last executing test programs: 3.869057335s ago: executing program 3 (id=3330): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x804, &(0x7f0000000080)={[{@shortname_lower}, {@shortname_lower}, {@utf8}, {@shortname_winnt}, {@uni_xlate}, {@rodir}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@shortname_winnt}, {@uni_xlate}, {@shortname_mixed}, {@utf8no}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@utf8}, {@uni_xlate}]}, 0x1, 0x27b, &(0x7f0000000ac0)="$eJzs3c9qG1cUB+AzlmRL7UJadFUKHqgXXRm7T2BTXCg1FFq0aLtoTS1DsYTBBkH/UNWrPEGeIM+TTcgL5AESsosXJhPkGclKMrJRIlsm+b6ND/fen+6548Fezej3L3qH+0cnB6f/Pol6PYmlrdiKsyRasRQj/0epx8/KxwGAO+4sy+J5llspXVGbkqwu3WhjAMCNmfz/v+heAIDb8dPPv3y/vbu782Oa1iN69/rtJPKf+fz2QfwZ3ejERjTjPCIby+tvv9vdiWo61Iq13qDfHiZ7vz0sPn/7acRFfjOa0SrPb6a5ifyg367FJ8X+W93o/PAgmvFZef7rkny0l+OrLyf6X49mPPojjqIb+0Vvo/x/m2n6TXb/xT+/DkeH+WTQb6+M1xWrK7f6iwEAAAAAAAAAAAAAAAAAAAAA4IO2no61Xn//TuX8Yn592nyen/Z+oMHE+3k20jTNknz9Zb4an1ejusizAwAAAAAAAAAAAAAAAAAAwF1x8tffh3vdbud4rsXosf6SqXg5z71WZ01FpWitm0S8vWYtpsdrRfL6vSoznqIx7KdznFSv2H3WIhmPNCanViPfazjSyIuJkffevR4XxejuOtxL4ppUvewmmUORldx+lamp5TdHGsUJShY3rth9+dN36jlrTplKIqI2vphXf05tvtfwtv4CAQAAAAAAAAAAAAAAAAAAI5cP/ZZMni6gIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYgMvv/5+hGBThaWuyyrCoRjGy4CMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwEXgVAAD//6QkaRM=") syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) 3.485108198s ago: executing program 1 (id=3336): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f3, &(0x7f0000000200)={'sit0\x00', &(0x7f00000002c0)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x65, 0x2}}}}) 3.359964275s ago: executing program 3 (id=3341): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x20, 0x0}) 3.108279784s ago: executing program 1 (id=3346): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000740)='./file0\x00', 0xc, &(0x7f00000003c0)=ANY=[], 0xff, 0x19c, &(0x7f0000000200)="$eJzs281qE1EYBuA3tdW2LtKFK3Ex4MZVaHsFFqkgBgSlCwVBsQ1IRwIWArqw2bnwJrwct3olLrsQRppp7Q+piNoMJM+zyQfnvMl3DiSZMzAvbr3Z3e7v9Z73vmSx1crc3arKQSsrmcuxYQCAaXJQVfleVVV1bZilz6mqqumOAIDL5v8fAGbPk6fPHm50u5uPi2IxKT8OtgZb9Ws9vtHL65TZyWra+ZHDC4QjdX3/QXdztRhZyady/yi/P9i6cja/lnZWxufX6nxxNr+Q5dP59bRzY3x+fWz+au7cPpXvpJ1vr9JPme0cZk/yH9aK4t6j7rn89dE8AAAAmAad4pex5/dO56LxOr/R+uP7A+fO1/O5Od/s2gFgVu29e7/7six33jZWJBn+Zs7X5brRyTVW/GX8eEub3Mx/K5by/995Ic2va3qK/txlf8RiklHR4I8SMBEn3/6mOwEAAAAAAAAAAAAAAC4yiUeXml4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALPnZwAAAP//RL2Oaw==") truncate(&(0x7f0000000100)='./file1\x00', 0xc88) 3.088544059s ago: executing program 3 (id=3348): r0 = socket$isdn(0x22, 0x3, 0x0) bind$isdn(r0, 0x0, 0x0) 2.892461634s ago: executing program 3 (id=3351): r0 = socket(0x40000000015, 0x5, 0x0) bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e21, @broadcast}, 0x10) 2.645941233s ago: executing program 3 (id=3355): r0 = syz_open_dev$evdev(&(0x7f0000000280), 0x2, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f00000000c0)=[0xffffffe1]) 2.344885s ago: executing program 3 (id=3360): r0 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000001600), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR") ioctl$BTRFS_IOC_DEV_INFO(r0, 0x40449426, &(0x7f0000001640)={0x0, "b842a0370fd376ff3d7d58f564172b53"}) 2.092639558s ago: executing program 1 (id=3364): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000640)=@mangle={'mangle\x00', 0x10, 0x6, 0x5c0, 0x1f8, 0xd0, 0x0, 0xd0, 0x1f8, 0x4f0, 0x4f0, 0x4f0, 0x4f0, 0x4f0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@srh={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}}]}, @common=@unspec=@NFQUEUE3={0x28}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv6=@mcast1}}}, {{@ipv6={@private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1\x00', 'ip6gretap0\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@local, @ipv4=@multicast1}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'wg1\x00', 'vxcan1\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@mcast2, @ipv6=@local}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x620) 1.764681988s ago: executing program 1 (id=3369): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000340)={@private0, @loopback, @local, 0x80000000, 0x9, 0x2, 0x100, 0xfffffffffffffff7, 0x2000000}) 1.597809208s ago: executing program 5 (id=3371): r0 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000003ac0)={'wlan0\x00', &(0x7f0000003a80)=@ethtool_link_settings={0x4c}}) 1.554532848s ago: executing program 1 (id=3373): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0) write$vga_arbiter(r0, 0x0, 0x15) 1.504663079s ago: executing program 2 (id=3374): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000000bc0)=ANY=[@ANYBLOB="b702000000000004bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f01000000010000006e7dac1aba4b20dc7d0200000000000000df1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56e9cc48da2054476846591418451f3a6f907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b98d2de10c21d3ea02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d000000200008000000000000001abc11c800000000000000000000000928ee53595a779d243a48cea769470424d20a04c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642ba1694a0949b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de920000000000100000000000004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e91311ab96b81eea91cc6e3e4c37ee01c85009c68c54de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d505109000000000000008f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c82c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e495f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e4a48dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c4698aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde05c10809c9edfa6d77c652fd742e6dad13d2a397bebe3ea8bc087d3720e2202f36c7719ae34f042e19dc08a3323a3d94098a7ec171469352bab1662c3e4d4803c565cfcce32dad628fade43a4844abb230ce608726fd87e93c40378b9811ad67440e68049304df5a7b86bfd7e3341f3e0b5f75b2a210c53adcca7de960a37b9e0b9b74e0d06d61b35ea65e6b4c810cc3735d4306552d7be0e2019e84688968d4c716f2b17f4ff0c9e5ee89d5e14ec149aae353e228612f5719dd6dae8a287064c93233a85ca5492798b54aae7d633f140aded112ce88a1aff7109aa5a9d2a447346a066c416933ab2a3c50b71946be9091ae1cdf30d46845ebe711458b8da6617579738ed8082a071c1d3cad599a3011f3bf456cd55a2d28ef3b196f235866aa8e44f3624fe4798468b5c1e3c8a10f2c93c003b0d6bf609f01e9140bdc537382839a034ef8aa95d72998f4ec789"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r0, 0x8, 0x62, 0x125, &(0x7f0000000140)="cb74445b7d4c0b24676c6c71ae37efcedaf40242309766deb4e793f90000000000000000dbc856cbc664650634231454ca2d8034c4ca29e0d99c3b6615e91835a600c08f989af45438a54981be310aad92ae545b1c961e5f3762a51fe4c736edec6f", &(0x7f0000000440)=""/254, 0x0, 0x0, 0xff, 0x695866635b959906, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a938d38503d064da82d5dbf395ad47ed3932669168d324ed0f6de8360d499042ddc7d02b6c0772128257702bfe6d0971f00fea85da062cdc", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5deda7ddd3bd1d384d64ec980187e8b64a0696571a49e847db79349c9b3c3fab5f1f977bde4d802d9026ae0c11744eb1525c5195fd215d7a432497f35c2f2cfcd2b6336b26dfef0cb968c910ea2af5cdd4d58cc08535d5514", 0x2}, 0x24) 1.374671903s ago: executing program 1 (id=3376): socket$pppl2tp(0x18, 0x1, 0x1) syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xd9, 0xd0, 0xc0, 0x10, 0x1a0a, 0x104, 0xddd4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xe2, 0x3e, 0x60}}]}}]}}, 0x0) 1.371823247s ago: executing program 5 (id=3377): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x48, 0x3, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x4}]}, 0x48}}, 0x0) 1.295422311s ago: executing program 2 (id=3378): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$SOUND_MIXER_READ_RECSRC(r0, 0x80044dff, &(0x7f0000001580)) 1.285323237s ago: executing program 4 (id=3380): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2d3, &(0x7f00000010c0)="$eJzs3b+LHFUcAPDv7O3NbrDYK6xEyIABrYKXTmz2kATEqwxbqIUeJoFwuwgJHPgD11S2NhYW/gWC4B+Sxv9AsBXsPCHwZGZnMnPrutmTbMTc59Pc977vfee9N/tub67Ydx+9PDu+VcSdB1/8EsNhFr1xjOM0i73oReOrOGP8TQAA/2enKcXvaeE8dVlEDLc3LQBgizb7/d9vw5+eybQAgC26+d777xwcHl5/dxjDuDH7+mRS/mVffl20H9yJuzGN2/F6jOJRRPWgsBvV00IZ3kgpzftFUfSKvbgym59MysrZhw/r6x/8FlHV78co9qrU46eNqv7tw+v7xUKnfn4yyV6tL3F3XNZfi1G8+Lj4TP21FfUxyeO1Vzrzvxqj+Pnj+CSmcauaRFv/5X5RvJW+/ePzD8rhyvpsfjIZVP1aaecZviwAAAAAAAAAAAAAAAAAAAAAADznrtZn5wyiuBxXZmWqPn9n51Hk5bdFY6+tKtsXUdakuucDpZTmKb7vHClYpLpje75PP17qdw8WBAAAAAAAAAAAAAAAAAAAgIvr/qefHR9Np7fvPZWgOQ2gHxF/3oz4t9cZdzKXY33nQT3m0XTaq8MzfR7m3UzsNH2yiLXTKBfxlG7Lk4JLy3Nugh9+LBd4ngsOO5k3Vi9wd/vranbX8VG2eqxBNJlhvUm+yyPaPnlsOFb+T00p1my/Xn8pk68cYrSUufTE+eQvVMG823SaUur0iWzdz8Wbvy7uXJ3JlleRV3d1ZfluHXTKl/bGRq97DBflf3+vyKrTOgbbezMCAAAAAAAAAAAAAAAAAIALrv3074rGB2tLe8lHgQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4TrT///8cwbwu3qBzHvfu/8dLBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AL4KwAA//+ZAlZ9") lchown(&(0x7f0000000240)='./file1\x00', 0xee01, 0x0) 1.157289675s ago: executing program 5 (id=3381): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, 0x0) 1.058412327s ago: executing program 0 (id=3383): r0 = open(&(0x7f0000000000)='./file0\x00', 0x6040, 0x87) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) 1.004719484s ago: executing program 0 (id=3384): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x1, 0xa28, [0x0, 0x200005c0, 0xfffffffc, 0x2], 0x0, 0x0, &(0x7f0000001180)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000001900000000000000000076657461315f746f5f0400000000000065727370616e300000000000000000006272696467655f736c6176654f310000697036746e6c300000000000000000000180c2000000000000000000aaaaaaaaaa000000000000000000280900005009000098090000616d6f6e6700000000000000000000000000000000000000000000000000000064080000000000b500080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006190000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e2ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007fffff0500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000099f4aa600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000ac1414aa0000000000000000000000000000000000000000ac1414007265616c6d0000000000000000000000000000000000000000000000000000000c000000000000000000000000000000434f4e4e5345434d41524b00000000000000000000000000000000000000000004000000000000006c6f670000000000000000000000000000000000000000000000000000000000240000000046aefdc2eedaf8ff6fcbbfa67ee31e6bfa4cf9f0761ffdac96c7d300bc1d000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff00000000"]}, 0xaa0) 957.009824ms ago: executing program 2 (id=3385): r0 = openat$fb0(0xffffff9c, &(0x7f0000000000), 0x20000, 0x0) ioctl$FBIOPUTCMAP(r0, 0x4605, &(0x7f0000000140)={0xffffffff, 0x1, &(0x7f0000000040)=[0x0], &(0x7f0000000080), &(0x7f00000000c0), 0x0}) 900.446127ms ago: executing program 4 (id=3386): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000011c0)=ANY=[@ANYBLOB="200000006a0001dfffffff00000000000200000000000000080001"], 0x20}}, 0x4000000) 853.907064ms ago: executing program 5 (id=3387): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_BT_SECURITY(r0, 0x12, 0x4, 0x0, 0xf0ff1f00000000) 824.713023ms ago: executing program 0 (id=3388): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000003240)=[0x0], 0x0, 0x0, 0x0, 0x1}) 608.365557ms ago: executing program 2 (id=3389): r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="85000000080000004e00000000000000850000007d00000095000000000000007ab9e683b171b4b09980af6c1ebeda4ac0d3e3aa71a9ab17e14e1b0be949499ca6a5b2c467b6d3d1c0ae1e9820331afd90cc832c761aa3adf9be48c401c7f893694bf8cd19b7173cd4688904f7310af046fd490d3f2cf49b5f68aecf0bc659dc3d53c2"], &(0x7f0000000140)='GPL\x00', 0x0, 0xbd, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={r0, 0x0, 0x1a, 0x0, &(0x7f0000000580)="61df35fbd0cd6f631cc5b20113beffaaff030000ec16e27219e5", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 607.906487ms ago: executing program 4 (id=3390): r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r0, 0x2, 0x1, 0x555, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0}, 0x40) 607.091941ms ago: executing program 5 (id=3391): syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000500)={[{@nfs_export_on}, {@redirect_dir_off}, {@userxattr}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 505.153819ms ago: executing program 0 (id=3392): r0 = syz_open_dev$sndpcmc(&(0x7f0000000740), 0x1, 0x2000) ioctl$SNDRV_PCM_IOCTL_STATUS32(r0, 0x806c4120, &(0x7f0000000000)) 504.985654ms ago: executing program 2 (id=3393): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x21081e, &(0x7f0000000840), 0x1, 0x4e6, &(0x7f0000001400)="$eJzs3U1vW0sZAODXzpeTm3uTe+kCENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYXSOT1I3tZvQfDiKn0c6OmdmHL8zdc9M/brxBNC3LkXEVkQMR8TDiJjI6nPZEXdbR/K4V9tP53e2n87notm8/89c2p7URdvPJD7KnrMQET/6XsRPc+/GrW9sLs9VKuW1rDzVqK5O1Tc2ry9V5xbLi+WVUml2Znb69o1bpWMb68XqcHb15Zd/2PrWz5NujWc17eM4Tq2hD+3FSQxGxA9OIlgPDGTjGe51R/gg+Yj4LCIup/f/RAykryYAcJ41mxPRnGgvAwDnXT7NgeXyxSwXMB75fLHYyuFdiLF8pVZvXHtUW19ZaOXKJmMo/2ipUp7OcoWTMZRLyjPp9ZtyaV/5RkR8GhG/GBlNy8X5WmWhl//wAYA+9tG+9f8/I631HwA45wq97gAAcOqs/wDQf6z/ANB/rP8A0H+s/wDQf6z/ANB/rP8A0Fd+eO9ecjR3su+/Xni8sb5ce3x9oVxfLlbX54vztbXV4mKttph+Z0/1oOer1GqrMzdj/cnkt1frjan6xuaDam19pfEg/V7vB+WhUxkVAPA+n1588edcRGzdGU2PaNvLwVoN51u+1x0Aemag1x0AesZuX9C/jvAeX3oAzokOW/S+pRARo/srm81m8+S6BJywq1+Q/4d+1Zb/97+Aoc/I/0P/kv+H/tVs5g67538c9oEAwNkmxw90+fz/s+z82+zDgZ8s7H/E85PsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxtu/v/FrO9wMcjny8WIz6OiMkYyj1aqpSnI+KTiPjTyNBIUp7pcZ8BgKPK/y2X7f91deLK+P7W4dzrkfQcET/71f1fPplrNNb+mNT/a6++8TyrL/Wi/wDAQXbX6fTc9kb+1fbT+d3jNPvz9+9GRKEVf2d7OHb24g/GYHouxFBEjP07l5Vbcm25i6PYehYRn+80/lyMpzmQ1s6n++MnsT8+1fj5t+Ln07bWOfmz+Nwx9AX6zYtk/rnb6f7Lx6X03Pn+L6Qz1NFl81/yVPM76Rz4Jv7u/DfQZf67dNgYN3///dbV6LttzyK+OBixG3unbf7ZjZ/rEv/KIeP/5UtfudytrfnriKvROX57rKlGdXWqvrF5fak6t1heLK+USrMzs9O3b9wqTaU56qnuq8E/7lz7pFtbMv6xLvELB4z/64cc/2/++/DHX31P/G9+rVP8fFx4T/xkTfzGIePPjf2u0K0tib/QZfwHvf7XDhn/5V8339k2HADonfrG5vJcpVJec+Hi7F8kf2XPQDc6XnzntGINx//1U83mB8XqNmMcR9YNOAv2bvqIeN3rzgAAAAAAAAAAAAAAAB2dxm8s9XqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA///77dI4") quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000240)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcf3}) 354.303645ms ago: executing program 4 (id=3394): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8982, &(0x7f0000005900)={0x8, 'batadv_slave_1\x00', {'veth0_to_bridge\x00'}, 0x6}) 318.510958ms ago: executing program 2 (id=3395): r0 = socket(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be04020506050e020409430009003f000c000a0000000d0085a168d0bf46d32345653600648d0a00120002000a0000005ade4a460c89b6ec0cff3959547f509058ba86c902000000004a3200040016000500090000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0) 250.257088ms ago: executing program 5 (id=3396): syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0xad7, &(0x7f0000001900)="$eJzs3U2MW0cBAOB53vUmm6bEKSld0tAmFNry002zWcJPBEmVCImoqRCXShWXKE1LRAgSRQKqSiQ5caNVFSRO/IhTL1VBSPSCop64VKKRKqSeCgcOREFU4gChiVHsGa89sfvsza5/1t8njcfz5j3PvOfn5/c7E4CpVWm8Li8vFCFcfP3lo/948O/zN4ccao1Ra7zOtqWqIYQipmezz3t3phlff++Fk93iIiw1XlM6PHG1Ne0dIYRzYXe4FGph58XLL7259Pjx88cu7HnrlYNX1mfuAQBgunz90sHlu//653u3X3v1vsNhU2t42j+vxfTWuN9/OO74p/3/SuhMF22h3Vw23mwMlfnO8Wa6jNcoZ7b7eLM9yp/Lyq/2GG9T+ODyZ9qGdZtvmGRpPa6ForLYka5UFhebx+ShcVw/VyyePX3mmedGVFFgzf37/hDC7rZw5EJnej1D2tgMMs2h9ahL0fxfX+f5rQ9ruW60cHh4ZV2rN418nocU6ttGu/0BSPLrhbc4l59ZuD2tT5vtr/yrj1W6Tw9rYNjr/0Dlz424/KD835y3xWHtbNS1Kc1X+h1tjen0753uYcrvX+r9+8uvdHQOza9HVPusZ6/rCJNyfaFXPWeGXI/V6lX/fL3YqL4c47QcvpLlt/9+8u90Ur5joLv/5Of/BaEj7B6DOggdIXSkq7fzWfURb3+A8ZXfN1dP10ej/L6+PH9TSf7mkvz5kvwtJfl3lOTDNPvd938aXixWjvPzY/pBz4en82x3xvhDA9YnPx85aPn5fb+Dut3y8/uJYZz94cSTp77w9FOXm/f/F631/0Zc39PhRi3+ti7FEdL5wvy8euve/1pnOZUe492V1efOLuM33u/oHK/YsfI5oW07c0s9Fjqn29ZrvF2d49Wy8eZj2JzVN98/2ZJNl/Y/0nY1La/ZbH6r2XzMZfVI25XtMc7rAauR1sde9/+n9XMhVItnTp859WhMp/X0TzPVTTeH7xtyvYHb1+/zPwuh8/mfra3h1Ur7dmHbyvCiuV14LX5e5/ClVjmdw/fHdPqf+9bMfGP44snvnnl67WcfptpzP3r+2yfOnDn1PW9W/ear41GNQd6kw5Zxqc8kvKmEsajGsN6MeMMErLu9P27uBDxy+jsnnj317Kmz+w8c2L+0dOCL+5f3Nvbr97bv3bc7N4LaAmtp5U9/1DUBAAAAAAAAAAAA+vWDY0cvv/3G599pPv+/8vxfev4/3fmbnv//Sfb8f/6cfHoOPj0HuL1LfmOcrIHVuWy8agwfzuq7Iyvn7my6j8S41Y9ffP4/FZe365rqc082vNojmTUncEt7KXNZGyR5f4Efj/GFGP86wAgV890Hx7isfeu0rqf2KdrapajPTEsjyhtA+t7S2tBsx2SlJ9eu7Tq1fdnbh1RP1tb6PDw458kCmAD/HGX731uGXea/VmZ8LT+3GIM2oTdUmB1ueT9fh3ViQkK93qsXj357sAFYG6Pu/zOd90zx2T9+bfPNkEa7+ljn9jJvvxQG8Ze3O9Pj3v/kepef99s37PJHPf/D7v+z1f9d39u/rMe82urK/e8vrrzTVmzY2W/5+fyndqB3DFb+tVh+mpuHQn/l13+VlZ9fEOrT/7Lyt/RZ/i3zv2t15b8fy0+L7eEHSspPJ4bPN2tcVDrrMZ/NR7r+l583Tq5n85/a9vyA+f/G893mf5XXGG7E8mGaTUo/s4PK9iNaO+3t9xeEgfr/jc6tbf+/rcpmm7X8PozPNZPvp66L0n0OeX8ng9Y/3V+R/gfS/RTp84uS/zf9/062L8W47PeQ+v9N62Mt/uW3pRvLMqWrXZbtRt3WwKR6V/+/4xY2j0EdhP5DfWYV07X6iRtx/ev1+vqe0Cox0sIZ+fIf9XHCqMsf9fIvk/f/m+/D5/3/5vl5/795ft7/b54/H7+hXvl5/7/58sz7/83z78k+N+8feKEk/6Ml+Tu757cO2+8tmX5XSf7HSvL3tPIPdYyR8u8rmf7+kvy7SvIfKMn/REn+J0vyHyzJf7gtv70P6JT/qZLpN7r0PMq0zj9Ms/z5PL9/mB7p+k+v3/+Oknxgcv3s1X1HnvrtN2vN5//nWudD0nW8wzFdjcdPP4zp/Lp3aEvfzHsjpv+W5Y/7+Q6YJnn7Gfn/+0Ml+cDkSvd5+X3DFCo2dx8c47J2q3rt5zNZPh3jz8T4szF+JMaLMd4b430xXhpS/VgfR177/cEXi5Xj/W1Zfr/3k+fPA3W0ExVC2N9nffLzA4Pez5634zeo2y1/lY+DAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjEyl8bq8vFCEcPH1l48+efz03ptDDrXGqDVeZ9tS1dZ0ITwa45kY/zK+uf7eCyfb4xsxLsJSKELRGh6euNoq6Y4QwrmwO1wKtbDz4uWX3lx6/Pj5Yxf2vPXKwSvrtwQAAABg4/t/AAAA//8EEw8R") mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 