last executing test programs: 35.391952768s ago: executing program 4 (id=999): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCXONC(r1, 0x540a, 0x0) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000100)={0x6, 0x8, 0x1, 0x8000, 0x81, "77126d65dde48b2fcb75a18bafc2b0aaba899a", 0xdf0, 0x7a}) 35.183331566s ago: executing program 4 (id=1003): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0x806000) ioctl$FS_IOC_RESVSP(r0, 0x40305829, &(0x7f0000000380)={0x0, 0x2, 0xfffffffffffffff9, 0xac}) 34.811029982s ago: executing program 4 (id=1007): r0 = epoll_create1(0x0) epoll_pwait(r0, &(0x7f0000000640)=[{}], 0x1, 0x401, 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0xc0000006}) 34.465789272s ago: executing program 4 (id=1013): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_MODE={0x6}, @IFLA_IPVLAN_FLAGS={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x4c}}, 0x0) 34.292053938s ago: executing program 4 (id=1014): mkdir(&(0x7f0000000080)='./file0\x00', 0x88) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) syz_clone3(&(0x7f0000000700)={0x2000a0080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) 33.902863733s ago: executing program 4 (id=1019): pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) dup3(r1, r0, 0x0) ioctl$FIONREAD(r0, 0x541b, 0x0) 14.230086646s ago: executing program 1 (id=1140): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)={0x40, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x24, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xfffffffffffffe28, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x0, 0x836]}}, @NL80211_TXRATE_HT={0x5, 0x2, [{}]}]}]}]}, 0x40}}, 0x0) 14.104545376s ago: executing program 1 (id=1142): r0 = io_uring_setup(0x479, &(0x7f0000000ac0)={0x0, 0x3, 0x2, 0x2, 0x4000020}) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000000bc0)=""/216, 0xd8}], 0x1}, 0xc4}], 0x1, 0x10123, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 13.757412573s ago: executing program 1 (id=1144): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f00000003c0)=0x100000a5, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x2, 0x4e20, @multicast1}, 0x10) 13.496273601s ago: executing program 1 (id=1146): syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x1010006, &(0x7f0000000480)={[{@quota}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@iocharset={'iocharset', 0x3d, 'none'}}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-1'}}, {}, {@nodiscard}, {@noquota}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}]}, 0x24, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000240)='./file0\x00') 12.172256978s ago: executing program 1 (id=1154): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nouid32}, {@minixdf}]}, 0x1, 0x504, &(0x7f0000001480)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9sCWE0KoEqJHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lAMSPyJQg8TBaMaT1E3tJtokdhR/PtJo3ps3nu97cea9+Dn2C2BoXY2I3YgYi4h7ETGdHc9lW9xqb8l5z/ceLe3vPVrKRat155+5tDw5Fh2PSVzJrlmMiB9+N+InuVfjNrZ31har1cpmlp9t1jZmG9s7N1ZriyuVlcp6ubwwvzD3yc2Py2fW1vdqY1nqq8/+sPutnyXVmsqOdLbjLLWbXjiMkxiNiO+fR7ABGMnaMzboivC55CPi7Yh4P73/p2MkfTYBgMus1ZqO1nRnHgC47PLpHFguX8rmAqYiny+V2nN478RkvlpvNK/fr2+tL7fnymaikL+/Wq3MZXOFM1HIJfn5NP0iXz6SvxkRb0XEL8Yn0nxpqV5dHuQfPgAwxK4cGf//M94e/wGAS6446AoAAH1n/AeA4WP8B4DhY/wHgOHTHv8nBl0NAKCPvP4HgOFj/AeAofKD27eTrbWfff/18oPtrbX6gxvLlcZaqba1VFqqb26UVur1lfQ7e2rHXa9ar2/MfxRbD2e+vdFozja2d+7W6lvrzbvp93rfrRTSs3b70DIAoJe33nv651wyIn86kW7RsZZDYaA1A85bftAVAAZmZNAVAAbGal8wvE7xGt/0AFwSXZbofUmx2weEWq1W6/yqBJyza18y/w/DqmP+338Bw5Ax/w/Dy/w/DK9WK3fSNf/jpCcCABebOX6gx/v/b2f732ZvDvx4+egZT7o+bjfrXs6uggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHABHaz/W8rWAp+KfL5UingjImaikLu/Wq3MRcSbEfGn8cJ4kp8fcJ0BgNPK/y2Xrf91bfrDqZeK3r1ymByLiJ/+6s4vHy42m5t/jBjL/Wv84HjzSXa83P/aAwDHOxin033HC/nne4+WDrZ+1ufv34mIYjv+/t5Y7B/GH43RdF+MQkRM/juX5dtyHXMXp7H7OCK+2K39uZhK50DaK58ejZ/EfqOv8fMvxc+nZe198rP4whnUBYbN06T/udXt/svH1XTf/f4vpj3U6WX9X3Kppf20D3wR/6D/G+nR/109aYyPfv+9dmri1bLHEV8ejTiIvd/R/xzEz/WI/+EJ4//lK+++36us9euIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m85Rz/YeDf7x6fU3e5Ul7Z/sEb94TPu/fsL2/+Z/9370tdfE/+YH3eLn453XxE/GxG+cMP7i5O+KvcqS+Ms92n/c83/9hPGf/XXnlWXDAYDBaWzvrC1Wq5VNCYmLn0h+ZS9ANbomPutXrLHoXvTzD9r39JGiVuv1F/yse1GvHuMsZt2Ai+Dwpo+I/w66MgAAAAAAAAAAAAAAQFf9+MTSoNsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5fX/AAAA//+YXdZi") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@desc={0x4000, 0x0, @auto="b8f92416074d3848"}}) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@desc={0x84c00, 0x0, @desc2}}) 11.040994437s ago: executing program 1 (id=1156): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f000009df40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10050, &(0x7f0000000800), 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV") syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f00000001c0)={[{@nojournal_checksum}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@stripe={'stripe', 0x3d, 0x9d}}, {@minixdf}, {@grpjquota}, {@noinit_itable}]}, 0x1, 0x452, &(0x7f0000000bc0)="$eJzs3M1vG0UbAPDHdux+v8lbykdLC4GCqPhImjQtPXApAokDSEhwKOIUkrQKdRvUBIlWEQQO4YgqcUcckfgLuFAuCDghcYU7QopQLhRORmvvpm5iO3HixKX+/aRtZzzjzDy7O/Z41usAetZg8k8uYn9E/BoR/bXsnRUGa//dWp6f+Ht5fiIXlcobf+aq9f5anp/IqmbP21fLVCot2l18O2K8XJ66muaH5y6/Nzx77fpz05fHL05dnLoyenZ27NSx0pnR0x2J80DS1yMfzhw9/MpbN16bOH/jnR+/Tvq7Py2vj6NTBmt7t6EnO91Ylx2oS+f6utgR2lKIiORwFavjvz8KsWelrD9e/qSrnQO2VaWSr+xqXrxQAe5hyUQd6EXZG33y+TfbdmjqcVdYOhcr6xi30q1W0hf5tE4x/Yy0HQYj4vzCP18kW2zTOgQAQL2b5yLi2Ubzv3w8UFfvf+m1oYGI+H9EHIyI+yLiUETcH1Gt+2BEPNRm+6uvkKyd/1T6NxXYBiXzvxfSa1t3zv+y2V8MFNLcgWr8xdyF6fLUyXSfnIjiriQ/0qKN71765bNmZfXzv2RL2s/mgmk//uhbtUA3OT43Hquv023S0scRR/oaxZ9bmfMm7RyOiCObbGP66a+ONitbP/4WOjApr3wZ8VTt+C/EqvgzucbXJ8+OnRp5/szo6eHdUZ46OZydFWv99PPi683a31L8HbB0sxJ7G57/K/EP5HZHzF67fql6vXa2/TYWf/u06WeazZ7/pdyb1XQpfeyD8bm5qyMRpdyrax8fvf3cLJ/VT87/E8cbj/+DcXtPPBwRyUl8LCIeiYhH074/FhGPR8TxFvH/8OIT77Yff4tV+Q5K4p9c7/hH/fFvP1G49P037cefSY7/WDV1In0ke/1rZaMd3Mq+AwAAgP+KfPU78Ln80Eo6nx8aqn2H/1DszZdnZueeuTDz/pXJ2nflB6KYr1/pytZDR9K14Sw/uip/Kl03/rywp5ofmpgpT3Y5duh1+5qM/8TvhW73Dth27teC3mX8A0Dv8f4Pvcv4h97VaPx/1IV+ADtvnff/PTvVD2Dnmf9D7zL+oXcZ/9CTmt4bn9/SLf8SbSVKHfuD35a29lsNG09E/q7YdfdQohgNi/o2/GMWm0zsaljU7VcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvg3AAD//4IU4tg=") semtimedop(0x0, 0x0, 0x0, &(0x7f0000000200)) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 5.681888246s ago: executing program 3 (id=1186): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=@ipv6_newroute={0x44, 0x18, 0x1, 0x0, 0x0, {}, [@RTA_ENCAP={0x18, 0x16, 0x0, 0x0, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0xa, {0x0, 0x0, 0x10}}}}}, @RTA_OIF={0x8, 0x4, r1}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}]}, 0x44}}, 0x0) 5.30664855s ago: executing program 2 (id=1188): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'hsr0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="03fe000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0) 2.784273595s ago: executing program 3 (id=1189): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x16b301, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[], 0xff2e) 2.518038205s ago: executing program 0 (id=1191): r0 = socket$inet(0x2, 0x3, 0x6) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}}) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000140)={{0x2, 0x4e24, @remote}, {0x6, @random="cf7e5dd99f9c"}, 0x38, {0x2, 0x4e24, @broadcast}, 'dummy0\x00'}) ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x4e21, @private=0xa010100}, 'syz_tun\x00'}) 2.227432534s ago: executing program 2 (id=1192): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000120000f1850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {{0x6, 0x0, 0xb}, {0x65, 0x0, 0x6, 0x9}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x2, 0xa, 0x9}, {0x7, 0x0, 0x3, 0x9}, {}, {}, {0x15}}], {{0x5, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 2.20110998s ago: executing program 0 (id=1193): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv4_newroute={0x2c, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_IIF={0x8, 0x3, r2}, @RTA_IP_PROTO={0x5}]}, 0x2c}}, 0x0) 2.008469699s ago: executing program 3 (id=1194): r0 = fsopen(&(0x7f0000010800)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat$cgroup_pressure(r1, &(0x7f0000000240)='cpu.pressure\x00', 0x2, 0x0) 1.812560763s ago: executing program 2 (id=1195): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x8, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.801596216s ago: executing program 0 (id=1196): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setfsuid(r1) setfsuid(r1) 1.402441393s ago: executing program 0 (id=1197): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000fee000)=0x3fa, 0x4) listen(r0, 0x50) listen(r0, 0x0) 1.402149561s ago: executing program 2 (id=1198): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x2}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x3) ioctl$TUNSETLINK(r0, 0x400454cd, 0x30a) 1.37106206s ago: executing program 3 (id=1199): r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x4, [], 0x0, [0x4, 0x0, 0x4]}}}}]}, 0x88}}, 0x0) 1.099427936s ago: executing program 0 (id=1200): r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c) 860.046867ms ago: executing program 3 (id=1201): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'gre0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newlink={0x38, 0x10, 0x421, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_SPORT={0x6}]}}}]}, 0x38}}, 0x0) 448.919705ms ago: executing program 0 (id=1202): r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x10010000004e20}, 0x1c) recvmsg(r0, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x1) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa79ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200008b0"], 0x0) 337.281557ms ago: executing program 2 (id=1203): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='debugfs\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r0, 0x0, 0x0) 16.145824ms ago: executing program 3 (id=1204): r0 = socket$netlink(0x10, 0x3, 0x8000000004) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff81054e220000000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1) 0s ago: executing program 2 (id=1205): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000080)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@timestamp_addr={0x44, 0x1c, 0xa, 0x1, 0x0, [{}, {@dev}, {@multicast1}]}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) kernel console output (not intermixed with test programs): anufacturer: syz [ 131.875800][ T51] usb 1-1: SerialNumber: syz [ 131.891597][ T51] usb 1-1: config 0 descriptor?? [ 131.915374][ T7195] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 131.944818][ T51] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 131.946807][ T7195] ext4 filesystem being mounted at /126/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 131.961948][ T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.003371][ T7200] netlink: 'syz.4.604': attribute type 29 has an invalid length. [ 132.037043][ T7203] netlink: 'syz.4.604': attribute type 29 has an invalid length. [ 132.076017][ T5236] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.107469][ T7200] netlink: 'syz.4.604': attribute type 29 has an invalid length. [ 132.545839][ T35] bridge_slave_1: left allmulticast mode [ 132.571512][ T35] bridge_slave_1: left promiscuous mode [ 132.606899][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.643352][ T35] bridge_slave_0: left allmulticast mode [ 132.660170][ T35] bridge_slave_0: left promiscuous mode [ 132.676839][ T51] gspca_ov534_9: reg_w failed -110 [ 132.676940][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.039330][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.046044][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.511797][ T51] gspca_ov534_9: Unknown sensor 0000 [ 133.511879][ T51] ov534_9 1-1:0.0: probe with driver ov534_9 failed with error -22 [ 133.556112][ T51] usb 1-1: USB disconnect, device number 4 [ 133.634050][ T7220] loop3: detected capacity change from 0 to 32768 [ 133.695376][ T7220] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 133.802381][ T7242] loop0: detected capacity change from 0 to 512 [ 133.819021][ T7242] EXT4-fs: Invalid journal IO priority (must be 0-7) [ 133.875280][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 133.893767][ T7220] XFS (loop3): Ending clean mount [ 133.903726][ T7220] XFS (loop3): Quotacheck needed: Please wait. [ 133.906755][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 133.918851][ T5251] Bluetooth: hci0: command tx timeout [ 133.942301][ T35] bond0 (unregistering): Released all slaves [ 133.967986][ T7220] XFS (loop3): Quotacheck: Done. [ 134.014504][ T7229] netlink: 36 bytes leftover after parsing attributes in process `syz.4.615'. [ 134.054367][ T6731] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 134.090285][ T51] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 134.238677][ T7191] chnl_net:caif_netlink_parms(): no params data found [ 134.251328][ T51] usb 1-1: Using ep0 maxpacket: 16 [ 134.290211][ T51] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 134.311764][ T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 134.349334][ T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 134.415046][ T51] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 134.438598][ T51] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 134.507422][ T51] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 134.536410][ T51] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 134.584811][ T51] usb 1-1: Manufacturer: syz [ 134.623906][ T51] usb 1-1: config 0 descriptor?? [ 134.881738][ T29] audit: type=1326 audit(1728941988.679:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.626" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4e80f7dff9 code=0x0 [ 134.985671][ T35] hsr_slave_0: left promiscuous mode [ 135.006857][ T51] rc_core: IR keymap rc-hauppauge not found [ 135.015971][ T35] hsr_slave_1: left promiscuous mode [ 135.019996][ T51] Registered IR keymap rc-empty [ 135.039293][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.068168][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 135.075630][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 135.083493][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.118268][ T51] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 135.131194][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 135.146805][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 135.155894][ T51] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input6 [ 135.207254][ T35] veth1_macvtap: left promiscuous mode [ 135.213659][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.224203][ T35] veth0_macvtap: left promiscuous mode [ 135.230190][ T35] veth1_vlan: left promiscuous mode [ 135.235861][ T35] veth0_vlan: left promiscuous mode [ 135.250139][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.276933][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.307979][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.347642][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.378096][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.417835][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.467066][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.498044][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.519051][ T51] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.558136][ T51] mceusb 1-1:0.0: Registered with mce emulator interface version 1 [ 135.567142][ T51] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 135.599421][ T51] usb 1-1: USB disconnect, device number 5 [ 135.610411][ T7268] loop1: detected capacity change from 0 to 32768 [ 135.629678][ T7268] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.624 (7268) [ 135.818378][ T7268] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 135.838289][ T7268] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 135.861246][ T7268] BTRFS info (device loop1): using free-space-tree [ 135.941089][ T7268] BTRFS info (device loop1): rebuilding free space tree [ 136.022601][ T5251] Bluetooth: hci0: command tx timeout [ 136.361470][ T5236] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 136.382687][ T25] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 136.526669][ T25] usb 4-1: Using ep0 maxpacket: 32 [ 136.550733][ T25] usb 4-1: config 0 has an invalid interface number: 196 but max is 0 [ 136.560291][ T25] usb 4-1: config 0 has no interface number 0 [ 136.570448][ T25] usb 4-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=aa.f1 [ 136.600072][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.626334][ T25] usb 4-1: Product: syz [ 136.640093][ T51] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 136.662836][ T25] usb 4-1: Manufacturer: syz [ 136.686628][ T25] usb 4-1: SerialNumber: syz [ 136.694825][ T25] usb 4-1: config 0 descriptor?? [ 136.800616][ T5292] IPVS: starting estimator thread 0... [ 136.808881][ T7325] IPVS: fo: FWM 4 0x00000004 - no destination available [ 136.839033][ T51] usb 5-1: Using ep0 maxpacket: 32 [ 136.865595][ T51] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 136.875697][ T51] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 136.887752][ T51] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 136.897073][ T51] usb 5-1: config 1 has no interface number 0 [ 136.903194][ T51] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 136.914436][ T51] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 136.926914][ T7327] IPVS: using max 20 ests per chain, 48000 per kthread [ 136.928130][ T51] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 136.944052][ T51] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.984941][ T51] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 137.092137][ T35] team0 (unregistering): Port device team_slave_1 removed [ 137.154947][ T35] team0 (unregistering): Port device team_slave_0 removed [ 137.207023][ T25] usb 4-1: USB disconnect, device number 6 [ 137.564242][ T51] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached [ 137.806784][ T120] usb 5-1: USB disconnect, device number 4 [ 137.819705][ T120] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 137.923903][ T7191] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.956693][ T7191] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.976166][ T7191] bridge_slave_0: entered allmulticast mode [ 138.008088][ T7191] bridge_slave_0: entered promiscuous mode [ 138.030734][ T7191] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.056528][ T7191] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.076765][ T5251] Bluetooth: hci0: command tx timeout [ 138.085975][ T7191] bridge_slave_1: entered allmulticast mode [ 138.101922][ T7191] bridge_slave_1: entered promiscuous mode [ 138.251483][ T7191] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 138.300900][ T7191] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.447639][ T25] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 138.570295][ T7191] team0: Port device team_slave_0 added [ 138.600358][ T7191] team0: Port device team_slave_1 added [ 138.616770][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 138.632690][ T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 138.666883][ T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 138.697324][ T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 138.727053][ T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 138.774993][ T25] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 