7223] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 153.146008][ T7223] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 153.200701][ T970] usb 4-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 153.248020][ T970] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 153.309913][ T970] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 153.328017][ T7235] loop1: detected capacity change from 0 to 512 [ 153.366791][ T970] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 153.377516][ T7235] EXT4-fs: Ignoring removed mblk_io_submit option [ 153.420386][ T970] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.447209][ T7218] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 153.455465][ T7238] loop5: detected capacity change from 0 to 64 [ 153.460162][ T5926] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 153.473658][ T7235] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 153.487874][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.565011][ T7235] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 153.635576][ T7235] System zones: 1-12 [ 153.659905][ T5926] usb 5-1: Using ep0 maxpacket: 16 [ 153.672086][ T5926] usb 5-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.689884][ T5926] usb 5-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 153.714793][ T7235] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.504: corrupted in-inode xattr: e_value size too large [ 153.719982][ T5926] usb 5-1: config 0 interface 0 has no altsetting 0 [ 153.789295][ T5926] usb 5-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00 [ 153.790585][ T7235] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.504: couldn't read orphan inode 15 (err -117) [ 153.828275][ T5926] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.865681][ T7241] loop0: detected capacity change from 0 to 512 [ 153.873462][ T5926] usb 5-1: config 0 descriptor?? [ 153.923526][ T7243] netlink: 'syz.5.507': attribute type 1 has an invalid length. [ 153.947093][ T7235] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 153.978285][ T7241] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 154.027294][ T7241] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 154.056037][ T7216] loop2: detected capacity change from 0 to 32768 [ 154.110549][ T7241] EXT4-fs (loop0): resizing filesystem from 128 to 1 blocks [ 154.123803][ T7216] XFS: noikeep mount option is deprecated. [ 154.151284][ T7241] EXT4-fs warning (device loop0): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 154.183255][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.245774][ T7216] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 154.246271][ T7252] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 154.296934][ T5926] mcp2200 0003:04D8:00DF.0005: collection stack underflow [ 154.333530][ T970] aiptek 4-1:17.0: Aiptek using 400 ms programming speed [ 154.354838][ T5926] mcp2200 0003:04D8:00DF.0005: item 0 4 0 12 parsing failed [ 154.364248][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.425174][ T5926] mcp2200 0003:04D8:00DF.0005: can't parse reports [ 154.437913][ T970] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input7 [ 154.463398][ T5926] mcp2200 0003:04D8:00DF.0005: probe with driver mcp2200 failed with error -22 [ 154.531656][ T5926] usb 5-1: USB disconnect, device number 4 [ 154.665967][ T970] usb 4-1: USB disconnect, device number 4 [ 154.672044][ C1] aiptek 4-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 154.728440][ T7216] XFS (loop2): Ending clean mount [ 154.757547][ T7216] XFS (loop2): Quotacheck needed: Please wait. [ 154.896425][ T7216] XFS (loop2): Quotacheck: Done. [ 155.343659][ T7281] netlink: 8 bytes leftover after parsing attributes in process `syz.3.521'. [ 155.344265][ T5862] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 155.640082][ T7289] netlink: 56 bytes leftover after parsing attributes in process `syz.5.523'. [ 155.650459][ T7288] loop1: detected capacity change from 0 to 1764 [ 155.839938][ T970] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 155.880878][ T5911] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 155.994403][ T7299] loop1: detected capacity change from 0 to 64 [ 156.044671][ T970] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 156.062340][ T5911] usb 5-1: config 8 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 156.079548][ T970] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 156.093367][ T5911] usb 5-1: config 8 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 156.110179][ T970] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 156.126350][ T5911] usb 5-1: config 8 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 156.158565][ T7299] Trying to free block not in datazone [ 156.164755][ T970] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.191796][ T5911] usb 5-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00 [ 156.218341][ T970] usb 1-1: config 0 descriptor?? [ 156.225077][ T5911] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.463628][ T6014] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 156.662114][ T6014] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 156.684182][ T6014] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 156.686009][ T970] arvo 0003:1E7D:30D4.0006: item fetching failed at offset 5/7 [ 156.721440][ T6014] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 156.751431][ T6014] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 156.771775][ T6014] usb 4-1: SerialNumber: syz [ 156.781626][ T5911] megaworld 0003:07B5:0312.0007: hidraw0: USB HID v0.00 Device [HID 07b5:0312] on usb-dummy_hcd.4-1/input0 [ 156.810276][ T970] arvo 0003:1E7D:30D4.0006: parse failed [ 156.816059][ T970] arvo 0003:1E7D:30D4.0006: probe with driver arvo failed with error -22 [ 156.824625][ T5911] megaworld 0003:07B5:0312.0007: no inputs found [ 156.957635][ T5911] usb 5-1: USB disconnect, device number 5 [ 157.002092][ T5925] usb 1-1: USB disconnect, device number 5 [ 157.051553][ T7313] fido_id[7313]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 157.078389][ T6014] usb 4-1: invalid UAC_HEADER (v1) [ 157.124949][ T7315] ip6tnl1: entered promiscuous mode [ 157.144513][ T7315] ip6tnl1: entered allmulticast mode [ 157.170392][ T7315] team0: Device ip6tnl1 is of different type [ 157.184493][ T6014] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 157.225580][ T6014] usb 4-1: USB disconnect, device number 5 [ 157.304851][ T7236] udevd[7236]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 157.456495][ T7310] loop2: detected capacity change from 0 to 32768 [ 157.777249][ T7326] loop4: detected capacity change from 0 to 512 [ 157.820993][ T7326] EXT4-fs: Ignoring removed bh option [ 157.889258][ T7326] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 157.925801][ T30] audit: type=1326 audit(1751849651.602:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7329 comm="syz.0.544" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8ae178e929 code=0x0 [ 157.958070][ T7321] loop5: detected capacity change from 0 to 4096 [ 157.970748][ T7326] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 157.978956][ T7326] EXT4-fs (loop4): orphan cleanup on readonly fs [ 158.069100][ T7326] EXT4-fs error (device loop4): ext4_quota_enable:7120: comm syz.4.541: Bad quota inum: 4294967291, type: 0 [ 158.135793][ T7326] EXT4-fs (loop4): Remounting filesystem read-only [ 158.193937][ T7326] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=4294967291). Please run e2fsck to fix. [ 158.215844][ T7321] ntfs3(loop5): ino=5, "/" The size of extended attributes must not exceed 64KiB [ 158.267069][ T7326] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 158.284759][ T7321] ntfs3(loop5): try to read out of volume at offset 0x3fffffc7000 [ 158.292665][ T7326] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 158.328065][ T7321] ntfs3(loop5): ino=21, The size of extended attributes must not exceed 64KiB [ 158.529166][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.583717][ T7340] loop2: detected capacity change from 0 to 512 [ 158.641975][ T7340] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 158.729008][ T7340] EXT4-fs (loop2): mounted filesystem 00000009-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 158.786508][ T7328] loop3: detected capacity change from 0 to 32768 [ 158.810085][ T7340] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 158.949671][ T7328] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 159.055955][ T7365] netlink: 4 bytes leftover after parsing attributes in process `syz.1.550'. [ 159.113677][ T7364] netlink: 'syz.5.552': attribute type 29 has an invalid length. [ 159.177837][ T7364] netlink: 'syz.5.552': attribute type 29 has an invalid length. [ 159.190914][ T7367] loop4: detected capacity change from 0 to 64 [ 159.212736][ T5862] EXT4-fs (loop2): unmounting filesystem 00000009-0000-0000-0000-000000000000. [ 159.214611][ T7328] XFS (loop3): Ending clean mount [ 159.364532][ T7369] loop0: detected capacity change from 0 to 64 [ 159.427056][ T7371] Bluetooth: MGMT ver 1.23 [ 159.569460][ T7375] loop5: detected capacity change from 0 to 1024 [ 159.590182][ T5854] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 159.682713][ T7375] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.811112][ T7375] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: inode #11: comm syz.5.558: missing EA_INODE flag [ 159.898122][ T7375] EXT4-fs (loop5): Remounting filesystem read-only [ 160.035186][ T5959] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 160.111453][ T6014] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 160.142817][ T5858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.213729][ T5959] usb 5-1: Using ep0 maxpacket: 16 [ 160.257959][ T5959] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 160.302370][ T6014] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 160.313601][ T5959] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 160.347628][ T6014] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 160.358124][ T5959] usb 