235.83171ms ago: executing program 0 (id=3397): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000005c00)={0x0, 0x0, &(0x7f0000005bc0)={&(0x7f0000005900)=@acquire={0x134, 0x17, 0x601, 0x0, 0x0, {{@in=@local}, @in, {@in6=@private1, @in6=@mcast1}, {{@in6=@private0, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0xb00}}}, [@mark={0xc}]}, 0x134}}, 0x0) 165.918503ms ago: executing program 4 (id=3398): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000ec0)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}, @IPSET_ATTR_NETMASK={0x5}]}]}, 0x60}}, 0x0) 128.238641ms ago: executing program 0 (id=3399): prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) fsopen(&(0x7f0000000040)='ceph\x00', 0x0) 0s ago: executing program 4 (id=3400): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000400)={'syztnl1\x00', 0x0, 0x8000, 0x8000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x2f, 0x0, @empty, @private}}}}) kernel console output (not intermixed with test programs): t ocfs2_super *, struct ocfs2_alloc_context *, int, u32, u64 *, int): Invalid chain allocator 74 [ 246.818183][ T9020] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 246.898179][ T9020] OCFS2: File system is now read-only. [ 246.948177][ T9020] (syz.1.1559,9020,0):ocfs2_reserve_suballoc_bits:854 ERROR: status = -30 [ 246.957635][ T9020] (syz.1.1559,9020,0):ocfs2_reserve_new_inode:1095 ERROR: status = -30 [ 246.988513][ T9020] (syz.1.1559,9020,1):ocfs2_reserve_new_inode:1118 ERROR: status = -30 [ 247.008101][ T9020] (syz.1.1559,9020,1):ocfs2_mknod:304 ERROR: status = -30 [ 247.042260][ T8979] team0: Port device team_slave_0 added [ 247.056555][ T9020] (syz.1.1559,9020,1):ocfs2_mknod:500 ERROR: status = -30 [ 247.081475][ T8979] team0: Port device team_slave_1 added [ 247.088211][ T8] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 247.092764][ T9020] (syz.1.1559,9020,1):ocfs2_create:674 ERROR: status = -30 [ 247.356030][ T8979] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 247.377694][ T8979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 247.494785][ T8979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 247.516776][ T5231] ocfs2: Unmounting device (7,1) on (node local) [ 247.573168][ T8] usb 3-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d [ 247.586383][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.644425][ T8] usb 3-1: config 0 descriptor?? [ 247.729087][ T8979] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 247.736142][ T8979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 247.762379][ T8979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 247.879046][ T5247] Bluetooth: hci7: command tx timeout [ 247.980486][ T8979] hsr_slave_0: entered promiscuous mode [ 248.045976][ T8979] hsr_slave_1: entered promiscuous mode [ 248.092962][ T8979] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 248.128111][ T8979] Cannot create hsr debugfs directory [ 248.169836][ T8] hackrf 3-1:0.0: usb_control_msg() failed -71 request 0f [ 248.198449][ T8] hackrf 3-1:0.0: Could not detect board [ 248.214355][ T9073] loop1: detected capacity change from 0 to 4096 [ 248.221710][ T8] hackrf 3-1:0.0: probe with driver hackrf failed with error -71 [ 248.256191][ T8] usb 3-1: USB disconnect, device number 27 [ 248.272411][ T9073] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 248.421160][ T9073] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 248.467434][ T9078] xt_HMARK: proto mask must be zero with L3 mode [ 248.482535][ T9073] ntfs3(loop1): ino=5, "/" directory corrupted [ 248.577412][ T9065] loop3: detected capacity change from 0 to 32768 [ 248.663529][ T8979] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.949810][ T8979] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.081573][ T9091] xt_bpf: check failed: parse error [ 249.083831][ T8979] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.293255][ T8979] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.306886][ T9097] loop1: detected capacity change from 0 to 64 [ 249.388166][ T9097] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 249.693380][ T8979] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 249.751738][ T8979] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 249.791048][ T8979] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 249.906235][ T8979] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 249.958066][ T5247] Bluetooth: hci7: command tx timeout [ 250.112534][ T8979] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.238628][ T8979] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.278462][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.285599][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.420366][ T2992] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.427514][ T2992] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.517163][ T8979] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 250.545234][ T8979] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 250.985245][ T9098] loop5: detected capacity change from 0 to 40427 [ 251.015476][ T9098] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 251.027981][ T9098] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 251.073309][ T8979] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 251.086231][ T9098] F2FS-fs (loop5): invalid crc value [ 251.151890][ T9098] F2FS-fs (loop5): Found nat_bits in checkpoint [ 251.231299][ T8979] veth0_vlan: entered promiscuous mode [ 251.285249][ T8979] veth1_vlan: entered promiscuous mode [ 251.384451][ T8979] veth0_macvtap: entered promiscuous mode [ 251.405267][ T9098] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 251.438879][ T9098] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 251.448740][ T8979] veth1_macvtap: entered promiscuous mode [ 251.463706][ T9161] ieee802154 phy0 wpan0: encryption failed: -22 [ 251.509663][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 251.542219][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.600008][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 251.631655][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.641908][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 251.653391][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.663311][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 251.674390][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.684827][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 251.695364][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.705247][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 251.716011][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.726297][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 251.736900][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.751057][ T8979] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 251.761702][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.772780][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.783094][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.793609][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.803692][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.814266][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.824176][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.834685][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.844610][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.855148][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.865133][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.876086][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.886650][ T8979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.897185][ T8979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.909301][ T8979] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 252.031133][ T8979] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.043118][ T5247] Bluetooth: hci7: command tx timeout [ 252.066040][ T8979] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.086144][ T9141] loop1: detected capacity change from 0 to 40427 [ 252.107575][ T8979] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.127982][ T8979] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.158623][ T9141] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 252.166311][ T9141] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 252.171542][ T9175] netlink: 'syz.3.1628': attribute type 6 has an invalid length. [ 252.236627][ T9141] F2FS-fs (loop1): invalid crc value [ 252.300878][ T9141] F2FS-fs (loop1): Found nat_bits in checkpoint [ 252.512445][ T132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 252.563933][ T9141] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30 [ 252.571591][ T132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 252.588262][ T9141] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 252.609452][ T9179] netlink: 'syz.2.1631': attribute type 4 has an invalid length. [ 252.671185][ T2992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 252.684226][ T9141] F2FS-fs (loop1): Corrupted max_depth of 3: 1537 [ 252.756940][ T2992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 253.397171][ T9199] loop2: detected capacity change from 0 to 32768 [ 253.454484][ T9199] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1640 (9199) [ 253.566316][ T5378] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 253.597823][ T9199] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 253.628254][ T9199] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 253.698047][ T9199] BTRFS info (device loop2): using free-space-tree [ 253.739989][ T5378] usb 4-1: config index 0 descriptor too short (expected 24868, got 36) [ 253.767454][ T5378] usb 4-1: config 97 has too many interfaces: 97, using maximum allowed: 32 [ 253.805922][ T29] audit: type=1326 audit(1729358741.681:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 253.822407][ T5378] usb 4-1: config 97 has an invalid descriptor of length 97, skipping remainder of the config [ 253.854530][ T29] audit: type=1326 audit(1729358741.731:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 253.897995][ T5378] usb 4-1: config 97 has 0 interfaces, different from the descriptor's value: 97 [ 253.907421][ T29] audit: type=1326 audit(1729358741.761:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 253.928615][ T5378] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 253.948203][ T5378] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.087753][ T29] audit: type=1326 audit(1729358741.961:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 254.182402][ T29] audit: type=1326 audit(1729358741.961:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9216 comm="syz.5.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 254.369816][ T9234] loop0: detected capacity change from 0 to 4096 [ 254.408579][ T29] audit: type=1326 audit(1729358742.271:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9240 comm="syz.5.1653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 254.458009][ T9234] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 254.468216][ T29] audit: type=1326 audit(1729358742.271:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9240 comm="syz.5.1653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 254.521963][ T29] audit: type=1326 audit(1729358742.281:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9240 comm="syz.5.1653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 254.574737][ T9199] BTRFS warning (device loop2): get dev_stats failed, device not found [ 254.579967][ T9249] No such timeout policy "syz0" [ 254.679606][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 254.686144][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 254.748045][ T9234] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 254.755201][ T29] audit: type=1326 audit(1729358742.281:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9240 comm="syz.5.1653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 254.765269][ T5227] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 254.788206][ T5289] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 254.953009][ T5289] usb 5-1: config 0 has an invalid interface number: 199 but max is 1 [ 255.018988][ T5289] usb 5-1: config 0 has no interface number 1 [ 255.090559][ T5289] usb 5-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 255.158027][ T5289] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 255.220267][ T5378] usb 4-1: USB disconnect, device number 24 [ 255.234851][ T5289] usb 5-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 255.308129][ T5289] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 255.328313][ T5289] usb 5-1: SerialNumber: syz [ 255.371924][ T5289] usb 5-1: config 0 descriptor?? [ 255.614697][ T5289] usb 5-1: Found UVC 0.00 device (0002:0000) [ 255.626161][ T5289] usb 5-1: No valid video chain found. [ 255.724383][ T5289] usb 5-1: USB disconnect, device number 20 [ 255.963775][ T9275] netlink: 'syz.5.1664': attribute type 1 has an invalid length. [ 256.015242][ T9275] netlink: 'syz.5.1664': attribute type 2 has an invalid length. [ 256.979663][ T9288] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1670'. [ 257.161951][ T9305] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1676'. [ 257.243222][ T9307] netlink: 'syz.4.1681': attribute type 2 has an invalid length. [ 257.494980][ T9316] ip6tnl2: entered promiscuous mode [ 257.573101][ T9324] xt_connbytes: Forcing CT accounting to be enabled [ 257.579984][ T9324] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 257.591774][ T9324] xt_bpf: check failed: parse error [ 257.672625][ T9328] loop5: detected capacity change from 0 to 2048 [ 257.750482][ T9328] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 258.228919][ T5289] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 258.420532][ T5289] usb 2-1: Using ep0 maxpacket: 16 [ 258.478340][ T5289] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 258.527368][ T5289] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 258.586370][ T5289] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice=4f.14 [ 258.638529][ T5289] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.668019][ T5289] usb 2-1: Product: syz [ 258.672241][ T5289] usb 2-1: Manufacturer: syz [ 258.676854][ T5289] usb 2-1: SerialNumber: syz [ 258.786610][ T25] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 258.829277][ T5289] usb 2-1: config 0 descriptor?? [ 258.859556][ T9338] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 258.949637][ T5247] Bluetooth: hci2: unexpected event for opcode 0x0404 [ 259.128463][ T25] usb 4-1: too many configurations: 9, using maximum allowed: 8 [ 259.139816][ T25] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 259.202304][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 259.254357][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 259.294733][ T25] usb 4-1: config 0 interface 0 has no altsetting 0 [ 259.334041][ T25] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 259.364195][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 259.402748][ T5339] usb 2-1: USB disconnect, device number 31 [ 259.439383][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 259.488272][ T25] usb 4-1: config 0 interface 0 has no altsetting 0 [ 259.504089][ T25] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 259.513233][ T932] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 259.539053][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 259.582522][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 259.613081][ T25] usb 4-1: config 0 interface 0 has no altsetting 0 [ 259.640542][ T25] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 259.675030][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 259.698490][ T932] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 259.716510][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 259.746275][ T932] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice= 9.99 [ 259.766412][ T25] usb 4-1: config 0 interface 0 has no altsetting 0 [ 259.781315][ T932] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.828693][ T25] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 259.837638][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 259.850700][ T932] usb 5-1: config 0 descriptor?? [ 259.871998][ T932] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 259.888050][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 