138.807572][ T25] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 138.820611][ T7191] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.849278][ T7191] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.849669][ T7335] loop3: detected capacity change from 0 to 40427 [ 138.881601][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.938843][ T7191] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.955913][ T7335] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 138.996362][ T7335] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 139.035597][ T7335] F2FS-fs (loop3): invalid crc value [ 139.047491][ T7191] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 139.062912][ T7368] loop4: detected capacity change from 0 to 512 [ 139.075396][ T7335] F2FS-fs (loop3): Found nat_bits in checkpoint [ 139.075541][ T7191] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.118129][ T7368] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 139.156890][ T25] usb 2-1: GET_CAPABILITIES returned 0 [ 139.162653][ T25] usbtmc 2-1:16.0: can't read capabilities [ 139.189698][ T7368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.199072][ T7191] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 139.204806][ T7368] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 139.255115][ T5235] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.280657][ T7335] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 139.299412][ T7335] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 139.324649][ T7191] hsr_slave_0: entered promiscuous mode [ 139.364396][ T25] usb 2-1: USB disconnect, device number 9 [ 139.396938][ T7191] hsr_slave_1: entered promiscuous mode [ 139.408307][ T7191] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 139.415903][ T7191] Cannot create hsr debugfs directory [ 139.639018][ T6731] syz-executor: attempt to access beyond end of device [ 139.639018][ T6731] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 139.659807][ T6731] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 139.690439][ T6731] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 139.792001][ T51] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 139.946814][ T51] usb 5-1: Using ep0 maxpacket: 8 [ 139.963804][ T51] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 139.978675][ T51] usb 5-1: config 0 has no interface number 0 [ 140.005112][ T51] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 140.048637][ T7395] loop1: detected capacity change from 0 to 16 [ 140.054896][ T51] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 140.085997][ T7395] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 140.095327][ T51] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 140.127942][ T51] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.163058][ T51] usb 5-1: config 0 descriptor?? [ 140.171178][ T5251] Bluetooth: hci0: command tx timeout [ 140.219895][ T51] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 140.473504][ T51] usb 5-1: USB disconnect, device number 5 [ 140.496798][ T7405] input: syz1 as /devices/virtual/input/input7 [ 140.845890][ T7191] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 140.862477][ T7387] loop0: detected capacity change from 0 to 32768 [ 140.877134][ T7387] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.654 (7387) [ 140.894998][ T7191] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 140.929113][ T7191] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 140.936162][ T7387] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 140.948066][ T7416] loop3: detected capacity change from 0 to 2048 [ 140.949104][ T7387] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 140.963192][ T7387] BTRFS info (device loop0): using free-space-tree [ 140.973822][ T7191] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 140.990350][ T7416] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 141.066765][ T51] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 141.218103][ T51] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 141.251901][ T51] usb 5-1: config 0 has no interface number 0 [ 141.268163][ T51] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 141.292551][ T7191] 8021q: adding VLAN 0 to HW filter on device bond0 [ 141.323924][ T51] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 141.363926][ T7191] 8021q: adding VLAN 0 to HW filter on device team0 [ 141.386651][ T51] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 141.395736][ T51] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.439759][ T51] usb 5-1: config 0 descriptor?? [ 141.452852][ T4014] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.460020][ T4014] bridge0: port 1(bridge_slave_0) entered forwarding state [ 141.480668][ T51] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 141.491911][ T5252] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 141.514626][ T4014] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.521812][ T4014] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.691741][ T5317] usb 5-1: USB disconnect, device number 6 [ 142.016244][ T7414] loop1: detected capacity change from 0 to 32768 [ 142.032807][ T7191] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 142.063471][ T7452] loop0: detected capacity change from 0 to 512 [ 142.107600][ T7452] ext4: Unknown parameter 'uid>00000000000000000000' [ 142.162367][ T7414] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 142.173616][ T7191] veth0_vlan: entered promiscuous mode [ 142.184778][ T7191] veth1_vlan: entered promiscuous mode [ 142.213827][ T7191] veth0_macvtap: entered promiscuous mode [ 142.233102][ T7191] veth1_macvtap: entered promiscuous mode [ 142.256413][ T7414] OCFS2: ERROR (device loop1): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 65 has empty extent list at depth 312 [ 142.338998][ T7191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.374089][ T7191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.397233][ T7414] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 142.427383][ T7191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.438286][ T7414] OCFS2: File system is now read-only. [ 142.443780][ T7414] (syz.1.660,7414,1):ocfs2_find_leaf:1940 ERROR: status = -30 [ 142.466738][ T7191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.486750][ T7414] (syz.1.660,7414,1):ocfs2_get_clusters_nocache:421 ERROR: status = -30 [ 142.495145][ T7414] (syz.1.660,7414,1):ocfs2_fiemap:776 ERROR: status = -30 [ 142.506769][ T7191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.537369][ T7191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.582334][ T7191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.616642][ T7191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.658856][ T7191] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 142.701821][ T7191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.723279][ T5236] ocfs2: Unmounting device (7,1) on (node local) [ 142.746613][ T7191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.779639][ T7191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.799398][ T7191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.813523][ T7191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.821412][ T7437] loop3: detected capacity change from 0 to 32768 [ 142.843026][ T7191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.871529][ T7437] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.662 (7437) [ 142.871552][ T7191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 142.871570][ T7191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.939493][ T7437] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 142.952095][ T7191] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 142.984716][ T7191] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.996783][ T7437] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 143.015996][ T7191] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.045342][ T7437] BTRFS info (device loop3): using free-space-tree [ 143.065676][ T7191] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.085761][ T7191] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.463012][ T6731] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 143.807826][ T7458] loop0: detected capacity change from 0 to 40427 [ 143.853131][ T7458] F2FS-fs (loop0): invalid crc value [ 143.880899][ T7458] F2FS-fs (loop0): Found nat_bits in checkpoint [ 144.053991][ T7458] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 144.142089][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.142128][ T7509] netlink: 64 bytes leftover after parsing attributes in process `syz.3.670'. [ 144.156838][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.161911][ T7519] loop4: detected capacity change from 0 to 256 [ 144.243446][ T7519] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 144.307639][ T5252] syz-executor: attempt to access beyond end of device [ 144.307639][ T5252] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 144.322480][ T5252] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 144.421591][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.435102][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.451032][ T29] audit: type=1800 audit(1728941998.249:17): pid=7528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.673" name="file1" dev="loop4" ino=1048622 res=0 errno=0 [ 144.891621][ T7545] loop0: detected capacity change from 0 to 512 [ 144.960474][ T7545] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.045704][ T7545] ext4 filesystem being mounted at /138/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 145.162212][ T5318] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 145.440421][ T5252] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.460685][ T7575] loop2: detected capacity change from 0 to 128 [ 145.475497][ T7575] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 145.484306][ T5318] usb 4-1: Using ep0 maxpacket: 16 [ 145.493589][ T5318] usb 4-1: config 0 interface 0 has no altsetting 0 [ 145.518929][ T5318] usb 4-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82 [ 145.558547][ T5318] usb 4-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10 [ 145.594530][ T7575] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 145.622948][ T5318] usb 4-1: Product: syz [ 145.643227][ T5318] usb 4-1: Manufacturer: syz [ 145.654520][ T7575] ext2 filesystem being mounted at /3/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 145.678531][ T5318] usb 4-1: SerialNumber: syz [ 145.834395][ T7575] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 33554432 > max in inode 12 [ 145.847738][ T5318] usb 4-1: config 0 descriptor?? [ 146.035189][ T7191] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 146.112649][ T7546] loop3: detected capacity change from 0 to 16 [ 146.186135][ T7546] erofs: (device loop3): mounted with root inode @ nid 36. [ 146.318426][ T5318] usb 4-1: selecting invalid altsetting 1 [ 146.365260][ T5318] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 146.421623][ T5318] usb 4-1: USB disconnect, device number 7 [ 146.485450][ T5237] udevd[5237]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 146.714175][ T29] audit: type=1326 audit(1728942000.509:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7937dff9 code=0x7ffc0000 [ 146.770252][ T29] audit: type=1326 audit(1728942000.509:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7937dff9 code=0x7ffc0000 [ 146.811907][ T29] audit: type=1326 audit(1728942000.509:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fda7937dff9 code=0x7ffc0000 [ 146.872061][ T29] audit: type=1326 audit(1728942000.509:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7937dff9 code=0x7ffc0000 [ 146.894554][ T29] audit: type=1326 audit(1728942000.509:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7937dff9 code=0x7ffc0000 [ 146.918391][ T29] audit: type=1326 audit(1728942000.509:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fda7937dff9 code=0x7ffc0000 [ 146.940987][ T29] audit: type=1326 audit(1728942000.509:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7937dff9 code=0x7ffc0000 [ 146.963833][ T29] audit: type=1326 audit(1728942000.509:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fda7937dff9 code=0x7ffc0000 [ 146.986239][ T29] audit: type=1326 audit(1728942000.509:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.2.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7937dff9 code=0x7ffc0000 [ 147.011311][ T5287] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 147.067386][ T7636] loop4: detected capacity change from 0 to 2048 [ 147.089197][ T7636] EXT4-fs: Ignoring removed nobh option [ 147.227874][ T7636] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.256670][ T5287] usb 1-1: config 0 has no interfaces? [ 147.284347][ T7636] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 147.317034][ T5287] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 147.318333][ T7642] loop3: detected capacity change from 0 to 512 [ 147.326096][ T5287] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 147.326121][ T5287] usb 1-1: Manufacturer: syz [ 147.368475][ T5287] usb 1-1: config 0 descriptor?? [ 147.375324][ T7642] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 147.395655][ T7642] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #15: comm syz.3.710: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 147.439160][ T5235] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.443326][ T7642] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.710: couldn't read orphan inode 15 (err -117) [ 147.501102][ T7642] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 147.526838][ T7642] ext2 filesystem being mounted at /29/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 147.650777][ T7623] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 147.856632][ T120] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 147.884554][ T7623] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 147.929367][ T5287] usb 1-1: USB disconnect, device number 6 [ 147.975754][ T7649] loop2: detected capacity change from 0 to 64 [ 148.023007][ T120] usb 4-1: Using ep0 maxpacket: 16 [ 148.045116][ T120] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 148.055784][ T120] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 148.063918][ T7652] loop1: detected capacity change from 0 to 24 [ 148.074560][ T120] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 148.085742][ T120] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 148.106319][ T120] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 148.127251][ T120] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 148.150377][ T120] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 148.180507][ T120] usb 4-1: Manufacturer: syz [ 148.216274][ T120] usb 4-1: config 0 descriptor?? [ 148.498282][ T120] rc_core: IR keymap rc-hauppauge not found [ 148.520519][ T120] Registered IR keymap rc-empty [ 148.542531][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.598151][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.637886][ T120] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 148.689446][ T120] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input8 [ 148.734076][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.766809][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.806761][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.826756][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.876874][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.916772][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.936707][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.962172][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.980094][ T7682] bridge0: port 3(bond0) entered blocking state [ 148.987396][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 148.996008][ T7682] bridge0: port 3(bond0) entered disabled state [ 149.003127][ T7682] bond0: entered allmulticast mode [ 149.008722][ T120] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 149.025786][ T7682] bond_slave_0: entered allmulticast mode [ 149.033006][ T120] mceusb 4-1:0.0: Registered 혷 with mce emulator interface version 1 [ 149.050815][ T120] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 149.060469][ T7682] bond_slave_1: entered allmulticast mode [ 149.086162][ T120] usb 4-1: USB disconnect, device number 8 [ 149.106930][ T7682] bond0: entered promiscuous mode [ 149.122673][ T7682] bond_slave_0: entered promiscuous mode [ 149.163705][ T7682] bond_slave_1: entered promiscuous mode [ 149.203868][ T7682] bridge0: port 3(bond0) entered blocking state [ 149.210724][ T7682] bridge0: port 3(bond0) entered forwarding state [ 149.612868][ T7673] loop1: detected capacity change from 0 to 40427 [ 149.633025][ T7673] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 149.640912][ T7673] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 149.659154][ T6731] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.737097][ T7673] F2FS-fs (loop1): Found nat_bits in checkpoint [ 149.921618][ T7710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.739'. [ 149.946115][ T7714] input: syz0 as /devices/virtual/input/input9 [ 149.955441][ T7673] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 149.980726][ T7712] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 150.006748][ T7673] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 150.196816][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 150.196835][ T29] audit: type=1804 audit(1728942003.979:30): pid=7673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.722" name="/newroot/157/bus/file0" dev="loop1" ino=10 res=1 errno=0 [ 150.889037][ T5287] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 151.091886][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 151.112757][ T5287] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 151.156702][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 151.205030][ T5287] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 151.241963][ T5287] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 151.278729][ T5287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.322718][ T5287] usb 4-1: config 0 descriptor?? [ 151.370501][ T7761] loop2: detected capacity change from 0 to 1024 [ 151.565481][ T5287] hdpvr 4-1:0.0: firmware version 0x5b dated Ì7vi0ì [ 151.565481][ T5287] †Ã“‘êpY3¡€ÁLR›­º“ˆ<‡<è¬ü$ù4ãü [ 151.602217][ T5287] hdpvr 4-1:0.0: untested firmware, the driver might not work. [ 152.055726][ T5287] hdpvr 4-1:0.0: Could not setup controls [ 152.075617][ T5287] hdpvr 4-1:0.0: registering videodev failed [ 152.112360][ T7766] loop0: detected capacity change from 0 to 40427 [ 152.115592][ T5287] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -71 [ 152.142317][ T7766] F2FS-fs (loop0): invalid crc value [ 152.150316][ T7766] F2FS-fs (loop0): Found nat_bits in checkpoint [ 152.153593][ T7780] syz.4.768: attempt to access beyond end of device [ 152.153593][ T7780] nbd4: rw=0, sector=16, nr_sectors = 1 limit=0 [ 152.194812][ T5287] usb 4-1: USB disconnect, device number 9 [ 152.231300][ T7780] qnx6: unable to read the first superblock [ 152.265835][ T7780] syz.4.768: attempt to access beyond end of device [ 152.265835][ T7780] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0 [ 152.288078][ T7766] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 152.334748][ T7780] qnx6: unable to read the first superblock [ 152.357007][ T7780] qnx6: unable to read the first superblock [ 152.430905][ T5252] syz-executor: attempt to access beyond end of device [ 152.430905][ T5252] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 152.481803][ T5252] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 152.542327][ T7788] loop1: detected capacity change from 0 to 4096 [ 152.556723][ T7788] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 152.572612][ T7772] loop2: detected capacity change from 0 to 32768 [ 152.692138][ T7788] ntfs3(loop1): ino=1b, "file0" failed to parse mft record [ 152.731515][ T7772] read_mapping_page failed! [ 152.736758][ T7772] ERROR: (device loop2): txCommit: [ 152.736758][ T7772] [ 152.740576][ T7788] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 152.766312][ T7788] ntfs3(loop1): ino=1b, "file0" attr_set_size [ 152.770533][ T7772] ERROR: (device loop2): diFree: numfree > numinos [ 152.770533][ T7772] [ 152.886462][ T7191] read_mapping_page failed! [ 152.896819][ T7191] ERROR: (device loop2): txCommit: [ 152.896819][ T7191] [ 152.904873][ T7191] read_mapping_page failed! [ 152.917362][ T7191] ERROR: (device loop2): txCommit: [ 152.917362][ T7191] [ 153.006899][ T7798] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 153.219910][ T7807] loop0: detected capacity change from 0 to 512 [ 153.230834][ T7807] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 153.266751][ T7807] EXT4-fs (loop0): 1 truncate cleaned up [ 153.273306][ T7807] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.356522][ T7807] fscrypt (loop0, inode 18): Direct key flag not allowed with different contents and filenames modes [ 153.366957][ T7191] ERROR: (device loop2): diFree: numfree > numinos [ 153.366957][ T7191] [ 153.442531][ T5252] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.452639][ T112] ERROR: (device loop2): diFree: numfree > numinos [ 153.452639][ T112] [ 153.601617][ T7824] loop1: detected capacity change from 0 to 512 [ 153.634311][ T7824] EXT4-fs: Ignoring removed mblk_io_submit option [ 153.666737][ T1054] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.922871][ T7823] loop0: detected capacity change from 0 to 32768 [ 153.935785][ T7824] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.787: corrupted in-inode xattr: invalid ea_ino [ 153.961491][ T1054] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.988109][ T7823] JBD2: Ignoring recovery information on journal [ 154.007846][ T7824] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.787: couldn't read orphan inode 15 (err -117) [ 154.071521][ T7824] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 154.093480][ T7823] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 154.212716][ T1054] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.269453][ T5252] ocfs2: Unmounting device (7,0) on (node local) [ 154.337277][ T5236] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.580743][ T1054] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.671383][ T7818] loop3: detected capacity change from 0 to 32768 [ 154.698730][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 154.709360][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 154.717932][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 154.720415][ T7818] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.786 (7818) [ 154.726057][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 154.747613][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 154.754965][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 154.926690][ T7818] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 154.964283][ T7818] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 154.986726][ T7818] BTRFS info (device loop3): using free-space-tree [ 155.287747][ T1054] bridge_slave_1: left allmulticast mode [ 155.293451][ T1054] bridge_slave_1: left promiscuous mode [ 155.329122][ T1054] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.371669][ T6731] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 155.382624][ T1054] bridge_slave_0: left allmulticast mode [ 155.388498][ T1054] bridge_slave_0: left promiscuous mode [ 155.394234][ T1054] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.655320][ T7889] loop1: detected capacity change from 0 to 64 [ 156.085424][ T7848] loop4: detected capacity change from 0 to 32768 [ 156.158065][ T7848] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.798 (7848) [ 156.242873][ T7848] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 156.294889][ T7848] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 156.318900][ T7848] BTRFS info (device loop4): using free-space-tree [ 156.462433][ T7921] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 156.607223][ T5317] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 156.714675][ T5235] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 156.831206][ T54] Bluetooth: hci0: command tx timeout [ 156.856723][ T5317] usb 2-1: Using ep0 maxpacket: 16 [ 156.884386][ T7888] loop3: detected capacity change from 0 to 32768 [ 156.926407][ T5317] usb 2-1: config 0 has an invalid interface number: 251 but max is 0 [ 156.934992][ T5317] usb 2-1: config 0 has no interface number 0 [ 156.941265][ T5317] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 156.951378][ T5317] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 156.985995][ T5317] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 156.991931][ T7888] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 156.997319][ T5317] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.012366][ T5317] usb 2-1: Product: syz [ 157.016804][ T5317] usb 2-1: Manufacturer: syz [ 157.021431][ T5317] usb 2-1: SerialNumber: syz [ 157.028630][ T5317] usb 2-1: config 0 descriptor?? [ 157.034156][ T7914] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 157.046769][ T7914] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 157.170397][ T7888] XFS (loop3): Ending clean mount [ 157.198436][ T7888] XFS (loop3): Quotacheck needed: Please wait. [ 157.251294][ T7888] XFS (loop3): Quotacheck: Done. [ 157.306094][ T7914] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 157.314780][ T7914] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 157.319138][ T1054] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 157.364113][ T1054] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 157.412057][ T1054] bond0 (unregistering): Released all slaves [ 157.455237][ T6731] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 157.492564][ T7838] chnl_net:caif_netlink_parms(): no params data found [ 157.646802][ T120] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 157.721485][ T7838] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.748809][ T7838] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.756072][ T7838] bridge_slave_0: entered allmulticast mode [ 157.799391][ T7838] bridge_slave_0: entered promiscuous mode [ 157.809602][ T120] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 157.836863][ T120] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.857990][ T120] usb 5-1: Product: syz [ 157.865395][ T120] usb 5-1: Manufacturer: syz [ 157.892766][ T120] usb 5-1: SerialNumber: syz [ 157.914564][ T120] usb 5-1: config 0 descriptor?? [ 157.943997][ T5317] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 157.967519][ T5317] asix 2-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 157.976835][ T7838] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.002062][ T7838] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.011128][ T5317] asix 2-1:0.251: probe with driver asix failed with error -71 [ 158.026936][ T7838] bridge_slave_1: entered allmulticast mode [ 158.044529][ T7838] bridge_slave_1: entered promiscuous mode [ 158.065118][ T5317] usb 2-1: USB disconnect, device number 10 [ 158.241018][ T7838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 158.309901][ T7838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 158.328134][ T120] usb 5-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0) [ 158.345956][ T120] usb 5-1: Firmware version (0.0) predates our first public release. [ 158.375288][ T120] usb 5-1: Please update to version 0.2 or newer [ 158.436370][ T1054] hsr_slave_0: left promiscuous mode [ 158.461134][ T1054] hsr_slave_1: left promiscuous mode [ 158.487759][ T1054] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 158.505100][ T1054] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 158.534884][ T1054] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 158.581227][ T1054] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 158.657259][ T1054] veth1_macvtap: left promiscuous mode [ 158.662957][ T1054] veth0_macvtap: left promiscuous mode [ 158.669110][ T1054] veth1_vlan: left promiscuous mode [ 158.674569][ T1054] veth0_vlan: left promiscuous mode [ 158.846155][ T7948] loop0: detected capacity change from 0 to 32768 [ 158.882571][ T54] Bluetooth: hci0: command tx timeout [ 158.894610][ T7948] read_mapping_page failed! [ 158.906158][ T7948] ERROR: (device loop0): txCommit: [ 158.906158][ T7948] [ 158.959300][ T7948] ERROR: (device loop0): diFree: numfree > numinos [ 158.959300][ T7948] [ 159.030328][ T5252] read_mapping_page failed! [ 159.039514][ T5252] ERROR: (device loop0): txCommit: [ 159.039514][ T5252] [ 159.049226][ T5252] read_mapping_page failed! [ 159.053909][ T5252] ERROR: (device loop0): txCommit: [ 159.053909][ T5252] [ 159.132138][ T6422] ERROR: (device loop0): diFree: numfree > numinos [ 159.132138][ T6422] [ 159.153557][ T112] ERROR: (device loop0): diFree: numfree > numinos [ 159.153557][ T112] [ 159.430499][ T7986] loop4: detected capacity change from 0 to 2048 [ 159.499958][ T7986] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.563622][ T5235] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.629208][ T1054] team0 (unregistering): Port device team_slave_1 removed [ 159.697984][ T1054] team0 (unregistering): Port device team_slave_0 removed [ 160.247860][ T120] usb 5-1: USB disconnect, device number 7 [ 160.294012][ T7994] netlink: 8 bytes leftover after parsing attributes in process `syz.4.824'. [ 160.319604][ T7838] team0: Port device team_slave_0 added [ 160.454013][ T7838] team0: Port device team_slave_1 added [ 160.562668][ T7996] loop3: detected capacity change from 0 to 4096 [ 160.617779][ T7996] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 160.696216][ T7996] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 160.893311][ T7838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 160.896939][ T8004] loop1: detected capacity change from 0 to 1024 [ 160.903421][ T7838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.952409][ T7838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 160.968335][ T54] Bluetooth: hci0: command tx timeout [ 161.018575][ T7838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 161.025569][ T7838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.059223][ T7838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 161.214704][ T7838] hsr_slave_0: entered promiscuous mode [ 161.230209][ T5251] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 161.240676][ T5251] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 161.241486][ T8013] input: syz1 as /devices/virtual/input/input10 [ 161.249473][ T5251] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 161.263894][ T5251] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 161.272134][ T5251] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 161.272606][ T7838] hsr_slave_1: entered promiscuous mode [ 161.279740][ T5251] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 161.311750][ T7838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 161.320818][ T7838] Cannot create hsr debugfs directory [ 161.743022][ T1054] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.917914][ T1054] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.041792][ T1054] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.291691][ T1054] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.430353][ T25] IPVS: starting estimator thread 0... [ 162.502110][ T8029] loop4: detected capacity change from 0 to 32768 [ 162.517167][ T8029] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.837 (8029) [ 162.538787][ T8054] IPVS: using max 21 ests per chain, 50400 per kthread [ 162.557830][ T8029] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 162.610477][ T8029] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 162.628008][ T8029] BTRFS info (device loop4): using free-space-tree [ 162.831264][ T8078] Process accounting resumed [ 162.837960][ T8078] kernel write not supported for file /asound/timers (pid: 8078 comm: syz.3.847) [ 162.896419][ T5235] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 163.051733][ T5251] Bluetooth: hci0: command tx timeout [ 163.098873][ T1054] bond0: left allmulticast mode [ 163.103784][ T1054] bond_slave_0: left allmulticast mode [ 163.110229][ T1054] bond_slave_1: left allmulticast mode [ 163.115783][ T1054] bond0: left promiscuous mode [ 163.121613][ T1054] bond_slave_0: left promiscuous mode [ 163.130371][ T1054] bond_slave_1: left promiscuous mode [ 163.136046][ T1054] bridge0: port 3(bond0) entered disabled state [ 163.178384][ T1054] bridge_slave_1: left allmulticast mode [ 163.184078][ T1054] bridge_slave_1: left promiscuous mode [ 163.204778][ T1054] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.238945][ T1054] bridge_slave_0: left allmulticast mode [ 163.244641][ T1054] bridge_slave_0: left promiscuous mode [ 163.276940][ T1054] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.341953][ T8088] loop3: detected capacity change from 0 to 64 [ 163.436751][ T5251] Bluetooth: hci4: command tx timeout [ 163.633467][ T8094] loop4: detected capacity change from 0 to 4096 [ 163.658403][ T8094] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 163.746989][ T8094] ntfs3(loop4): failed to convert "c46c" to iso8859-13 [ 163.794333][ T5318] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 163.970066][ T5318] usb 4-1: config 0 has an invalid interface number: 255 but max is 0 [ 163.981099][ T5318] usb 4-1: config 0 has no interface number 0 [ 163.992373][ T5318] usb 4-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 164.013324][ T5318] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 164.027388][ T5318] usb 4-1: config 0 interface 255 has no altsetting 0 [ 164.034205][ T5318] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 164.043852][ T5318] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.061758][ T5318] usb 4-1: config 0 descriptor?? [ 164.072340][ T5318] ums-realtek 4-1:0.255: USB Mass Storage device detected [ 164.107236][ T1054] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 164.122399][ T1054] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 164.134172][ T1054] bond0 (unregistering): Released all slaves [ 164.147251][ T8009] chnl_net:caif_netlink_parms(): no params data found [ 164.275747][ T5318] usb 4-1: USB disconnect, device number 10 [ 164.523641][ T8009] bridge0: port 1(bridge_slave_0) entered blocking state [ 164.551250][ T8009] bridge0: port 1(bridge_slave_0) entered disabled state [ 164.562447][ T8009] bridge_slave_0: entered allmulticast mode [ 164.569928][ T8009] bridge_slave_0: entered promiscuous mode [ 164.580409][ T8009] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.588381][ T8009] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.595590][ T8009] bridge_slave_1: entered allmulticast mode [ 164.602862][ T8009] bridge_slave_1: entered promiscuous mode [ 164.654118][ T7838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 164.663423][ T7838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 164.684354][ T8009] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 164.699485][ T7838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 164.710166][ T7838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 164.719724][ T51] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 164.741692][ T8009] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 164.888075][ T51] usb 2-1: Using ep0 maxpacket: 8 [ 164.905006][ T51] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 164.926673][ T51] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 164.942040][ T51] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.972275][ T51] usb 2-1: config 0 descriptor?? [ 165.162725][ T1054] hsr_slave_0: left promiscuous mode [ 165.180105][ T1054] hsr_slave_1: left promiscuous mode [ 165.186195][ T1054] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 165.201682][ T1054] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 165.215756][ T51] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 165.243725][ T1054] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 165.260844][ T1054] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 165.300765][ T1054] veth1_macvtap: left promiscuous mode [ 165.306433][ T1054] veth0_macvtap: left promiscuous mode [ 165.312515][ T1054] veth1_vlan: left promiscuous mode [ 165.318435][ T1054] veth0_vlan: left promiscuous mode [ 165.491385][ T120] usb 2-1: USB disconnect, device number 11 [ 165.518500][ T5251] Bluetooth: hci4: command tx timeout [ 165.722110][ T51] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 165.896704][ T51] usb 5-1: Using ep0 maxpacket: 8 [ 165.909562][ T51] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 165.931459][ T51] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 165.940888][ T51] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.963519][ T1054] team0 (unregistering): Port device team_slave_1 removed [ 165.964990][ T51] usb 5-1: config 0 descriptor?? [ 165.987120][ T51] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 166.070318][ T1054] team0 (unregistering): Port device team_slave_0 removed [ 166.608072][ T8009] team0: Port device team_slave_0 added [ 166.624322][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz.3.870'. [ 166.640736][ T8133] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 166.648585][ T8133] macsec1: entered promiscuous mode [ 166.658239][ T8009] team0: Port device team_slave_1 added [ 166.782226][ T8009] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 166.789178][ T8139] loop1: detected capacity change from 0 to 128 [ 166.790479][ T8139] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 166.821064][ T51] gspca_vc032x: reg_w err -71 [ 166.825846][ T51] vc032x 5-1:0.0: probe with driver vc032x failed with error -71 [ 166.834274][ T8009] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.862673][ T51] usb 5-1: USB disconnect, device number 8 [ 166.870266][ T8009] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 166.885901][ T8139] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 166.903795][ T8009] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 166.912345][ T8009] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.977463][ T8009] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 167.040314][ T52] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 167.190897][ T8009] hsr_slave_0: entered promiscuous mode [ 167.204603][ T8009] hsr_slave_1: entered promiscuous mode [ 167.230197][ T8009] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 167.251426][ T8009] Cannot create hsr debugfs directory [ 167.360189][ T1054] IPVS: stop unused estimator thread 0... [ 167.397726][ T8154] loop1: detected capacity change from 0 to 1024 [ 167.598312][ T5251] Bluetooth: hci4: command tx timeout [ 167.605040][ T8154] EXT4-fs: Ignoring removed orlov option [ 167.612333][ T8154] EXT4-fs (loop1): Test dummy encryption mode enabled [ 167.619776][ T8154] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 