5-1: Product: syz [ 160.368243][ T5959] usb 5-1: Manufacturer: syz [ 160.383397][ T5959] usb 5-1: SerialNumber: syz [ 160.389326][ T6014] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 160.415626][ T6014] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.424239][ T7396] loop3: detected capacity change from 0 to 2048 [ 160.431457][ T7398] loop0: detected capacity change from 0 to 2048 [ 160.448397][ T5959] usb 5-1: config 0 descriptor?? [ 160.475143][ T7387] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 160.514985][ T6014] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 160.522841][ T7402] loop5: detected capacity change from 0 to 1024 [ 160.536121][ T7403] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 160.547429][ T7398] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 160.643784][ T30] audit: type=1800 audit(1751849654.322:26): pid=7396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.560" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 160.769563][ T5959] usb 5-1: USB disconnect, device number 6 [ 160.802247][ T7396] NILFS (loop3): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3) [ 160.912689][ T7396] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=16) [ 161.033744][ T7396] Remounting filesystem read-only [ 161.090329][ T970] usb 2-1: USB disconnect, device number 4 [ 161.353275][ T5854] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 162.174546][ T7438] netlink: 8 bytes leftover after parsing attributes in process `syz.4.583'. [ 162.198399][ T5959] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 162.347487][ T7440] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 162.389782][ T5959] usb 2-1: config 0 interface 0 altsetting 255 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 162.428955][ T5959] usb 2-1: config 0 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0 [ 162.468806][ T5959] usb 2-1: config 0 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 162.526178][ T5959] usb 2-1: config 0 interface 0 has no altsetting 0 [ 162.549894][ T5959] usb 2-1: New USB device found, idVendor=046d, idProduct=c090, bcdDevice= 0.00 [ 162.564223][ T7411] loop2: detected capacity change from 0 to 32768 [ 162.595472][ T5959] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.651598][ T5959] usb 2-1: config 0 descriptor?? [ 163.024152][ T7458] loop4: detected capacity change from 0 to 512 [ 163.078436][ T7458] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 163.177996][ T5959] logitech-hidpp-device 0003:046D:C090.0008: unknown main item tag 0x0 [ 163.228596][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.232433][ T5959] logitech-hidpp-device 0003:046D:C090.0008: unknown main item tag 0x0 [ 163.320033][ T5959] logitech-hidpp-device 0003:046D:C090.0008: unknown main item tag 0x0 [ 163.359245][ T5959] logitech-hidpp-device 0003:046D:C090.0008: unknown main item tag 0x0 [ 163.403476][ T5959] logitech-hidpp-device 0003:046D:C090.0008: unknown main item tag 0x0 [ 163.455851][ T5959] logitech-hidpp-device 0003:046D:C090.0008: hidraw0: USB HID v0.00 Device [HID 046d:c090] on usb-dummy_hcd.1-1/input0 [ 163.571569][ T5959] usb 2-1: USB disconnect, device number 5 [ 163.748604][ T7471] fido_id[7471]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 163.896506][ T7482] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 164.059332][ T7485] RDS: rds_bind could not find a transport for fe80::aa, load rds_tcp or rds_rdma? [ 164.089938][ T970] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 164.179053][ T7451] loop5: detected capacity change from 0 to 32768 [ 164.211629][ T7451] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.589 (7451) [ 164.250201][ T970] usb 4-1: Using ep0 maxpacket: 32 [ 164.273065][ T7451] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 164.312091][ T970] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 164.320183][ T7451] BTRFS info (device loop5): using sha256 (sha256-x86_64) checksum algorithm [ 164.353620][ T970] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 164.363644][ T7451] BTRFS info (device loop5): using free-space-tree [ 164.407043][ T970] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 164.421486][ T7496] loop1: detected capacity change from 0 to 256 [ 164.450251][ T7496] exfat: Deprecated parameter 'namecase' [ 164.466759][ T970] usb 4-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 164.508139][ T970] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 164.521324][ T970] usb 4-1: Product: syz [ 164.525521][ T970] usb 4-1: Manufacturer: syz [ 164.530335][ T970] usb 4-1: SerialNumber: syz [ 164.536673][ T7496] exfat: Deprecated parameter 'namecase' [ 164.573722][ T970] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input8 [ 164.630356][ T7496] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 164.805150][ T5858] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 164.891998][ T5957] usb 4-1: USB disconnect, device number 6 [ 165.105604][ T5959] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 165.124770][ T5957] appletouch 4-1:1.0: input: appletouch disconnected [ 165.315839][ T5959] usb 3-1: Using ep0 maxpacket: 16 [ 165.346254][ T5959] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 165.389965][ T5959] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 165.444495][ T5959] usb 3-1: Product: syz [ 165.467637][ T5959] usb 3-1: Manufacturer: syz [ 165.483184][ T5959] usb 3-1: SerialNumber: syz [ 165.526051][ T5959] r8152-cfgselector 3-1: Unknown version 0x0000 [ 165.542901][ T5959] r8152-cfgselector 3-1: config 0 descriptor?? [ 165.810121][ T5959] r8152-cfgselector 3-1: Needed 1 retries to read version [ 165.850725][ T5959] r8152-cfgselector 3-1: Unknown version 0x0000 [ 165.870057][ T5959] r8152-cfgselector 3-1: bad CDC descriptors [ 165.955758][ T5959] IPVS: starting estimator thread 0... [ 166.070108][ T7546] IPVS: using max 24 ests per chain, 57600 per kthread [ 166.092357][ T5959] r8152-cfgselector 3-1: USB disconnect, device number 3 [ 166.213276][ T7552] loop0: detected capacity change from 0 to 64 [ 166.326369][ T7557] netlink: 8 bytes leftover after parsing attributes in process `syz.4.629'. [ 166.564171][ T7525] loop1: detected capacity change from 0 to 32768 [ 166.637704][ T7525] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 166.841258][ T7525] XFS (loop1): Ending clean mount [ 166.942561][ T7578] bridge: RTM_NEWNEIGH with unconfigured vlan 3 on bridge0 [ 166.991981][ T7584] loop0: detected capacity change from 0 to 1024 [ 167.130043][ T5848] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 167.304865][ T7586] loop3: detected capacity change from 0 to 2048 [ 167.328757][ T7586] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 167.502630][ T7593] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 167.502883][ T7586] syz.3.643: attempt to access beyond end of device [ 167.502883][ T7586] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 167.770175][ T7586] syz.3.643: attempt to access beyond end of device [ 167.770175][ T7586] loop3: rw=0, sector=33554430, nr_sectors = 2 limit=2048 [ 167.820599][ T7586] NILFS (loop3): I/O error reading meta-data file (ino=6, block-offset=3) [ 167.880150][ T7586] NILFS (loop3): error -5 reading inode: ino=15 [ 168.442000][ T970] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 168.622635][ T970] usb 5-1: Using ep0 maxpacket: 16 [ 168.643299][ T970] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.686363][ T970] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.696995][ T970] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 168.740085][ T5939] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 168.779917][ T970] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 168.789010][ T970] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.798092][ T7642] loop3: detected capacity change from 0 to 256 [ 168.827383][ T970] usb 5-1: config 0 descriptor?? [ 168.944092][ T5939] usb 6-1: Using ep0 maxpacket: 16 [ 168.973557][ T5939] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.999923][ T5939] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 169.013646][ T5939] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 169.055265][ T7642] FAT-fs (loop3): Directory bread(block 64) failed [ 169.064153][ T5939] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 169.077655][ T7642] FAT-fs (loop3): Directory bread(block 65) failed [ 169.119983][ T7642] FAT-fs (loop3): Directory bread(block 66) failed [ 169.126592][ T5939] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.152495][ T7642] FAT-fs (loop3): Directory bread(block 67) failed [ 169.159133][ T7642] FAT-fs (loop3): Directory bread(block 68) failed [ 169.177313][ T5939] usb 6-1: config 0 descriptor?? [ 169.198175][ T7642] FAT-fs (loop3): Directory bread(block 69) failed [ 169.208642][ T7642] FAT-fs (loop3): Directory bread(block 70) failed [ 169.218869][ T7642] FAT-fs (loop3): Directory bread(block 71) failed [ 169.233684][ T7642] FAT-fs (loop3): Directory bread(block 72) failed [ 169.242391][ T7642] FAT-fs (loop3): Directory bread(block 73) failed [ 169.293955][ T970] microsoft 0003:045E:07DA.0009: unbalanced collection at end of report description [ 169.330883][ T970] microsoft 0003:045E:07DA.0009: parse failed [ 169.337110][ T970] microsoft 0003:045E:07DA.0009: probe with driver microsoft failed with error -22 [ 169.428069][ T7652] loop0: detected capacity change from 0 to 512 [ 169.456502][ T7654] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 169.490163][ T5959] usb 5-1: USB disconnect, device number 7 [ 169.531157][ T7652] EXT4-fs error (device loop0): ext4_orphan_get:1419: comm syz.0.674: bad orphan inode 11 [ 169.607964][ T5939] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0 [ 169.621824][ T5939] microsoft 0003:045E:07DA.000A: ignoring exceeding usage max [ 169.637608][ T5939] ================================================================== [ 169.645679][ T5939] BUG: KASAN: slab-out-of-bounds in mon_bin_event+0x1211/0x2250 [ 169.653333][ T5939] Read of size 3712 at addr ffff888028c17d41 by task kworker/1:7/5939 [ 169.661478][ T5939] [ 169.663792][ T5939] CPU: 1 UID: 0 PID: 5939 Comm: kworker/1:7 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 169.663817][ T5939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 169.663831][ T5939] Workqueue: usb_hub_wq hub_event [ 169.663857][ T5939] Call Trace: [ 169.663865][ T5939] [ 169.663874][ T5939] dump_stack_lvl+0x189/0x250 [ 169.663902][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.663928][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.663952][ T5939] ? __kasan_check_byte+0x12/0x40 [ 169.663980][ T5939] ? __pfx_dump_stack_lvl+0x10/0x10 [ 169.664003][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.664028][ T5939] ? rcu_is_watching+0x15/0xb0 [ 169.664054][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.664077][ T5939] ? lock_release+0x4b/0x3e0 [ 169.664102][ T5939] ? __virt_addr_valid+0x1c8/0x5c0 [ 169.664133][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.664158][ T5939] ? __virt_addr_valid+0x4a5/0x5c0 [ 169.664187][ T5939] print_report+0xd2/0x2b0 [ 169.664207][ T5939] ? mon_bin_event+0x1211/0x2250 [ 169.664239][ T5939] kasan_report+0x118/0x150 [ 169.664267][ T5939] ? mon_bin_event+0x1211/0x2250 [ 169.664302][ T5939] kasan_check_range+0x2b0/0x2c0 [ 169.664330][ T5939] ? mon_bin_event+0x1211/0x2250 [ 169.664362][ T5939] __asan_memcpy+0x29/0x70 [ 169.664383][ T5939] mon_bin_event+0x1211/0x2250 [ 169.664427][ T5939] ? __pfx_mon_bin_event+0x10/0x10 [ 169.664458][ T5939] ? _raw_spin_lock_irqsave+0xb3/0xf0 [ 169.664488][ T5939] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 169.664518][ T5939] ? __driver_probe_device+0x18c/0x2f0 [ 169.664547][ T5939] ? __device_attach_driver+0x2ce/0x530 [ 169.664576][ T5939] ? bus_for_each_drv+0x251/0x2e0 [ 169.664596][ T5939] ? __device_attach+0x2b8/0x400 [ 169.664622][ T5939] ? bus_probe_device+0x185/0x260 [ 169.664642][ T5939] ? hid_add_device+0x398/0x540 [ 169.664668][ T5939] ? __pfx_mon_bin_submit+0x10/0x10 [ 169.664700][ T5939] mon_submit+0x196/0x210 [ 169.664729][ T5939] usb_hcd_submit_urb+0x11d/0x1aa0 [ 169.664764][ T5939] usb_start_wait_urb+0x114/0x4c0 [ 169.664788][ T5939] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 169.664817][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.664845][ T5939] usb_control_msg+0x232/0x3e0 [ 169.664868][ T5939] usbhid_raw_request+0x3cd/0x4e0 [ 169.664904][ T5939] __hid_request+0x1c1/0x370 [ 169.664930][ T5939] hidinput_connect+0x218a/0x3030 [ 169.664976][ T5939] hid_connect+0x499/0x1980 [ 169.665005][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.665030][ T5939] ? usbhid_start+0x1a92/0x24b0 [ 169.665060][ T5939] ? __pfx_hid_connect+0x10/0x10 [ 169.665093][ T5939] hid_hw_start+0xa8/0x120 [ 169.665118][ T5939] ms_probe+0x180/0x430 [ 169.665155][ T5939] hid_device_probe+0x3a0/0x710 [ 169.665183][ T5939] ? driver_sysfs_add+0x1fe/0x210 [ 169.665212][ T5939] ? __pfx_hid_device_probe+0x10/0x10 [ 169.665235][ T5939] really_probe+0x26d/0x9a0 [ 169.665269][ T5939] __driver_probe_device+0x18c/0x2f0 [ 169.665299][ T5939] driver_probe_device+0x4f/0x430 [ 169.665330][ T5939] __device_attach_driver+0x2ce/0x530 [ 169.665363][ T5939] bus_for_each_drv+0x251/0x2e0 [ 169.665385][ T5939] ? __pfx___device_attach_driver+0x10/0x10 [ 169.665414][ T5939] ? __pfx_bus_for_each_drv+0x10/0x10 [ 169.665434][ T5939] ? __lock_acquire+0xab9/0xd20 [ 169.665458][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.665486][ T5939] __device_attach+0x2b8/0x400 [ 169.665514][ T5939] ? __pfx___device_attach+0x10/0x10 [ 169.665541][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.665568][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.665591][ T5939] ? do_raw_spin_unlock+0x122/0x240 [ 169.665625][ T5939] bus_probe_device+0x185/0x260 [ 169.665648][ T5939] device_add+0x7b6/0xb50 [ 169.665676][ T5939] hid_add_device+0x398/0x540 [ 169.665704][ T5939] usbhid_probe+0xe13/0x12a0 [ 169.665741][ T5939] usb_probe_interface+0x644/0xbc0 [ 169.665773][ T5939] ? __pfx_usb_probe_interface+0x10/0x10 [ 169.665799][ T5939] really_probe+0x26d/0x9a0 [ 169.665831][ T5939] __driver_probe_device+0x18c/0x2f0 [ 169.665862][ T5939] driver_probe_device+0x4f/0x430 [ 169.665894][ T5939] __device_attach_driver+0x2ce/0x530 [ 169.665926][ T5939] bus_for_each_drv+0x251/0x2e0 [ 169.665948][ T5939] ? __pfx___device_attach_driver+0x10/0x10 [ 169.665979][ T5939] ? __pfx_bus_for_each_drv+0x10/0x10 [ 169.666003][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.666030][ T5939] __device_attach+0x2b8/0x400 [ 169.666059][ T5939] ? __pfx___device_attach+0x10/0x10 [ 169.666088][ T5939] ? do_raw_spin_unlock+0x122/0x240 [ 169.666121][ T5939] bus_probe_device+0x185/0x260 [ 169.666149][ T5939] device_add+0x7b6/0xb50 [ 169.666177][ T5939] usb_set_configuration+0x1a87/0x20e0 [ 169.666218][ T5939] usb_generic_driver_probe+0x8d/0x150 [ 169.666243][ T5939] usb_probe_device+0x1c4/0x390 [ 169.666270][ T5939] ? __pfx_usb_probe_device+0x10/0x10 [ 169.666294][ T5939] really_probe+0x26d/0x9a0 [ 169.666327][ T5939] __driver_probe_device+0x18c/0x2f0 [ 169.666357][ T5939] driver_probe_device+0x4f/0x430 [ 169.666389][ T5939] __device_attach_driver+0x2ce/0x530 [ 169.666421][ T5939] bus_for_each_drv+0x251/0x2e0 [ 169.666442][ T5939] ? __pfx___device_attach_driver+0x10/0x10 [ 169.666473][ T5939] ? __pfx_bus_for_each_drv+0x10/0x10 [ 169.666497][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.666524][ T5939] __device_attach+0x2b8/0x400 [ 169.666553][ T5939] ? __pfx___device_attach+0x10/0x10 [ 169.666583][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.666607][ T5939] ? do_raw_spin_unlock+0x122/0x240 [ 169.666640][ T5939] bus_probe_device+0x185/0x260 [ 169.666664][ T5939] device_add+0x7b6/0xb50 [ 169.666692][ T5939] usb_new_device+0xa39/0x16c0 [ 169.666731][ T5939] ? __pfx_usb_new_device+0x10/0x10 [ 169.666766][ T5939] ? _raw_spin_unlock_irq+0x23/0x50 [ 169.666796][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.666820][ T5939] ? lockdep_hardirqs_on+0x9c/0x150 [ 169.666855][ T5939] hub_event+0x2941/0x4a00 [ 169.666906][ T5939] ? __pfx_hub_event+0x10/0x10 [ 169.666928][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.666955][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.666982][ T5939] ? _raw_spin_unlock_irq+0x23/0x50 [ 169.667011][ T5939] ? process_scheduled_works+0x9ef/0x17b0 [ 169.667035][ T5939] ? process_scheduled_works+0x9ef/0x17b0 [ 169.667061][ T5939] process_scheduled_works+0xae1/0x17b0 [ 169.667100][ T5939] ? __pfx_process_scheduled_works+0x10/0x10 [ 169.667133][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.667162][ T5939] worker_thread+0x8a0/0xda0 [ 169.667189][ T5939] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 169.667224][ T5939] ? __kthread_parkme+0x7b/0x200 [ 169.667256][ T5939] kthread+0x711/0x8a0 [ 169.667288][ T5939] ? __pfx_worker_thread+0x10/0x10 [ 169.667313][ T5939] ? __pfx_kthread+0x10/0x10 [ 169.667340][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.667367][ T5939] ? _raw_spin_unlock_irq+0x23/0x50 [ 169.667396][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.667421][ T5939] ? lockdep_hardirqs_on+0x9c/0x150 [ 169.667453][ T5939] ? __pfx_kthread+0x10/0x10 [ 169.667483][ T5939] ret_from_fork+0x3fc/0x770 [ 169.667507][ T5939] ? __pfx_ret_from_fork+0x10/0x10 [ 169.667533][ T5939] ? __switch_to_asm+0x39/0x70 [ 169.667561][ T5939] ? __switch_to_asm+0x33/0x70 [ 169.667589][ T5939] ? __pfx_kthread+0x10/0x10 [ 169.667619][ T5939] ret_from_fork_asm+0x1a/0x30 [ 169.667656][ T5939] [ 169.667664][ T5939] [ 170.368445][ T5939] Allocated by task 5939: [ 170.372761][ T5939] kasan_save_track+0x3e/0x80 [ 170.377435][ T5939] __kasan_kmalloc+0x93/0xb0 [ 170.382020][ T5939] __kmalloc_noprof+0x27a/0x4f0 [ 170.386867][ T5939] __hid_request+0x94/0x370 [ 170.391362][ T5939] hidinput_connect+0x218a/0x3030 [ 170.396385][ T5939] hid_connect+0x499/0x1980 [ 170.400882][ T5939] hid_hw_start+0xa8/0x120 [ 170.405293][ T5939] ms_probe+0x180/0x430 [ 170.409449][ T5939] hid_device_probe+0x3a0/0x710 [ 170.414301][ T5939] really_probe+0x26d/0x9a0 [ 170.418810][ T5939] __driver_probe_device+0x18c/0x2f0 [ 170.424096][ T5939] driver_probe_device+0x4f/0x430 [ 170.429124][ T5939] __device_attach_driver+0x2ce/0x530 [ 170.434499][ T5939] bus_for_each_drv+0x251/0x2e0 [ 170.439339][ T5939] __device_attach+0x2b8/0x400 [ 170.444100][ T5939] bus_probe_device+0x185/0x260 [ 170.448945][ T5939] device_add+0x7b6/0xb50 [ 170.453271][ T5939] hid_add_device+0x398/0x540 [ 170.457943][ T5939] usbhid_probe+0xe13/0x12a0 [ 170.462534][ T5939] usb_probe_interface+0x644/0xbc0 [ 170.467640][ T5939] really_probe+0x26d/0x9a0 [ 170.472144][ T5939] __driver_probe_device+0x18c/0x2f0 [ 170.477429][ T5939] driver_probe_device+0x4f/0x430 [ 170.482453][ T5939] __device_attach_driver+0x2ce/0x530 [ 170.487825][ T5939] bus_for_each_drv+0x251/0x2e0 [ 170.492666][ T5939] __device_attach+0x2b8/0x400 [ 170.497428][ T5939] bus_probe_device+0x185/0x260 [ 170.502270][ T5939] device_add+0x7b6/0xb50 [ 170.506593][ T5939] usb_set_configuration+0x1a87/0x20e0 [ 170.512047][ T5939] usb_generic_driver_probe+0x8d/0x150 [ 170.517503][ T5939] usb_probe_device+0x1c4/0x390 [ 170.522353][ T5939] really_probe+0x26d/0x9a0 [ 170.526856][ T5939] __driver_probe_device+0x18c/0x2f0 [ 170.532143][ T5939] driver_probe_device+0x4f/0x430 [ 170.537166][ T5939] __device_attach_driver+0x2ce/0x530 [ 170.542541][ T5939] bus_for_each_drv+0x251/0x2e0 [ 170.547387][ T5939] __device_attach+0x2b8/0x400 [ 170.552150][ T5939] bus_probe_device+0x185/0x260 [ 170.556992][ T5939] device_add+0x7b6/0xb50 [ 170.561317][ T5939] usb_new_device+0xa39/0x16c0 [ 170.566084][ T5939] hub_event+0x2941/0x4a00 [ 170.570491][ T5939] process_scheduled_works+0xae1/0x17b0 [ 170.576030][ T5939] worker_thread+0x8a0/0xda0 [ 170.580623][ T5939] kthread+0x711/0x8a0 [ 170.584689][ T5939] ret_from_fork+0x3fc/0x770 [ 170.589268][ T5939] ret_from_fork_asm+0x1a/0x30 [ 170.594047][ T5939] [ 170.596357][ T5939] The buggy address belongs to the object at ffff888028c17d40 [ 170.596357][ T5939] which belongs to the cache kmalloc-8 of size 8 [ 170.610050][ T5939] The buggy address is located 1 bytes