259.917990][ T25] usb 4-1: config 0 interface 0 has no altsetting 0 [ 259.936649][ T25] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 259.988149][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 260.048411][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 260.058938][ T9390] loop2: detected capacity change from 0 to 64 [ 260.100001][ T25] usb 4-1: config 0 interface 0 has no altsetting 0 [ 260.132256][ T9392] tipc: Can't bind to reserved service type 0 [ 260.140274][ T25] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 260.171212][ T932] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 260.184608][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 260.209572][ T6216] udevd[6216]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 260.256637][ T25] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0 [ 260.281343][ T25] usb 4-1: config 0 interface 0 has no altsetting 0 [ 260.323679][ T9390] Trying to free block not in datazone [ 260.351096][ T5237] usb 5-1: USB disconnect, device number 21 [ 260.388164][ T25] usb 4-1: unable to read config index 7 descriptor/start: -71 [ 260.411081][ T25] usb 4-1: can't read configurations, error -71 [ 260.771233][ T9411] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1727'. [ 261.078593][ T29] audit: type=1326 audit(1729358748.941:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.1.1730" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcca797dff9 code=0x0 [ 261.180380][ T9424] syz.5.1733: attempt to access beyond end of device [ 261.180380][ T9424] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0 [ 261.230140][ T9424] syz.5.1733: attempt to access beyond end of device [ 261.230140][ T9424] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0 [ 261.858436][ T9446] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1745'. [ 262.238988][ T9463] trusted_key: encrypted_key: keyword 'hew' not recognized [ 262.288356][ T9460] loop2: detected capacity change from 0 to 128 [ 262.378549][ T5289] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 262.429567][ T9460] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 262.444782][ T9476] loop3: detected capacity change from 0 to 256 [ 262.524065][ T9460] ext4 filesystem being mounted at /325/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 262.548887][ T9478] syz.1.1760 uses obsolete (PF_INET,SOCK_PACKET) [ 262.593325][ T5289] usb 6-1: config 0 has an invalid interface number: 69 but max is 0 [ 262.608017][ T5289] usb 6-1: config 0 has no interface number 0 [ 262.634595][ T5289] usb 6-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 262.657251][ T5289] usb 6-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 262.677458][ T9476] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 262.681305][ T5289] usb 6-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 262.711527][ T5289] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 262.751510][ T5227] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 262.756883][ T5289] usb 6-1: Product: syz [ 262.764865][ T5289] usb 6-1: Manufacturer: syz [ 262.786370][ T5289] usb 6-1: SerialNumber: syz [ 262.823075][ T5289] usb 6-1: config 0 descriptor?? [ 262.857591][ T9458] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 262.899214][ T5289] cyberjack 6-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 262.924916][ T5289] usb 6-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 263.001973][ T5247] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 263.010850][ T5247] Bluetooth: hci2: Injecting HCI hardware error event [ 263.020327][ T5247] Bluetooth: hci2: hardware error 0x00 [ 263.308230][ T9495] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1768'. [ 263.317491][ T9495] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1768'. [ 263.531750][ T25] usb 6-1: USB disconnect, device number 27 [ 263.578661][ T25] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 263.622813][ T25] cyberjack 6-1:0.69: device disconnected [ 263.681219][ T9503] loop0: detected capacity change from 0 to 4096 [ 263.935928][ T9519] openvswitch: netlink: Message has 1 unknown bytes. [ 263.942848][ T9519] openvswitch: netlink: Actions may not be safe on all matching packets [ 264.025333][ T9521] xt_TPROXY: Can be used only with -p tcp or -p udp [ 264.073766][ T9524] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1780'. [ 264.481077][ T9537] loop1: detected capacity change from 0 to 1024 [ 264.652145][ T9537] hfsplus: cannot replace xattr [ 264.697569][ T9545] loop0: detected capacity change from 0 to 1764 [ 264.841771][ T9551] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1796'. [ 264.861918][ T9551] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1796'. [ 265.164958][ T5247] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 265.272312][ T9564] loop5: detected capacity change from 0 to 1024 [ 265.326445][ T9564] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 265.374788][ T9564] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 265.458326][ T9564] EXT4-fs (loop5): orphan cleanup on readonly fs [ 265.530026][ T9564] EXT4-fs error (device loop5): __ext4_get_inode_loc:4403: comm syz.5.1802: Invalid inode table block 0 in block_group 0 [ 265.641920][ T9564] EXT4-fs (loop5): Remounting filesystem read-only [ 265.672820][ T9564] Quota error (device loop5): write_blk: dquota write failed [ 265.708151][ T9564] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 265.736274][ T9564] EXT4-fs (loop5): 1 truncate cleaned up [ 265.762849][ T9564] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 265.979049][ T5230] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.108212][ T9587] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1814'. [ 266.160602][ T9557] loop1: detected capacity change from 0 to 32768 [ 266.233707][ T9557] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 266.671248][ T9557] XFS (loop1): Ending clean mount [ 266.816859][ T9557] XFS (loop1): Quotacheck needed: Please wait. [ 266.862623][ T9615] loop3: detected capacity change from 0 to 128 [ 266.979827][ T9601] loop5: detected capacity change from 0 to 40427 [ 267.002948][ T9601] F2FS-fs (loop5): invalid crc value [ 267.113417][ T9557] XFS (loop1): Quotacheck: Done. [ 267.134021][ T9601] F2FS-fs (loop5): Found nat_bits in checkpoint [ 267.301061][ T5231] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 267.357842][ T9601] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 267.372815][ T9585] loop0: detected capacity change from 0 to 32768 [ 267.478543][ T9585] ERROR: (device loop0): dbAllocNext: Corrupt dmap page [ 267.478543][ T9585] [ 267.559786][ T9585] ialloc: diAlloc returned -5! [ 267.584027][ T5230] syz-executor: attempt to access beyond end of device [ 267.584027][ T5230] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 267.598091][ T9626] netlink: 'syz.2.1827': attribute type 1 has an invalid length. [ 267.598312][ T9626] netlink: 'syz.2.1827': attribute type 2 has an invalid length. [ 267.682578][ T5230] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 267.812315][ T9629] pim6reg: entered allmulticast mode [ 268.219477][ T9635] loop2: detected capacity change from 0 to 4096 [ 268.236530][ T9643] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1826'. [ 268.284141][ T9635] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 268.373540][ T9635] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 268.446725][ T9651] netlink: 'syz.3.1840': attribute type 21 has an invalid length. [ 268.533252][ T9655] loop0: detected capacity change from 0 to 64 [ 269.058467][ T5237] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 269.232228][ T5237] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.02 [ 269.258444][ T5237] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 269.292399][ T5237] usb 3-1: Product: syz [ 269.296634][ T5237] usb 3-1: Manufacturer: syz [ 269.312705][ T5237] usb 3-1: SerialNumber: syz [ 269.328090][ T25] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 269.356689][ T5237] usb 3-1: config 0 descriptor?? [ 269.518775][ T25] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88 [ 269.550906][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 269.601482][ T5237] hso 3-1:0.0: Failed to find BULK IN ep [ 269.631701][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 255, changing to 11 [ 269.667618][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid maxpacket 59391, setting to 1024 [ 269.718874][ T25] usb 4-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49 [ 269.733242][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 269.788573][ T25] usb 4-1: Product: syz [ 269.805041][ T25] usb 4-1: Manufacturer: syz [ 269.838088][ T25] usb 4-1: SerialNumber: syz [ 269.844823][ T5237] usb 3-1: USB disconnect, device number 28 [ 269.881359][ T25] usb 4-1: config 0 descriptor?? [ 269.902427][ T9674] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 270.275635][ T9713] loop1: detected capacity change from 0 to 8 [ 270.395098][ T9713] SQUASHFS error: Failed to read block 0x1ec: -5 [ 270.448312][ T9713] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 270.591104][ T9720] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1873'. [ 270.647248][ T29] audit: type=1326 audit(1729358758.431:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.4.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdc17dff9 code=0x7ffc0000 [ 270.676825][ T29] audit: type=1326 audit(1729358758.441:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.4.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7fdcdc17dff9 code=0x7ffc0000 [ 270.699793][ T29] audit: type=1326 audit(1729358758.441:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.4.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdc17dff9 code=0x7ffc0000 [ 270.722200][ C0] vkms_vblank_simulate: vblank timer overrun [ 270.729688][ T29] audit: type=1326 audit(1729358758.451:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9716 comm="syz.4.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdc17dff9 code=0x7ffc0000 [ 270.984328][ T9730] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1879'. [ 271.388389][ T9750] bond0: (slave netdevsim0): Error: Device can not be enslaved while up [ 272.020204][ T9761] loop2: detected capacity change from 0 to 32768 [ 272.489363][ T5289] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 272.645789][ T9761] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 272.678381][ T9761] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 272.686745][ T9761] bcachefs (loop2): Version upgrade required: [ 272.686745][ T9761] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 272.686745][ T9761] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 272.686745][ T9761] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 272.692848][ T5289] usb 6-1: config index 0 descriptor too short (expected 3133, got 61) [ 272.757931][ C0] vkms_vblank_simulate: vblank timer overrun [ 272.858530][ T9761] bcachefs (loop2): dropping and reconstructing all alloc info [ 272.896904][ T9761] bcachefs (loop2): check_topology... done [ 272.903106][ T9761] bcachefs (loop2): accounting_read... done [ 272.910431][ T9761] bcachefs (loop2): alloc_read... done [ 272.918633][ T9761] bcachefs (loop2): stripes_read... done [ 272.924501][ T9761] bcachefs (loop2): snapshots_read... done [ 272.958114][ T9761] bcachefs (loop2): check_allocations... [ 272.985584][ T9806] openvswitch: netlink: Actions may not be safe on all matching packets [ 273.020279][ T5289] usb 6-1: config 0 has an invalid interface number: 156 but max is 1 [ 273.025807][ T9761] done [ 273.047615][ T9761] bcachefs (loop2): going read-write [ 273.047982][ T5289] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 273.102634][ T9761] bcachefs (loop2): done starting filesystem [ 273.114877][ T5289] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 273.166004][ T5289] usb 6-1: config 0 has no interface number 0 [ 273.207831][ T5289] usb 6-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 273.268106][ T5289] usb 6-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 273.335514][ T5289] usb 6-1: config 0 interface 156 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 273.369048][ T5289] usb 6-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 273.387953][ T5289] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.422189][ T5289] usb 6-1: config 0 descriptor?? [ 273.489929][ T5289] gspca_main: spca561-2.14.0 probing abcd:cdee [ 273.597792][ T5227] bcachefs (loop2): shutting down [ 273.603717][ T5227] bcachefs (loop2): going read-only [ 273.609321][ T5227] bcachefs (loop2): finished waiting for writes to stop [ 273.634854][ T5289] spca561 6-1:0.156: probe with driver spca561 failed with error -22 [ 273.644108][ T5289] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 273.652054][ T5289] usb 6-1: MIDIStreaming interface descriptor not found [ 273.699057][ T9825] cgroup: name respecified [ 273.709212][ T5227] bcachefs (loop2): flushing journal and stopping allocators, journal seq 11 [ 273.722316][ T5289] usb 6-1: USB disconnect, device number 28 [ 273.728309][ T5227] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 11 [ 273.861259][ T5354] udevd[5354]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 274.043629][ T5227] bcachefs (loop2): unshutdown complete, journal seq 12 [ 274.067385][ T9830] loop1: detected capacity change from 0 to 2048 [ 274.083913][ T5227] bcachefs (loop2): done going read-only, filesystem not clean [ 274.157471][ T9838] sctp: [Deprecated]: syz.0.1924 (pid 9838) Use of struct sctp_assoc_value in delayed_ack socket option. [ 274.157471][ T9838] Use struct sctp_sack_info instead [ 274.250140][ T5227] bcachefs (loop2): shutdown complete [ 274.258123][ T9830] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 274.376699][ T9841] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1927'. [ 274.598136][ T9844] netlink: 'syz.4.1928': attribute type 39 has an invalid length. [ 275.388440][ T9871] overlayfs: missing 'lowerdir' [ 275.570290][ T9883] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 275.780688][ T9888] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 275.874112][ T9891] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 275.956912][ T9895] loop1: detected capacity change from 0 to 1764 [ 276.757044][ T9917] Illegal XDP return value 1185271120 on prog (id 122) dev N/A, expect packet loss! [ 277.883785][ T9954] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1984'. [ 278.768358][ T9983] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1996'. [ 278.809223][ T9985] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1997'. [ 278.865302][ T9985] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1997'. [ 279.669187][ T29] audit: type=1326 audit(1729358767.551:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10016 comm="syz.1.2012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca797dff9 code=0x7ffc0000 [ 279.778198][ T29] audit: type=1326 audit(1729358767.551:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10016 comm="syz.1.2012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca797dff9 code=0x7ffc0000 [ 279.903442][ T29] audit: type=1326 audit(1729358767.571:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10016 comm="syz.1.2012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7fcca797dff9 code=0x7ffc0000 [ 280.008053][ T29] audit: type=1326 audit(1729358767.571:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10016 comm="syz.1.2012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca797dff9 code=0x7ffc0000 [ 280.138342][ T29] audit: type=1326 audit(1729358767.571:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10016 comm="syz.1.2012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca797dff9 code=0x7ffc0000 [ 280.932601][T10053] loop1: detected capacity change from 0 to 256 [ 281.040846][T10053] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 281.913369][T10043] loop2: detected capacity change from 0 to 32768 [ 282.426989][T10085] unsupported nlmsg_type 40 [ 282.642029][ T5247] Bluetooth: hci3: unexpected event for opcode 0x0809 [ 282.731967][T10096] loop2: detected capacity change from 0 to 8 [ 282.823007][T10099] netlink: 'syz.0.2051': attribute type 3 has an invalid length. [ 283.076469][T10104] loop5: detected capacity change from 0 to 512 [ 283.121610][T10104] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 283.486002][T10102] loop2: detected capacity change from 0 to 32768 [ 283.524095][T10104] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 283.540436][T10104] ext4 filesystem being mounted at /367/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.582677][T10102] ERROR: (device loop2): diAllocAG: ipimap->i_size is wrong [ 283.582677][T10102] [ 283.624262][T10102] ERROR: (device loop2): remounting filesystem as read-only [ 