167.645723][ T7838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.665204][ T7838] 8021q: adding VLAN 0 to HW filter on device team0 [ 167.708929][ T8154] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.763169][ T8154] EXT4-fs error (device loop1): __ext4_remount:6522: comm syz.1.877: Abort forced by user [ 167.793502][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.800666][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 167.863003][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.870216][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 167.885490][ T8154] EXT4-fs (loop1): Remounting filesystem read-only [ 167.894330][ T8154] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 167.926913][ T25] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 168.025744][ T5236] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.107113][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 168.139784][ T25] usb 4-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4 [ 168.156667][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 168.186675][ T25] usb 4-1: Product: syz [ 168.190935][ T25] usb 4-1: Manufacturer: syz [ 168.204915][ T25] usb 4-1: SerialNumber: syz [ 168.232256][ T25] usb 4-1: config 0 descriptor?? [ 168.279396][ T25] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state. [ 168.489326][ T25] gp8psk: usb in 128 operation failed. [ 168.524744][ T7838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 168.536944][ T25] gp8psk: usb in 137 operation failed. [ 168.551763][ T25] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 168.572134][ T25] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver) [ 168.639350][ T25] usb 4-1: media controller created [ 168.700055][ T25] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 168.715301][ T7838] veth0_vlan: entered promiscuous mode [ 168.758233][ T25] gp8psk_fe: Frontend revision 1 attached [ 168.764036][ T25] usb 4-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 168.781466][ T7838] veth1_vlan: entered promiscuous mode [ 168.789714][ T25] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 168.801012][ T8009] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 168.822511][ T8009] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 168.848405][ T8009] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 168.863126][ T8009] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 168.935464][ T8178] loop4: detected capacity change from 0 to 32768 [ 168.959095][ T7838] veth0_macvtap: entered promiscuous mode [ 168.967111][ T8178] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.882 (8178) [ 169.003943][ T7838] veth1_macvtap: entered promiscuous mode [ 169.033471][ T8178] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 169.049449][ T25] gp8psk: usb in 137 operation failed. [ 169.076827][ T25] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected. [ 169.090738][ T8178] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 169.108477][ T8178] BTRFS info (device loop4): using free-space-tree [ 169.113635][ T25] gp8psk: found Genpix USB device pID = 201 (hex) [ 169.126361][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 169.149273][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.171585][ T25] usb 4-1: USB disconnect, device number 11 [ 169.194910][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 169.257760][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.277613][ T25] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected. [ 169.289591][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 169.300450][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.328073][ T7838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 169.363798][ T29] audit: type=1800 audit(1728942023.159:31): pid=8178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.882" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 169.463786][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 169.474573][ T8224] loop1: detected capacity change from 0 to 256 [ 169.491207][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.513881][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 169.528530][ T8224] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 169.541365][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.573052][ T7838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 169.589329][ T7838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 169.601607][ T5235] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 169.601968][ T7838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 169.639981][ T8009] 8021q: adding VLAN 0 to HW filter on device bond0 [ 169.665480][ T8009] 8021q: adding VLAN 0 to HW filter on device team0 [ 169.684290][ T29] audit: type=1800 audit(1728942023.469:32): pid=8227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.888" name="file1" dev="loop1" ino=1048629 res=0 errno=0 [ 169.729583][ T5251] Bluetooth: hci4: command tx timeout [ 169.740759][ T7838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.802387][ T7838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.862685][ T7838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.912775][ T7838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.969444][ T1054] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.976646][ T1054] bridge0: port 1(bridge_slave_0) entered forwarding state [ 170.040574][ T1054] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.047829][ T1054] bridge0: port 2(bridge_slave_1) entered forwarding state [ 170.248774][ T8245] 8021q: VLANs not supported on bridge0 [ 170.399000][ T1054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 170.427623][ T1054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 170.465591][ T72] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 170.497970][ T72] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 170.916104][ T8009] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 171.067386][ T8009] veth0_vlan: entered promiscuous mode [ 171.139051][ T8009] veth1_vlan: entered promiscuous mode [ 171.212775][ T8009] veth0_macvtap: entered promiscuous mode [ 171.242621][ T8009] veth1_macvtap: entered promiscuous mode [ 171.275022][ T8009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 171.299031][ T8009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.309393][ T8009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 171.320541][ T8009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.330666][ T8009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 171.341380][ T8009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.351799][ T8009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 171.366630][ T8009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.379824][ T8009] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 171.543372][ T8009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.574228][ T8009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.596728][ T8009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.616890][ T8009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.634961][ T8253] loop4: detected capacity change from 0 to 32768 [ 171.642056][ T8009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.654415][ T8009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.665968][ T8009] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 171.676630][ T8009] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.687951][ T8009] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 171.700161][ T8009] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.709115][ T8009] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.718368][ T8009] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.727484][ T8009] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.813481][ T8253] JBD2: Ignoring recovery information on journal [ 171.933931][ T8297] loop2: detected capacity change from 0 to 1024 [ 171.953310][ T8253] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 171.989589][ T8300] loop3: detected capacity change from 0 to 128 [ 172.010330][ T8297] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 172.079492][ T8297] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 172.093561][ T8253] (syz.4.889,8253,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #17: directory entry overrun - offset=312, inode=13845347915746889, rec_len=54648, name_len=18 [ 172.121084][ T1054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.135444][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.143610][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.151558][ T8297] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 172.152810][ T11] kworker/u8:0: attempt to access beyond end of device [ 172.152810][ T11] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 172.204354][ T1054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.214554][ T8297] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #3: comm syz.2.903: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 172.312699][ T8297] EXT4-fs (loop2): no journal found [ 172.318407][ T8297] EXT4-fs (loop2): can't get journal size [ 172.322379][ T5235] ocfs2: Unmounting device (7,4) on (node local) [ 172.337475][ T8297] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 172.349713][ T8306] loop1: detected capacity change from 0 to 512 [ 172.441497][ T8306] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 172.494031][ T8306] System zones: 0-2, 18-18, 34-34 [ 172.558400][ T8306] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.908: bg 0: block 248: padding at end of block bitmap is not set [ 172.579515][ T8306] Quota error (device loop1): write_blk: dquota write failed [ 172.598461][ T8306] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 172.636798][ T8306] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.908: Failed to acquire dquot type 1 [ 172.657074][ T5318] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 172.711948][ T8306] EXT4-fs (loop1): 1 truncate cleaned up [ 172.718917][ T8306] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 172.731694][ T8306] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 172.764477][ T8306] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 3: comm syz.1.908: path /207/file0: bad entry in directory: rec_len is smaller than minimal - offset=323, inode=0, rec_len=0, size=4096 fake=0 [ 172.797556][ T120] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 172.818100][ T8306] syz.1.908 (8306) used greatest stack depth: 18608 bytes left [ 172.835496][ T5236] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.882421][ T5318] usb 3-1: Using ep0 maxpacket: 32 [ 172.913654][ T5318] usb 3-1: config 0 has an invalid interface number: 111 but max is 1 [ 172.922174][ T5318] usb 3-1: config 0 has no interface number 1 [ 172.933984][ T5318] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83 [ 172.947091][ T5318] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.948161][ T120] usb 4-1: Using ep0 maxpacket: 8 [ 172.956461][ T5318] usb 3-1: Product: syz [ 172.969557][ T5318] usb 3-1: Manufacturer: syz [ 172.974193][ T5318] usb 3-1: SerialNumber: syz [ 172.995300][ T120] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 173.003987][ T120] usb 4-1: config 179 has no interface number 0 [ 173.010868][ T120] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 173.021998][ T120] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 173.022988][ T5318] usb 3-1: config 0 descriptor?? [ 173.033321][ T120] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 173.033352][ T120] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 173.033378][ T120] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 173.033417][ T120] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 173.084928][ T120] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.112846][ T8312] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 173.427245][ T5318] snd-usb-6fire 3-1:0.111: unable to receive device firmware state. [ 173.481694][ T5318] snd-usb-6fire 3-1:0.111: probe with driver snd-usb-6fire failed with error -71 [ 173.494141][ T8333] loop4: detected capacity change from 0 to 512 [ 173.510577][ T8333] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 173.538564][ T120] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input12 [ 173.540632][ T5318] usb 3-1: USB disconnect, device number 5 [ 173.660529][ T8333] EXT4-fs (loop4): 1 orphan inode deleted [ 173.709783][ T8333] EXT4-fs (loop4): 1 truncate cleaned up [ 173.716294][ T8333] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 173.767532][ T8333] EXT4-fs error (device loop4): ext4_inlinedir_to_tree:1404: inode #12: block 7: comm syz.4.917: path /200/bus/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 173.805315][ T5318] usb 4-1: USB disconnect, device number 12 [ 173.805467][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 173.819856][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 173.828527][ T5318] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 173.876486][ T8333] EXT4-fs (loop4): Remounting filesystem read-only [ 173.972550][ T5235] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.120394][ T7838] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.281596][ T8344] loop0: detected capacity change from 0 to 2048 [ 174.289041][ T8344] nilfs2: Unknown parameter 'nor' [ 174.324278][ T8348] loop1: detected capacity change from 0 to 256 [ 174.353047][ T8348] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ' [ 174.695366][ T8359] loop1: detected capacity change from 0 to 256 [ 174.805306][ T8359] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 174.833443][ T8359] FAT-fs (loop1): Filesystem has been set read-only [ 175.219977][ T8375] netlink: 19 bytes leftover after parsing attributes in process `syz.3.937'. [ 175.337042][ T25] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 175.536769][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 175.548576][ T25] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 175.576699][ T25] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 175.606791][ T25] usb 1-1: config 0 has no interface number 0 [ 175.616738][ T25] usb 1-1: config 0 interface 52 has no altsetting 0 [ 175.648982][ T25] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 175.666625][ T25] usb 1-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35 [ 175.705617][ T25] usb 1-1: Product: syz [ 175.716106][ T25] usb 1-1: Manufacturer: syz [ 175.730867][ T25] usb 1-1: SerialNumber: syz [ 175.753916][ T25] usb 1-1: config 0 descriptor?? [ 176.162268][ T8373] loop1: detected capacity change from 0 to 32768 [ 176.187643][ T5318] usb 1-1: USB disconnect, device number 7 [ 176.266304][ T8373] ERROR: (device loop1): xtSearch: XT_GETPAGE: xtree page corrupt [ 176.266304][ T8373] [ 176.291977][ T8373] ERROR: (device loop1): remounting filesystem as read-only [ 176.309987][ T8373] xtLookup: xtSearch returned -5 [ 176.316079][ T8406] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 176.337195][ T8373] add_index: get/read_metapage failed! [ 176.346198][ T8373] ERROR: (device loop1): xtSearch: XT_GETPAGE: xtree page corrupt [ 176.346198][ T8373] [ 176.376744][ T8373] xtLookup: xtSearch returned -5 [ 176.387720][ T8373] free_index: error reading directory table [ 176.393654][ T8373] ERROR: (device loop1): xtSearch: XT_GETPAGE: xtree page corrupt [ 176.393654][ T8373] [ 176.445195][ T8373] xtLookup: xtSearch returned -5 [ 176.472002][ T8373] free_index: error reading directory table [ 176.485510][ T8373] ERROR: (device loop1): xtSearch: XT_GETPAGE: xtree page corrupt [ 176.485510][ T8373] [ 176.513867][ T8373] xtLookup: xtSearch returned -5 [ 176.518959][ T8387] loop2: detected capacity change from 0 to 32768 [ 176.539442][ T8387] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 176.547892][ T8387] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 176.585208][ T8373] free_index: error reading directory table [ 176.611725][ T8387] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 176.631681][ T5288] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 176.634216][ T8373] ERROR: (device loop1): xtSearch: XT_GETPAGE: xtree page corrupt [ 176.634216][ T8373] [ 176.641991][ T5288] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 176.686929][ T8373] xtLookup: xtSearch returned -5 [ 176.696367][ T5288] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 54ms [ 176.705896][ T8373] free_index: error reading directory table [ 176.707327][ T5288] gfs2: fsid=syz:syz.0: jid=0: Done [ 176.722436][ T8373] ERROR: (device loop1): xtSearch: XT_GETPAGE: xtree page corrupt [ 176.722436][ T8373] [ 176.726690][ T8387] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 176.745945][ T8373] xtLookup: xtSearch returned -5 [ 176.753833][ T8414] netlink: 'syz.3.955': attribute type 1 has an invalid length. [ 176.804180][ T8373] free_index: error reading directory table [ 176.833434][ T8373] ERROR: (device loop1): xtSearch: XT_GETPAGE: xtree page corrupt [ 176.833434][ T8373] [ 176.835600][ T8418] loop0: detected capacity change from 0 to 1024 [ 176.846669][ T8373] xtLookup: xtSearch returned -5 [ 176.874986][ T8418] EXT4-fs: Ignoring removed orlov option [ 176.882002][ T8418] EXT4-fs: Ignoring removed nomblk_io_submit option [ 176.888792][ T8373] add_index: get/read_metapage failed! [ 176.900731][ T8418] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002] [ 176.912320][ T8418] System zones: 0-1, 3-36 [ 177.110435][ T8418] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 177.277869][ T8009] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.532104][ T8444] loop3: detected capacity change from 0 to 256 [ 177.547337][ T8442] netlink: 28 bytes leftover after parsing attributes in process `syz.2.969'. [ 177.585518][ T8442] netlink: 28 bytes leftover after parsing attributes in process `syz.2.969'. [ 177.646929][ T8444] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 178.028923][ T8428] loop4: detected capacity change from 0 to 32768 [ 178.047362][ T8428] btrfs: Deprecated parameter 'usebackuproot' [ 178.053486][ T8428] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 178.090039][ T8428] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.963 (8428) [ 178.151091][ T8428] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 178.177990][ T8428] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 178.209929][ T8428] BTRFS info (device loop4): using free-space-tree [ 178.505109][ T11] BTRFS warning (device loop4): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0 [ 178.560400][ T8484] loop2: detected capacity change from 0 to 24 [ 178.596649][ T8428] BTRFS warning (device loop4): couldn't read tree root [ 178.604494][ T8428] BTRFS warning (device loop4): try to load backup roots slot 1 [ 178.647248][ T11] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0xf4e99bf9 level 0 [ 178.661460][ T8447] loop0: detected capacity change from 0 to 32768 [ 178.667026][ T8428] BTRFS warning (device loop4): couldn't read tree root [ 178.698938][ T8447] BTRFS: device /dev/loop0 (7:0) using temp-fsid fd48cb7d-bab8-4b13-8896-d00cedf21108 [ 178.708728][ T8428] BTRFS warning (device loop4): try to load backup roots slot 2 [ 178.739390][ T8447] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.971 (8447) [ 178.743647][ T1054] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 178.782031][ T8428] BTRFS warning (device loop4): couldn't read tree root [ 178.790360][ T8428] BTRFS warning (device loop4): try to load backup roots slot 3 [ 178.820987][ T8447] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 