inside of [ 170.610050][ T5939] allocated 7-byte region [ffff888028c17d40, ffff888028c17d47) [ 170.623837][ T5939] [ 170.626149][ T5939] The buggy address belongs to the physical page: [ 170.632542][ T5939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28c17 [ 170.641291][ T5939] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 170.648823][ T5939] page_type: f5(slab) [ 170.652795][ T5939] raw: 00fff00000000000 ffff88801a441500 0000000000000000 dead000000000001 [ 170.661371][ T5939] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 170.669938][ T5939] page dumped because: kasan: bad access detected [ 170.676334][ T5939] page_owner tracks the page as allocated [ 170.682033][ T5939] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c00(GFP_NOIO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 12472934574, free_ts 0 [ 170.699501][ T5939] post_alloc_hook+0x240/0x2a0 [ 170.704293][ T5939] get_page_from_freelist+0x21e4/0x22c0 [ 170.709841][ T5939] __alloc_frozen_pages_noprof+0x181/0x370 [ 170.715738][ T5939] alloc_pages_mpol+0x232/0x4a0 [ 170.720587][ T5939] allocate_slab+0x8a/0x3b0 [ 170.725104][ T5939] ___slab_alloc+0xbfc/0x1480 [ 170.729787][ T5939] __kmalloc_cache_noprof+0x296/0x3d0 [ 170.735161][ T5939] usb_control_msg+0x73/0x3e0 [ 170.739831][ T5939] hub_power_on+0x1b6/0x410 [ 170.744335][ T5939] hub_activate+0x35c/0x1a70 [ 170.748918][ T5939] hub_probe+0x28ff/0x37f0 [ 170.753327][ T5939] usb_probe_interface+0x644/0xbc0 [ 170.758433][ T5939] really_probe+0x26d/0x9a0 [ 170.762938][ T5939] __driver_probe_device+0x18c/0x2f0 [ 170.768221][ T5939] driver_probe_device+0x4f/0x430 [ 170.773245][ T5939] __device_attach_driver+0x2ce/0x530 [ 170.778703][ T5939] page_owner free stack trace missing [ 170.784053][ T5939] [ 170.786361][ T5939] Memory state around the buggy address: [ 170.791976][ T5939] ffff888028c17c00: fa fc fc fc fa fc fc fc fa fc fc fc 06 fc fc fc [ 170.800026][ T5939] ffff888028c17c80: 06 fc fc fc 07 fc fc fc 06 fc fc fc fa fc fc fc [ 170.808075][ T5939] >ffff888028c17d00: fa fc fc fc fa fc fc fc 07 fc fc fc 00 fc fc fc [ 170.816121][ T5939] ^ [ 170.822262][ T5939] ffff888028c17d80: fa fc fc fc fa fc fc fc fa fc fc fc 00 fc fc fc [ 170.830314][ T5939] ffff888028c17e00: fa fc fc fc fa fc fc fc 06 fc fc fc 06 fc fc fc [ 170.838363][ T5939] ================================================================== [ 170.846415][ T5939] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 170.853602][ T5939] CPU: 1 UID: 0 PID: 5939 Comm: kworker/1:7 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 170.863920][ T5939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 170.873968][ T5939] Workqueue: usb_hub_wq hub_event [ 170.878998][ T5939] Call Trace: [ 170.882267][ T5939] [ 170.885187][ T5939] dump_stack_lvl+0x99/0x250 [ 170.889777][ T5939] ? __asan_memcpy+0x40/0x70 [ 170.894366][ T5939] ? __pfx_dump_stack_lvl+0x10/0x10 [ 170.899562][ T5939] ? __pfx__printk+0x10/0x10 [ 170.904163][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 170.909812][ T5939] panic+0x2db/0x790 [ 170.913717][ T5939] ? __pfx_panic+0x10/0x10 [ 170.918136][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 170.923769][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 170.929400][ T5939] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 170.935301][ T5939] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 170.941633][ T5939] ? print_memory_metadata+0x314/0x400 [ 170.947087][ T5939] ? mon_bin_event+0x1211/0x2250 [ 170.952033][ T5939] check_panic_on_warn+0x89/0xb0 [ 170.956977][ T5939] ? mon_bin_event+0x1211/0x2250 [ 170.961917][ T5939] end_report+0x78/0x160 [ 170.966160][ T5939] kasan_report+0x129/0x150 [ 170.970662][ T5939] ? mon_bin_event+0x1211/0x2250 [ 170.975607][ T5939] kasan_check_range+0x2b0/0x2c0 [ 170.980543][ T5939] ? mon_bin_event+0x1211/0x2250 [ 170.985484][ T5939] __asan_memcpy+0x29/0x70 [ 170.989896][ T5939] mon_bin_event+0x1211/0x2250 [ 170.994684][ T5939] ? __pfx_mon_bin_event+0x10/0x10 [ 170.999797][ T5939] ? _raw_spin_lock_irqsave+0xb3/0xf0 [ 171.005179][ T5939] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 171.011073][ T5939] ? __driver_probe_device+0x18c/0x2f0 [ 171.016533][ T5939] ? __device_attach_driver+0x2ce/0x530 [ 171.022080][ T5939] ? bus_for_each_drv+0x251/0x2e0 [ 171.027097][ T5939] ? __device_attach+0x2b8/0x400 [ 171.032039][ T5939] ? bus_probe_device+0x185/0x260 [ 171.037059][ T5939] ? hid_add_device+0x398/0x540 [ 171.041911][ T5939] ? __pfx_mon_bin_submit+0x10/0x10 [ 171.047117][ T5939] mon_submit+0x196/0x210 [ 171.051454][ T5939] usb_hcd_submit_urb+0x11d/0x1aa0 [ 171.056574][ T5939] usb_start_wait_urb+0x114/0x4c0 [ 171.061596][ T5939] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 171.067145][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.072776][ T5939] usb_control_msg+0x232/0x3e0 [ 171.077536][ T5939] usbhid_raw_request+0x3cd/0x4e0 [ 171.082569][ T5939] __hid_request+0x1c1/0x370 [ 171.087157][ T5939] hidinput_connect+0x218a/0x3030 [ 171.092202][ T5939] hid_connect+0x499/0x1980 [ 