283.634412][T10102] ialloc: diAlloc returned -5! [ 283.794051][ T5230] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.048519][T10132] syz.5.2065 uses old SIOCAX25GETINFO [ 285.447444][T10167] loop1: detected capacity change from 0 to 32768 [ 285.473691][T10167] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2083 (10167) [ 285.653000][T10167] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 285.755595][T10167] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 285.822032][T10167] BTRFS info (device loop1): disk space caching is enabled [ 285.851809][T10167] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 286.019818][T10196] netlink: 'syz.5.2095': attribute type 1 has an invalid length. [ 286.027628][T10196] netlink: 'syz.5.2095': attribute type 2 has an invalid length. [ 286.128104][T10196] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2095'. [ 286.174883][T10204] netlink: 'syz.2.2097': attribute type 10 has an invalid length. [ 286.374616][T10204] geneve0: entered promiscuous mode [ 286.429088][T10167] BTRFS info (device loop1): rebuilding free space tree [ 286.485446][T10204] bond0: (slave geneve0): Enslaving as an active interface with an up link [ 286.521346][T10211] netlink: 'syz.5.2101': attribute type 21 has an invalid length. [ 286.564402][T10221] xt_NFQUEUE: number of total queues is 0 [ 286.599339][T10167] BTRFS info (device loop1): disabling free space tree [ 286.644523][T10167] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 286.648066][ T5237] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 286.718644][T10167] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 286.929990][T10167] BTRFS error (device loop1): balance: invalid convert metadata profile single [ 287.124528][ T5237] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 287.142907][ T5237] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 287.151611][ T5237] usb 5-1: Product: syz [ 287.155797][ T5237] usb 5-1: Manufacturer: syz [ 287.168241][ T5237] usb 5-1: SerialNumber: syz [ 287.170278][ T5231] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 287.219372][ T5237] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 287.515486][ T5339] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 288.653374][ T5291] usb 5-1: USB disconnect, device number 22 [ 288.838252][ T5339] usb 5-1: Service connection timeout for: 256 [ 288.844577][ T5339] ath9k_htc 5-1:1.0: ath9k_htc: Unable to initialize HTC services [ 288.896568][ T5339] ath9k_htc: Failed to initialize the device [ 288.966957][ T5291] usb 5-1: ath9k_htc: USB layer deinitialized [ 289.735709][T10271] netlink: 'syz.2.2125': attribute type 7 has an invalid length. [ 289.999358][T10273] loop1: detected capacity change from 0 to 1024 [ 290.519395][ T25] iguanair 4-1:0.0: failed to get version [ 290.528205][ T25] iguanair 4-1:0.0: probe with driver iguanair failed with error -110 [ 290.566427][ T25] usb 4-1: USB disconnect, device number 27 [ 290.727820][T10262] loop5: detected capacity change from 0 to 32768 [ 290.796320][T10262] JBD2: Ignoring recovery information on journal [ 290.862781][T10288] loop2: detected capacity change from 0 to 4096 [ 290.947993][T10288] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 291.024768][T10288] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 291.148230][T10262] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 291.528809][T10262] syz.5.2121 (10262) used greatest stack depth: 17240 bytes left [ 291.648353][ T5230] ocfs2: Unmounting device (7,5) on (node local) [ 291.739845][T10278] kexec: Could not allocate control_code_buffer [ 292.096719][T10331] i2c i2c-0: Invalid block write size 34 [ 292.136798][T10332] loop3: detected capacity change from 0 to 256 [ 292.210904][T10336] loop2: detected capacity change from 0 to 512 [ 292.341218][T10332] FAT-fs (loop3): Directory bread(block 64) failed [ 292.365235][T10332] FAT-fs (loop3): Directory bread(block 65) failed [ 292.373781][T10332] FAT-fs (loop3): Directory bread(block 66) failed [ 292.442847][T10342] xt_hashlimit: invalid interval [ 292.468138][T10346] netlink: 'syz.5.2161': attribute type 11 has an invalid length. [ 292.523723][T10332] FAT-fs (loop3): Directory bread(block 67) failed [ 292.556849][T10332] FAT-fs (loop3): Directory bread(block 68) failed [ 292.582187][T10332] FAT-fs (loop3): Directory bread(block 69) failed [ 292.597660][T10332] FAT-fs (loop3): Directory bread(block 70) failed [ 292.611841][T10332] FAT-fs (loop3): Directory bread(block 71) failed [ 292.635488][T10332] FAT-fs (loop3): Directory bread(block 72) failed [ 292.665572][T10336] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 292.725686][T10336] ext4 filesystem being mounted at /388/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 292.755925][T10332] FAT-fs (loop3): Directory bread(block 73) failed [ 292.765984][ T29] audit: type=1326 audit(1729358780.631:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10358 comm="syz.4.2166" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdcdc17dff9 code=0x0 [ 292.787733][ C0] vkms_vblank_simulate: vblank timer overrun [ 292.827687][T10356] loop1: detected capacity change from 0 to 1024 [ 292.839535][T10356] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 292.877089][T10356] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 292.923617][T10356] jbd2_journal_init_inode: Cannot locate journal superblock [ 292.923964][ T5227] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.941918][ T25] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 292.958202][T10356] EXT4-fs (loop1): Could not load journal inode [ 293.258191][ T8] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 293.276582][ T25] usb 1-1: config 0 has an invalid interface number: 69 but max is 0 [ 293.284802][ T25] usb 1-1: config 0 has no interface number 0 [ 293.291093][ T25] usb 1-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023 [ 293.301212][ T25] usb 1-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 293.318284][ T25] usb 1-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca [ 293.327439][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.339864][ T25] usb 1-1: Product: syz [ 293.355988][ T25] usb 1-1: Manufacturer: syz [ 293.362359][ T25] usb 1-1: SerialNumber: syz [ 293.380947][ T25] usb 1-1: config 0 descriptor?? [ 293.390661][T10355] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 293.406928][ T25] cyberjack 1-1:0.69: Reiner SCT Cyberjack USB card reader converter detected [ 293.450220][ T25] usb 1-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0 [ 293.468174][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 293.498481][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 181, changing to 7 [ 293.510263][ T5378] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 293.550489][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 8338, setting to 1024 [ 293.584713][ T8] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 293.602645][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.641159][ T8] usb 2-1: Product: syz [ 293.664432][ T8] usb 2-1: Manufacturer: syz [ 293.672728][ T5378] usb 6-1: Using ep0 maxpacket: 8 [ 293.707206][ T8] usb 2-1: SerialNumber: syz [ 293.713591][ T5378] usb 6-1: config index 0 descriptor too short (expected 1581, got 45) [ 293.724369][ T8] usb 2-1: config 0 descriptor?? [ 293.729470][ T5378] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 293.743003][ T5378] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 197 [ 293.757440][ T8] hub 2-1:0.0: bad descriptor, ignoring hub [ 293.767594][ T8] hub 2-1:0.0: probe with driver hub failed with error -5 [ 293.796937][ T5378] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 293.809756][ T8] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input19 [ 293.818946][ T5378] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 293.832632][ T5378] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 293.840409][ T25] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 293.841962][ T5378] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.879840][ T5378] usb 6-1: config 0 descriptor?? [ 293.910158][ T5289] usb 1-1: USB disconnect, device number 25 [ 293.918728][T10372] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22 [ 293.929425][ T8] usbtouchscreen 2-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -22 [ 293.952955][ T5289] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0 [ 293.966809][ T5289] cyberjack 1-1:0.69: device disconnected [ 294.021521][ T8] usbtouchscreen 2-1:0.0: probe with driver usbtouchscreen failed with error -22 [ 294.028047][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 294.048351][ T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 294.083036][ T8] usb 2-1: USB disconnect, device number 32 [ 294.083267][ T25] usb 4-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 294.109228][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.138402][ T25] usb 4-1: Product: syz [ 294.153140][ T25] usb 4-1: Manufacturer: syz [ 294.169269][ T25] usb 4-1: SerialNumber: syz [ 294.188481][ T25] usb 4-1: config 0 descriptor?? [ 294.220977][ T5289] usb 6-1: USB disconnect, device number 29 [ 294.404285][ T25] usb 4-1: Found UVC 0.00 device syz (045e:0721) [ 294.414843][ T25] usb 4-1: No valid video chain found. [ 294.433971][ T25] usb 4-1: USB disconnect, device number 28 [ 294.491873][ T5339] IPVS: starting estimator thread 0... [ 294.618245][T10393] IPVS: using max 16 ests per chain, 38400 per kthread [ 295.098436][ T5289] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 295.270233][ T5289] usb 1-1: Using ep0 maxpacket: 8 [ 295.312444][ T5289] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 295.337400][T10427] bond0: Error: Cannot enslave bond to itself. [ 295.346622][ T5289] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 295.376420][ T5289] usb 1-1: config 0 has no interface number 0 [ 295.407960][ T5289] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 295.454587][ T5289] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 295.526121][ T5289] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 295.568593][T10436] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2202'. [ 295.614749][ T5289] usb 1-1: config 0 interface 52 has no altsetting 0 [ 295.656791][ T5289] usb 1-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 295.668793][T10432] loop3: detected capacity change from 0 to 4096 [ 295.686988][T10442] netlink: 'syz.1.2207': attribute type 8 has an invalid length. [ 295.747712][ T5289] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.748117][T10442] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2207'. [ 295.795400][T10442] IPv6: sit1: Disabled Multicast RS [ 295.796100][ T5289] usb 1-1: config 0 descriptor?? [ 296.000803][T10432] ntfs3(loop3): ino=21, The size of extended attributes must not exceed 64KiB [ 296.063790][ T5289] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input20 [ 296.169784][ T4668] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 296.212555][ T4668] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 296.229274][ T4668] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 296.347403][ T5585] synaptics_usb 1-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 296.365925][ T5378] usb 1-1: USB disconnect, device number 26 [ 296.791987][T10478] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2222'. [ 296.836663][ T29] audit: type=1326 audit(1729358784.711:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdfb17dff9 code=0x7ffc0000 [ 296.859100][ C0] vkms_vblank_simulate: vblank timer overrun [ 296.960370][ T29] audit: type=1326 audit(1729358784.751:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdfb17dff9 code=0x7ffc0000 [ 296.983605][ T29] audit: type=1326 audit(1729358784.761:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcdfb17c990 code=0x7ffc0000 [ 297.005954][ C0] vkms_vblank_simulate: vblank timer overrun [ 297.031355][ T29] audit: type=1326 audit(1729358784.761:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 297.053617][ C0] vkms_vblank_simulate: vblank timer overrun [ 297.128040][ T29] audit: type=1326 audit(1729358784.761:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 297.151596][ T5378] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 297.210434][ T29] audit: type=1326 audit(1729358784.781:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 297.247033][ T29] audit: type=1326 audit(1729358784.781:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 297.269496][ T29] audit: type=1326 audit(1729358784.891:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 297.291718][ C0] vkms_vblank_simulate: vblank timer overrun [ 297.297974][ T29] audit: type=1326 audit(1729358784.961:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 297.320271][ C0] vkms_vblank_simulate: vblank timer overrun [ 297.411036][T10499] tmpfs: Bad value for 'mpol' [ 297.538098][ T5378] usb 4-1: Using ep0 maxpacket: 32 [ 297.565373][ T5378] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 297.585852][ T5378] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 297.612242][T10507] loop2: detected capacity change from 0 to 128 [ 297.627320][ T5378] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81 [ 297.680918][ T5378] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33307, setting to 1024 [ 297.738523][ T5378] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024 [ 297.792126][ T5378] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 297.832812][ T5378] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 297.885021][ T5378] usb 4-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 297.953466][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 297.953488][ T29] audit: type=1326 audit(1729358785.831:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 297.994860][ T5378] usb 4-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01 [ 298.013307][ T5378] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.042286][ T5378] usb 4-1: Product: syz [ 298.046576][ T5378] usb 4-1: Manufacturer: syz [ 298.056179][ T29] audit: type=1326 audit(1729358785.861:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 298.084736][ T5378] usb 4-1: SerialNumber: syz [ 298.104028][ T5378] usb 4-1: config 0 descriptor?? [ 298.120017][T10480] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 298.164434][ T29] audit: type=1326 audit(1729358785.861:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 298.236773][ T29] audit: type=1326 audit(1729358785.871:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 298.367953][ T29] audit: type=1326 audit(1729358785.871:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 298.390291][ C0] vkms_vblank_simulate: vblank timer overrun [ 298.410251][ T5378] cxacru 4-1:0.0: submit of write urb for cm 0x90 failed (-2) [ 298.421543][ T5378] cxacru 4-1:0.0: usbatm_usb_probe: invalid endpoint 02! [ 298.448028][ T5378] cxacru 4-1:0.0: probe with driver cxacru failed with error -22 [ 298.478673][ T5378] usb 4-1: USB disconnect, device number 29 [ 298.499213][ T29] audit: type=1326 audit(1729358785.871:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 298.623701][ T29] audit: type=1326 audit(1729358785.871:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 298.708027][ T29] audit: type=1326 audit(1729358785.881:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 298.806134][ T29] audit: type=1326 audit(1729358786.001:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdfb17dbfb code=0x7ffc0000 [ 298.999656][T10554] loop5: detected capacity change from 0 to 64 [ 299.085799][T10554] syz.5.2259: attempt to access beyond end of device [ 299.085799][T10554] loop5: rw=0, sector=32783, nr_sectors = 1 limit=64 [ 299.215162][T10555] loop2: detected capacity change from 0 to 4096 [ 299.266827][T10562] mmap: syz.3.2263 (10562): VmData 175878144 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 299.584141][T10569] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2267'. [ 299.636796][T10569] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2267'. [ 300.098002][ T9] usb 3-1: new full-speed USB device number 29 using dummy_hcd [ 300.289458][ T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 300.326055][ T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 300.355738][ T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 300.390261][ T9] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 300.427224][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.462078][T10584] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 300.471536][ T9] hub 3-1:1.0: bad descriptor, ignoring hub [ 300.496789][ T9] hub 3-1:1.0: probe with driver hub failed with error -5 [ 300.538550][ T9] cdc_wdm 3-1:1.0: skipping garbage [ 300.543808][ T9] cdc_wdm 3-1:1.0: skipping garbage [ 300.586533][ T9] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 300.615300][ T9] cdc_wdm 3-1:1.0: Unknown control protocol [ 300.838582][ T9] usb 3-1: USB disconnect, device number 29 [ 301.117162][T10593] loop5: detected capacity change from 0 to 32768 [ 301.138247][T10593] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2278 (10593) [ 301.324075][T10611] loop3: detected capacity change from 0 to 32768 [ 301.338569][T10593] BTRFS info (device loop5): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 301.378530][T10593] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 301.386998][T10593] BTRFS info (device loop5): using free-space-tree [ 301.428758][T10639] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 301.494313][T10611] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 301.699254][T10611] XFS (loop3): Ending clean mount [ 301.724402][T10611] XFS (loop3): Quotacheck needed: Please wait. [ 301.879045][T10611] XFS (loop3): Quotacheck: Done. [ 302.049092][ T5230] BTRFS info (device loop5): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787 [ 302.118070][ T5232] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 302.187263][T10676] netlink: 666 bytes leftover after parsing attributes in process `syz.1.2309'. [ 302.431156][T10682] loop1: detected capacity change from 0 to 512 [ 302.800001][T10682] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 302.848277][T10682] ext4 filesystem being mounted at /436/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 302.897817][T10704] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2317'. [ 302.953718][T10682] EXT4-fs error (device loop1): ext4_xattr_block_list:768: inode #15: comm syz.1.2312: corrupted xattr block 33: e_value out of bounds [ 302.963690][T10704] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2317'. [ 303.512393][ T5231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.633147][T10728] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2331'. [ 303.861050][T10734] loop1: detected capacity change from 0 to 2048 [ 303.888081][T10737] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2336'. [ 303.904875][T10737] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2336'. [ 303.928412][T10734] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 303.960547][T10734] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 304.204004][T10752] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2342'. [ 304.428991][T10754] loop2: detected capacity change from 0 to 2048 [ 304.463230][T10754] EXT4-fs: Ignoring removed nomblk_io_submit option [ 304.508716][T10754] EXT4-fs: Ignoring removed nomblk_io_submit option [ 304.660040][T10754] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 305.805162][T10774] loop3: detected capacity change from 0 to 32768 [ 306.426342][T10774] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 306.532669][T10774] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 306.578331][T10774] bcachefs (loop3): Version upgrade required: [ 306.578331][T10774] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 306.578331][T10774] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 306.578331][T10774] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 306.649425][ C0] vkms_vblank_simulate: vblank timer overrun [ 306.745805][T10855] loop5: detected capacity change from 0 to 256 [ 306.755749][T10774] bcachefs (loop3): dropping and reconstructing all alloc info [ 306.815923][T10774] bcachefs (loop3): check_topology... done [ 306.845334][T10774] bcachefs (loop3): accounting_read... done [ 306.888069][T10774] bcachefs (loop3): alloc_read... done [ 306.893652][T10774] bcachefs (loop3): stripes_read... done [ 306.924578][T10774] bcachefs (loop3): snapshots_read... done [ 306.939961][T10774] bcachefs (loop3): check_allocations... done [ 307.117541][T10774] bcachefs (loop3): going read-write [ 307.140830][T10774] bcachefs (loop3): done starting filesystem [ 307.358012][ T5291] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 307.387314][ T5232] bcachefs (loop3): shutting down [ 307.407953][ T5232] bcachefs (loop3): going read-only [ 307.448048][ T5232] bcachefs (loop3): finished waiting for writes to stop [ 307.501080][ T5232] bcachefs (loop3): flushing journal and stopping allocators, journal seq 11 [ 307.510065][ T5291] usb 6-1: Using ep0 maxpacket: 32 [ 307.517025][ T5291] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 307.539962][ T5291] usb 6-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 307.562841][T10878] xt_TPROXY: Can be used only with -p tcp or -p udp [ 307.563845][ T5291] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.586045][ T5232] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 12 [ 307.606004][ T5291] usb 6-1: Product: syz [ 307.611028][ T5291] usb 6-1: Manufacturer: syz [ 307.616902][ T5232] bcachefs (loop3): unshutdown complete, journal seq 13 [ 307.624335][ T5291] usb 6-1: SerialNumber: syz [ 307.629466][ T5232] bcachefs (loop3): done going read-only, filesystem not clean [ 307.638552][ T5291] usb 6-1: config 0 descriptor?? [ 307.645630][ T5291] usb 6-1: bad CDC descriptors [ 307.651190][ T5291] usb 6-1: unsupported MDLM descriptors [ 307.862692][ T25] usb 6-1: USB disconnect, device number 30 [ 307.904383][ T5232] bcachefs (loop3): shutdown complete [ 308.090158][T10892] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2406'. [ 308.361238][T10697] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 2: invalid block bitmap [ 308.594472][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 308.594494][ T29] audit: type=1326 audit(1729358796.451:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10911 comm="syz.5.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 308.623407][ C0] vkms_vblank_simulate: vblank timer overrun [ 308.713705][ T29] audit: type=1326 audit(1729358796.451:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10911 comm="syz.5.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 308.724491][T10916] dvmrp0: entered allmulticast mode [ 308.814509][ T29] audit: type=1326 audit(1729358796.461:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10911 comm="syz.5.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 308.865397][ T29] audit: type=1326 audit(1729358796.461:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10911 comm="syz.5.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 308.966798][ T29] audit: type=1326 audit(1729358796.461:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10911 comm="syz.5.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f218497dff9 code=0x7ffc0000 [ 308.989116][ C0] vkms_vblank_simulate: vblank timer overrun [ 309.320273][T10935] binfmt_misc: register: failed to install interpreter file ./bus/file0 [ 309.548255][T10947] capability: warning: `syz.0.2431' uses 32-bit capabilities (legacy support in use) [ 309.718526][ T8] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 309.890408][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 310.079470][ T8] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 310.109158][ T8] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A [ 310.134648][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 310.167517][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 310.188237][ T8] usb 3-1: config 0 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 310.207976][ T5378] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 310.269520][ T8] usb 3-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 310.297046][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.327609][ T8] usb 3-1: Product: syz [ 310.356429][ T8] usb 3-1: Manufacturer: syz [ 310.372032][ T8] usb 3-1: SerialNumber: syz [ 310.398293][ T5378] usb 2-1: Using ep0 maxpacket: 16 [ 310.409192][ T5378] usb 2-1: config 1 has too many interfaces: 255, using maximum allowed: 32 [ 310.427219][ T8] usb 3-1: config 0 descriptor?? [ 310.432741][ T5378] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 255 [ 310.471878][ T5378] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 310.514706][ T5378] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 310.554754][ T5378] usb 2-1: Product: syz [ 310.573210][ T5378] usb 2-1: Manufacturer: syz [ 310.593145][ T5378] usb 2-1: SerialNumber: syz [ 310.727107][ T5378] r8152-cfgselector 2-1: Unknown version 0x0000 [ 311.071003][ T8] iowarrior 3-1:0.0: IOWarrior product=0x1505, serial=42424242 interface=0 now attached to iowarrior0 [ 311.111046][ T8] usb 3-1: USB disconnect, device number 30 [ 311.154564][ T8] iowarrior 3-1:0.0: I/O-Warror #0 now disconnected [ 311.195950][ T5378] r8152-cfgselector 2-1: USB disconnect, device number 33 [ 311.328328][T10994] ieee802154 phy0 wpan0: encryption failed: -22 [ 311.358025][ T25] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 311.542179][ T25] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 311.562896][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 311.618327][ T25] usb 1-1: Product: syz [ 311.622554][ T25] usb 1-1: Manufacturer: syz [ 311.653515][ T25] usb 1-1: SerialNumber: syz [ 311.711663][ T25] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 311.738897][ T5339] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 311.823471][T11006] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2461'. [ 311.870332][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2459'. [ 311.883455][T11010] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2463'. [ 311.918193][T11010] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2463'. [ 312.165531][T11020] xt_CT: You must specify a L4 protocol and not use inversions on it [ 312.194177][ T5291] usb 1-1: USB disconnect, device number 27 [ 312.323557][T11023] loop5: detected capacity change from 0 to 1764 [ 312.439632][T11029] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2471'. [ 312.947529][ T5339] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 312.955114][ T5339] ath9k_htc: Failed to initialize the device [ 312.987998][ T5291] usb 1-1: ath9k_htc: USB layer deinitialized [ 313.762423][T11098] cgroup: Invalid name [ 313.883536][T11101] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2508'. [ 313.973431][T11107] netlink: 'syz.0.2512': attribute type 2 has an invalid length. [ 314.344988][T11120] netlink: 'syz.4.2516': attribute type 1 has an invalid length. [ 314.418787][T11120] netlink: 512 bytes leftover after parsing attributes in process `syz.4.2516'. [ 314.439675][T11123] netlink: 'syz.2.2518': attribute type 21 has an invalid length. [ 314.639680][T11132] loop3: detected capacity change from 0 to 16 [ 314.692809][T11132] erofs: (device loop3): mounted with root inode @ nid 36. [ 314.736041][T11132] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 72 of nid 36 [ 315.864209][T11185] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 315.879980][T11185] Error parsing options; rc = [-22] [ 315.940859][T11149] loop5: detected capacity change from 0 to 32768 [ 316.134041][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.143266][T11149] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode. [ 316.154679][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.808095][ T29] audit: type=1326 audit(1729358804.671:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11223 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdc17dff9 code=0x7ffc0000 [ 316.876324][ T29] audit: type=1326 audit(1729358804.741:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11223 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fdcdc17dff9 code=0x7ffc0000 [ 316.960698][ T29] audit: type=1326 audit(1729358804.841:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11223 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdc17dff9 code=0x7ffc0000 [ 316.983034][ C1] vkms_vblank_simulate: vblank timer overrun [ 316.989423][ T5339] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 317.024405][ T5230] ocfs2: Unmounting device (7,5) on (node local) [ 317.128078][ T29] audit: type=1326 audit(1729358804.901:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11229 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fdcdc1b00e5 code=0x7ffc0000 [ 317.150563][ C1] vkms_vblank_simulate: vblank timer overrun [ 317.178589][ T5339] usb 4-1: Using ep0 maxpacket: 32 [ 317.208311][ T5339] usb 4-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91 [ 317.217458][ T5339] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 317.256307][ T29] audit: type=1326 audit(1729358805.111:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11229 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fdcdc17dff9 code=0x7ffc0000 [ 317.335575][ T5339] usb 4-1: config 0 descriptor?? [ 317.362077][ T5339] gspca_main: sunplus-2.14.0 probing 0458:7006 [ 317.488013][ T8] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 317.562845][ T5339] gspca_sunplus: reg_w_riv err -71 [ 317.575048][T11248] 9pnet: Could not find request transport: fdLno=HH? QsCX{eC~nЩ [ 317.589286][ T5339] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 317.614527][ T5339] usb 4-1: USB disconnect, device number 30 [ 317.658196][ T8] usb 6-1: Using ep0 maxpacket: 8 [ 317.679496][ T8] usb 6-1: config 135 has an invalid interface number: 230 but max is 0 [ 317.680037][ T5237] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 317.705666][ T8] usb 6-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 317.740295][ T8] usb 6-1: config 135 has no interface number 0 [ 317.770689][ T8] usb 6-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 317.802461][ T8] usb 6-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 317.850283][ T8] usb 6-1: config 135 interface 230 has no altsetting 0 [ 317.874680][ T5237] usb 5-1: Using ep0 maxpacket: 32 [ 317.879624][ T8] usb 6-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 317.893089][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.900873][ T5237] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83 [ 317.923769][ T5237] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.930219][ T8] usb 6-1: Product: syz [ 317.965316][ T8] usb 6-1: Manufacturer: syz [ 317.970532][ T8] usb 6-1: SerialNumber: syz [ 317.974007][ T5237] usb 5-1: Product: syz [ 317.983374][ T8] usb 6-1: Found UVC 0.00 device syz (18ec:3288) [ 317.990420][ T8] usb 6-1: No valid video chain found. [ 318.004529][ T5237] usb 5-1: Manufacturer: syz [ 318.018102][ T5237] usb 5-1: SerialNumber: syz [ 318.040621][ T5237] usb 5-1: config 0 descriptor?? [ 318.213224][ T5289] usb 6-1: USB disconnect, device number 31 [ 318.238153][ T5378] usb 1-1: new low-speed USB device number 28 using dummy_hcd [ 318.340425][ T5237] snd-usb-6fire 5-1:0.0: unknown device firmware state received from device: [ 318.370021][ T8] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 318.378048][ T5237] a0 85 c5 6a af b0 b2 6c [ 318.378169][ T5237] snd-usb-6fire 5-1:0.0: probe with driver snd-usb-6fire failed with error -5 [ 318.414634][ T5378] usb 1-1: config index 0 descriptor too short (expected 1307, got 27) [ 318.436764][ T5378] usb 1-1: config 0 has an invalid interface number: 0 but max is -1 [ 318.466047][ T5378] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 318.495521][ T5378] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 318.528132][ T5378] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 318.552775][ T5378] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 318.580514][ T5378] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 318.611065][ T5378] usb 1-1: string descriptor 0 read error: -22 [ 318.617383][ T5378] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 318.627404][ T5378] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.652636][ T5289] usb 5-1: USB disconnect, device number 23 [ 318.674116][ T8] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 318.688012][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.696064][ T8] usb 3-1: Product: syz [ 318.710951][ T5378] usb 1-1: config 0 descriptor?? [ 318.725247][ T8] usb 3-1: Manufacturer: syz [ 318.732294][ T8] usb 3-1: SerialNumber: syz [ 318.740365][ T5378] hub 1-1:0.0: bad descriptor, ignoring hub [ 318.746316][ T5378] hub 1-1:0.0: probe with driver hub failed with error -5 [ 318.770895][ T8] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 318.794748][ T9] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 318.851274][ T5378] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input22 [ 318.862773][ T29] audit: type=1326 audit(1729358806.701:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11274 comm="syz.1.2590" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcca797dff9 code=0x0 [ 319.089503][ T5378] usb 1-1: USB disconnect, device number 28 [ 319.419562][ T8] usb 3-1: USB disconnect, device number 31 [ 319.880722][ T9] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 319.901381][ T9] ath9k_htc: Failed to initialize the device [ 320.008133][ T8] usb 3-1: ath9k_htc: USB layer deinitialized [ 320.511248][T11335] netlink: 'syz.5.2620': attribute