178.842846][ T8428] BTRFS info (device loop4): rebuilding free space tree [ 178.855884][ T8447] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 178.895370][ T8447] BTRFS info (device loop0): disk space caching is enabled [ 178.914905][ T8428] BTRFS info (device loop4): checking UUID tree [ 178.923742][ T8447] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 179.094161][ T29] audit: type=1800 audit(1728942032.889:33): pid=8428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.963" name="file1" dev="loop4" ino=257 res=0 errno=0 [ 179.223859][ T8447] BTRFS info (device loop0): rebuilding free space tree [ 179.374034][ T5235] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 179.424250][ T8447] BTRFS info (device loop0): disabling free space tree [ 179.469894][ T8447] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 179.558593][ T8447] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 179.999201][ T8009] BTRFS info (device loop0): last unmount of filesystem fd48cb7d-bab8-4b13-8896-d00cedf21108 [ 180.003386][ T8530] netlink: 'syz.4.986': attribute type 4 has an invalid length. [ 180.034070][ T8532] loop2: detected capacity change from 0 to 16 [ 180.079963][ T8532] erofs: (device loop2): mounted with root inode @ nid 36. [ 180.145717][ T8532] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 180.221285][ T8532] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -4 in[53, 4043] out[1851] [ 180.270405][ T8532] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 180.309944][ T8538] netlink: 'syz.4.995': attribute type 2 has an invalid length. [ 180.341723][ T8538] netlink: 16142 bytes leftover after parsing attributes in process `syz.4.995'. [ 180.495232][ T8518] loop3: detected capacity change from 0 to 32768 [ 180.693894][ T8518] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 180.720552][ T8518] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 180.805420][ T8518] XFS (loop3): Ending clean mount [ 180.824181][ T8518] XFS (loop3): Quotacheck needed: Please wait. [ 180.956020][ T8518] XFS (loop3): Quotacheck: Done. [ 181.073936][ T8518] XFS (loop3): User initiated shutdown received. [ 181.148041][ T8518] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xe2/0x160 (fs/xfs/xfs_fsops.c:457). Shutting down filesystem. [ 181.222892][ T8518] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 181.268768][ T8579] loop0: detected capacity change from 0 to 256 [ 181.328016][ T6731] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 181.332551][ T8579] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 181.785828][ T8594] sg_write: process 36 (syz.0.1016) changed security contexts after opening file descriptor, this is not allowed. [ 181.883143][ T8594] program syz.0.1016 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 182.013276][ T8557] loop1: detected capacity change from 0 to 32768 [ 182.078364][ T8557] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 182.189921][ T8557] XFS (loop1): Ending clean mount [ 182.350788][ T5236] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 182.706751][ T8622] ipvlan2: entered promiscuous mode [ 182.870168][ T8629] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1030'. [ 183.364187][ T8644] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1036'. [ 183.469562][ T5288] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 183.658265][ T5288] usb 2-1: Using ep0 maxpacket: 16 [ 183.682170][ T5288] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 183.708574][ T5288] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 183.727615][ T8655] loop2: detected capacity change from 0 to 1024 [ 183.729045][ T5288] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.763870][ T5288] usb 2-1: Product: syz [ 183.780715][ T5288] usb 2-1: Manufacturer: syz [ 183.803264][ T5288] usb 2-1: SerialNumber: syz [ 183.830890][ T5288] usb 2-1: config 0 descriptor?? [ 183.883887][ T5288] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 183.898806][ T5288] usb 2-1: Detected FT232R [ 184.092344][ T5288] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 184.134887][ T8659] loop3: detected capacity change from 0 to 4096 [ 184.186455][ T8659] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 184.205981][ T8663] loop2: detected capacity change from 0 to 2048 [ 184.272149][ T8659] ntfs3(loop3): Failed to load $Extend (-22). [ 184.293577][ T8659] ntfs3(loop3): Failed to initialize $Extend. [ 184.307745][ T8663] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 184.351637][ T5288] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 184.396650][ T29] audit: type=1800 audit(1728942038.189:34): pid=8659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1044" name="file1" dev="loop3" ino=30 res=0 errno=0 [ 184.606669][ T5288] usb 2-1: USB disconnect, device number 12 [ 184.662773][ T7838] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.668311][ T5288] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 184.708090][ T5288] ftdi_sio 2-1:0.0: device disconnected [ 185.674906][ T8676] loop0: detected capacity change from 0 to 4096 [ 185.873420][ T8681] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 186.671897][ T8674] loop3: detected capacity change from 0 to 40427 [ 186.710755][ T8674] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 186.755290][ T8674] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 186.860462][ T8674] F2FS-fs (loop3): invalid crc value [ 187.004946][ T8674] F2FS-fs (loop3): Found nat_bits in checkpoint [ 187.322524][ T8693] loop1: detected capacity change from 0 to 4096 [ 187.541510][ T8674] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 187.549107][ T8674] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 187.715991][ T8678] loop2: detected capacity change from 0 to 40427 [ 187.817529][ T8678] F2FS-fs (loop2): invalid crc value [ 187.878794][ T8684] loop0: detected capacity change from 0 to 32768 [ 187.968184][ T11] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 188.051907][ T8678] F2FS-fs (loop2): Found nat_bits in checkpoint [ 188.223183][ T8678] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 188.328318][ T11] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 189.053108][ T8705] loop0: detected capacity change from 0 to 2048 [ 189.267848][ T8705] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 189.416393][ T8712] netlink: 'syz.3.1058': attribute type 11 has an invalid length. [ 189.504637][ T8009] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.921332][ T8693] ntfs3(loop1): ino=0, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record [ 189.950562][ C0] vkms_vblank_simulate: vblank timer overrun [ 190.721711][ T8739] loop1: detected capacity change from 0 to 8 [ 190.761167][ T8739] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 191.382704][ T8738] loop3: detected capacity change from 0 to 32768 [ 191.948696][ T29] audit: type=1800 audit(1728942045.669:35): pid=8738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1073" name="file1" dev="loop3" ino=4 res=0 errno=0 [ 192.187801][ T8748] loop0: detected capacity change from 0 to 4096 [ 192.190815][ T8753] loop2: detected capacity change from 0 to 4096 [ 192.359256][ T8748] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 192.400140][ T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 192.415504][ T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 192.443817][ T8757] loop1: detected capacity change from 0 to 256 [ 192.504558][ T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 192.512906][ T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 192.528242][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 192.535852][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 192.653994][ T8757] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 193.074988][ T8765] loop1: detected capacity change from 0 to 64 [ 193.166651][ T8765] hfs: unable to locate alternate MDB [ 193.172512][ T8765] hfs: continuing without an alternate MDB [ 193.330640][ T8754] chnl_net:caif_netlink_parms(): no params data found [ 193.408437][ T29] audit: type=1800 audit(1728942047.209:36): pid=8765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1085" name="file1" dev="loop1" ino=18 res=0 errno=0 [ 193.674591][ T8759] loop3: detected capacity change from 0 to 32768 [ 193.697434][ T72] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.781472][ T8769] loop2: detected capacity change from 0 to 8192 [ 194.012036][ T8759] JBD2: Ignoring recovery information on journal [ 194.099303][ T8759] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 194.134990][ T72] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.294723][ T6731] ocfs2: Unmounting device (7,3) on (node local) [ 194.485455][ T72] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.489171][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.515811][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.676739][ T54] Bluetooth: hci5: command tx timeout [ 195.094802][ T72] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.139221][ T8754] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.148121][ T8754] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.161040][ T8754] bridge_slave_0: entered allmulticast mode [ 195.176482][ T8754] bridge_slave_0: entered promiscuous mode [ 195.253219][ T8754] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.286742][ T8754] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.319241][ T8754] bridge_slave_1: entered allmulticast mode [ 195.328214][ T8754] bridge_slave_1: entered promiscuous mode [ 195.538581][ T8754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 195.550188][ T8754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 195.725759][ T8754] team0: Port device team_slave_0 added [ 195.792193][ T8754] team0: Port device team_slave_1 added [ 195.858137][ T8813] loop2: detected capacity change from 0 to 32768 [ 195.866215][ T8813] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1103 (8813) [ 195.893264][ T8813] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 195.916784][ T8813] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 195.925605][ T8813] BTRFS info (device loop2): using free-space-tree [ 195.965039][ T8754] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 195.974105][ T8815] loop3: detected capacity change from 0 to 8192 [ 195.986867][ T8754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.022695][ T8754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.024822][ T120] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 196.147732][ T8754] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 196.184336][ T8754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.186469][ T8813] BTRFS info (device loop2): rebuilding free space tree [ 196.211718][ T120] usb 1-1: Using ep0 maxpacket: 16 [ 196.223135][ T8754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 196.236151][ T120] usb 1-1: config 0 has an invalid descriptor of length 28, skipping remainder of the config [ 196.250026][ T120] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 196.282244][ T120] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 191 [ 196.347376][ T120] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 196.372620][ T72] bridge_slave_1: left allmulticast mode [ 196.416611][ T72] bridge_slave_1: left promiscuous mode [ 196.423559][ T72] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.447817][ T120] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 196.476688][ T120] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 196.495983][ T120] usb 1-1: Manufacturer: syz [ 196.510321][ T72] bridge_slave_0: left allmulticast mode [ 196.534338][ T120] usb 1-1: config 0 descriptor?? [ 196.543979][ T72] bridge_slave_0: left promiscuous mode [ 196.575238][ T72] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.585965][ T7838] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 196.786266][ T54] Bluetooth: hci5: command tx timeout [ 196.999929][ T8843] loop1: detected capacity change from 0 to 32768 [ 197.104235][ T120] rc_core: IR keymap rc-hauppauge not found [ 197.117856][ T120] Registered IR keymap rc-empty [ 197.130105][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.163078][ T8843] XFS (loop1): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 197.170024][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.224670][ T120] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 197.305956][ T120] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input13 [ 197.413876][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.460821][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.468893][ T8843] XFS (loop1): Ending clean mount [ 197.473632][ C0] rc rc0: IR event FIFO is full! [ 197.478945][ T8862] rc rc0: two consecutive events of type space [ 197.525832][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.546908][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.561806][ T29] audit: type=1800 audit(1728942051.359:37): pid=8843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1106" name="file1" dev="loop1" ino=7430 res=0 errno=0 [ 197.586306][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.603647][ T5236] XFS (loop1): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 197.618669][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.664113][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.691440][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.739332][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.779911][ T120] mceusb 1-1:0.0: Error: mce write urb status = -71 [ 197.813446][ T120] mceusb 1-1:0.0: Registered Ø‹ with mce emulator interface version 1 [ 197.822899][ T120] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 197.847676][ T120] usb 1-1: USB disconnect, device number 8 [ 198.144137][ T72] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 198.155234][ T72] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 198.167735][ T72] bond0 (unregistering): Released all slaves [ 198.372232][ T8754] hsr_slave_0: entered promiscuous mode [ 198.410447][ T8754] hsr_slave_1: entered promiscuous mode [ 198.435226][ T8754] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 198.447140][ T8754] Cannot create hsr debugfs directory [ 198.495919][ T8874] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1112'. [ 198.527607][ T8876] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1113'. [ 198.735581][ T8885] loop2: detected capacity change from 0 to 1024 [ 198.776143][ T8885] EXT4-fs: Ignoring removed nobh option [ 198.797441][ T54] Bluetooth: hci5: command tx timeout [ 198.814226][ T8885] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 198.842511][ T8885] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #11: comm syz.2.1117: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 199.005031][ T8885] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.1117: couldn't read orphan inode 11 (err -117) [ 199.052473][ T8885] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 199.073022][ T72] hsr_slave_0: left promiscuous mode [ 199.139547][ T72] hsr_slave_1: left promiscuous mode [ 199.165422][ T72] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 199.188996][ T72] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 199.228459][ T8885] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.1117: Invalid block bitmap block 0 in block_group 0 [ 199.258019][ T72] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 199.264467][ T8904] loop0: detected capacity change from 0 to 2048 [ 199.286315][ T72] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 199.326326][ T8885] Quota error (device loop2): write_blk: dquota write failed [ 199.338781][ T8912] loop3: detected capacity change from 0 to 64 [ 199.358232][ T8885] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 199.362830][ T72] veth1_macvtap: left promiscuous mode [ 199.376957][ T72] veth0_macvtap: left promiscuous mode [ 199.382596][ T72] veth1_vlan: left promiscuous mode [ 199.388020][ T72] veth0_vlan: left promiscuous mode [ 199.407888][ T8904] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 199.443240][ T8885] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.1117: Failed to acquire dquot type 0 [ 199.525289][ T8910] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.1117: Invalid inode bitmap blk 137438953472 in block_group 0 [ 199.727198][ T35] EXT4-fs error (device loop2): __ext4_get_inode_loc:4403: comm kworker/u8:2: Invalid inode table block 8589934593 in block_group 0 [ 199.790075][ T8922] vhci_hcd: invalid port number 0 [ 199.801689][ T7838] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.165231][ T8940] VFS: could not find a valid V7 on nullb0. [ 200.181955][ T8940] hpfs: Bad magic ... probably not HPFS [ 200.297056][ T51] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 200.446833][ T51] usb 1-1: Using ep0 maxpacket: 32 [ 200.453989][ T51] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 200.471858][ T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.494142][ T51] usb 1-1: config 0 descriptor?? [ 200.515359][ T51] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 200.667344][ T72] team0 (unregistering): Port device team_slave_1 removed [ 200.725917][ T72] team0 (unregistering): Port device team_slave_0 removed [ 200.881237][ T54] Bluetooth: hci5: command tx timeout [ 201.334345][ T51] gspca_nw80x: reg_r err -71 [ 201.350655][ T51] nw80x 1-1:0.0: probe with driver nw80x failed with error -71 [ 201.375708][ T51] usb 1-1: USB disconnect, device number 9 [ 201.404059][ T8945] pim6reg: entered allmulticast mode [ 201.430033][ T8946] pim6reg: left allmulticast mode [ 202.809092][ T8954] loop2: detected capacity change from 0 to 32768 [ 202.859240][ T8954] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 202.905948][ T8754] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 202.919078][ T8954] XFS (loop2): Starting recovery (logdev: internal) [ 202.944295][ T8954] XFS (loop2): Ending recovery (logdev: internal) [ 202.994679][ T8754] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 203.004569][ T8754] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 203.015352][ T8754] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 203.107033][ T7838] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 203.288487][ T8984] loop1: detected capacity change from 0 to 32768 [ 203.314720][ T8754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 203.355641][ T8754] 8021q: adding VLAN 0 to HW filter on device team0 [ 203.385819][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.393001][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 203.617034][ T8754] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 203.680925][ T5236] read_mapping_page failed! [ 203.685506][ T5236] ERROR: (device loop1): txCommit: [ 203.685506][ T5236] [ 203.706791][ T8754] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 203.740651][ T9008] loop0: detected capacity change from 0 to 32768 [ 203.747902][ T9008] XFS: ikeep mount option is deprecated. [ 203.787245][ T5236] ERROR: (device loop1): remounting filesystem as read-only [ 203.942896][ T8994] loop3: detected capacity change from 0 to 32768 [ 203.959042][ T72] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.966187][ T72] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.103896][ T9024] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1152'. [ 204.165198][ T8754] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 204.291226][ T9008] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 204.411818][ T8994] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 