171.096709][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.102340][ T5939] ? usbhid_start+0x1a92/0x24b0 [ 171.107193][ T5939] ? __pfx_hid_connect+0x10/0x10 [ 171.112140][ T5939] hid_hw_start+0xa8/0x120 [ 171.116554][ T5939] ms_probe+0x180/0x430 [ 171.120737][ T5939] hid_device_probe+0x3a0/0x710 [ 171.125589][ T5939] ? driver_sysfs_add+0x1fe/0x210 [ 171.130620][ T5939] ? __pfx_hid_device_probe+0x10/0x10 [ 171.135998][ T5939] really_probe+0x26d/0x9a0 [ 171.140519][ T5939] __driver_probe_device+0x18c/0x2f0 [ 171.145822][ T5939] driver_probe_device+0x4f/0x430 [ 171.150853][ T5939] __device_attach_driver+0x2ce/0x530 [ 171.156231][ T5939] bus_for_each_drv+0x251/0x2e0 [ 171.161095][ T5939] ? __pfx___device_attach_driver+0x10/0x10 [ 171.166993][ T5939] ? __pfx_bus_for_each_drv+0x10/0x10 [ 171.172355][ T5939] ? __lock_acquire+0xab9/0xd20 [ 171.177201][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.182835][ T5939] __device_attach+0x2b8/0x400 [ 171.187601][ T5939] ? __pfx___device_attach+0x10/0x10 [ 171.192897][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.198529][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.204159][ T5939] ? do_raw_spin_unlock+0x122/0x240 [ 171.209363][ T5939] bus_probe_device+0x185/0x260 [ 171.214211][ T5939] device_add+0x7b6/0xb50 [ 171.218544][ T5939] hid_add_device+0x398/0x540 [ 171.223221][ T5939] usbhid_probe+0xe13/0x12a0 [ 171.227822][ T5939] usb_probe_interface+0x644/0xbc0 [ 171.232945][ T5939] ? __pfx_usb_probe_interface+0x10/0x10 [ 171.238587][ T5939] really_probe+0x26d/0x9a0 [ 171.243101][ T5939] __driver_probe_device+0x18c/0x2f0 [ 171.248394][ T5939] driver_probe_device+0x4f/0x430 [ 171.253425][ T5939] __device_attach_driver+0x2ce/0x530 [ 171.258800][ T5939] bus_for_each_drv+0x251/0x2e0 [ 171.263645][ T5939] ? __pfx___device_attach_driver+0x10/0x10 [ 171.269541][ T5939] ? __pfx_bus_for_each_drv+0x10/0x10 [ 171.274909][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.280541][ T5939] __device_attach+0x2b8/0x400 [ 171.285305][ T5939] ? __pfx___device_attach+0x10/0x10 [ 171.290595][ T5939] ? do_raw_spin_unlock+0x122/0x240 [ 171.295800][ T5939] bus_probe_device+0x185/0x260 [ 171.300648][ T5939] device_add+0x7b6/0xb50 [ 171.304981][ T5939] usb_set_configuration+0x1a87/0x20e0 [ 171.310452][ T5939] usb_generic_driver_probe+0x8d/0x150 [ 171.315912][ T5939] usb_probe_device+0x1c4/0x390 [ 171.320762][ T5939] ? __pfx_usb_probe_device+0x10/0x10 [ 171.326132][ T5939] really_probe+0x26d/0x9a0 [ 171.330643][ T5939] __driver_probe_device+0x18c/0x2f0 [ 171.335934][ T5939] driver_probe_device+0x4f/0x430 [ 171.340966][ T5939] __device_attach_driver+0x2ce/0x530 [ 171.346344][ T5939] bus_for_each_drv+0x251/0x2e0 [ 171.351189][ T5939] ? __pfx___device_attach_driver+0x10/0x10 [ 171.357084][ T5939] ? __pfx_bus_for_each_drv+0x10/0x10 [ 171.362454][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.368092][ T5939] __device_attach+0x2b8/0x400 [ 171.372860][ T5939] ? __pfx___device_attach+0x10/0x10 [ 171.378163][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.383792][ T5939] ? do_raw_spin_unlock+0x122/0x240 [ 171.388995][ T5939] bus_probe_device+0x185/0x260 [ 171.393842][ T5939] device_add+0x7b6/0xb50 [ 171.398174][ T5939] usb_new_device+0xa39/0x16c0 [ 171.402953][ T5939] ? __pfx_usb_new_device+0x10/0x10 [ 171.408157][ T5939] ? _raw_spin_unlock_irq+0x23/0x50 [ 171.413359][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.418988][ T5939] ? lockdep_hardirqs_on+0x9c/0x150 [ 171.424193][ T5939] hub_event+0x2941/0x4a00 [ 171.428635][ T5939] ? __pfx_hub_event+0x10/0x10 [ 171.433394][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.439028][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.444663][ T5939] ? _raw_spin_unlock_irq+0x23/0x50 [ 171.449868][ T5939] ? process_scheduled_works+0x9ef/0x17b0 [ 171.455584][ T5939] ? process_scheduled_works+0x9ef/0x17b0 [ 171.461302][ T5939] process_scheduled_works+0xae1/0x17b0 [ 171.466858][ T5939] ? __pfx_process_scheduled_works+0x10/0x10 [ 171.472840][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.478487][ T5939] worker_thread+0x8a0/0xda0 [ 171.483083][ T5939] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 171.489431][ T5939] ? __kthread_parkme+0x7b/0x200 [ 171.494376][ T5939] kthread+0x711/0x8a0 [ 171.498452][ T5939] ? __pfx_worker_thread+0x10/0x10 [ 171.503560][ T5939] ? __pfx_kthread+0x10/0x10 [ 171.508149][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.513781][ T5939] ? _raw_spin_unlock_irq+0x23/0x50 [ 171.518981][ T5939] ? srso_alias_return_thunk+0x5/0xfbef5 [ 171.524610][ T5939] ? lockdep_hardirqs_on+0x9c/0x150 [ 171.529816][ T5939] ? __pfx_kthread+0x10/0x10 [ 171.534411][ T5939] ret_from_fork+0x3fc/0x770 [ 171.538996][ T5939] ? __pfx_ret_from_fork+0x10/0x10 [ 171.544109][ T5939] ? __switch_to_asm+0x39/0x70 [ 171.548881][ T5939] ? __switch_to_asm+0x33/0x70 [ 171.553646][ T5939] ? __pfx_kthread+0x10/0x10 [ 171.558240][ T5939] ret_from_fork_asm+0x1a/0x30 [ 171.563014][ T5939] [ 171.566214][ T5939] Kernel Offset: disabled [ 171.570529][ T5939] Rebooting in 86400 seconds..