type 1 has an invalid length. [ 320.574671][T11335] netlink: 168864 bytes leftover after parsing attributes in process `syz.5.2620'. [ 320.676226][T11341] netlink: 'syz.3.2621': attribute type 1 has an invalid length. [ 320.715683][T11344] loop1: detected capacity change from 0 to 512 [ 320.963230][T11344] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 320.971687][T11344] EXT4-fs (loop1): orphan cleanup on readonly fs [ 320.981083][T11344] EXT4-fs warning (device loop1): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 321.003003][T11344] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 321.010696][T11344] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #13: comm syz.1.2626: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 321.081921][T11344] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.2626: couldn't read orphan inode 13 (err -117) [ 321.103010][T11344] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 321.191951][T11344] EXT4-fs error (device loop1): ext4_lookup:1813: comm syz.1.2626: inode #15: comm syz.1.2626: iget: illegal inode # [ 321.378110][ T5231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.762111][T11374] loop3: detected capacity change from 0 to 4096 [ 321.918561][T11387] binder: binder_mmap: 11386 20174000-20d74000 bad vm_flags failed -1 [ 322.480627][T11412] loop3: detected capacity change from 0 to 256 [ 322.547917][T11412] exfat: Deprecated parameter 'namecase' [ 322.569767][T11408] loop1: detected capacity change from 0 to 1764 [ 322.599744][T11412] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 323.586366][T11454] netlink: 468 bytes leftover after parsing attributes in process `syz.3.2677'. [ 323.992162][T11480] loop3: detected capacity change from 0 to 256 [ 324.621488][T11505] netlink: 'syz.2.2700': attribute type 1 has an invalid length. [ 324.928655][T11526] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (46336) [ 324.975507][T11526] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023 [ 325.388666][T11549] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2722'. [ 325.951154][T11575] netlink: 'syz.2.2736': attribute type 1 has an invalid length. [ 326.194726][T11583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2740'. [ 327.052928][T11608] tmpfs: Bad value for 'mpol' [ 327.347723][T11587] loop5: detected capacity change from 0 to 32768 [ 327.430299][T11587] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 327.485028][T11587] JBD2: Ignoring recovery information on journal [ 327.743990][T11587] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 327.747839][T11632] netlink: 'syz.0.2764': attribute type 16 has an invalid length. [ 327.768072][T11632] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2764'. [ 328.156884][ T5230] ocfs2: Unmounting device (7,5) on (node local) [ 328.178022][T11651] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2774'. [ 328.619773][T11665] ieee802154 phy0 wpan0: encryption failed: -22 [ 329.199004][T11687] No such timeout policy "syz0" [ 329.274877][T11692] loop1: detected capacity change from 0 to 512 [ 329.305549][T11692] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 329.419748][T11692] EXT4-fs (loop1): 1 truncate cleaned up [ 329.426546][T11692] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 329.593651][T11692] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.2793: corrupted in-inode xattr: overlapping e_value [ 329.813955][T11692] EXT4-fs (loop1): Remounting filesystem read-only [ 329.828265][T11692] EXT4-fs warning (device loop1): ext4_xattr_set_entry:1772: inode #15: comm syz.1.2793: unable to update i_inline_off [ 329.860067][T11692] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 330.095282][ T5231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.875515][T11763] loop1: detected capacity change from 0 to 512 [ 330.926169][T11763] EXT4-fs: Ignoring removed mblk_io_submit option [ 331.041891][T11763] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 331.203374][T11763] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.2823: attempt to clear invalid blocks 2 len 1 [ 331.222020][T11763] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 331.255826][T11763] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2823: invalid indirect mapped block 1819239214 (level 0) [ 331.388235][T11763] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2823: invalid indirect mapped block 1819239214 (level 1) [ 331.471460][T11763] EXT4-fs (loop1): 1 truncate cleaned up [ 331.504008][T11763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 331.760484][ T5231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.940534][T11791] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2840'. [ 332.808694][T11811] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2848'. [ 335.229909][T11867] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2873'. [ 335.598166][T11873] netlink: 'syz.2.2876': attribute type 8 has an invalid length. [ 336.192463][T11887] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2883'. [ 336.710111][T11900] loop3: detected capacity change from 0 to 128 [ 336.968615][T11856] loop5: detected capacity change from 0 to 32768 [ 337.436134][T11856] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=lz4,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io [ 337.529175][T11856] bcachefs (loop5): recovering from clean shutdown, journal seq 10 [ 337.537334][T11856] bcachefs (loop5): Version upgrade required: [ 337.537334][T11856] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 337.537334][T11856] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 337.537334][T11856] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 338.008497][T11856] bcachefs (loop5): dropping and reconstructing all alloc info [ 338.095062][T11856] bcachefs (loop5): bch2_journal_reclaim_start(): error creating journal reclaim thread EINTR [ 338.168412][T11856] bcachefs (loop5): bch2_fs_recovery(): error EINTR [ 338.211403][T11856] bcachefs (loop5): bch2_fs_start(): error starting filesystem EINTR [ 338.258435][T11856] bcachefs (loop5): shutting down [ 338.372861][T11856] bcachefs (loop5): shutdown complete [ 339.298704][T11960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2915'. [ 339.307623][T11960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2915'. [ 339.428913][T11960] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2915'. [ 339.514438][T11964] loop3: detected capacity change from 0 to 256 [ 339.618119][T11964] FAT-fs (loop3): Directory bread(block 64) failed [ 339.658411][T11964] FAT-fs (loop3): Directory bread(block 65) failed [ 339.665050][T11964] FAT-fs (loop3): Directory bread(block 66) failed [ 339.738164][T11964] FAT-fs (loop3): Directory bread(block 67) failed [ 339.778224][T11964] FAT-fs (loop3): Directory bread(block 68) failed [ 339.784790][T11964] FAT-fs (loop3): Directory bread(block 69) failed [ 339.845896][T11964] FAT-fs (loop3): Directory bread(block 70) failed [ 339.876033][T11964] FAT-fs (loop3): Directory bread(block 71) failed [ 339.895654][T11964] FAT-fs (loop3): Directory bread(block 72) failed [ 339.924014][T11964] FAT-fs (loop3): Directory bread(block 73) failed [ 339.991336][T11964] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 340.307179][T11973] netlink: 'syz.0.2921': attribute type 28 has an invalid length. [ 340.685238][ T29] audit: type=1326 audit(1729358828.561:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.0.2923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33d3b7dff9 code=0x7ffc0000 [ 340.745221][T11978] loop3: detected capacity change from 0 to 512 [ 340.821714][ T29] audit: type=1326 audit(1729358828.561:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.0.2923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33d3b7dff9 code=0x7ffc0000 [ 340.858079][T11978] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 340.930436][ T29] audit: type=1326 audit(1729358828.591:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.0.2923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f33d3b7dff9 code=0x7ffc0000 [ 341.043401][ T29] audit: type=1326 audit(1729358828.591:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.0.2923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33d3b7dff9 code=0x7ffc0000 [ 341.222850][ T29] audit: type=1326 audit(1729358828.591:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11974 comm="syz.0.2923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f33d3b7dff9 code=0x7ffc0000 [ 341.280131][T11978] EXT4-fs (loop3): orphan cleanup on readonly fs [ 341.309693][T11978] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2925: bg 0: block 248: padding at end of block bitmap is not set [ 341.461754][T11978] Quota error (device loop3): write_blk: dquota write failed [ 341.529649][T11978] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 341.621567][T11978] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.2925: Failed to acquire dquot type 1 [ 341.726823][T11978] EXT4-fs (loop3): 1 truncate cleaned up [ 341.780792][T11978] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 341.843910][ T5242] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 341.853455][ T5242] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 341.861907][ T5242] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 341.870737][ T5242] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 341.880344][ T5242] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 341.890627][ T5242] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 342.032457][T11978] ext4: Unexpected value for 'quota' [ 342.259499][ T5232] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.293347][T11856] bcachefs: bch2_fs_get_tree() error: EINTR [ 342.830840][T12000] vhci_hcd: invalid port number 0 [ 343.236677][T11988] chnl_net:caif_netlink_parms(): no params data found [ 343.341434][T12009] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2937'. [ 343.431699][T12009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2937'. [ 343.959833][ T5242] Bluetooth: hci8: command tx timeout [ 344.019078][T11988] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.026224][T11988] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.108622][T11988] bridge_slave_0: entered allmulticast mode [ 344.116207][T11988] bridge_slave_0: entered promiscuous mode [ 344.135030][T11988] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.142274][T11988] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.158210][T11988] bridge_slave_1: entered allmulticast mode [ 344.165370][T11988] bridge_slave_1: entered promiscuous mode [ 344.169431][T12030] loop5: detected capacity change from 0 to 1024 [ 344.310098][T12030] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 344.350053][T12030] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e11d, mo2=0002] [ 344.359353][T12030] System zones: 0-1, 2-3, 4-36, 98-101, 102-102 [ 344.369912][T12030] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 344.604409][T11988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 344.606119][ T5230] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.730697][T11988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 344.941914][T12057] loop5: detected capacity change from 0 to 256 [ 344.978198][T11988] team0: Port device team_slave_0 added [ 344.986298][T11988] team0: Port device team_slave_1 added [ 345.335515][T12067] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 345.451796][T12068] ALSA: mixer_oss: invalid OSS volume '' [ 345.480628][T11988] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 345.497709][T11988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 345.526690][T12056] loop1: detected capacity change from 0 to 32768 [ 345.543060][T11988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 345.660814][T11988] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 345.699867][T11988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 345.815886][T11988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 345.909682][T12056] (syz.1.2958,12056,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 345.981796][T12056] (syz.1.2958,12056,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 346.062412][T12056] JBD2: Ignoring recovery information on journal [ 346.104187][ T5242] Bluetooth: hci8: command tx timeout [ 346.147551][T12077] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2968'. [ 346.447018][T11988] hsr_slave_0: entered promiscuous mode [ 346.459309][T12056] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 346.603539][T11988] hsr_slave_1: entered promiscuous mode [ 346.645560][T11988] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 346.690158][T11988] Cannot create hsr debugfs directory [ 346.712721][T12093] netlink: 'syz.2.2975': attribute type 3 has an invalid length. [ 346.748758][T12090] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2973'. [ 346.949454][ T5231] ocfs2: Unmounting device (7,1) on (node local) [ 347.662711][T12103] libceph: resolve '400' (ret=-3): failed [ 348.120574][ T5242] Bluetooth: hci8: command tx timeout [ 348.303739][T11988] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.526626][T12079] loop5: detected capacity change from 0 to 32768 [ 348.759135][T12079] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 348.907574][T11988] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.285747][ T5230] ocfs2: Unmounting device (7,5) on (node local) [ 349.591643][T11988] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.008114][ T8] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 350.133954][T11988] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.213090][ T5242] Bluetooth: hci8: command tx timeout [ 350.238235][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 350.261993][T12124] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 350.281314][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 350.301475][T12124] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 350.369075][ T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=a6.13 [ 350.410661][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 350.432812][T12124] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 350.458026][T12124] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 350.466270][ T8] usb 1-1: Product: syz [ 350.487107][ T8] usb 1-1: Manufacturer: syz [ 350.503980][ T8] usb 1-1: SerialNumber: syz [ 350.532115][ T8] usb 1-1: config 0 descriptor?? [ 350.550075][ T8] pvrusb2: Hardware description: Terratec Grabster AV400 [ 350.568180][ T8] pvrusb2: ********** [ 350.572739][ T8] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 350.603635][ T8] pvrusb2: Important functionality might not be entirely working. [ 350.618031][ T8] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 350.658400][ T8] pvrusb2: ********** [ 350.749271][T12124] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 350.827636][ T2030] pvrusb2: Invalid write control endpoint [ 350.847454][T12124] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 350.977617][ T5292] usb 1-1: USB disconnect, device number 29 [ 351.060323][T12124] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 351.124979][T12150] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2996'. [ 351.144526][T12124] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 351.214005][ T2030] pvrusb2: Invalid write control endpoint [ 351.222940][T12124] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 351.266189][ T2030] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 351.296055][T12124] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 351.330526][T11988] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 351.357643][ T2030] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 351.402214][ T2030] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 351.467259][T11988] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 351.497938][ T2030] pvrusb2: Device being rendered inoperable [ 351.559873][ T2030] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 351.566993][ T2030] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b) [ 351.624075][T11988] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 351.726663][ T2030] pvrusb2: Attached sub-driver cx25840 [ 351.789605][ T2030] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 351.878305][ T2030] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 352.225188][T12169] netlink: zone id is out of range [ 352.329813][T11988] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 352.700665][T12179] loop1: detected capacity change from 0 to 256 [ 352.808596][ T5378] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 352.870290][T12179] FAT-fs (loop1): Directory bread(block 64) failed [ 352.908191][T12179] FAT-fs (loop1): Directory bread(block 65) failed [ 352.914882][T12179] FAT-fs (loop1): Directory bread(block 66) failed [ 353.009878][T12179] FAT-fs (loop1): Directory bread(block 67) failed [ 353.051273][T12184] loop5: detected capacity change from 0 to 128 [ 353.064038][ T5378] usb 1-1: unable to get BOS descriptor or descriptor too short [ 353.072426][T12179] FAT-fs (loop1): Directory bread(block 68) failed [ 353.086940][ T5378] usb 1-1: config 0 has an invalid interface number: 157 but max is 1 [ 353.118489][T12179] FAT-fs (loop1): Directory bread(block 69) failed [ 353.151855][ T5378] usb 1-1: config 0 has an invalid interface number: 244 but max is 1 [ 353.162039][T12184] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 353.185646][T12179] FAT-fs (loop1): Directory bread(block 70) failed [ 353.212662][ T5378] usb 1-1: config 0 has no interface number 0 [ 353.238598][T12179] FAT-fs (loop1): Directory bread(block 71) failed [ 353.271637][ T5378] usb 1-1: config 0 has no interface number 1 [ 353.299748][T12184] ext4 filesystem being mounted at /517/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 353.319843][T12179] FAT-fs (loop1): Directory bread(block 72) failed [ 353.326426][T12179] FAT-fs (loop1): Directory bread(block 73) failed [ 353.334208][ T5378] usb 1-1: config 0 interface 244 altsetting 6 bulk endpoint 0x1 has invalid maxpacket 8 [ 353.394850][ T5378] usb 1-1: config 0 interface 157 has no altsetting 0 [ 353.451431][ T5378] usb 1-1: config 0 interface 244 has no altsetting 0 [ 353.499705][ T5378] usb 1-1: language id specifier not provided by device, defaulting to English [ 353.569792][ T5378] usb 1-1: New USB device found, idVendor=11ba, idProduct=1001, bcdDevice=81.b0 [ 353.621839][ T5378] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 353.644283][ T5230] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 353.694266][ T5378] usb 1-1: Product: syz [ 353.736858][ T5378] usb 1-1: Manufacturer: syz [ 353.766570][ T5378] usb 1-1: SerialNumber: syz [ 353.826265][ T5378] usb 1-1: config 0 descriptor?? [ 354.055141][ T5242] Bluetooth: hci6: command 0x0406 tx timeout [ 354.131874][ T5378] pvrusb2: Hardware description: OnAir USB2 Hybrid USB tuner [ 354.185400][ T5378] usb 1-1: selecting invalid altsetting 0 [ 354.225663][ T2030] pvrusb2: control-write URB failure, status=-71 [ 354.240013][ T5378] pvrusb2: Hardware description: OnAir USB2 Hybrid USB tuner [ 354.314486][ T2030] pvrusb2: Device being rendered inoperable [ 354.325816][ T5378] usb 1-1: selecting invalid altsetting 0 [ 354.345336][ T2030] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 354.395803][ T5378] usb 1-1: USB disconnect, device number 30 [ 354.435244][ T2030] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 354.500614][ T2030] pvrusb2: Failed to submit write-control URB status=-19 [ 354.507697][ T2030] pvrusb2: Device being rendered inoperable [ 354.599248][ T2030] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 354.668899][ T2030] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 354.919733][T12124] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 354.925767][T12124] Bluetooth: hci6: Error when powering off device on rfkill (-4) [ 354.984867][T11988] 8021q: adding VLAN 0 to HW filter on device bond0 [ 355.128889][T12124] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 355.134887][T12124] Bluetooth: hci7: Error when powering off device on rfkill (-4) [ 355.188535][T11988] 8021q: adding VLAN 0 to HW filter on device team0 [ 355.284723][ T1117] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.291916][ T1117] bridge0: port 1(bridge_slave_0) entered forwarding state [ 355.406802][ T1117] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.414033][ T1117] bridge0: port 2(bridge_slave_1) entered forwarding state [ 356.254383][T12200] loop1: detected capacity change from 0 to 32768 [ 356.266736][T12232] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3023'. [ 356.353267][T12200] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3013 (12200) [ 356.526559][T11988] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 356.657475][T12124] Bluetooth: hci8: Opcode 0x0c1a failed: -4 [ 356.723473][T12124] Bluetooth: hci8: Error when powering off device on rfkill (-4) [ 357.935759][T11988] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 359.096419][T12301] loop1: detected capacity change from 0 to 512 [ 359.207131][T12301] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 359.416603][T12301] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.518163][T12301] ext4 filesystem being mounted at /573/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 360.036719][ T5231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.094440][T11988] veth0_vlan: entered promiscuous mode [ 360.216839][T11988] veth1_vlan: entered promiscuous mode [ 360.568410][T11988] veth0_macvtap: entered promiscuous mode [ 360.661949][T11988] veth1_macvtap: entered promiscuous mode [ 360.800650][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 360.928069][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.005223][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.081765][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.150182][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.233243][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.335412][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.407965][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.474196][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.545463][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.616514][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.716122][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.802725][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.861646][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.927964][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 362.024439][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 362.106343][T11988] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 362.244876][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 362.387936][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 362.470150][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 362.597816][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 362.613294][T12366] ieee802154 phy0 wpan0: encryption failed: -22 [ 362.678263][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 362.788657][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 362.872415][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.001738][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.086206][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.163149][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.232177][T12383] kernel profiling enabled (shift: 17) [ 363.258554][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.336298][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.463219][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.555899][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.631549][T11988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.715223][T11988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.797805][T11988] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 363.900565][T12376] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3073'. [ 363.958118][T12393] (unnamed net_device) (uninitialized): option arp_validate: invalid value (9) [ 364.075957][T11988] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.175448][T11988] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.288138][T11988] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.296897][T11988] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.450822][T12406] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615) [ 364.548129][T12406] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 365.520480][T12430] syz.0.3094: attempt to access beyond end of device [ 365.520480][T12430] nbd0: rw=0, sector=6, nr_sectors = 2 limit=0 [ 365.605697][ T2546] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 365.675035][T12430] ADFS-fs (nbd0): error: unable to read block 3, try 0 [ 365.712172][ T2546] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 365.943083][ T1117] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 366.030190][ T1117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 366.190908][ T5292] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 366.773745][T12463] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3107'. [ 366.840574][ T5292] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 366.858128][ T5292] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 366.901059][ T5292] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 366.927926][ T5292] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.961158][T12435] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 367.019080][ T5292] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 367.084635][T12475] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3110'. [ 367.104501][T12476] ./file1: Can't lookup blockdev [ 367.121410][T12475] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3110'. [ 367.256618][ T5289] usb 2-1: USB disconnect, device number 34 [ 367.572706][T12493] xt_hashlimit: size too large, truncated to 1048576 [ 367.608261][T12493] xt_hashlimit: overflow, try lower: 0/0 [ 368.310992][T12527] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3136'. [ 368.535537][T12535] netlink: 180 bytes leftover after parsing attributes in process `syz.5.3140'. [ 368.913185][ T5237] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 369.076615][ T5237] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 369.107346][ T5237] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 369.163861][ T5237] usb 2-1: Product: syz [ 369.180251][ T5237] usb 2-1: Manufacturer: syz [ 369.185520][ T5237] usb 2-1: SerialNumber: syz [ 369.212082][ T5237] usb 2-1: config 0 descriptor?? [ 369.217672][T12569] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3156'. [ 369.253749][T12569] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-tlb(5) [ 369.277450][T12571] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3159'. [ 369.347559][T12571] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3159'. [ 369.442437][ T5237] hso 2-1:0.0: Failed to find BULK IN ep [ 369.451044][ T5237] usb-storage 2-1:0.0: USB Mass Storage device detected [ 369.747320][ T5237] usb 2-1: USB disconnect, device number 35 [ 369.830079][T12590] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3168'. [ 370.165391][T12605] autofs4:pid:12605:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.4294967071), cmd(0xc0189372) [ 370.230934][T12605] autofs4:pid:12605:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189372) [ 370.310425][T12613] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 370.540829][T12620] netlink: 'syz.0.3182': attribute type 3 has an invalid length. [ 370.668476][T12625] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3184'. [ 370.931759][T12637] netlink: 'syz.2.3189': attribute type 75 has an invalid length. [ 371.005719][T12644] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3193'. [ 371.042998][T12644] netlink: 'syz.3.3193': attribute type 1 has an invalid length. [ 371.078877][T12644] netlink: 'syz.3.3193': attribute type 2 has an invalid length. [ 371.134090][T12644] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3193'. [ 371.197524][T12647] loop5: detected capacity change from 0 to 2048 [ 371.237521][T12653] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 371.328238][ T29] audit: type=1326 audit(1729358859.191:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12654 comm="syz.3.3199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdfb17dff9 code=0x7ffc0000 [ 371.350521][ C0] vkms_vblank_simulate: vblank timer overrun [ 371.380420][ T29] audit: type=1326 audit(1729358859.191:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12654 comm="syz.3.3199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdfb17dff9 code=0x7ffc0000 [ 371.383798][T12647] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 371.418382][ T29] audit: type=1326 audit(1729358859.261:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12654 comm="syz.3.3199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7fcdfb17dff9 code=0x7ffc0000 [ 371.448459][ T29] audit: type=1326 audit(1729358859.261:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12654 comm="syz.3.3199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdfb17dff9 code=0x7ffc0000 [ 371.514110][T12659] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3200'. [ 371.515265][T12647] Remounting filesystem read-only [ 371.585683][T12661] loop1: detected capacity change from 0 to 128 [ 371.598709][T12647] NILFS error (device loop5): nilfs_bmap_last_key: broken bmap (inode number=16) [ 371.611671][T12663] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3202'. [ 371.654147][T12661] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 371.655497][T12647] NILFS (loop5): error -5 truncating bmap (ino=16) [ 371.709435][T12661] ext4 filesystem being mounted at /590/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 371.807218][T12671] loop3: detected capacity change from 0 to 512 [ 371.905304][T12671] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 371.929496][ T5230] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 372.028334][T12671] EXT4-fs (loop3): orphan cleanup on readonly fs [ 372.054928][T12671] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3206: bg 0: block 248: padding at end of block bitmap is not set [ 372.088075][T12671] Quota error (device loop3): write_blk: dquota write failed [ 372.095681][T12671] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 372.141555][ T5231] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 372.148001][T12671] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.3206: Failed to acquire dquot type 1 [ 372.197629][T12671] EXT4-fs (loop3): 1 truncate cleaned up [ 372.244130][T12671] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 372.426773][ T5232] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 372.562126][T12694] omfs: Invalid superblock (0) [ 373.267733][T12727] loop1: detected capacity change from 0 to 1024 [ 373.324816][T12727] EXT4-fs: Ignoring removed orlov option [ 373.358048][T12727] EXT4-fs: Ignoring removed nomblk_io_submit option [ 373.420007][T12727] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e018, mo2=0002] [ 373.438507][T12727] System zones: 0-1, 3-12 [ 373.444173][T12727] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 373.486848][T12727] VFS: Lookup of 'file0' in ext4 loop1 would have caused loop [ 373.752659][ T5231] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.761479][T12707] loop3: detected capacity change from 0 to 32768 [ 373.891049][T12707] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 374.007411][T12707] OCFS2: ERROR (device loop3): int ocfs2_validate_xattr_block(struct super_block *, struct buffer_head *): Extended attribute block #2304 has bad signature [ 374.048088][T12707] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 374.080057][T12707] OCFS2: File system is now read-only. [ 374.092587][T12707] (syz.3.3222,12707,0):ocfs2_xattr_block_find:2832 ERROR: status = -30 [ 374.218503][T12764] netlink: 'syz.2.3248': attribute type 11 has an invalid length. [ 374.294049][T12768] IPv6: NLM_F_CREATE should be specified when creating new route [ 374.302586][T12768] netlink: 1 bytes leftover after parsing attributes in process `syz.0.3251'. [ 374.396656][T12771] netlink: 'syz.0.3253': attribute type 21 has an invalid length. [ 374.407115][T12771] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3253'. [ 374.431991][T12771] netlink: 'syz.0.3253': attribute type 5 has an invalid length. [ 374.452200][T12771] netlink: 3 bytes leftover after parsing attributes in process `syz.0.3253'. [ 374.478643][ T5232] ocfs2: Unmounting device (7,3) on (node local) [ 374.648647][T12781] tmpfs: Bad value for 'mpol' [ 374.768589][T12786] tipc: Trying to set illegal importance in message [ 375.097132][T12800] delete_channel: no stack [ 375.138067][ T9] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 375.229804][T12799] loop3: detected capacity change from 0 to 4096 [ 375.256272][T12799] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 375.311556][T12808] loop1: detected capacity change from 0 to 1024 [ 375.319298][ T9] usb 6-1: Using ep0 maxpacket: 16 [ 375.344281][ T9] usb 6-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be [ 375.370610][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 375.388184][ T9] usb 6-1: Product: syz [ 375.392734][T12812] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3271'. [ 375.408140][ T9] usb 6-1: Manufacturer: syz [ 375.412887][ T9] usb 6-1: SerialNumber: syz [ 375.478372][ T9] usb 6-1: config 0 descriptor?? [ 375.660822][T12817] CIFS mount error: No usable UNC path provided in device string! [ 375.660822][T12817] [ 