204.441260][ T9008] XFS (loop0): Ending clean mount [ 204.456134][ T9008] XFS (loop0): Quotacheck needed: Please wait. [ 204.535752][ T8994] XFS (loop3): Ending clean mount [ 204.572334][ T52] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.576719][ T9008] XFS (loop0): Quotacheck: Done. [ 204.618907][ T8994] XFS (loop3): Quotacheck needed: Please wait. [ 204.772215][ T8994] XFS (loop3): Quotacheck: Done. [ 204.795286][ T52] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.900493][ T8009] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 205.090368][ T6731] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 205.214431][ T5251] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 205.247046][ T52] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.347781][ T5251] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 205.370685][ T5243] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 205.416844][ T5243] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 205.434532][ T5243] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 205.445136][ T5243] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 205.628225][ T9073] loop3: detected capacity change from 0 to 4096 [ 205.628774][ T52] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.656841][ T9073] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 205.723871][ T9073] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 205.835751][ T7243] ntfs3(loop3): ino=5, "/" ntfs3_write_inode failed, -22. [ 206.054766][ T8754] veth0_vlan: entered promiscuous mode [ 206.270901][ T8754] veth1_vlan: entered promiscuous mode [ 206.306168][ T52] bridge_slave_1: left allmulticast mode [ 206.313084][ T52] bridge_slave_1: left promiscuous mode [ 206.327367][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.366748][ T52] bridge_slave_0: left allmulticast mode [ 206.372443][ T52] bridge_slave_0: left promiscuous mode [ 206.384193][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.472640][ T9101] loop2: detected capacity change from 0 to 2048 [ 207.393244][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 207.405094][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 207.417091][ T52] bond0 (unregistering): Released all slaves [ 207.530294][ T9115] loop3: detected capacity change from 0 to 32768 [ 207.544610][ T5243] Bluetooth: hci2: command tx timeout [ 207.687323][ T9115] ERROR: (device loop3): dbAdjCtl: Corrupt dmapctl page [ 207.687323][ T9115] [ 207.716718][ T9115] ERROR: (device loop3): remounting filesystem as read-only [ 207.751109][ T9115] ERROR: (device loop3): dbDiscardAG: -EIO [ 207.751109][ T9115] [ 207.980941][ T9136] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1168'. [ 208.017960][ T9136] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 208.040520][ T9136] macsec1: entered allmulticast mode [ 208.045882][ T9136] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 208.102531][ T9136] netdevsim netdevsim0 netdevsim0: left allmulticast mode [ 208.127113][ T9136] netdevsim netdevsim0 netdevsim0: left promiscuous mode [ 208.195228][ T9149] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 208.419446][ T9068] chnl_net:caif_netlink_parms(): no params data found [ 208.587937][ T8754] veth0_macvtap: entered promiscuous mode [ 208.624305][ T52] hsr_slave_0: left promiscuous mode [ 208.651638][ T9171] loop3: detected capacity change from 0 to 1024 [ 208.665333][ T52] hsr_slave_1: left promiscuous mode [ 208.671504][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 208.689419][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 208.728300][ T9173] loop2: detected capacity change from 0 to 4096 [ 208.728867][ T9171] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 208.755626][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 208.769779][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 208.790528][ T52] veth1_macvtap: left promiscuous mode [ 208.796062][ T52] veth0_macvtap: left promiscuous mode [ 208.808010][ T52] veth1_vlan: left promiscuous mode [ 208.813321][ T52] veth0_vlan: left promiscuous mode [ 208.849107][ T6731] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 208.953490][ T9173] ntfs3(loop2): failed to convert "0080" to cp869 [ 208.988109][ T9173] ntfs3(loop2): failed to convert name for inode 1e. [ 208.996961][ T9178] loop3: detected capacity change from 0 to 1024 [ 209.027945][ T9178] hfsplus: request for non-existent node 3 in B*Tree [ 209.045216][ T9178] hfsplus: request for non-existent node 3 in B*Tree [ 209.451063][ T9184] loop3: detected capacity change from 0 to 256 [ 209.472043][ T9184] exfat: Deprecated parameter 'namecase' [ 209.544931][ T9184] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 209.610749][ T5243] Bluetooth: hci2: command tx timeout [ 210.217543][ T9190] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 211.165164][ T52] team0 (unregistering): Port device team_slave_1 removed [ 211.682553][ T5243] Bluetooth: hci2: command tx timeout [ 212.654097][ T8754] veth1_macvtap: entered promiscuous mode [ 212.911568][ T9192] netlink: 'syz.3.1186': attribute type 1 has an invalid length. [ 212.932016][ T9196] hsr0: entered promiscuous mode [ 212.956979][ T9196] macsec1: entered allmulticast mode [ 212.962325][ T9196] hsr0: entered allmulticast mode [ 212.986254][ T9196] hsr_slave_0: entered allmulticast mode [ 213.026754][ T9196] hsr_slave_1: entered allmulticast mode [ 213.077836][ T9196] hsr0: left allmulticast mode [ 213.089281][ T9196] hsr_slave_0: left allmulticast mode [ 213.126981][ T9196] hsr_slave_1: left allmulticast mode [ 213.770168][ T8754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 213.776065][ T5243] Bluetooth: hci2: command tx timeout [ 213.871149][ T8754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.952218][ T8754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.029446][ T8754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.104275][ T8754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 214.172145][ T8754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.285178][ T8754] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 214.376784][ T9068] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.402778][ T9068] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.497089][ T9068] bridge_slave_0: entered allmulticast mode [ 214.569211][ T9068] bridge_slave_0: entered promiscuous mode [ 214.634891][ T9068] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.674166][ T9068] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.724200][ T9068] bridge_slave_1: entered allmulticast mode [ 214.774313][ T9068] bridge_slave_1: entered promiscuous mode [ 214.825175][ T9234] tap0: tun_chr_ioctl cmd 1074025677 [ 214.834365][ T9234] tap0: linktype set to 778 [ 215.041993][ T8754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.116857][ T8754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.172521][ T8754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.221161][ T8754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.273439][ T8754] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.330566][ T8754] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.395474][ T8754] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 215.662330][ T8754] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.722010][ T8754] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.786748][ T8754] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.841200][ T8754] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.905778][ T9068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.987061][ T9068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 219.276577][ C0] sched: DL replenish lagged too much [ 248.200995][ T54] Bluetooth: hci1: command tx timeout [ 322.517168][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.523517][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.531712][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.538102][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 325.083389][ T5243] Bluetooth: hci5: command 0x0406 tx timeout [ 325.089558][ T5243] Bluetooth: hci4: command 0x0406 tx timeout [ 325.095599][ T5243] Bluetooth: hci0: command 0x0406 tx timeout [ 330.021294][ T5250] Bluetooth: hci2: command 0x0406 tx timeout [ 331.147780][ T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 331.159817][ T5251] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 331.176491][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 331.185568][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 331.198070][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 331.208656][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 331.218903][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 331.227569][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 331.238274][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 331.245681][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 331.253827][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 331.268385][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 331.335539][ T4629] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 331.345725][ T4629] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 331.354717][ T4629] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 331.379489][ T4629] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 331.407198][ T4629] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 331.416210][ T4629] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 331.479977][ T5251] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 331.493580][ T5251] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 331.505291][ T5251] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 331.514981][ T5251] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 331.524515][ T5251] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 331.532065][ T5251] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 331.567067][ T5251] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 331.582269][ T5251] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 331.592799][ T5251] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 331.604432][ T5251] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 331.612091][ T5251] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 331.636736][ T5251] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 333.357182][ T4629] Bluetooth: hci3: command tx timeout [ 333.364589][ T4629] Bluetooth: hci1: command tx timeout [ 333.516887][ T4629] Bluetooth: hci7: command tx timeout [ 333.596748][ T4629] Bluetooth: hci6: command tx timeout [ 333.756916][ T4629] Bluetooth: hci4: command tx timeout [ 335.437286][ T5251] Bluetooth: hci3: command tx timeout [ 335.444628][ T4629] Bluetooth: hci1: command tx timeout [ 335.596754][ T4629] Bluetooth: hci7: command tx timeout [ 335.678458][ T4629] Bluetooth: hci6: command tx timeout [ 335.846684][ T4629] Bluetooth: hci4: command tx timeout [ 337.516851][ T4629] Bluetooth: hci1: command tx timeout [ 337.522327][ T4629] Bluetooth: hci3: command tx timeout [ 337.678884][ T4629] Bluetooth: hci7: command tx timeout [ 337.760055][ T4629] Bluetooth: hci6: command tx timeout [ 337.916959][ T4629] Bluetooth: hci4: command tx timeout [ 339.596781][ T5251] Bluetooth: hci1: command tx timeout [ 339.602260][ T4629] Bluetooth: hci3: command tx timeout [ 339.757111][ T4629] Bluetooth: hci7: command tx timeout [ 339.841820][ T4629] Bluetooth: hci6: command tx timeout [ 339.996869][ T4629] Bluetooth: hci4: command tx timeout [ 351.333634][ T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.084973][ T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.958382][ T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 353.931330][ T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.421805][ T9068] team0: Port device team_slave_0 added [ 356.625026][ T52] bridge_slave_1: left allmulticast mode [ 356.647203][ T52] bridge_slave_1: left promiscuous mode [ 356.653233][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.717302][ T52] bridge_slave_0: left allmulticast mode [ 356.723010][ T52] bridge_slave_0: left promiscuous mode [ 356.752551][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 358.161989][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 358.189242][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 358.235895][ T52] bond0 (unregistering): Released all slaves [ 378.799432][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.806016][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 393.107808][ T5251] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 393.126822][ T5251] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 393.140032][ T5251] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 393.148599][ T5251] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 393.177638][ T5251] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 393.185014][ T5251] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 393.288602][ T4629] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 393.313139][ T4629] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 393.323146][ T4629] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 393.332108][ T4629] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 393.356924][ T4629] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 393.374780][ T4629] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 393.432947][ T5251] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 393.456482][ T5251] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 393.466433][ T5251] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 393.474675][ T5251] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 393.488826][ T5251] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 393.496171][ T5251] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 393.565777][ T4629] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 393.583857][ T4629] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 393.594131][ T4629] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 393.602287][ T4629] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 393.610047][ T4629] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 393.617521][ T4629] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 393.815613][ T5251] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 393.827309][ T5251] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 393.835960][ T5251] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 393.845380][ T5251] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 393.854103][ T5251] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 393.862385][ T5251] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 395.284600][ T5251] Bluetooth: hci0: command tx timeout [ 395.437017][ T5251] Bluetooth: hci2: command tx timeout [ 395.596743][ T5251] Bluetooth: hci5: command tx timeout [ 395.676787][ T5251] Bluetooth: hci8: command tx timeout [ 395.916826][ T5251] Bluetooth: hci9: command tx timeout [ 397.356847][ T4629] Bluetooth: hci0: command tx timeout [ 397.516944][ T5251] Bluetooth: hci2: command tx timeout [ 397.676715][ T5251] Bluetooth: hci5: command tx timeout [ 397.756723][ T5251] Bluetooth: hci8: command tx timeout [ 397.996842][ T5251] Bluetooth: hci9: command tx timeout [ 399.444641][ T5251] Bluetooth: hci0: command tx timeout [ 399.596866][ T5251] Bluetooth: hci2: command tx timeout [ 399.756728][ T5251] Bluetooth: hci5: command tx timeout [ 399.837067][ T5251] Bluetooth: hci8: command tx timeout [ 400.078659][ T5251] Bluetooth: hci9: command tx timeout [ 401.524654][ T5251] Bluetooth: hci0: command tx timeout [ 401.676998][ T5251] Bluetooth: hci2: command tx timeout [ 401.839992][ T5251] Bluetooth: hci5: command tx timeout [ 401.916755][ T5251] Bluetooth: hci8: command tx timeout [ 402.160061][ T5251] Bluetooth: hci9: command tx timeout [ 440.240202][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.251176][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 454.839522][ T4629] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 454.853125][ T4629] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 454.861933][ T4629] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 454.870044][ T4629] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 454.878740][ T4629] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 454.886894][ T4629] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 455.035981][ T4629] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 455.050316][ T4629] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 455.061457][ T4629] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 455.072096][ T4629] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 455.087417][ T4629] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 455.094968][ T4629] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 455.429792][ T4629] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 455.441127][ T4629] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 455.450084][ T4629] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 455.460684][ T4629] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 455.470049][ T4629] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 455.477797][ T4629] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 455.755180][ T9353] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 455.773482][ T9353] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 455.782207][ T9353] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 455.791657][ T9353] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 455.799668][ T9353] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 455.807181][ T9353] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 456.293512][ T9351] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 456.310374][ T9351] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 456.319505][ T9351] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 456.328675][ T9351] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 456.336368][ T9351] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 456.344338][ T9351] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 456.956757][ T9353] Bluetooth: hci10: command tx timeout [ 457.196895][ T9353] Bluetooth: hci11: command tx timeout [ 457.596909][ T9353] Bluetooth: hci12: command tx timeout [ 457.705011][ T9351] Bluetooth: hci3: command 0x0406 tx timeout [ 457.716628][ T9353] Bluetooth: hci1: command 0x0406 tx timeout [ 457.722921][ T9353] Bluetooth: hci7: command 0x0406 tx timeout [ 457.729040][ T9351] Bluetooth: hci6: command 0x0406 tx timeout [ 457.735064][ T9351] Bluetooth: hci4: command 0x0406 tx timeout [ 457.924880][ T54] Bluetooth: hci13: command tx timeout [ 458.396992][ T54] Bluetooth: hci14: command tx timeout [ 459.036790][ T54] Bluetooth: hci10: command tx timeout [ 459.276826][ T54] Bluetooth: hci11: command tx timeout [ 459.676927][ T54] Bluetooth: hci12: command tx timeout [ 459.996851][ T54] Bluetooth: hci13: command tx timeout [ 460.476740][ T54] Bluetooth: hci14: command tx timeout [ 461.116692][ T54] Bluetooth: hci10: command tx timeout [ 461.357020][ T54] Bluetooth: hci11: command tx timeout [ 461.756890][ T54] Bluetooth: hci12: command tx timeout [ 462.076872][ T54] Bluetooth: hci13: command tx timeout [ 462.562399][ T54] Bluetooth: hci14: command tx timeout [ 463.196717][ T54] Bluetooth: hci10: command tx timeout [ 463.436865][ T54] Bluetooth: hci11: command tx timeout [ 463.836867][ T54] Bluetooth: hci12: command tx timeout [ 464.156829][ T54] Bluetooth: hci13: command tx timeout [ 464.636796][ T54] Bluetooth: hci14: command tx timeout [ 501.680370][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.691336][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.436924][ T30] INFO: task kworker/u8:3:52 blocked for more than 143 seconds. [ 507.444635][ T30] Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 507.482019][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 507.530972][ T30] task:kworker/u8:3 state:D stack:21520 pid:52 tgid:52 ppid:2 flags:0x00004000 [ 507.632819][ T30] Workqueue: netns cleanup_net [ 507.670066][ T30] Call Trace: [ 507.673402][ T30] [ 507.676360][ T30] __schedule+0x1895/0x4b30 [ 507.726732][ T30] ? __pfx___schedule+0x10/0x10 [ 507.731673][ T30] ? __pfx_lock_release+0x10/0x10 [ 507.776671][ T30] ? kthread_data+0x52/0xd0 [ 507.781253][ T30] ? wq_worker_sleeping+0x66/0x240 [ 507.786395][ T30] ? schedule+0x90/0x320 [ 507.866694][ T30] schedule+0x14b/0x320 [ 507.870928][ T30] schedule_timeout+0xb0/0x290 [ 507.875739][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 507.936610][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 507.942679][ T30] ? wait_for_completion+0x2fe/0x620 [ 507.982437][ T30] ? wait_for_completion+0x2fe/0x620 [ 507.992048][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 508.022199][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 508.052060][ T30] ? wait_for_completion+0x2fe/0x620 [ 508.060620][ T30] wait_for_completion+0x355/0x620 [ 508.065804][ T30] ? __pfx_wait_for_completion+0x10/0x10 [ 508.105840][ T30] ? __flush_work+0xe7/0xc50 [ 508.123698][ T30] __flush_work+0xa37/0xc50 [ 508.146803][ T30] ? __flush_work+0xe7/0xc50 [ 508.151465][ T30] ? __pfx___flush_work+0x10/0x10 [ 508.156515][ T30] ? __pfx_wq_barrier_func+0x10/0x10 [ 508.199667][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 508.206323][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 508.256690][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 508.261959][ T30] unregister_netdevice_many_notify+0x87b/0x1da0 [ 508.305386][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 508.335724][ T30] ? __pfx_lock_release+0x10/0x10 [ 508.355334][ T30] ? up_write+0x1a9/0x590 [ 508.366801][ T30] unregister_netdevice_queue+0x303/0x370 [ 508.372591][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 508.395761][ T30] ? kernfs_remove_by_name_ns+0x11b/0x160 [ 508.413708][ T30] _cfg80211_unregister_wdev+0x162/0x560 [ 508.431683][ T30] ieee80211_remove_interfaces+0x4db/0x700 [ 508.446625][ T30] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 508.453024][ T30] ieee80211_unregister_hw+0x5d/0x2c0 [ 508.474137][ T30] mac80211_hwsim_del_radio+0x2c4/0x4c0 [ 508.491873][ T30] ? __pfx_mac80211_hwsim_del_radio+0x10/0x10 [ 508.506618][ T30] hwsim_exit_net+0x5c1/0x670 [ 508.516704][ T30] ? __pfx_hwsim_exit_net+0x10/0x10 [ 508.521955][ T30] ? __ip_vs_dev_cleanup_batch+0x239/0x260 [ 508.549343][ T30] cleanup_net+0x802/0xcc0 [ 508.553826][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 508.575509][ T30] ? process_scheduled_works+0x976/0x1850 [ 508.586724][ T30] process_scheduled_works+0xa63/0x1850 [ 508.592350][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 508.613945][ T30] ? assign_work+0x364/0x3d0 [ 508.631921][ T30] worker_thread+0x870/0xd30 [ 508.646646][ T30] ? __kthread_parkme+0x169/0x1d0 [ 508.651729][ T30] ? __pfx_worker_thread+0x10/0x10 [ 508.672632][ T30] kthread+0x2f0/0x390 [ 508.678818][ T30] ? __pfx_worker_thread+0x10/0x10 [ 508.683978][ T30] ? __pfx_kthread+0x10/0x10 [ 508.704722][ T30] ret_from_fork+0x4b/0x80 [ 508.719403][ T30] ? __pfx_kthread+0x10/0x10 [ 508.724049][ T30] ret_from_fork_asm+0x1a/0x30 [ 508.750009][ T30] [ 508.756670][ T30] INFO: task kworker/u8:5:1054 blocked for more than 144 seconds. [ 508.764506][ T30] Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 508.794868][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 508.816744][ T30] task:kworker/u8:5 state:D stack:20528 pid:1054 tgid:1054 ppid:2 flags:0x00004000 [ 508.843105][ T30] Workqueue: cfg80211 cfg80211_dfs_channels_update_work [ 508.859667][ T30] Call Trace: [ 508.862990][ T30] [ 508.865940][ T30] __schedule+0x1895/0x4b30 [ 508.900575][ T30] ? __pfx___schedule+0x10/0x10 [ 508.905489][ T30] ? __pfx_lock_release+0x10/0x10 [ 508.929683][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 508.942449][ T30] ? kthread_data+0x52/0xd0 [ 508.956662][ T30] ? schedule+0x90/0x320 [ 508.960958][ T30] ? wq_worker_sleeping+0x66/0x240 [ 508.966102][ T30] ? schedule+0x90/0x320 [ 508.985937][ T30] schedule+0x14b/0x320 [ 509.000206][ T30] schedule_preempt_disabled+0x13/0x30 [ 509.005723][ T30] __mutex_lock+0x6a7/0xd70 [ 509.029075][ T30] ? __mutex_lock+0x52a/0xd70 [ 509.033824][ T30] ? cfg80211_dfs_channels_update_work+0xbf/0x610 [ 509.062323][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 509.072450][ T30] cfg80211_dfs_channels_update_work+0xbf/0x610 [ 509.090902][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 509.106546][ T30] ? __pfx_cfg80211_dfs_channels_update_work+0x10/0x10 [ 509.113518][ T30] ? process_scheduled_works+0x976/0x1850 [ 509.139772][ T30] process_scheduled_works+0xa63/0x1850 [ 509.145421][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 509.171339][ T30] ? assign_work+0x364/0x3d0 [ 509.175994][ T30] worker_thread+0x870/0xd30 [ 509.194359][ T30] ? __kthread_parkme+0x169/0x1d0 [ 509.211952][ T30] ? __pfx_worker_thread+0x10/0x10 [ 509.243259][ T30] kthread+0x2f0/0x390 [ 509.256551][ T30] ? __pfx_worker_thread+0x10/0x10 [ 509.270141][ T30] ? __pfx_kthread+0x10/0x10 [ 509.274782][ T30] ret_from_fork+0x4b/0x80 [ 509.292860][ T30] ? __pfx_kthread+0x10/0x10 [ 509.303747][ T30] ret_from_fork_asm+0x1a/0x30 [ 509.318489][ T30] [ 509.325606][ T30] INFO: task dhcpcd:4905 blocked for more than 145 seconds. [ 509.343341][ T30] Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 509.366612][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 509.375326][ T30] task:dhcpcd state:D stack:20128 pid:4905 tgid:4905 ppid:4904 flags:0x00000002 [ 509.406141][ T30] Call Trace: [ 509.413579][ T30] [ 509.416547][ T30] __schedule+0x1895/0x4b30 [ 509.431164][ T30] ? __pfx___schedule+0x10/0x10 [ 509.444620][ T30] ? __pfx_lock_release+0x10/0x10 [ 509.462995][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 509.475074][ T30] ? schedule+0x90/0x320 [ 509.486618][ T30] schedule+0x14b/0x320 [ 509.490841][ T30] schedule_preempt_disabled+0x13/0x30 [ 509.496319][ T30] __mutex_lock+0x6a7/0xd70 [ 509.522381][ T30] ? __mutex_lock+0x52a/0xd70 [ 509.536690][ T30] ? devinet_ioctl+0x2ce/0x1aa0 [ 509.541603][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 509.561319][ T30] ? apparmor_capable+0x13b/0x1b0 [ 509.566404][ T30] ? bpf_lsm_capable+0x9/0x10 [ 509.592184][ T30] devinet_ioctl+0x2ce/0x1aa0 [ 509.606724][ T30] ? get_user_ifreq+0x1bb/0x200 [ 509.611631][ T30] inet_ioctl+0x3d7/0x4f0 [ 509.615989][ T30] ? __pfx_inet_ioctl+0x10/0x10 [ 509.645343][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 509.655040][ T30] sock_do_ioctl+0x158/0x460 [ 509.671995][ T30] ? __pfx_sock_do_ioctl+0x10/0x10 [ 509.686629][ T30] ? __pfx_lock_release+0x10/0x10 [ 509.691719][ T30] sock_ioctl+0x626/0x8e0 [ 509.696078][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 509.721308][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 509.740370][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 509.756706][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 509.761614][ T30] __se_sys_ioctl+0xf9/0x170 [ 509.766238][ T30] do_syscall_64+0xf3/0x230 [ 509.797775][ T30] ? clear_bhb_loop+0x35/0x90 [ 509.802519][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.831214][ T30] RIP: 0033:0x7fb9e4dafd49 [ 509.835690][ T30] RSP: 002b:00007ffd7ba0a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 509.865034][ T30] RAX: ffffffffffffffda RBX: 00007fb9e4ce16c0 RCX: 00007fb9e4dafd49 [ 509.885379][ T30] RDX: 00007ffd7ba1a3f8 RSI: 0000000000008914 RDI: 0000000000000015 [ 509.906138][ T30] RBP: 00007ffd7ba2a5b8 R08: 00007ffd7ba1a3b8 R09: 00007ffd7ba1a368 [ 509.935838][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 509.959154][ T30] R13: 00007ffd7ba1a3f8 R14: 0000000000000028 R15: 0000000000008914 [ 509.980954][ T30] [ 509.984047][ T30] INFO: task kworker/u8:11:9258 blocked for more than 145 seconds. [ 510.005902][ T30] Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 510.023608][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 510.044372][ T30] task:kworker/u8:11 state:D stack:24080 pid:9258 tgid:9258 ppid:2 flags:0x00004000 [ 510.070445][ T30] Workqueue: events_unbound linkwatch_event [ 510.076415][ T30] Call Trace: [ 510.086618][ T30] [ 510.089590][ T30] __schedule+0x1895/0x4b30 [ 510.094165][ T30] ? __pfx___schedule+0x10/0x10 [ 510.115840][ T30] ? __pfx_lock_release+0x10/0x10 [ 510.125542][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 510.146729][ T30] ? kthread_data+0x52/0xd0 [ 510.151548][ T30] ? schedule+0x90/0x320 [ 510.155821][ T30] ? wq_worker_sleeping+0x66/0x240 [ 510.181559][ T30] ? schedule+0x90/0x320 [ 510.185864][ T30] schedule+0x14b/0x320 [ 510.199292][ T30] schedule_preempt_disabled+0x13/0x30 [ 510.204807][ T30] __mutex_lock+0x6a7/0xd70 [ 510.252671][ T30] ? __mutex_lock+0x52a/0xd70 [ 510.258512][ T30] ? linkwatch_event+0xe/0x60 [ 510.263241][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 510.283087][ T30] ? process_scheduled_works+0x976/0x1850 [ 510.302688][ T30] linkwatch_event+0xe/0x60 [ 510.316668][ T30] process_scheduled_works+0xa63/0x1850 [ 510.322294][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 510.352280][ T30] ? assign_work+0x364/0x3d0 [ 510.357411][ T30] worker_thread+0x870/0xd30 [ 510.372482][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 510.386053][ T30] ? __kthread_parkme+0x169/0x1d0 [ 510.403138][ T30] ? __pfx_worker_thread+0x10/0x10 [ 510.416664][ T30] kthread+0x2f0/0x390 [ 510.420796][ T30] ? __pfx_worker_thread+0x10/0x10 [ 510.425949][ T30] ? __pfx_kthread+0x10/0x10 [ 510.451576][ T30] ret_from_fork+0x4b/0x80 [ 510.456051][ T30] ? __pfx_kthread+0x10/0x10 [ 510.476760][ T30] ret_from_fork_asm+0x1a/0x30 [ 510.481598][ T30] [ 510.503835][ T30] INFO: task syz-executor:9268 blocked for more than 146 seconds. [ 510.521180][ T30] Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 510.534793][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 510.559502][ T30] task:syz-executor state:D stack:21728 pid:9268 tgid:9268 ppid:1 flags:0x00000004 [ 510.583705][ T30] Call Trace: [ 510.594327][ T30] [ 510.606076][ T30] __schedule+0x1895/0x4b30 [ 510.610783][ T30] ? __pfx___schedule+0x10/0x10 [ 510.615662][ T30] ? __pfx_lock_release+0x10/0x10 [ 510.636774][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 510.642295][ T30] ? schedule+0x90/0x320 [ 510.661950][ T30] schedule+0x14b/0x320 [ 510.666163][ T30] schedule_preempt_disabled+0x13/0x30 [ 510.691557][ T30] __mutex_lock+0x6a7/0xd70 [ 510.696129][ T30] ? __mutex_lock+0x52a/0xd70 [ 510.716609][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 510.721780][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 510.742129][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 510.756626][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 510.761793][ T30] ? __lock_acquire+0x1384/0x2050 [ 510.783139][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 510.796640][ T30] netlink_rcv_skb+0x1e3/0x430 [ 510.801461][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 510.826805][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 510.832179][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 510.846642][ T30] netlink_unicast+0x7f6/0x990 [ 510.851472][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 510.876635][ T30] ? __virt_addr_valid+0x183/0x530 [ 510.882192][ T30] ? __check_object_size+0x48e/0x900 [ 510.902623][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 510.916737][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 510.922081][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 510.936662][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 510.941999][ T30] __sock_sendmsg+0x221/0x270 [ 510.983075][ T30] __sys_sendto+0x39b/0x4f0 [ 510.988857][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 510.993946][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 511.021060][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 511.041148][ T30] __x64_sys_sendto+0xde/0x100 [ 511.045980][ T30] do_syscall_64+0xf3/0x230 [ 511.066637][ T30] ? clear_bhb_loop+0x35/0x90 [ 511.076607][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.082543][ T30] RIP: 0033:0x7f2603d7fe8c [ 511.102495][ T30] RSP: 002b:00007ffd1d439940 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 511.126629][ T30] RAX: ffffffffffffffda RBX: 00007f2604a64620 RCX: 00007f2603d7fe8c [ 511.134659][ T30] RDX: 0000000000000038 RSI: 00007f2604a64670 RDI: 0000000000000003 [ 511.166717][ T30] RBP: 0000000000000000 R08: 00007ffd1d439994 R09: 000000000000000c [ 511.174989][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 511.208907][ T30] R13: 0000000000000000 R14: 00007f2604a64670 R15: 0000000000000000 [ 511.226742][ T30] [ 511.229839][ T30] INFO: task syz-executor:9269 blocked for more than 147 seconds. [ 511.256612][ T30] Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 511.263771][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 511.302890][ T30] task:syz-executor state:D stack:21728 pid:9269 tgid:9269 ppid:1 flags:0x00000004 [ 511.326638][ T30] Call Trace: [ 511.329981][ T30] [ 511.332935][ T30] __schedule+0x1895/0x4b30 [ 511.352622][ T30] ? __pfx___schedule+0x10/0x10 [ 511.374240][ T30] ? __pfx_lock_release+0x10/0x10 [ 511.386737][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 511.392266][ T30] ? schedule+0x90/0x320 [ 511.396535][ T30] schedule+0x14b/0x320 [ 511.422103][ T30] schedule_preempt_disabled+0x13/0x30 [ 511.436616][ T30] __mutex_lock+0x6a7/0xd70 [ 511.441177][ T30] ? __mutex_lock+0x52a/0xd70 [ 511.445880][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 511.466630][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 511.471738][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 511.496632][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 511.501814][ T30] ? __lock_acquire+0x1384/0x2050 [ 511.524021][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 511.536808][ T30] netlink_rcv_skb+0x1e3/0x430 [ 511.541634][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 511.566786][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 511.572166][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 511.595316][ T30] netlink_unicast+0x7f6/0x990 [ 511.605679][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 511.616603][ T30] ? __virt_addr_valid+0x183/0x530 [ 511.621771][ T30] ? __check_object_size+0x48e/0x900 [ 511.646758][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 511.651604][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 511.666618][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 511.671615][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 511.696672][ T30] __sock_sendmsg+0x221/0x270 [ 511.701708][ T30] __sys_sendto+0x39b/0x4f0 [ 511.706259][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 511.726654][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 511.731909][ T30] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 511.756777][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 511.762840][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 511.792751][ T30] __x64_sys_sendto+0xde/0x100 [ 511.812477][ T30] do_syscall_64+0xf3/0x230 [ 511.817188][ T30] ? clear_bhb_loop+0x35/0x90 [ 511.821904][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.854699][ T30] RIP: 0033:0x7fb5e437fe8c [ 511.866726][ T30] RSP: 002b:00007ffc17150f70 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 511.875201][ T30] RAX: ffffffffffffffda RBX: 00007fb5e5064620 RCX: 00007fb5e437fe8c [ 511.904389][ T30] RDX: 000000000000003c RSI: 00007fb5e5064670 RDI: 0000000000000003 [ 511.936825][ T30] RBP: 0000000000000000 R08: 00007ffc17150fc4 R09: 000000000000000c [ 511.944867][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 511.992105][ T30] R13: 0000000000000000 R14: 00007fb5e5064670 R15: 0000000000000000 [ 512.026727][ T30] [ 512.042119][ T30] INFO: task syz-executor:9270 blocked for more than 147 seconds. [ 512.072050][ T30] Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 512.095419][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 512.136657][ T30] task:syz-executor state:D stack:21728 pid:9270 tgid:9270 ppid:1 flags:0x00000004 [ 512.181989][ T30] Call Trace: [ 512.185327][ T30] [ 512.188362][ T30] __schedule+0x1895/0x4b30 [ 512.192913][ T30] ? __pfx___schedule+0x10/0x10 [ 512.226645][ T30] ? __pfx_lock_release+0x10/0x10 [ 512.231744][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 512.266737][ T30] ? schedule+0x90/0x320 [ 512.271060][ T30] schedule+0x14b/0x320 [ 512.275246][ T30] schedule_preempt_disabled+0x13/0x30 [ 512.332753][ T30] __mutex_lock+0x6a7/0xd70 [ 512.337538][ T30] ? __mutex_lock+0x52a/0xd70 [ 512.342250][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 512.376699][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 512.381815][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 512.412111][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 512.442403][ T30] ? __lock_acquire+0x1384/0x2050 [ 512.447626][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 512.453157][ T30] netlink_rcv_skb+0x1e3/0x430 [ 512.496756][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 512.502298][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 512.532154][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 512.556725][ T30] netlink_unicast+0x7f6/0x990 [ 512.561568][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 512.596655][ T30] ? __virt_addr_valid+0x183/0x530 [ 512.601836][ T30] ? __check_object_size+0x48e/0x900 [ 512.626777][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 512.631617][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 512.672255][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 512.696732][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 512.702087][ T30] __sock_sendmsg+0x221/0x270 [ 512.733006][ T30] __sys_sendto+0x39b/0x4f0 [ 512.756621][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 512.761734][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 512.786693][ T30] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 512.792830][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 512.828318][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 512.834732][ T30] __x64_sys_sendto+0xde/0x100 [ 512.884550][ T30] do_syscall_64+0xf3/0x230 [ 512.896765][ T30] ? clear_bhb_loop+0x35/0x90 [ 512.901494][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 512.942769][ T30] RIP: 0033:0x7f67b4f7fe8c [ 512.962119][ T30] RSP: 002b:00007fff0bf92d80 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 512.986632][ T30] RAX: ffffffffffffffda RBX: 00007f67b5c64620 RCX: 00007f67b4f7fe8c [ 512.994688][ T30] RDX: 0000000000000038 RSI: 00007f67b5c64670 RDI: 0000000000000003 [ 513.056822][ T30] RBP: 0000000000000000 R08: 00007fff0bf92dd4 R09: 000000000000000c [ 513.064872][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 513.116698][ T30] R13: 0000000000000000 R14: 00007f67b5c64670 R15: 0000000000000000 [ 513.125002][ T30] [ 513.166689][ T30] INFO: task syz-executor:9271 blocked for more than 149 seconds. [ 513.174553][ T30] Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 513.221977][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 513.262360][ T30] task:syz-executor state:D stack:24160 pid:9271 tgid:9271 ppid:1 flags:0x00000004 [ 513.296699][ T30] Call Trace: [ 513.300038][ T30] [ 513.302991][ T30] __schedule+0x1895/0x4b30 [ 513.332633][ T30] ? __pfx___schedule+0x10/0x10 [ 513.356913][ T30] ? __pfx_lock_release+0x10/0x10 [ 513.362015][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 513.402094][ T30] ? schedule+0x90/0x320 [ 513.406413][ T30] schedule+0x14b/0x320 [ 513.432229][ T30] schedule_preempt_disabled+0x13/0x30 [ 513.452781][ T30] __mutex_lock+0x6a7/0xd70 [ 513.476612][ T30] ? __mutex_lock+0x52a/0xd70 [ 513.481357][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 513.486502][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 513.526780][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 513.532032][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 513.566730][ T30] ? __lock_acquire+0x1384/0x2050 [ 513.571826][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 513.606665][ T30] netlink_rcv_skb+0x1e3/0x430 [ 513.611512][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 513.636763][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 513.642148][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 513.686739][ T30] netlink_unicast+0x7f6/0x990 [ 513.691588][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 513.716735][ T30] ? __virt_addr_valid+0x183/0x530 [ 513.721927][ T30] ? __check_object_size+0x48e/0x900 [ 513.746754][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 513.751624][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 513.766653][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 513.771670][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 513.792745][ T30] __sock_sendmsg+0x221/0x270 [ 513.812054][ T30] __sys_sendto+0x39b/0x4f0 [ 513.816745][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 513.821833][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 513.846630][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 513.862342][ T30] __x64_sys_sendto+0xde/0x100 [ 513.882522][ T30] do_syscall_64+0xf3/0x230 [ 513.887250][ T30] ? clear_bhb_loop+0x35/0x90 [ 513.891969][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.919179][ T30] RIP: 0033:0x7fbf0617fe8c [ 513.923665][ T30] RSP: 002b:00007ffc9e3f7510 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 513.953864][ T30] RAX: ffffffffffffffda RBX: 00007fbf06e64620 RCX: 00007fbf0617fe8c [ 513.981958][ T30] RDX: 0000000000000040 RSI: 00007fbf06e64670 RDI: 0000000000000003 [ 513.996636][ T30] RBP: 0000000000000000 R08: 00007ffc9e3f7564 R09: 000000000000000c [ 514.004669][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 514.032704][ T30] R13: 0000000000000000 R14: 00007fbf06e64670 R15: 0000000000000000 [ 514.056681][ T30] [ 514.059770][ T30] INFO: task syz-executor:9272 blocked for more than 149 seconds. [ 514.086607][ T30] Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 514.093770][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 514.136780][ T30] task:syz-executor state:D stack:24160 pid:9272 tgid:9272 ppid:1 flags:0x00000004 [ 514.156174][ T30] Call Trace: [ 514.166735][ T30] [ 514.169726][ T30] __schedule+0x1895/0x4b30 [ 514.174287][ T30] ? __pfx___schedule+0x10/0x10 [ 514.196740][ T30] ? __pfx_lock_release+0x10/0x10 [ 514.201836][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 514.226772][ T30] ? schedule+0x90/0x320 [ 514.231085][ T30] schedule+0x14b/0x320 [ 514.235273][ T30] schedule_preempt_disabled+0x13/0x30 [ 514.262801][ T30] __mutex_lock+0x6a7/0xd70 [ 514.276719][ T30] ? __mutex_lock+0x52a/0xd70 [ 514.281461][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 514.296685][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 514.301800][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 514.321963][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 514.336789][ T30] ? __lock_acquire+0x1384/0x2050 [ 514.341865][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 514.362164][ T30] netlink_rcv_skb+0x1e3/0x430 [ 514.376680][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 514.382204][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 514.412268][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 514.417655][ T30] netlink_unicast+0x7f6/0x990 [ 514.422461][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 514.446642][ T30] ? __virt_addr_valid+0x183/0x530 [ 514.462485][ T30] ? __check_object_size+0x48e/0x900 [ 514.483255][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 514.488151][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 514.493473][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 514.516642][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 514.522003][ T30] __sock_sendmsg+0x221/0x270 [ 514.542050][ T30] __sys_sendto+0x39b/0x4f0 [ 514.553197][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 514.565557][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 514.586658][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 514.593060][ T30] __x64_sys_sendto+0xde/0x100 [ 514.622105][ T30] do_syscall_64+0xf3/0x230 [ 514.626754][ T30] ? clear_bhb_loop+0x35/0x90 [ 514.631463][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 514.655400][ T30] RIP: 0033:0x7f4c7337fe8c [ 514.666748][ T30] RSP: 002b:00007ffc9152b3a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 514.675220][ T30] RAX: ffffffffffffffda RBX: 00007f4c74064620 RCX: 00007f4c7337fe8c [ 514.707022][ T30] RDX: 0000000000000028 RSI: 00007f4c74064670 RDI: 0000000000000003 [ 514.715049][ T30] RBP: 0000000000000000 R08: 00007ffc9152b3f4 R09: 000000000000000c [ 514.756736][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 514.765013][ T30] R13: 0000000000000000 R14: 00007f4c74064670 R15: 0000000000000000 [ 514.802501][ T30] [ 514.805597][ T30] [ 514.805597][ T30] Showing all locks held in the system: [ 514.826629][ T30] 2 locks held by ksoftirqd/0/16: [ 514.831709][ T30] 3 locks held by kworker/1:0/25: [ 514.851996][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 514.886725][ T30] #1: ffffc900001f7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 514.906604][ T30] #2: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 514.936670][ T30] 1 lock held by khungtaskd/30: [ 514.941585][ T30] #0: ffffffff8e939e20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 514.992442][ T30] 6 locks held by kworker/u8:3/52: [ 514.997691][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 515.026622][ T30] #1: ffffc90000bc7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 515.056610][ T30] #2: ffffffff8fccf990 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 515.079851][ T30] #3: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2c0 [ 515.106610][ T30] #4: ffff88807e6d8768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x12b/0x700 [ 515.134559][ T30] #5: ffffffff8e7d3e10 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 515.166630][ T30] 3 locks held by kworker/u8:5/1054: [ 515.182413][ T30] #0: ffff888145aaf148 ((wq_completion)cfg80211){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 515.226745][ T30] #1: ffffc90003dd7d00 ((work_completion)(&(&rdev->dfs_update_channels_wk)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 515.256787][ T30] #2: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: cfg80211_dfs_channels_update_work+0xbf/0x610 [ 515.281985][ T30] 3 locks held by kworker/u8:6/1073: [ 515.296718][ T30] #0: ffff88814b69c948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 515.326654][ T30] #1: ffffc90003d47d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 515.371440][ T30] #2: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 515.398909][ T30] 1 lock held by klogd/4680: [ 515.403553][ T30] 1 lock held by dhcpcd/4905: [ 515.434020][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1aa0 [ 515.455691][ T30] 2 locks held by getty/4991: [ 515.469051][ T30] #0: ffff888031aca0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 515.485400][ T30] #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 515.497493][ T30] 8 locks held by kworker/0:3/5287: [ 515.502733][ T30] 3 locks held by kworker/u8:11/9258: [ 515.514429][ T30] #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 515.526513][ T30] #1: ffffc90003ec7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 515.545300][ T30] #2: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 515.554684][ T30] 1 lock held by syz-executor/9268: [ 515.567070][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.576539][ T30] 1 lock held by syz-executor/9269: [ 515.582500][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.598465][ T30] 1 lock held by syz-executor/9270: [ 515.603700][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.618409][ T30] 1 lock held by syz-executor/9271: [ 515.623641][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.639725][ T30] 1 lock held by syz-executor/9272: [ 515.644965][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.656692][ T30] 1 lock held by syz-executor/9325: [ 515.661914][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.678245][ T30] 1 lock held by syz-executor/9328: [ 515.683884][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.700685][ T30] 1 lock held by syz-executor/9331: [ 515.705911][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.718221][ T30] 1 lock held by syz-executor/9333: [ 515.723535][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.738040][ T30] 1 lock held by syz-executor/9336: [ 515.743267][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.760729][ T30] 1 lock held by syz-executor/9342: [ 515.765965][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.782869][ T30] 1 lock held by syz-executor/9346: [ 515.788466][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.805355][ T30] 1 lock held by syz-executor/9349: [ 515.810973][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.826354][ T30] 1 lock held by syz-executor/9352: [ 515.831917][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.848609][ T30] 1 lock held by syz-executor/9355: [ 515.853843][ T30] #0: ffffffff8fcdc508 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 515.869750][ T30] [ 515.872105][ T30] ============================================= [ 515.872105][ T30] [ 515.884655][ T30] NMI backtrace for cpu 1 [ 515.889016][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 515.899018][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 515.909089][ T30] Call Trace: [ 515.912413][ T30] [ 515.915389][ T30] dump_stack_lvl+0x241/0x360 [ 515.920092][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 515.925311][ T30] ? __pfx__printk+0x10/0x10 [ 515.929930][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 515.934910][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 515.940389][ T30] ? _printk+0xd5/0x120 [ 515.944568][ T30] ? __pfx__printk+0x10/0x10 [ 515.949174][ T30] ? __wake_up_klogd+0xcc/0x110 [ 515.954045][ T30] ? __pfx__printk+0x10/0x10 [ 515.958654][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 515.963704][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 515.969708][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 515.976069][ T30] watchdog+0xff4/0x1040 [ 515.980344][ T30] ? watchdog+0x1ea/0x1040 [ 515.984783][ T30] ? __pfx_watchdog+0x10/0x10 [ 515.989483][ T30] kthread+0x2f0/0x390 [ 515.993573][ T30] ? __pfx_watchdog+0x10/0x10 [ 515.998280][ T30] ? __pfx_kthread+0x10/0x10 [ 516.002890][ T30] ret_from_fork+0x4b/0x80 [ 516.007321][ T30] ? __pfx_kthread+0x10/0x10 [ 516.011932][ T30] ret_from_fork_asm+0x1a/0x30 [ 516.016730][ T30] [ 516.020261][ T30] Sending NMI from CPU 1 to CPUs 0: [ 516.025503][ C0] NMI backtrace for cpu 0 [ 516.025515][ C0] CPU: 0 UID: 0 PID: 5287 Comm: kworker/0:3 Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 516.025535][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 516.025545][ C0] Workqueue: events nsim_dev_trap_report_work [ 516.025570][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp2+0x1f/0x90 [ 516.025593][ C0] Code: 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 4c 8b 04 24 65 48 8b 14 25 c0 d3 03 00 65 8b 05 60 cd 6e 7e 25 00 01 ff 00 74 10 <3d> 00 01 00 00 75 5b 83 ba 1c 16 00 00 00 74 52 8b 82 f8 15 00 00 [ 516.025607][ C0] RSP: 0018:ffffc90000007138 EFLAGS: 00000206 [ 516.025620][ C0] RAX: 0000000000000100 RBX: ffffc900000072d0 RCX: 1ffff92000000e5a [ 516.025632][ C0] RDX: ffff88805f521e00 RSI: 0000000000000014 RDI: 0000000000000014 [ 516.025642][ C0] RBP: ffffc90000007250 R08: ffffffff89ed0e59 R09: 0000000000000000 [ 516.025654][ C0] R10: ffffc900000071a0 R11: fffff52000000e39 R12: ffff888032607968 [ 516.025665][ C0] R13: 0000000000000014 R14: ffff888090a5ea74 R15: 0000000000000000 [ 516.025676][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 516.025689][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 516.025701][ C0] CR2: 000056486f4a1040 CR3: 00000000755bc000 CR4: 00000000003526f0 [ 516.025715][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 516.025725][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 516.025735][ C0] Call Trace: [ 516.025740][ C0] [ 516.025747][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 516.025766][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 516.025783][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 516.025800][ C0] ? nmi_handle+0x2a/0x5a0 [ 516.025822][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 516.025841][ C0] ? nmi_handle+0x14f/0x5a0 [ 516.025856][ C0] ? nmi_handle+0x2a/0x5a0 [ 516.025872][ C0] ? __sanitizer_cov_trace_const_cmp2+0x1f/0x90 [ 516.025891][ C0] ? default_do_nmi+0x63/0x160 [ 516.025910][ C0] ? exc_nmi+0x123/0x1f0 [ 516.025927][ C0] ? end_repeat_nmi+0xf/0x53 [ 516.025946][ C0] ? synproxy_parse_options+0x1c9/0x8d0 [ 516.025966][ C0] ? __sanitizer_cov_trace_const_cmp2+0x1f/0x90 [ 516.025986][ C0] ? __sanitizer_cov_trace_const_cmp2+0x1f/0x90 [ 516.026010][ C0] ? __sanitizer_cov_trace_const_cmp2+0x1f/0x90 [ 516.026030][ C0] [ 516.026035][ C0] [ 516.026040][ C0] synproxy_parse_options+0x1c9/0x8d0 [ 516.026061][ C0] ? __pfx_synproxy_parse_options+0x10/0x10 [ 516.026080][ C0] ? __pfx_nft_synproxy_eval_v4+0x10/0x10 [ 516.026101][ C0] ? nf_ip_checksum+0x13a/0x500 [ 516.026121][ C0] nft_synproxy_do_eval+0x2ee/0xa60 [ 516.026143][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 516.026161][ C0] ? validate_chain+0x11e/0x5920 [ 516.026180][ C0] ? __pfx_validate_chain+0x10/0x10 [ 516.026201][ C0] nft_do_chain+0x4ad/0x1da0 [ 516.026225][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 516.026243][ C0] ? __local_bh_enable_ip+0x168/0x200 [ 516.026274][ C0] ? __pfx_nf_nat_inet_fn+0x10/0x10 [ 516.026302][ C0] nft_do_chain_inet+0x418/0x6b0 [ 516.026322][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 516.026340][ C0] ? ipt_do_table+0x312/0x1860 [ 516.026365][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 516.026382][ C0] nf_hook_slow+0xc3/0x220 [ 516.026400][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 516.026416][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 516.026432][ C0] NF_HOOK+0x29e/0x450 [ 516.026448][ C0] ? NF_HOOK+0x9a/0x450 [ 516.026462][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 516.026478][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 516.026496][ C0] ? ip_rcv_finish+0x406/0x560 [ 516.026512][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 516.026527][ C0] NF_HOOK+0x3a4/0x450 [ 516.026542][ C0] ? __lock_acquire+0x1384/0x2050 [ 516.026561][ C0] ? NF_HOOK+0x9a/0x450 [ 516.026575][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 516.026589][ C0] ? ip_rcv_core+0x801/0xd10 [ 516.026604][ C0] ? __pfx_ip_rcv_finish+0x10/0x10 [ 516.026622][ C0] ? __pfx_ip_rcv+0x10/0x10 [ 516.026637][ C0] __netif_receive_skb+0x2bf/0x650 [ 516.026656][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 516.026670][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 516.026686][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 516.026705][ C0] ? __pfx_lock_release+0x10/0x10 [ 516.026720][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 516.026740][ C0] process_backlog+0x662/0x15b0 [ 516.026759][ C0] ? process_backlog+0x33b/0x15b0 [ 516.026780][ C0] ? __pfx_process_backlog+0x10/0x10 [ 516.026795][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 516.026816][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 516.026838][ C0] __napi_poll+0xcb/0x490 [ 516.026856][ C0] net_rx_action+0x89b/0x1240 [ 516.026881][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 516.026907][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 516.026933][ C0] handle_softirqs+0x2c5/0x980 [ 516.026953][ C0] ? do_softirq+0x11b/0x1e0 [ 516.026972][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 516.026994][ C0] do_softirq+0x11b/0x1e0 [ 516.027011][ C0] [ 516.027017][ C0] [ 516.027022][ C0] ? __pfx_do_softirq+0x10/0x10 [ 516.027040][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 516.027061][ C0] ? rcu_is_watching+0x15/0xb0 [ 516.027079][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 516.027098][ C0] ? nsim_dev_trap_report_work+0x75d/0xaa0 [ 516.027117][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 516.027135][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 516.027154][ C0] ? nsim_dev_trap_report_work+0x6a7/0xaa0 [ 516.027176][ C0] nsim_dev_trap_report_work+0x75d/0xaa0 [ 516.027201][ C0] ? process_scheduled_works+0x976/0x1850 [ 516.027221][ C0] process_scheduled_works+0xa63/0x1850 [ 516.027251][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 516.027274][ C0] ? assign_work+0x364/0x3d0 [ 516.027299][ C0] worker_thread+0x870/0xd30 [ 516.027325][ C0] ? __kthread_parkme+0x169/0x1d0 [ 516.027346][ C0] ? __pfx_worker_thread+0x10/0x10 [ 516.027365][ C0] kthread+0x2f0/0x390 [ 516.027379][ C0] ? __pfx_worker_thread+0x10/0x10 [ 516.027398][ C0] ? __pfx_kthread+0x10/0x10 [ 516.027413][ C0] ret_from_fork+0x4b/0x80 [ 516.027426][ C0] ? __pfx_kthread+0x10/0x10 [ 516.027441][ C0] ret_from_fork_asm+0x1a/0x30 [ 516.027466][ C0] [ 516.670433][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 516.677332][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-next-20241014-syzkaller #0 [ 516.687330][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 516.697488][ T30] Call Trace: [ 516.700781][ T30] [ 516.703725][ T30] dump_stack_lvl+0x241/0x360 [ 516.708423][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 516.713642][ T30] ? __pfx__printk+0x10/0x10 [ 516.718246][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 516.724271][ T30] ? vscnprintf+0x5d/0x90 [ 516.728622][ T30] panic+0x349/0x880 [ 516.732534][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 516.738707][ T30] ? __pfx_panic+0x10/0x10 [ 516.743133][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 516.748518][ T30] ? __irq_work_queue_local+0x137/0x410 [ 516.754085][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 516.759474][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 516.765645][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 516.771817][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 516.777993][ T30] watchdog+0x1033/0x1040 [ 516.782344][ T30] ? watchdog+0x1ea/0x1040 [ 516.786790][ T30] ? __pfx_watchdog+0x10/0x10 [ 516.791486][ T30] kthread+0x2f0/0x390 [ 516.795568][ T30] ? __pfx_watchdog+0x10/0x10 [ 516.800264][ T30] ? __pfx_kthread+0x10/0x10 [ 516.804866][ T30] ret_from_fork+0x4b/0x80 [ 516.809292][ T30] ? __pfx_kthread+0x10/0x10 [ 516.813894][ T30] ret_from_fork_asm+0x1a/0x30 [ 516.818686][ T30] [ 516.821971][ T30] Kernel Offset: disabled [ 516.826291][ T30] Rebooting in 86400 seconds..