375.715430][ T9] peak_usb 6-1:0.0: PEAK-System PCAN-Chip USB v185 fw v115.212.0 (1 channels) [ 375.728027][T12817] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 375.919917][ T9] peak_usb 6-1:0.0 can0: unable to request usb[type=2 value=5] err=-71 [ 375.948070][ T9] peak_usb 6-1:0.0: unable to tell PCAN-Chip USB driver is loaded (err -71) [ 376.081755][ T9] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71 [ 376.138078][ T9] usb 6-1: USB disconnect, device number 32 [ 376.894286][T12864] loop1: detected capacity change from 0 to 2048 [ 376.957335][T12872] ax25_connect(): syz.5.3300 uses autobind, please contact jreuter@yaina.de [ 376.982958][T12864] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 377.169901][T12878] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 377.585648][ T1264] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.592468][ T1264] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.164542][T12926] syz.1.3327: attempt to access beyond end of device [ 378.164542][T12926] nbd1: rw=0, sector=16, nr_sectors = 1 limit=0 [ 378.263293][T12926] qnx6: unable to read the first superblock [ 378.316727][T12926] syz.1.3327: attempt to access beyond end of device [ 378.316727][T12926] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 378.333301][T12934] loop3: detected capacity change from 0 to 256 [ 378.358102][T12926] qnx6: unable to read the first superblock [ 378.364494][T12926] qnx6: unable to read the first superblock [ 378.428585][T12939] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3332'. [ 378.492922][T12944] autofs4:pid:12944:validate_dev_ioctl: invalid path supplied for cmd(0xc018937e) [ 378.502076][T12939] netlink: 27 bytes leftover after parsing attributes in process `syz.0.3332'. [ 379.042943][T12967] loop1: detected capacity change from 0 to 128 [ 379.122700][T12973] 9pnet: Found fid 0 not clunked [ 379.132586][T12970] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3345'. [ 379.154445][T12967] FAT-fs (loop1): Directory bread(block 32) failed [ 379.166253][T12967] FAT-fs (loop1): Directory bread(block 33) failed [ 379.187216][T12967] FAT-fs (loop1): Directory bread(block 34) failed [ 379.220643][T12967] FAT-fs (loop1): Directory bread(block 35) failed [ 379.227313][T12967] FAT-fs (loop1): Directory bread(block 36) failed [ 379.268016][T12967] FAT-fs (loop1): Directory bread(block 37) failed [ 379.274667][T12967] FAT-fs (loop1): Directory bread(block 38) failed [ 379.332956][T12967] FAT-fs (loop1): Directory bread(block 39) failed [ 379.350049][T12967] FAT-fs (loop1): Directory bread(block 40) failed [ 379.356628][T12967] FAT-fs (loop1): Directory bread(block 41) failed [ 379.448246][T12983] tmpfs: Bad value for 'mpol' [ 379.738431][T12967] syz.1.3346: attempt to access beyond end of device [ 379.738431][T12967] loop1: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 379.808879][T12991] Invalid logical block size (32769) [ 379.833253][T12967] FAT-fs (loop1): Filesystem has been set read-only [ 379.848144][T12967] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 380.138602][T13003] ip6t_srh: unknown srh invflags 4000 [ 380.268015][T13010] binder: 13009:13010 ioctl c018620b 0 returned -14 [ 380.910019][T12996] loop3: detected capacity change from 0 to 32768 [ 381.038823][T12996] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3360 (12996) [ 381.058146][ T5292] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 381.094715][T12996] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 381.105281][T12996] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 381.113903][T12996] BTRFS info (device loop3): using free-space-tree [ 381.217954][ T5292] usb 2-1: Using ep0 maxpacket: 16 [ 381.229791][ T5292] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4 [ 381.248822][ T5292] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 381.267309][ T5292] usb 2-1: Product: syz [ 381.279459][ T5292] usb 2-1: Manufacturer: syz [ 381.290848][ T5292] usb 2-1: SerialNumber: syz [ 381.312671][ T5292] usb 2-1: config 0 descriptor?? [ 381.333702][ T5292] usb_ehset_test 2-1:0.0: probe with driver usb_ehset_test failed with error -32 [ 381.583143][ T5292] usb 2-1: USB disconnect, device number 36 [ 381.638890][T13070] overlayfs: conflicting options: userxattr,redirect_dir=follow [ 381.839297][T13082] loop5: detected capacity change from 0 to 2048 [ 381.916090][T13088] netlink: 'syz.2.3395': attribute type 5 has an invalid length. [ 382.048696][ T30] INFO: task syz.0.1424:8698 blocked for more than 143 seconds. [ 382.056439][ T30] Not tainted 6.12.0-rc3-syzkaller-00399-g9197b73fd7bb #0 [ 382.091319][T13092] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 382.185733][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 382.194570][ T30] task:syz.0.1424 state:D stack:27392 pid:8698 tgid:8694 ppid:5226 flags:0x00004004 [ 382.204928][ T30] Call Trace: [ 382.208311][ T30] [ 382.211271][ T30] __schedule+0x1895/0x4b30 [ 382.215845][ T30] ? __pfx___schedule+0x10/0x10 [ 382.220857][ T30] ? __pfx_lock_release+0x10/0x10 [ 382.225930][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 382.231549][ T30] ? schedule+0x90/0x320 [ 382.235855][ T30] schedule+0x14b/0x320 [ 382.240210][ T30] schedule_preempt_disabled+0x13/0x30 [ 382.245725][ T30] __mutex_lock+0x6a7/0xd70 [ 382.247277][T13082] NILFS (loop5): failed to count free inodes: err=-34 [ 382.250313][ T30] ? __mutex_lock+0x52a/0xd70 [ 382.250353][ T30] ? exfat_sync_fs+0xb0/0x160 [ 382.250388][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 382.271907][ T30] ? super_lock+0x2d6/0x400 [ 382.276474][ T30] ? __pfx_super_lock+0x10/0x10 [ 382.281500][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.287178][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 382.292512][ T30] exfat_sync_fs+0xb0/0x160 [ 382.297081][ T30] iterate_supers+0xc8/0x190 [ 382.301815][ T30] ? __pfx_sync_fs_one_sb+0x10/0x10 [ 382.307069][ T30] ksys_sync+0xdb/0x1c0 [ 382.311340][ T30] ? __pfx_ksys_sync+0x10/0x10 [ 382.316155][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.321977][ T30] ? do_syscall_64+0xb6/0x230 [ 382.326693][ T30] __do_sys_sync+0xe/0x20 [ 382.331160][ T30] do_syscall_64+0xf3/0x230 [ 382.335703][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.341736][ T30] RIP: 0033:0x7f82cbf7dff9 [ 382.346172][ T30] RSP: 002b:00007f82ccdea038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2 [ 382.354862][ T30] RAX: ffffffffffffffda RBX: 00007f82cc136058 RCX: 00007f82cbf7dff9 [ 382.363019][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 382.371180][ T30] RBP: 00007f82cbff0296 R08: 0000000000000000 R09: 0000000000000000 [ 382.379284][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 382.387280][ T30] R13: 0000000000000001 R14: 00007f82cc136058 R15: 00007ffd9ebedd18 [ 382.395355][ T30] [ 382.398516][ T30] [ 382.398516][ T30] Showing all locks held in the system: [ 382.398832][ T5232] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 382.406222][ T30] 1 lock held by khungtaskd/30: [ 382.406243][ T30] #0: ffffffff8e937e20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 382.431606][ T30] 2 locks held by kworker/u8:6/1117: [ 382.436925][ T30] 6 locks held by kworker/u8:9/2992: [ 382.442413][ T30] 2 locks held by getty/4980: [ 382.447115][ T30] #0: ffff8880323e20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 382.457118][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 382.467432][ T30] 1 lock held by syz-executor/5230: [ 382.472693][ T30] #0: ffffffff8e93d3b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 382.483790][ T30] 3 locks held by syz-executor/5232: [ 382.489175][ T30] #0: ffff8880493200e0 (&type->s_umount_key#89){+.+.}-{3:3}, at: deactivate_super+0xb5/0xf0 [ 382.499615][ T30] #1: ffffffff8eec4188 (uuid_mutex){+.+.}-{3:3}, at: btrfs_close_devices+0xc0/0x5c0 [ 382.509252][ T30] #2: ffffffff8e9f9128 (lock#3){+.+.}-{3:3}, at: __lru_add_drain_all+0x66/0x560 [ 382.518608][ T30] 4 locks held by syz-executor/5241: [ 382.523920][ T30] 2 locks held by syz.0.1424/8698: [ 382.529146][ T30] #0: ffff8880572440e0 (&type->s_umount_key#99){++++}-{3:3}, at: super_lock+0x27c/0x400 [ 382.539203][ T30] #1: ffff88802e9d20e8 (&sbi->s_lock#2){+.+.}-{3:3}, at: exfat_sync_fs+0xb0/0x160 [ 382.548706][ T30] 1 lock held by syz-executor/8979: [ 382.553934][ T30] 1 lock held by syz.4.2807/11726: [ 382.559345][ T30] #0: ffff8880572440e0 (&type->s_umount_key#99){++++}-{3:3}, at: super_lock+0x196/0x400 [ 382.569450][ T30] 1 lock held by udevd/13094: [ 382.574315][ T30] [ 382.576667][ T30] ============================================= [ 382.576667][ T30] [ 382.585212][ T30] NMI backtrace for cpu 1 [ 382.589567][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00399-g9197b73fd7bb #0 [ 382.600076][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 382.610138][ T30] Call Trace: [ 382.613419][ T30] [ 382.616350][ T30] dump_stack_lvl+0x241/0x360 [ 382.621046][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 382.626262][ T30] ? __pfx__printk+0x10/0x10 [ 382.630877][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 382.635837][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 382.641313][ T30] ? _printk+0xd5/0x120 [ 382.645475][ T30] ? __pfx__printk+0x10/0x10 [ 382.650071][ T30] ? __wake_up_klogd+0xcc/0x110 [ 382.654940][ T30] ? __pfx__printk+0x10/0x10 [ 382.659537][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.665179][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 382.670232][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 382.676236][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 382.682240][ T30] watchdog+0xff4/0x1040 [ 382.686498][ T30] ? watchdog+0x1ea/0x1040 [ 382.690939][ T30] ? __pfx_watchdog+0x10/0x10 [ 382.695633][ T30] kthread+0x2f2/0x390 [ 382.699710][ T30] ? __pfx_watchdog+0x10/0x10 [ 382.704405][ T30] ? __pfx_kthread+0x10/0x10 [ 382.709006][ T30] ret_from_fork+0x4d/0x80 [ 382.713442][ T30] ? __pfx_kthread+0x10/0x10 [ 382.718043][ T30] ret_from_fork_asm+0x1a/0x30 [ 382.722840][ T30] [ 382.728310][ T30] Sending NMI from CPU 1 to CPUs 0: [ 382.733553][ C0] NMI backtrace for cpu 0 [ 382.733568][ C0] CPU: 0 UID: 0 PID: 4672 Comm: klogd Not tainted 6.12.0-rc3-syzkaller-00399-g9197b73fd7bb #0 [ 382.733593][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 382.733607][ C0] RIP: 0010:lock_is_held_type+0x6e/0x190 [ 382.733635][ C0] Code: 2c 25 c0 d7 03 00 41 83 bd dc 0a 00 00 00 0f 85 da 00 00 00 41 89 f6 49 89 ff 48 c7 04 24 00 00 00 00 9c 8f 04 24 4c 8b 24 24 48 c7 c7 a0 d7 0a 8c e8 65 1b 00 00 65 ff 05 2e ff 3b 74 41 83 [ 382.733654][ C0] RSP: 0018:ffffc9000457f5f8 EFLAGS: 00000046 [ 382.733674][ C0] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: 1ffff110170c7f14 [ 382.733690][ C0] RDX: 0000000040000000 RSI: 00000000ffffffff RDI: ffff8880b863ea98 [ 382.733707][ C0] RBP: ffffc9000457f830 R08: ffffffff8133f101 R09: 1ffff1100fe6a21f [ 382.733723][ C0] R10: dffffc0000000000 R11: ffffed100fe6a220 R12: 0000000000000046 [ 382.733740][ C0] R13: ffff88807f24da00 R14: 00000000ffffffff R15: ffff8880b863ea98 [ 382.733760][ C0] FS: 00007f9222e4e380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 382.733780][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 382.733795][ C0] CR2: 00007f33d3d07ab8 CR3: 000000007f372000 CR4: 0000000000350ef0 [ 382.733814][ C0] Call Trace: [ 382.733822][ C0] [ 382.733830][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 382.733861][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 382.733900][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 382.733929][ C0] ? nmi_handle+0x2a/0x5a0 [ 382.733965][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 382.734006][ C0] ? nmi_handle+0x151/0x5a0 [ 382.734031][ C0] ? nmi_handle+0x2a/0x5a0 [ 382.734056][ C0] ? lock_is_held_type+0x6e/0x190 [ 382.734077][ C0] ? default_do_nmi+0x63/0x160 [ 382.734108][ C0] ? exc_nmi+0x123/0x1f0 [ 382.734137][ C0] ? end_repeat_nmi+0xf/0x53 [ 382.734165][ C0] ? switch_ldt+0x101/0x280 [ 382.734191][ C0] ? lock_is_held_type+0x6e/0x190 [ 382.734214][ C0] ? lock_is_held_type+0x6e/0x190 [ 382.734237][ C0] ? lock_is_held_type+0x6e/0x190 [ 382.734260][ C0] [ 382.734267][ C0] [ 382.734279][ C0] __schedule+0x1498/0x4b30 [ 382.734327][ C0] ? __pfx_lock_release+0x10/0x10 [ 382.734362][ C0] ? __pfx___schedule+0x10/0x10 [ 382.734399][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.734425][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 382.734465][ C0] ? preempt_schedule+0xe1/0xf0 [ 382.734500][ C0] preempt_schedule_common+0x84/0xd0 [ 382.734538][ C0] preempt_schedule+0xe1/0xf0 [ 382.734572][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 382.734609][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.734634][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 382.734671][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 382.734708][ C0] preempt_schedule_thunk+0x1a/0x30 [ 382.734737][ C0] _raw_spin_unlock_irqrestore+0x130/0x140 [ 382.734774][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 382.734813][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.734839][ C0] ? autoremove_wake_function+0x37/0x110 [ 382.734875][ C0] __wake_up_common_lock+0x18c/0x1e0 [ 382.734916][ C0] sock_def_readable+0x20f/0x5b0 [ 382.734947][ C0] ? sock_def_readable+0xd7/0x5b0 [ 382.734985][ C0] unix_dgram_sendmsg+0x1495/0x1f80 [ 382.735020][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.735051][ C0] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 382.735077][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.735105][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.735130][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 382.735157][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.735186][ C0] ? __pfx_unix_dgram_sendmsg+0x10/0x10 [ 382.735208][ C0] __sock_sendmsg+0x223/0x270 [ 382.735243][ C0] __sys_sendto+0x39b/0x4f0 [ 382.735270][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 382.735310][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.735335][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 382.735372][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 382.735412][ C0] __x64_sys_sendto+0xde/0x100 [ 382.735438][ C0] do_syscall_64+0xf3/0x230 [ 382.735462][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 382.735490][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.735526][ C0] RIP: 0033:0x7f9222fb09b5 [ 382.735543][ C0] Code: Unable to access opcode bytes at 0x7f9222fb098b. [ 382.735555][ C0] RSP: 002b:00007ffd2ca33e28 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 382.735577][ C0] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f9222fb09b5 [ 382.735593][ C0] RDX: 0000000000000052 RSI: 00005561fee45be0 RDI: 0000000000000003 [ 382.735608][ C0] RBP: 00005561fee3d910 R08: 0000000000000000 R09: 0000000000000000 [ 382.735623][ C0] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 382.735637][ C0] R13: 00007f922313e212 R14: 00007ffd2ca33f28 R15: 0000000000000000 [ 382.735664][ C0] [ 382.736555][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 383.212633][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00399-g9197b73fd7bb #0 [ 383.223147][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 383.233209][ T30] Call Trace: [ 383.236497][ T30] [ 383.239435][ T30] dump_stack_lvl+0x241/0x360 [ 383.244132][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 383.249346][ T30] ? __pfx__printk+0x10/0x10 [ 383.253942][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 383.259956][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 383.265602][ T30] ? vscnprintf+0x5d/0x90 [ 383.269954][ T30] panic+0x349/0x880 [ 383.273861][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 383.279767][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 383.285936][ T30] ? __pfx_panic+0x10/0x10 [ 383.290356][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 383.295737][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 383.301378][ T30] ? __irq_work_queue_local+0x137/0x410 [ 383.306941][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 383.312581][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 383.318162][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 383.324353][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 383.330523][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 383.336164][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 383.342343][ T30] watchdog+0x1033/0x1040 [ 383.346696][ T30] ? watchdog+0x1ea/0x1040 [ 383.351143][ T30] ? __pfx_watchdog+0x10/0x10 [ 383.355853][ T30] kthread+0x2f2/0x390 [ 383.359948][ T30] ? __pfx_watchdog+0x10/0x10 [ 383.364736][ T30] ? __pfx_kthread+0x10/0x10 [ 383.369336][ T30] ret_from_fork+0x4d/0x80 [ 383.373768][ T30] ? __pfx_kthread+0x10/0x10 [ 383.378363][ T30] ret_from_fork_asm+0x1a/0x30 [ 383.383180][ T30] [ 383.386401][ T30] Kernel Offset: disabled [ 383.390719][ T30] Rebooting in 86400 seconds..